$ rpki-client -vvf rpki.apnic.net/member_repository/A9199AFB/4434D590D9C211EC887F9846C4F9AE02/3GF8-u34v7Cj7PfWcULmwdUmQ1w.mft File: 3GF8-u34v7Cj7PfWcULmwdUmQ1w.mft (raw, json) Hash identifier: gMwPhpy1nZdpCj2v7QiWBeisqNEXn0BpnBwsSMOqdxo= Subject key identifier: 2D:BE:EC:65:B8:3C:A3:1C:52:9B:42:03:3B:8B:A1:4F:2C:08:40:E3 Authority key identifier: DC:61:7C:FA:ED:F8:BF:B0:A3:EC:F7:D6:71:42:E6:C1:D5:26:43:5C Certificate issuer: /CN=A9199AFB/serialNumber=DC617CFAEDF8BFB0A3ECF7D67142E6C1D526435C Certificate serial: 02F9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3GF8-u34v7Cj7PfWcULmwdUmQ1w.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9199AFB/4434D590D9C211EC887F9846C4F9AE02/3GF8-u34v7Cj7PfWcULmwdUmQ1w.mft Manifest number: 02F5 Signing time: Tue 13 May 2025 01:04:57 +0000 Manifest this update: Tue 13 May 2025 01:04:56 +0000 Manifest next update: Tue 20 May 2025 01:04:56 +0000 Files and hashes: 1: 3GF8-u34v7Cj7PfWcULmwdUmQ1w.crl (hash: ydbLGm2xtAkh+6VjFpAMc3Tmh22LxmRffsSfnFPtVms=) 2: 9E9EC628D9C511EC81B54F47C4F9AE02.roa (hash: eVqCt6jrx+C1JB/X7OKow2VBehCM/YMsmg/5OjY9iwk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9199AFB/4434D590D9C211EC887F9846C4F9AE02/3GF8-u34v7Cj7PfWcULmwdUmQ1w.crl rsync://rpki.apnic.net/member_repository/A9199AFB/4434D590D9C211EC887F9846C4F9AE02/3GF8-u34v7Cj7PfWcULmwdUmQ1w.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3GF8-u34v7Cj7PfWcULmwdUmQ1w.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 01:04:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 761 (0x2f9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9199AFB, serialNumber=DC617CFAEDF8BFB0A3ECF7D67142E6C1D526435C Validity Not Before: May 13 01:04:56 2025 GMT Not After : May 20 01:04:56 2025 GMT Subject: CN=68229ab9-7fd8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:7c:35:e9:06:1b:75:7c:07:c9:18:52:c7:ba: 79:04:4a:a1:a6:8c:88:d9:62:c2:7d:36:e7:ef:03: 19:d7:ab:ae:a6:c5:02:28:66:44:4c:ff:c3:c3:bc: b5:a6:ab:47:76:05:2e:eb:90:34:45:4b:d8:ae:21: f5:9a:ed:46:3d:95:12:b4:5d:ad:b3:b3:14:08:36: b5:76:76:f9:25:e5:93:2c:3f:e2:e2:b8:97:99:2b: 49:27:ca:b3:32:ea:ad:4a:45:de:f8:61:0f:29:6a: b9:83:f5:24:cc:a3:bc:45:28:9e:31:b2:e5:e9:5d: b3:23:67:08:92:57:ec:4e:88:c7:60:2d:8f:89:b2: 73:6b:24:50:d9:15:79:54:bf:57:a0:a0:da:89:69: 6b:77:4c:de:d1:79:fb:98:57:a0:61:b8:2b:76:9a: c3:4e:b9:f6:d9:ac:60:07:28:0a:dc:a2:09:3e:44: be:f8:99:3e:5e:bb:4f:fd:e3:37:95:e8:26:73:7f: 01:c7:dd:6b:2f:05:d7:cb:eb:84:b6:be:6a:38:aa: 97:4d:88:20:44:da:47:1b:b9:ff:e5:2e:d1:91:e5: 4f:3f:8d:63:c4:5b:57:e2:ea:d5:bd:47:91:ec:f6: dc:98:6b:d2:59:98:00:f9:fa:c9:a9:88:ce:27:ce: f8:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:BE:EC:65:B8:3C:A3:1C:52:9B:42:03:3B:8B:A1:4F:2C:08:40:E3 X509v3 Authority Key Identifier: keyid:DC:61:7C:FA:ED:F8:BF:B0:A3:EC:F7:D6:71:42:E6:C1:D5:26:43:5C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9199AFB/4434D590D9C211EC887F9846C4F9AE02/3GF8-u34v7Cj7PfWcULmwdUmQ1w.