$ rpki-client -vvf rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft File: 3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft (raw, json) Hash identifier: Qr4Z9RDYaoiCKnS6gsigF1Y5ZVbRSsS9g8662+6Mahg= Subject key identifier: 90:9E:4F:6A:E9:C3:21:7C:4C:FA:30:36:7B:62:73:A2:BD:8D:98:BB Authority key identifier: DE:4C:E9:60:A3:93:0A:B4:C2:27:FC:E8:F8:57:C0:84:19:7F:08:D0 Certificate issuer: /CN=A918F1C9/serialNumber=DE4CE960A3930AB4C227FCE8F857C084197F08D0 Certificate serial: 36 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft Manifest number: 0A1A Signing time: Fri 16 May 2025 20:13:13 +0000 Manifest this update: Fri 16 May 2025 20:13:12 +0000 Manifest next update: Fri 23 May 2025 20:13:12 +0000 Files and hashes: 1: 3kzpYKOTCrTCJ_zo-FfAhBl_CNA.crl (hash: MPTTDEasVPNTITS0ee5nXZBJZX6bMaBRGAhi8vvX9rA=) 2: 93E4B52CE43E11EF91571D16C4F9AE02.roa (hash: qbK0SRsjZmgPEhHCvpQ8WHXr9ovPv+iMo1ylb0vxYmI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.crl rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 23 May 2025 20:13:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54 (0x36) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918F1C9, serialNumber=DE4CE960A3930AB4C227FCE8F857C084197F08D0 Validity Not Before: May 16 20:13:12 2025 GMT Not After : May 23 20:13:12 2025 GMT Subject: CN=68279c58-b5f0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:3b:38:fe:cc:40:e4:72:a6:bf:51:aa:4e:91: 1d:10:98:9a:f7:b7:b8:cf:16:b2:b1:4c:bd:f9:a3: ea:4e:4e:7c:36:54:49:4f:af:8d:8a:66:4a:aa:94: fa:20:65:49:55:2d:02:0b:c1:00:b3:7f:a6:29:6f: f4:7b:67:6c:c1:b3:00:73:b8:90:c0:c1:6d:c0:c7: 89:e6:c0:f7:de:a9:ed:b1:58:98:ab:d4:67:24:03: c5:1b:3e:1b:96:e1:51:d1:36:82:b4:9c:a1:57:31: 18:b1:0e:f7:34:fd:98:53:51:c2:ea:e3:2b:92:a1: 37:5a:cd:a9:b7:c3:b8:e4:9e:58:b1:df:eb:18:d8: 4f:d1:c9:07:34:49:8f:51:1c:72:43:2d:7b:98:09: d8:be:9e:65:d6:66:ec:35:a3:b2:98:8d:e5:21:4a: 15:9d:4f:65:28:6b:95:66:9c:c4:d5:56:5c:13:61: 09:d9:f7:57:0a:22:2b:4d:82:1e:cf:bd:c8:61:ee: de:c2:de:aa:a0:e6:67:03:2d:ec:df:fc:5e:ac:2f: 30:5b:63:3f:7d:68:65:e6:e7:9c:5d:f2:3c:89:9e: 9d:b9:8c:d5:c3:dd:71:7f:ba:d7:fc:8a:7a:d3:71: ff:ca:68:e5:7d:da:05:4b:28:84:8e:3f:6b:06:7d: 72:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:9E:4F:6A:E9:C3:21:7C:4C:FA:30:36:7B:62:73:A2:BD:8D:98:BB X509v3 Authority Key Identifier: keyid:DE:4C:E9:60:A3:93:0A:B4:C2:27:FC:E8:F8:57:C0:84:19:7F:08:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 