$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.mft File: 3rTAuQf6yhxdN3a9SUb0uqjKazA.mft (raw, json) Hash identifier: uKNddlWx1+Ip73p6zUCPtWJ6oahPc+FQYF0o/LiqtdI= Subject key identifier: 3E:AB:F0:2D:F4:0F:CB:91:36:F4:B8:23:40:D7:9E:6B:21:5D:8F:28 Authority key identifier: DE:B4:C0:B9:07:FA:CA:1C:5D:37:76:BD:49:46:F4:BA:A8:CA:6B:30 Certificate issuer: /CN=A91F3B5F/serialNumber=DEB4C0B907FACA1C5D3776BD4946F4BAA8CA6B30 Certificate serial: 16 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3rTAuQf6yhxdN3a9SUb0uqjKazA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.mft Manifest number: 15 Signing time: Tue 13 May 2025 07:15:11 +0000 Manifest this update: Tue 13 May 2025 07:15:10 +0000 Manifest next update: Tue 20 May 2025 07:15:10 +0000 Files and hashes: 1: 3rTAuQf6yhxdN3a9SUb0uqjKazA.crl (hash: DnKzMOmZOgPduQdT8/xjGfAprTeb2EJW+4q8OPFHizA=) 2: 0B65C980136D11F09F542C81C4F9AE02.roa (hash: VBqh2E7rkd2+euZfBVuvn8Wuy6ZridPl7cQmEbFqT/k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.crl rsync://rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3rTAuQf6yhxdN3a9SUb0uqjKazA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 02:50:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22 (0x16) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F3B5F, serialNumber=DEB4C0B907FACA1C5D3776BD4946F4BAA8CA6B30 Validity Not Before: May 13 07:15:10 2025 GMT Not After : May 20 07:15:10 2025 GMT Subject: CN=6822f17f-ad6f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:54:61:a7:8a:19:dd:af:c5:a3:4e:e4:78:fa: 0d:74:21:c7:a0:60:b2:14:28:41:df:3e:fb:8f:fd: d9:f8:48:af:bb:f0:52:e0:5f:0e:37:32:c0:e4:f2: e6:09:2e:fd:f6:10:8b:bb:4d:10:09:a5:19:6b:ac: 89:43:ee:55:d5:cf:23:fe:ac:39:5a:eb:83:ef:96: ae:02:90:cc:a6:22:09:c7:f9:cb:8f:6f:f1:ba:ab: 50:ca:c0:2a:ed:05:11:07:89:f8:28:44:0a:2c:c3: 5a:0c:b2:5e:f6:c5:96:9d:9b:cc:f5:60:3b:55:e2: 15:e1:7a:d1:02:9d:06:b9:42:88:48:00:af:7a:46: 1d:04:b5:c9:1b:c1:c5:e9:00:3f:f6:5c:0b:ed:df: 40:a3:54:f7:9b:2e:fb:26:86:6d:8c:3d:d1:a9:c6: 75:b1:1a:35:59:3d:da:2c:00:19:75:d5:5e:a3:3c: 1e:8d:41:cb:58:67:6a:52:fd:98:b5:fb:0b:1e:22: 93:c1:a8:a5:40:45:ad:e1:70:73:16:f2:ed:ca:87: 4f:c6:9e:72:08:0b:a8:c6:3e:0c:8e:9c:e3:4e:ed: 67:4d:b8:a0:cc:f6:68:c2:8d:f3:1b:ea:46:3f:c0: 3c:1e:65:d0:3c:93:10:a1:13:38:fc:02:bc:35:48: 15:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:AB:F0:2D:F4:0F:CB:91:36:F4:B8:23:40:D7:9E:6B:21:5D:8F:28 X509v3 Authority Key Identifier: keyid:DE:B4:C0:B9:07:FA:CA:1C:5D:37:76:BD:49:46:F4:BA:A8:CA:6B:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3rTAuQf6yhxdN3a9SUb0uqjKazA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 