$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.mft File: 3aSfQfYYpV-cp8_FW66nthbZV2I.mft (raw, json) Hash identifier: wut1IH9KauMGjDHnu4R4aqBeUVWfJ8FUgTXn5kDtv0s= Subject key identifier: 1F:FB:84:CB:83:8A:9A:17:4B:AF:78:B4:BD:D8:64:50:32:C2:10:07 Authority key identifier: DD:A4:9F:41:F6:18:A5:5F:9C:A7:CF:C5:5B:AE:A7:B6:16:D9:57:62 Certificate issuer: /CN=A91A7273/serialNumber=DDA49F41F618A55F9CA7CFC55BAEA7B616D95762 Certificate serial: 4D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3aSfQfYYpV-cp8_FW66nthbZV2I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.mft Manifest number: 4C Signing time: Tue 01 Jul 2025 08:06:49 +0000 Manifest this update: Tue 01 Jul 2025 08:06:48 +0000 Manifest next update: Tue 08 Jul 2025 08:06:48 +0000 Files and hashes: 1: 3aSfQfYYpV-cp8_FW66nthbZV2I.crl (hash: 0Yg1t1p/vVXNt00FCtAg6w1yvhZ1XuBEG4NZ0zzGksA=) 2: 3958EEC642BB11F0B449BB81C4F9AE02.roa (hash: SygYrtM3v/MPPC9qe7TYDUy1/kulSQDEnXRN8vMuKwo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.crl rsync://rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3aSfQfYYpV-cp8_FW66nthbZV2I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 08:06:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77 (0x4d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A7273, serialNumber=DDA49F41F618A55F9CA7CFC55BAEA7B616D95762 Validity Not Before: Jul 1 08:06:48 2025 GMT Not After : Jul 8 08:06:48 2025 GMT Subject: CN=68639718-929c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:44:b3:79:64:af:74:9e:7b:5c:1e:74:58:35: b8:15:61:da:30:2e:c0:4f:f7:d8:d1:93:61:f5:f3: 62:0c:9e:49:67:b0:41:f3:2f:66:1b:95:c7:b7:98: 6d:e6:83:a8:e7:2c:55:c8:09:a6:6d:64:2c:eb:7b: eb:d8:83:b7:1f:ed:b9:8b:54:9c:28:c7:ea:02:ee: 4f:64:4b:a1:50:6e:14:b6:96:8c:2a:c9:9d:2f:95: be:07:8c:3b:50:21:f3:27:b5:86:3c:68:21:41:7e: b1:96:88:b8:77:e4:7a:d3:f8:aa:6c:1f:4b:01:59: 1e:d4:9d:27:74:15:46:20:84:b4:67:aa:be:99:9b: ff:ae:c9:21:9d:85:34:63:ac:be:7a:a8:da:f9:61: 2d:8c:16:ac:1c:b4:ab:a4:49:18:85:c3:5e:37:f7: e7:3b:7a:cb:24:23:bc:28:74:77:9f:d5:e1:61:cc: 69:2c:c0:fe:e9:34:b8:48:2e:6f:64:52:8c:c5:06: f3:10:1b:80:4f:a0:b2:84:53:ec:5d:28:2c:54:98: f6:90:66:2a:d1:17:5e:40:df:b2:ac:07:58:77:14: 8f:31:b9:c7:65:17:0b:a1:4a:52:f1:e9:2e:c5:9e: 63:55:6c:5c:47:92:94:e9:d1:0b:d2:f0:66:f8:29: 75:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:FB:84:CB:83:8A:9A:17:4B:AF:78:B4:BD:D8:64:50:32:C2:10:07 X509v3 Authority Key Identifier: keyid:DD:A4:9F:41:F6:18:A5:5F:9C:A7:CF:C5:5B:AE:A7:B6:16:D9:57:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3aSfQfYYpV-cp8_FW66nthbZV2I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 