$ rpki-client -vvf rpki.apnic.net/member_repository/A91717D1/9A9B48A282A311E99E582384C4F9AE02/3Bh_yEFs5bNHuvIho2E6O0eCjog.mft File: 3Bh_yEFs5bNHuvIho2E6O0eCjog.mft (raw, json) Hash identifier: b0qwbYiku+wwW63TIbTILkIYrbyzIlnUfIa9mSkW2y4= Subject key identifier: 3C:62:AF:7C:E9:EC:7E:8E:92:D7:65:91:6B:55:CC:FA:75:65:AF:FA Authority key identifier: DC:18:7F:C8:41:6C:E5:B3:47:BA:F2:21:A3:61:3A:3B:47:82:8E:88 Certificate issuer: /CN=A91717D1/serialNumber=DC187FC8416CE5B347BAF221A3613A3B47828E88 Certificate serial: 0ED5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Bh_yEFs5bNHuvIho2E6O0eCjog.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91717D1/9A9B48A282A311E99E582384C4F9AE02/3Bh_yEFs5bNHuvIho2E6O0eCjog.mft Manifest number: 0EC9 Signing time: Mon 28 Apr 2025 17:54:23 +0000 Manifest this update: Mon 28 Apr 2025 17:54:22 +0000 Manifest next update: Mon 05 May 2025 17:54:22 +0000 Files and hashes: 1: 3Bh_yEFs5bNHuvIho2E6O0eCjog.crl (hash: cmc3sMJSaFdRzgtURT3tYsmYVVLdX9ymNLiBat2as44=) 2: 085B4576C35711EC9F5ADC3DC4F9AE02.roa (hash: 8mq0TUcgdgyOArIdFl1Mn7GOTMSpOYLbH39QuqlMzQM=) 3: 0963FDF0C35711EC9F5ADC3DC4F9AE02.roa (hash: ZC6B1slbJ+NBUR+XleTIQLrCjIWpOaVIltQbveTaTb8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91717D1/9A9B48A282A311E99E582384C4F9AE02/3Bh_yEFs5bNHuvIho2E6O0eCjog.crl rsync://rpki.apnic.net/member_repository/A91717D1/9A9B48A282A311E99E582384C4F9AE02/3Bh_yEFs5bNHuvIho2E6O0eCjog.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Bh_yEFs5bNHuvIho2E6O0eCjog.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 05 May 2025 17:54:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3797 (0xed5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91717D1, serialNumber=DC187FC8416CE5B347BAF221A3613A3B47828E88 Validity Not Before: Apr 28 17:54:22 2025 GMT Not After : May 5 17:54:22 2025 GMT Subject: CN=680fc0ce-b78c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:a2:55:ec:7e:e1:4f:70:d7:59:f6:24:ce:31: 76:e9:57:6a:17:01:44:32:2d:6a:af:a9:ff:91:73: 42:53:09:1f:ed:67:32:d7:d5:97:c3:6c:c7:b7:a6: 0e:70:b4:58:df:8e:ff:48:3e:dc:e8:b5:d6:6e:6a: 28:00:9b:06:23:45:b2:5c:7c:d2:50:2b:3e:e6:5c: 15:fc:53:00:a8:98:26:c0:eb:18:32:2c:0d:de:b5: 93:69:c6:56:18:18:3f:be:43:fc:ce:ef:3a:19:29: df:58:6d:fd:b7:c7:6e:05:f5:46:12:76:9d:32:4e: 8d:76:4f:d8:50:53:26:36:b7:87:85:38:9a:4f:da: 21:22:67:63:d3:c6:0d:13:26:a6:f1:a6:69:b1:a9: 35:1e:e4:b7:5f:6a:95:f4:ed:9e:28:fa:a6:d2:7e: e6:68:c7:f4:4f:ef:64:bf:6d:b8:e9:89:ed:40:b4: 52:d7:1b:bc:b5:3d:61:12:2e:4e:9c:ad:2e:7e:a3: 78:56:92:90:df:d9:8d:c4:ba:72:92:b2:00:84:64: 12:f8:93:80:65:c4:d2:ce:72:cb:50:c0:a4:d5:bf: c2:b1:05:8e:5a:a2:3f:cc:75:e0:ac:a6:d5:de:72: 96:24:c3:ae:88:99:06:f4:56:61:94:26:20:55:15: 53:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:62:AF:7C:E9:EC:7E:8E:92:D7:65:91:6B:55:CC:FA:75:65:AF:FA X509v3 Authority Key Identifier: keyid:DC:18:7F:C8:41:6C:E5:B3:47:BA:F2:21:A3:61:3A:3B:47:82:8E:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91717D1/9A9B48A282A311E99E582384C4F9AE02/3Bh_yEFs5bNHuvIho2E6O0eCjog.