$ rpki-client -vvf rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft File: 3FejmXtffOj7ybTZiz1F1jMHcRg.mft (raw, json) Hash identifier: yYq20ECpVrZT57lOkq2pIliWC2Tlkig+PNzLba9j9CI= Subject key identifier: 8F:20:4E:04:D9:76:6F:65:5A:61:61:1C:24:80:F0:7A:A6:E0:EA:A6 Authority key identifier: DC:57:A3:99:7B:5F:7C:E8:FB:C9:B4:D9:8B:3D:45:D6:33:07:71:18 Certificate issuer: /CN=A917CABB/serialNumber=DC57A3997B5F7CE8FBC9B4D98B3D45D633077118 Certificate serial: 0C09 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft Manifest number: 0C02 Signing time: Mon 28 Apr 2025 19:04:11 +0000 Manifest this update: Mon 28 Apr 2025 19:04:11 +0000 Manifest next update: Mon 05 May 2025 19:04:11 +0000 Files and hashes: 1: 3FejmXtffOj7ybTZiz1F1jMHcRg.crl (hash: 2B/e5KFUvWq1yI/tIDRhE7yqel/5D/3dVfIOfvPW2yA=) 2: 17BA5658D1FA11EDA0A31C2FC4F9AE02.roa (hash: H306zJ6w0u++pxJwnmCEZeb1MJYQzvBqunxs7beIBF4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.crl rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 05 May 2025 19:04:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3081 (0xc09) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917CABB, serialNumber=DC57A3997B5F7CE8FBC9B4D98B3D45D633077118 Validity Not Before: Apr 28 19:04:11 2025 GMT Not After : May 5 19:04:11 2025 GMT Subject: CN=680fd12b-d871 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:e5:77:82:22:db:f0:c2:cd:d0:ee:f9:b0:6d: d0:36:73:cd:98:f4:e3:ac:ad:7b:b4:f0:38:db:eb: 56:b6:18:e0:53:79:f1:da:41:7c:f9:f4:3e:fe:68: de:f2:99:d4:17:53:67:a3:cd:81:e5:e4:6a:ae:98: 16:c5:0f:bf:36:51:c0:92:02:83:dc:af:5d:bd:8e: 96:be:e1:10:d1:76:25:01:d7:51:4b:2b:56:9b:e5: ef:f2:8a:25:de:f4:f7:e4:aa:25:d8:dd:8e:93:10: 4c:cd:28:96:21:29:96:bc:7a:5c:1f:58:fe:77:dd: b7:a4:80:f8:47:e2:05:e4:e4:c1:36:6d:e1:9f:15: 5f:8c:d0:9c:39:b1:63:48:3e:9a:94:2f:78:63:c3: fd:77:85:86:f3:a2:e0:ef:6c:85:67:b4:b0:80:52: 34:bc:b2:b2:ce:84:f9:a7:cd:f5:30:16:3c:c2:d2: 06:b6:09:3b:4a:c1:ad:be:cd:09:09:dd:4d:01:a6: 76:b5:b9:ab:ec:4e:58:e9:c7:1c:53:cc:4d:1e:f9: da:d3:56:91:c8:64:75:82:97:bc:57:fc:3f:4b:f8: 5b:5d:b6:d3:8a:9d:30:39:94:4c:e2:23:60:28:eb: ec:7d:a0:db:b5:42:5c:06:d4:09:32:c9:36:f4:cd: 40:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:20:4E:04:D9:76:6F:65:5A:61:61:1C:24:80:F0:7A:A6:E0:EA:A6 X509v3 Authority Key Identifier: keyid:DC:57:A3:99:7B:5F:7C:E8:FB:C9:B4:D9:8B:3D:45:D6:33:07:71:18 