$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft File: 3af4p0oKdM_262MEKLbJ1w1XvXY.mft (raw, json) Hash identifier: ADsZ0Mc2Kh7ufkHCDvO2w6470hqt73lyuUDowWE/zIo= Subject key identifier: 13:74:07:FD:C4:0D:DA:39:5B:FC:A4:36:71:3C:24:3B:0F:19:AD:AD Authority key identifier: DD:A7:F8:A7:4A:0A:74:CF:F6:EB:63:04:28:B6:C9:D7:0D:57:BD:76 Certificate issuer: /CN=A91E7BC4/serialNumber=DDA7F8A74A0A74CFF6EB630428B6C9D70D57BD76 Certificate serial: 0DA1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft Manifest number: 0D67 Signing time: Wed 14 May 2025 18:08:56 +0000 Manifest this update: Wed 14 May 2025 18:08:56 +0000 Manifest next update: Wed 21 May 2025 18:08:56 +0000 Files and hashes: 1: 3af4p0oKdM_262MEKLbJ1w1XvXY.crl (hash: C0SHW9/AWX3PF3zs8XEXZdLHi3eee4hDSln5Ej8mi/Y=) 2: CE83F0E6F0E411EAA47C3968C4F9AE02.roa (hash: ZQBdoWyO873LcT1vKoBchR3Mc6PGkjTHNlXwZK5KBUA=) 3: E69AF38AB11C11EAACC28D2EC4F9AE02.roa (hash: vmjmVmXjdkD0vxVvLQigcrFyWXDcETievw8r2QIVv8s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.crl rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 21 May 2025 18:08:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3489 (0xda1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E7BC4, serialNumber=DDA7F8A74A0A74CFF6EB630428B6C9D70D57BD76 Validity Not Before: May 14 18:08:56 2025 GMT Not After : May 21 18:08:56 2025 GMT Subject: CN=6824dc38-79db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:a7:e1:17:d9:a5:ae:c2:df:6c:60:20:70:6d: 80:b8:5a:24:af:9d:86:3f:21:9f:1e:7d:62:f9:05: c3:4a:6a:9b:f1:ba:ed:a2:89:b5:4b:4d:3a:a6:f3: 90:cd:0f:4a:c3:58:27:b7:d5:6a:80:73:bb:ce:2b: d8:45:f7:67:bb:9e:26:e0:86:e4:39:32:38:ec:66: a2:dc:fc:73:8a:45:92:e1:b1:c1:b6:9b:03:2b:46: a4:90:98:46:90:22:0c:c7:65:9a:3a:78:6c:c1:bb: 25:84:1d:e0:9a:32:5b:30:97:f4:18:ba:72:9b:e6: 61:1b:44:27:87:64:40:49:87:70:9d:cf:ce:f1:03: ff:af:88:70:9a:b1:8c:1c:5b:13:61:18:c1:55:f2: 80:a5:62:7b:a2:a4:31:69:d7:b7:07:f7:7b:b0:cf: 3c:bc:99:73:11:f3:b3:15:c9:e3:00:dd:55:df:d6: 7a:a1:a4:5d:aa:8b:f1:ff:69:bd:f4:65:39:87:f1: 80:97:20:af:cf:0c:48:25:78:1f:16:60:75:2d:f2: 5a:a0:59:fc:ed:c1:32:4c:0e:d3:1c:72:1c:fb:45: 5d:7e:a4:e9:0a:fc:74:01:76:bf:93:72:d2:04:26: d1:0a:45:a9:3b:6a:e7:e7:dc:dd:30:dc:5c:7d:b3: 8b:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:74:07:FD:C4:0D:DA:39:5B:FC:A4:36:71:3C:24:3B:0F:19:AD:AD X509v3 Authority Key Identifier: keyid:DD:A7:F8:A7:4A:0A:74:CF:F6:EB:63:04:28:B6:C9:D7:0D:57:BD:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1a:d4:ea:88:2b:ea:a9:89:4a:f8:0b:b1:c9:f3:5c:0f:90:f2: 