41:a4:61:51:be:fa:3b:35:36:4b:8c:f5:d9:93:2c:82:13:f4: b8:bc:95:6e:6e:72:c6:93:2f:81:8f:00:00:ac:32:ac:1a:6e: c4:cb:8f:5e:b7:6c:1d:b6:43:03:2d:56:3f:1a:8a:f7:c9:9d: 9d:b9:95:20:49:36:cf:b9:79:f5:90:d2:74:c5:f5:1a:74:b9: 71:71:93:66:ca:e4:3f:b7:e7:5b:76:3a:d8:55:47:a5:c3:68: e5:9a:41:ec:ca:77:10:b5:b3:66:6e:39:04:f2:39:fc:a5:4d: 1d:86:19:08:9b:10:43:48:c0:26:9c:b7:06:2e:84:61:95:51: f1:45:a0:be:26:9b:64:6f:9d:5c:a5:8d:19:60:f7:12:62:92: ce:7b:29:63:47:bd:59:62:30:1f:d1:0c:d8:5d:77:db:3c:47: 8c:60:8a:06:c3:79:38:c3:70:3d:78:ae:79:08:e5:a9:65:da: 50:dd:19:85:2c:13:c7:b7:83:f3:c6:24:94:73:bc:5f:09:04: 71:29:b2:45:51:e1:26:bc:ca:05:41:da:80:e9:ac:f0:34:9e: 51:ce:b3:ec:61:5b:91:09:68:46:e6:d8:98:59:36:a1:16:75: af:d8:0a:7d:23:26:5e:df:42:2d:1c:06:5c:6c:30:fa:af:d2: d9:79:99:ff -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBTTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB NzI3MzExMC8GA1UEBRMoRERBNDlGNDFGNjE4QTU1RjlDQTdDRkM1NUJBRUE3QjYx NkQ5NTc2MjAeFw0yNTA3MDEwODA2NDhaFw0yNTA3MDgwODA2NDhaMBgxFjAUBgNV BAMTDTY4NjM5NzE4LTkyOWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCwRLN5ZK90nntcHnRYNbgVYdowLsBP99jRk2H182IMnklnsEHzL2Yblce3mG3m g6jnLFXICaZtZCzre+vYg7cf7bmLVJwox+oC7k9kS6FQbhS2lowqyZ0vlb4HjDtQ IfMntYY8aCFBfrGWiLh35HrT+KpsH0sBWR7UnSd0FUYghLRnqr6Zm/+uySGdhTRj rL56qNr5YS2MFqwctKukSRiFw1439+c7esskI7wodHef1eFhzGkswP7pNLhILm9k UozFBvMQG4BPoLKEU+xdKCxUmPaQZirRF15A37KsB1h3FI8xucdlFwuhSlLx6S7F nmNVbFxHkpTp0QvS8Gb4KXU1AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUH/uEy4OK mhdLr3i0vdhkUDLCEAcwHwYDVR0jBBgwFoAU3aSfQfYYpV+cp8/FW66nthbZV2Iw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE3MjczL0ZDNTA1MDBFRTc3 MTExRUY5REZCREQ1MEM0RjlBRTAyLzNhU2ZRZllZcFYtY3A4X0ZXNjZudGhiWlYy SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvM2FTZlFmWVlwVi1jcDhfRlc2Nm50aGJaVjJJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE3 MjczL0ZDNTA1MDBFRTc3MTExRUY5REZCREQ1MEM0RjlBRTAyLzNhU2ZRZllZcFYt Y3A4X0ZXNjZudGhiWlYySS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEGkYVG++js1NkuM9dmTLIIT9Li8lW5ucsaTL4GPAACsMqwabsTLj163 bB22QwMtVj8aivfJnZ25lSBJNs+5efWQ0nTF9Rp0uXFxk2bK5D+351t2OthVR6XD aOWaQezKdxC1s2ZuOQTyOfylTR2GGQibEENIwCactwYuhGGVUfFFoL4mm2RvnVyl jRlg9xJiks57KWNHvVliMB/RDNhdd9s8R4xgigbDeTjDcD14rnkI5all2lDdGYUs E8e3g/PGJJRzvF8JBHEpskVR4Sa8ygVB2oDprPA0nlHOs+xhW5EJaEbm2JhZNqEW da/YCn0jJl7fQi0cBlxsMPqv0tl5mf8= -----END CERTIFICATE-----Generated at Tue Jul 1 15:28:09 2025 by rpki-client