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Bh_yEFs5bNHuvIho2E6O0eCjog.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91717D1/9A9B48A282A311E99E582384C4F9AE02/3Bh_yEFs5bNHuvIho2E6O0eCjog.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 40:c3:7f:07:08:8d:18:c2:74:cb:49:63:66:36:01:bb:f6:cd: ff:c7:98:51:5e:f2:70:6e:7d:12:e2:d2:e5:5d:98:c0:3e:b6: 3b:af:fd:cf:55:cf:37:fb:8c:b4:38:d6:ba:5e:0b:4b:f7:be: 14:56:a7:8a:1d:76:84:6b:9e:c4:f9:9f:db:12:7f:96:48:7b: 32:2f:b5:02:50:5a:c5:b5:1d:8b:2b:d4:fa:ee:ea:62:e9:31: fc:d0:51:c8:31:39:68:b8:ba:c6:35:11:a0:ab:bf:bf:22:9a: 76:e1:d7:13:55:16:ef:5d:3c:9e:1d:13:c6:c4:a0:64:20:32: 34:c5:a2:67:d7:cd:da:f8:2e:c5:aa:d4:44:d0:f0:c6:96:62: be:75:51:a0:d5:d1:15:1a:72:4c:f5:e3:88:59:0b:72:c3:74: 9f:28:27:3b:1e:ff:8c:15:68:77:74:99:d1:e8:50:2d:d5:a1: eb:db:e2:e7:0f:45:40:c7:06:16:30:24:7d:52:a9:c4:2e:d5: 0a:ae:e6:eb:ef:e7:ee:6b:89:f0:ee:af:17:c8:0a:13:44:ad: 6c:ea:d2:99:f6:c8:c6:be:6e:10:ce:c9:fe:c3:64:8c:7c:1e: 99:8e:87:97:e9:5b:7f:f7:7d:d1:cc:e7:f9:83:e6:d4:0f:4b: c5:09:b2:06 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDtUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzE3RDExMTAvBgNVBAUTKERDMTg3RkM4NDE2Q0U1QjM0N0JBRjIyMUEzNjEzQTNC NDc4MjhFODgwHhcNMjUwNDI4MTc1NDIyWhcNMjUwNTA1MTc1NDIyWjAYMRYwFAYD VQQDEw02ODBmYzBjZS1iNzhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwaJV7H7hT3DXWfYkzjF26VdqFwFEMi1qr6n/kXNCUwkf7Wcy19WXw2zHt6YO cLRY347/SD7c6LXWbmooAJsGI0WyXHzSUCs+5lwV/FMAqJgmwOsYMiwN3rWTacZW GBg/vkP8zu86GSnfWG39t8duBfVGEnadMk6Ndk/YUFMmNreHhTiaT9ohImdj08YN Eyam8aZpsak1HuS3X2qV9O2eKPqm0n7maMf0T+9kv2246YntQLRS1xu8tT1hEi5O nK0ufqN4VpKQ39mNxLpykrIAhGQS+JOAZcTSznLLUMCk1b/CsQWOWqI/zHXgrKbV 3nKWJMOuiJkG9FZhlCYgVRVTnwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDxir3zp 7H6OktdlkWtVzPp1Za/6MB8GA1UdIwQYMBaAFNwYf8hBbOWzR7ryIaNhOjtHgo6I MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MTdEMS85QTlCNDhBMjgy QTMxMUU5OUU1ODIzODRDNEY5QUUwMi8zQmhfeUVGczViTkh1dklobzJFNk8wZUNq b2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNCaF95RUZzNWJOSHV2SWhvMkU2TzBlQ2pvZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MTdEMS85QTlCNDhBMjgyQTMxMUU5OUU1ODIzODRDNEY5QUUwMi8zQmhfeUVGczVi Tkh1dklobzJFNk8wZUNqb2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBAw38HCI0YwnTLSWNmNgG79s3/x5hRXvJwbn0S4tLlXZjAPrY7r/3P Vc83+4y0ONa6XgtL974UVqeKHXaEa57E+Z/bEn+WSHsyL7UCUFrFtR2LK9T67upi 6TH80FHIMTlouLrGNRGgq7+/Ipp24dcTVRbvXTyeHRPGxKBkIDI0xaJn183a+C7F qtRE0PDGlmK+dVGg1dEVGnJM9eOIWQtyw3SfKCc7Hv+MFWh3dJnR6FAt1aHr2+Ln D0VAxwYWMCR9UqnELtUKrubr7+fua4nw7q8XyAoTRK1s6tKZ9sjGvm4Qzsn+w2SM fB6ZjoeX6Vt/933RzOf5g+bUD0vFCbIG -----END CERTIFICATE-----Generated at Mon Apr 28 20:10:41 2025 by rpki-client on console.sobornost.net