40:79:4a:ac:36:e5:56:d5:91:4f:41:2b:71:a3:41:29:a6:33: f4:d4:8e:13:9a:a7:11:73:5b:f4:e5:18:f7:ea:b5:7e:8b:ff: cd:38:95:43:00:0a:fb:67:95:55:50:ae:45:48:ac:37:c2:0c: 39:0f:d2:14:83:4b:55:38:d4:72:b3:14:7a:d3:72:cc:b6:59: 73:57:40:27:5b:ef:87:58:11:74:aa:f9:d1:17:58:f8:b0:58: 69:68:ec:2c:3c:66:6b:b7:67:c3:a4:7b:25:db:9f:ef:c0:75: 38:55:9a:cc:bb:1a:38:6f:25:d4:ee:e7:de:17:bb:02:c8:ff: 28:a4:56:9e:8c:20:de:39:fa:4a:8a:0c:3e:af:03:31:42:28: c5:60:7e:fe:ee:75:95:31:f2:83:40:b2:d1:81:82:50:ce:65: f3:f8:4b:54:22:23:35:ae:50:8b:5e:e5:1c:29:a5:8e:1a:4e: 0a:80:01:51:21:e4:16:86:08:99:cc:2b:05:5f:be:2d:fa:72: 81:55:c0:95:f8:d2:fa:e5:bb:a9:d3:1c:a0:ec:e3:3f:b5:b6: f9:0b:43:3e:30:cf:20:e6:67:6b:1a:fe:c9:84:1f:e9:f1:20: d9:79:b2:e2:4f:c9:ff:41:87:f3:d6:50:72:ce:9f:02:e5:45: 23:f5:79:a6 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBFjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG M0I1RjExMC8GA1UEBRMoREVCNEMwQjkwN0ZBQ0ExQzVEMzc3NkJENDk0NkY0QkFB OENBNkIzMDAeFw0yNTA1MTMwNzE1MTBaFw0yNTA1MjAwNzE1MTBaMBgxFjAUBgNV BAMTDTY4MjJmMTdmLWFkNmYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDGVGGnihndr8WjTuR4+g10IcegYLIUKEHfPvuP/dn4SK+78FLgXw43MsDk8uYJ Lv32EIu7TRAJpRlrrIlD7lXVzyP+rDla64Pvlq4CkMymIgnH+cuPb/G6q1DKwCrt BREHifgoRAosw1oMsl72xZadm8z1YDtV4hXhetECnQa5QohIAK96Rh0EtckbwcXp AD/2XAvt30CjVPebLvsmhm2MPdGpxnWxGjVZPdosABl11V6jPB6NQctYZ2pS/Zi1 +wseIpPBqKVARa3hcHMW8u3Kh0/GnnIIC6jGPgyOnONO7WdNuKDM9mjCjfMb6kY/ wDweZdA8kxChEzj8Arw1SBWDAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUPqvwLfQP y5E29LgjQNeeayFdjygwHwYDVR0jBBgwFoAU3rTAuQf6yhxdN3a9SUb0uqjKazAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYzQjVGL0IxNzBDOTEyMTM2 NjExRjA4MkUzQzUwREM0RjlBRTAyLzNyVEF1UWY2eWh4ZE4zYTlTVWIwdXFqS2F6 QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvM3JUQXVRZjZ5aHhkTjNhOVNVYjB1cWpLYXpBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYz QjVGL0IxNzBDOTEyMTM2NjExRjA4MkUzQzUwREM0RjlBRTAyLzNyVEF1UWY2eWh4 ZE4zYTlTVWIwdXFqS2F6QS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEB5Sqw25VbVkU9BK3GjQSmmM/TUjhOapxFzW/TlGPfqtX6L/804lUMA CvtnlVVQrkVIrDfCDDkP0hSDS1U41HKzFHrTcsy2WXNXQCdb74dYEXSq+dEXWPiw WGlo7Cw8Zmu3Z8OkeyXbn+/AdThVmsy7GjhvJdTu594XuwLI/yikVp6MIN45+kqK DD6vAzFCKMVgfv7udZUx8oNAstGBglDOZfP4S1QiIzWuUIte5RwppY4aTgqAAVEh 5BaGCJnMKwVfvi36coFVwJX40vrlu6nTHKDs4z+1tvkLQz4wzyDmZ2sa/smEH+nx INl5suJPyf9Bh/PWUHLOnwLlRSP1eaY= -----END CERTIFICATE-----Generated at Tue May 13 09:16:28 2025 by rpki-client