$ rpki-client -vvf rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft File: 3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft (raw, json) Hash identifier: r5pTkeou+sQxU8q6bUkYFSLmN97TmDtZlsNiy/t9saw= Subject key identifier: D3:3E:D6:4F:AC:85:67:28:13:66:FE:FF:16:58:81:62:46:28:64:70 Authority key identifier: DE:4C:E9:60:A3:93:0A:B4:C2:27:FC:E8:F8:57:C0:84:19:7F:08:D0 Certificate issuer: /CN=A918F1C9/serialNumber=DE4CE960A3930AB4C227FCE8F857C084197F08D0 Certificate serial: 4D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft Manifest number: 0A48 Signing time: Wed 02 Jul 2025 20:08:28 +0000 Manifest this update: Wed 02 Jul 2025 20:08:28 +0000 Manifest next update: Wed 09 Jul 2025 20:08:28 +0000 Files and hashes: 1: 3kzpYKOTCrTCJ_zo-FfAhBl_CNA.crl (hash: YLgC050+pFJ33HIyCDsxBUass6GKNJatMpU/wSPedRU=) 2: 93E4B52CE43E11EF91571D16C4F9AE02.roa (hash: qbK0SRsjZmgPEhHCvpQ8WHXr9ovPv+iMo1ylb0vxYmI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.crl rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 20:08:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77 (0x4d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918F1C9, serialNumber=DE4CE960A3930AB4C227FCE8F857C084197F08D0 Validity Not Before: Jul 2 20:08:28 2025 GMT Not After : Jul 9 20:08:28 2025 GMT Subject: CN=686591bc-e4bc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:91:77:eb:24:82:b6:08:06:d2:5a:e9:22:e8: ce:a0:50:9a:60:ae:f4:ca:81:ef:ab:01:47:1e:93: db:81:bc:93:e9:00:c4:12:bb:5b:bc:ee:a0:1d:2e: c4:b0:75:a4:9f:eb:67:b8:ce:6d:7c:a8:f7:cf:71: a3:59:b5:04:4a:17:48:52:a0:4c:d1:89:66:02:ce: 39:61:7a:14:27:72:c3:84:96:93:01:c0:14:74:01: e2:25:78:ab:08:d9:26:32:ae:3e:ac:25:c6:4b:68: 23:11:be:13:b8:d5:e9:48:47:8a:83:09:12:e3:1e: 26:a1:14:df:e8:44:ab:f6:0f:0b:bf:5c:76:8d:b6: ad:7d:1f:d7:9c:27:af:11:fc:16:72:f3:59:39:7d: 72:4e:dc:95:95:d8:50:28:5e:00:e1:02:57:0d:0f: 3d:54:4b:3f:88:7a:54:c8:2a:9c:81:c0:41:b5:7c: 82:82:36:b9:fa:da:64:4d:bb:fc:48:e3:2a:86:f5: 80:ec:9d:55:fb:39:23:ec:26:96:68:64:d0:e9:3a: c5:27:71:09:a5:85:17:25:fb:1e:fe:82:ac:67:1d: 00:40:dc:bf:1a:16:34:7f:1b:5c:38:c3:03:08:e9: f7:c3:51:b4:b7:4f:8f:20:73:a2:72:62:cb:ed:6d: b9:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:3E:D6:4F:AC:85:67:28:13:66:FE:FF:16:58:81:62:46:28:64:70 X509v3 Authority Key Identifier: keyid:DE:4C:E9:60:A3:93:0A:B4:C2:27:FC:E8:F8:57:C0:84:19:7F:08:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 