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3GF8-u34v7Cj7PfWcULmwdUmQ1w.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9199AFB/4434D590D9C211EC887F9846C4F9AE02/3GF8-u34v7Cj7PfWcULmwdUmQ1w.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1f:24:4b:ba:32:fd:2f:45:1d:ff:d3:16:39:09:2b:8f:c9:fb: 09:37:29:69:1f:26:65:41:39:93:70:6e:ee:ec:fa:f8:0a:65: 2d:12:7c:ca:cb:f9:53:f1:54:4c:1e:3c:a7:d7:2c:eb:96:ac: 90:b1:c5:9a:31:67:e1:9e:9e:9d:62:bd:ac:1b:63:cf:e2:52: 3d:1c:da:42:31:83:5d:77:b0:0a:87:ab:ab:ad:1c:f9:c9:26: f7:b5:0b:2f:1c:d8:b9:01:72:05:ec:5d:b7:42:1f:82:4a:64: 8a:c4:07:fb:74:83:c8:57:d7:73:3b:81:f2:56:38:ce:dc:33: 50:01:2d:d8:bb:71:a9:2a:e0:7b:88:2d:63:cd:5f:00:9b:53: b9:fe:c1:f3:af:d7:2a:34:7c:3e:9b:0a:d8:f1:74:d3:46:7d: de:96:eb:0a:95:80:93:0c:13:be:fe:28:e4:96:37:e9:cc:a9: fc:9c:0d:25:62:c2:fd:b3:56:73:b0:c5:33:df:b7:df:91:41: 42:bf:a9:8c:db:bc:a4:e3:4e:d6:ac:5a:4b:6c:78:8f:6f:2a: f9:5e:16:bf:86:48:4a:ae:65:87:37:36:8a:27:8d:aa:40:7e: cb:4e:4e:a5:35:5e:2d:39:3d:e5:91:f5:c6:8b:a8:39:18:8e: 5b:a0:f5:a3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAvkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTlBRkIxMTAvBgNVBAUTKERDNjE3Q0ZBRURGOEJGQjBBM0VDRjdENjcxNDJFNkMx RDUyNjQzNUMwHhcNMjUwNTEzMDEwNDU2WhcNMjUwNTIwMDEwNDU2WjAYMRYwFAYD VQQDEw02ODIyOWFiOS03ZmQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoHw16QYbdXwHyRhSx7p5BEqhpoyI2WLCfTbn7wMZ16uupsUCKGZETP/Dw7y1 pqtHdgUu65A0RUvYriH1mu1GPZUStF2ts7MUCDa1dnb5JeWTLD/i4riXmStJJ8qz MuqtSkXe+GEPKWq5g/UkzKO8RSieMbLl6V2zI2cIklfsTojHYC2PibJzayRQ2RV5 VL9XoKDaiWlrd0ze0Xn7mFegYbgrdprDTrn22axgBygK3KIJPkS++Jk+XrtP/eM3 legmc38Bx91rLwXXy+uEtr5qOKqXTYggRNpHG7n/5S7RkeVPP41jxFtX4urVvUeR 7PbcmGvSWZgA+frJqYjOJ874BwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC2+7GW4 PKMcUptCAzuLoU8sCEDjMB8GA1UdIwQYMBaAFNxhfPrt+L+wo+z31nFC5sHVJkNc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OUFGQi80NDM0RDU5MEQ5 QzIxMUVDODg3Rjk4NDZDNEY5QUUwMi8zR0Y4LXUzNHY3Q2o3UGZXY1VMbXdkVW1R MXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNHRjgtdTM0djdDajdQZldjVUxtd2RVbVExdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 OUFGQi80NDM0RDU5MEQ5QzIxMUVDODg3Rjk4NDZDNEY5QUUwMi8zR0Y4LXUzNHY3 Q2o3UGZXY1VMbXdkVW1RMXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAfJEu6Mv0vRR3/0xY5CSuPyfsJNylpHyZlQTmTcG7u7Pr4CmUtEnzK y/lT8VRMHjyn1yzrlqyQscWaMWfhnp6dYr2sG2PP4lI9HNpCMYNdd7AKh6urrRz5 ySb3tQsvHNi5AXIF7F23Qh+CSmSKxAf7dIPIV9dzO4HyVjjO3DNQAS3Yu3GpKuB7 iC1jzV8Am1O5/sHzr9cqNHw+mwrY8XTTRn3elusKlYCTDBO+/ijkljfpzKn8nA0l YsL9s1ZzsMUz37ffkUFCv6mM27yk407WrFpLbHiPbyr5Xha/hkhKrmWHNzaKJ42q QH7LTk6lNV4tOT3lkfXGi6g5GI5boPWj -----END CERTIFICATE-----Generated at Wed May 14 08:04:41 2025 by rpki-client