79:79:d6:48:f2:70:de:20:50:f5:f9:60:76:05:b5:46:e4:04: da:37:50:c4:9c:d9:b1:51:30:3a:5a:fe:17:0a:b3:5a:56:27: ae:cb:6f:d1:dc:e4:e0:55:68:1d:85:1f:38:be:69:fe:ec:c4: 88:6c:01:02:93:78:97:6a:4c:6a:1c:78:9c:c0:db:73:00:45: 93:8a:4b:6a:74:58:6c:01:3e:43:f3:3e:ac:bf:9a:03:22:05: d5:6f:4c:06:7c:bd:3c:9c:92:a2:b7:47:f3:db:09:45:34:5f: 24:f8:e8:02:ab:7b:1d:70:9c:73:06:6f:76:e0:61:82:b3:bc: 72:41:05:42:fb:86:76:97:38:99:6a:43:06:ac:a7:27:21:b0: 26:72:17:a5:03:42:36:d8:1f:ca:de:ed:12:cd:bc:13:f3:07: d2:24:c4:4f:4d:8e:11:19:7a:57:e8:0d:11:b3:0e:a9:79:20: 27:02:2e:6b:cf:a6:6a:7d:2f:46:5f:2c:9e:9b:71:b9:fe:f4: aa:f7:24:2a:d1:ea:3c:1d:11:84:1f:0b:35:bc:db:6c:99:0e: bf:16:da:6c:4a:29:e0:ec:99:1a:22:ba:57:a4:7f:ef:3e:38: 5c:99:b0:ce:24:70:3a:18:37:b8:81:d2:19:78:48:98:ad:e5: e8:3f:66:b2 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBNjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4 RjFDOTExMC8GA1UEBRMoREU0Q0U5NjBBMzkzMEFCNEMyMjdGQ0U4Rjg1N0MwODQx OTdGMDhEMDAeFw0yNTA1MTYyMDEzMTJaFw0yNTA1MjMyMDEzMTJaMBgxFjAUBgNV BAMTDTY4Mjc5YzU4LWI1ZjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDUOzj+zEDkcqa/UapOkR0QmJr3t7jPFrKxTL35o+pOTnw2VElPr42KZkqqlPog ZUlVLQILwQCzf6Ypb/R7Z2zBswBzuJDAwW3Ax4nmwPfeqe2xWJir1GckA8UbPhuW 4VHRNoK0nKFXMRixDvc0/ZhTUcLq4yuSoTdazam3w7jknlix3+sY2E/RyQc0SY9R HHJDLXuYCdi+nmXWZuw1o7KYjeUhShWdT2Uoa5VmnMTVVlwTYQnZ91cKIitNgh7P vchh7t7C3qqg5mcDLezf/F6sLzBbYz99aGXm55xd8jyJnp25jNXD3XF/utf8inrT cf/KaOV92gVLKISOP2sGfXJNAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUkJ5PaunD IXxM+jA2e2Jzor2NmLswHwYDVR0jBBgwFoAU3kzpYKOTCrTCJ/zo+FfAhBl/CNAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThGMUM5LzZBNTdBQjhDN0Y5 NTExRUFCMEVEODUzN0M0RjlBRTAyLzNrenBZS09UQ3JUQ0pfem8tRmZBaEJsX0NO QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvM2t6cFlLT1RDclRDSl96by1GZkFoQmxfQ05BLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThG MUM5LzZBNTdBQjhDN0Y5NTExRUFCMEVEODUzN0M0RjlBRTAyLzNrenBZS09UQ3JU Q0pfem8tRmZBaEJsX0NOQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHl51kjycN4gUPX5YHYFtUbkBNo3UMSc2bFRMDpa/hcKs1pWJ67Lb9Hc 5OBVaB2FHzi+af7sxIhsAQKTeJdqTGoceJzA23MARZOKS2p0WGwBPkPzPqy/mgMi BdVvTAZ8vTyckqK3R/PbCUU0XyT46AKrex1wnHMGb3bgYYKzvHJBBUL7hnaXOJlq QwaspychsCZyF6UDQjbYH8re7RLNvBPzB9IkxE9NjhEZelfoDRGzDql5ICcCLmvP pmp9L0ZfLJ6bcbn+9Kr3JCrR6jwdEYQfCzW822yZDr8W2mxKKeDsmRoiulekf+8+ OFyZsM4kcDoYN7iB0hl4SJit5eg/ZrI= -----END CERTIFICATE-----Generated at Sat May 17 09:28:48 2025 by rpki-client