92:5d:fb:30:19:27:e2:75:f3:e9:7c:f9:e9:23:0e:f8:2a:f8: 5b:8a:d8:ec:b9:3c:65:89:4f:66:00:68:32:29:96:4d:24:e3: 19:59:9f:91:5a:af:1f:5b:75:92:55:2f:f0:6a:91:a7:f1:f3: 22:cb:49:8d:4e:cc:51:bc:f7:45:81:24:08:99:5e:36:ac:61: 67:d6:dc:f3:52:06:9d:e2:02:44:02:30:d2:1d:66:d6:b6:53: 53:1f:d0:09:0f:67:6d:6d:07:be:a7:ff:83:ff:3a:c3:15:c2: b9:92:de:e4:4a:6c:1b:3c:8a:aa:85:ed:f0:ee:e8:5d:fa:40: d8:e9:46:ec:cf:cf:7a:90:fa:53:9c:03:fd:06:e3:24:cf:87: 6f:a8:3e:d3:02:f1:75:be:08:54:e0:ef:dc:8b:b2:72:74:24: 70:00:b6:20:38:b9:54:5d:8e:63:a3:67:e9:60:e5:61:15:dc: fa:06:14:3e:47:78:46:06:31:21:22:69:7c:2a:77:bc:b3:5a: cb:ed:b4:82:7b:7c:de:b5:81:54:31:7f:98:b9:6b:15:34:73: a8:ac:62:87:6b:3c:68:b8:2d:fc:14:03:98:ae:15:e8:b1:9f: 38:b5:15:81:1e:51:1d:52:8b:fd:22:f3:49:e4:4d:d4:55:7b: 91:28:48:91 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBTTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4 RjFDOTExMC8GA1UEBRMoREU0Q0U5NjBBMzkzMEFCNEMyMjdGQ0U4Rjg1N0MwODQx OTdGMDhEMDAeFw0yNTA3MDIyMDA4MjhaFw0yNTA3MDkyMDA4MjhaMBgxFjAUBgNV BAMTDTY4NjU5MWJjLWU0YmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCekXfrJIK2CAbSWuki6M6gUJpgrvTKge+rAUcek9uBvJPpAMQSu1u87qAdLsSw daSf62e4zm18qPfPcaNZtQRKF0hSoEzRiWYCzjlhehQncsOElpMBwBR0AeIleKsI 2SYyrj6sJcZLaCMRvhO41elIR4qDCRLjHiahFN/oRKv2Dwu/XHaNtq19H9ecJ68R /BZy81k5fXJO3JWV2FAoXgDhAlcNDz1USz+IelTIKpyBwEG1fIKCNrn62mRNu/xI 4yqG9YDsnVX7OSPsJpZoZNDpOsUncQmlhRcl+x7+gqxnHQBA3L8aFjR/G1w4wwMI 6ffDUbS3T48gc6JyYsvtbbkdAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU0z7WT6yF ZygTZv7/FliBYkYoZHAwHwYDVR0jBBgwFoAU3kzpYKOTCrTCJ/zo+FfAhBl/CNAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThGMUM5LzZBNTdBQjhDN0Y5 NTExRUFCMEVEODUzN0M0RjlBRTAyLzNrenBZS09UQ3JUQ0pfem8tRmZBaEJsX0NO QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvM2t6cFlLT1RDclRDSl96by1GZkFoQmxfQ05BLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThG MUM5LzZBNTdBQjhDN0Y5NTExRUFCMEVEODUzN0M0RjlBRTAyLzNrenBZS09UQ3JU Q0pfem8tRmZBaEJsX0NOQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAJJd+zAZJ+J18+l8+ekjDvgq+FuK2Oy5PGWJT2YAaDIplk0k4xlZn5Fa rx9bdZJVL/Bqkafx8yLLSY1OzFG890WBJAiZXjasYWfW3PNSBp3iAkQCMNIdZta2 U1Mf0AkPZ21tB76n/4P/OsMVwrmS3uRKbBs8iqqF7fDu6F36QNjpRuzPz3qQ+lOc A/0G4yTPh2+oPtMC8XW+CFTg79yLsnJ0JHAAtiA4uVRdjmOjZ+lg5WEV3PoGFD5H eEYGMSEiaXwqd7yzWsvttIJ7fN61gVQxf5i5axU0c6isYodrPGi4LfwUA5iuFeix nzi1FYEeUR1Si/0i80nkTdRVe5EoSJE= -----END CERTIFICATE-----Generated at Fri Jul 4 01:07:00 2025 by rpki-client