86:a3:08:12:32:ce:41:27:f7:71:89:73:a3:a4:6c:d2:46:b1: 00:fc:f8:02:f0:e9:4d:be:b7:fc:36:22:2b:ab:df:6c:ef:06: 96:fa:4d:90:f7:87:93:76:ac:53:92:82:f5:b7:b9:26:3a:7f: f5:a8:00:50:1a:80:5f:79:61:8c:20:f6:f8:a7:ec:90:ac:0d: bd:3b:6f:49:9b:cb:e2:1f:5b:37:51:f5:0f:43:e0:7d:21:86: 26:f7:36:e7:77:86:9d:5f:07:cf:42:bc:30:e1:8b:4a:88:b5: 41:04:9d:ef:d1:cf:b1:39:6c:f4:e4:46:16:83:37:b8:3a:51: 8e:fe:40:b9:55:09:ef:7a:14:ab:0c:c2:0a:fd:0c:42:e6:e2: 64:de:46:a2:03:8d:61:91:ea:cb:0e:14:4a:0b:8e:6e:8a:62: 2d:72:51:13:d0:ae:2f:53:0a:51:de:d4:1f:4f:51:7a:1c:dc: 75:89:4d:e3:e2:c7:13:08:23:2b:80:e6:2a:01:d3:5b:99:ac: 75:8b:40:89:fd:24:12:d9:90:32:05:00:ae:d8:4d:9e:6a:fa: 0c:df:b3:65:10:a8:fe:b7:ca:cb:29:30:6b:05:78:d5:15:5d: c4:eb:6d:d2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDaEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTdCQzQxMTAvBgNVBAUTKEREQTdGOEE3NEEwQTc0Q0ZGNkVCNjMwNDI4QjZDOUQ3 MEQ1N0JENzYwHhcNMjUwNTE0MTgwODU2WhcNMjUwNTIxMTgwODU2WjAYMRYwFAYD VQQDEw02ODI0ZGMzOC03OWRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs6fhF9mlrsLfbGAgcG2AuFokr52GPyGfHn1i+QXDSmqb8brtoom1S006pvOQ zQ9Kw1gnt9VqgHO7zivYRfdnu54m4IbkOTI47Gai3PxzikWS4bHBtpsDK0akkJhG kCIMx2WaOnhswbslhB3gmjJbMJf0GLpym+ZhG0Qnh2RASYdwnc/O8QP/r4hwmrGM HFsTYRjBVfKApWJ7oqQxade3B/d7sM88vJlzEfOzFcnjAN1V39Z6oaRdqovx/2m9 9GU5h/GAlyCvzwxIJXgfFmB1LfJaoFn87cEyTA7THHIc+0VdfqTpCvx0AXa/k3LS BCbRCkWpO2rn59zdMNxcfbOLowIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBN0B/3E Ddo5W/ykNnE8JDsPGa2tMB8GA1UdIwQYMBaAFN2n+KdKCnTP9utjBCi2ydcNV712 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFN0JDNC8yRDFBNTk1QUQ1 MEQxMUU5QkFENkMyMjZDNEY5QUUwMi8zYWY0cDBvS2RNXzI2Mk1FS0xiSjF3MVh2 WFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNhZjRwMG9LZE1fMjYyTUVLTGJKMXcxWHZYWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF N0JDNC8yRDFBNTk1QUQ1MEQxMUU5QkFENkMyMjZDNEY5QUUwMi8zYWY0cDBvS2RN XzI2Mk1FS0xiSjF3MVh2WFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAa1OqIK+qpiUr4C7HJ81wPkPKGowgSMs5BJ/dxiXOjpGzSRrEA/PgC 8OlNvrf8NiIrq99s7waW+k2Q94eTdqxTkoL1t7kmOn/1qABQGoBfeWGMIPb4p+yQ rA29O29Jm8viH1s3UfUPQ+B9IYYm9zbnd4adXwfPQrww4YtKiLVBBJ3v0c+xOWz0 5EYWgze4OlGO/kC5VQnvehSrDMIK/QxC5uJk3kaiA41hkerLDhRKC45uimItclET 0K4vUwpR3tQfT1F6HNx1iU3j4scTCCMrgOYqAdNbmax1i0CJ/SQS2ZAyBQCu2E2e avoM37NlEKj+t8rLKTBrBXjVFV3E623S -----END CERTIFICATE-----Generated at Wed May 14 21:10:45 2025 by rpki-client