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 94:7e:5c:8a:4e:bd:8f:79:15:e2:2f:f0:44:54:d1:bf:a2:3b: 05:ba:92:1a:0e:12:03:21:d8:8f:ee:da:ac:3e:38:98:fb:de: 73:f0:8e:db:f4:19:14:e3:ac:bc:8c:65:47:26:cd:c0:f5:0e: 86:03:27:d8:50:3f:1e:0d:87:a7:b7:c5:f7:b2:bb:45:2c:96: fa:df:cb:de:0b:00:ba:be:de:26:60:45:51:f3:3a:e4:42:38: e5:ec:85:54:c2:3a:b2:29:2e:64:a3:4a:db:06:5a:ec:ee:37: 1e:b5:24:42:7d:70:54:6f:c1:a2:12:db:58:af:3a:98:bc:79: 7c:93:db:e6:95:77:0b:99:2b:fd:d9:68:02:13:6b:6e:ef:9a: 00:7b:7b:bc:38:71:3f:81:ee:52:e2:b0:4c:c2:eb:f3:cc:bf: 86:a7:34:4d:4c:1d:e3:6a:72:64:1b:2d:03:83:6b:c1:6a:51: 97:17:20:76:4a:fb:43:a6:72:bb:8c:3c:d3:0e:3e:75:13:97: bf:2a:97:a0:14:0f:20:df:bc:2d:73:98:2e:90:04:b8:b9:1f: b3:89:6d:a6:4d:9f:0a:42:03:a5:36:ae:a2:bc:71:b7:9a:67: b0:62:40:eb:d2:52:39:d2:ed:90:0f:52:2d:33:2b:f3:7c:27: 75:06:d5:98 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDAkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0NBQkIxMTAvBgNVBAUTKERDNTdBMzk5N0I1RjdDRThGQkM5QjREOThCM0Q0NUQ2 MzMwNzcxMTgwHhcNMjUwNDI4MTkwNDExWhcNMjUwNTA1MTkwNDExWjAYMRYwFAYD VQQDEw02ODBmZDEyYi1kODcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApeV3giLb8MLN0O75sG3QNnPNmPTjrK17tPA42+tWthjgU3nx2kF8+fQ+/mje 8pnUF1Nno82B5eRqrpgWxQ+/NlHAkgKD3K9dvY6WvuEQ0XYlAddRSytWm+Xv8ool 3vT35Kol2N2OkxBMzSiWISmWvHpcH1j+d923pID4R+IF5OTBNm3hnxVfjNCcObFj SD6alC94Y8P9d4WG86Lg72yFZ7SwgFI0vLKyzoT5p831MBY8wtIGtgk7SsGtvs0J Cd1NAaZ2tbmr7E5Y6cccU8xNHvna01aRyGR1gpe8V/w/S/hbXbbTip0wOZRM4iNg KOvsfaDbtUJcBtQJMsk29M1A4QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFI8gTgTZ dm9lWmFhHCSA8Hqm4OqmMB8GA1UdIwQYMBaAFNxXo5l7X3zo+8m02Ys9RdYzB3EY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Q0FCQi8wNzY3NUYxRTBG NjkxMUVBQTlENTI2NTBDNEY5QUUwMi8zRmVqbVh0ZmZPajd5YlRaaXoxRjFqTUhj UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNGZWptWHRmZk9qN3liVFppejFGMWpNSGNSZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 Q0FCQi8wNzY3NUYxRTBGNjkxMUVBQTlENTI2NTBDNEY5QUUwMi8zRmVqbVh0ZmZP ajd5YlRaaXoxRjFqTUhjUmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCUflyKTr2PeRXiL/BEVNG/ojsFupIaDhIDIdiP7tqsPjiY+95z8I7b 9BkU46y8jGVHJs3A9Q6GAyfYUD8eDYent8X3srtFLJb638veCwC6vt4mYEVR8zrk Qjjl7IVUwjqyKS5ko0rbBlrs7jcetSRCfXBUb8GiEttYrzqYvHl8k9vmlXcLmSv9 2WgCE2tu75oAe3u8OHE/ge5S4rBMwuvzzL+GpzRNTB3janJkGy0Dg2vBalGXFyB2 SvtDpnK7jDzTDj51E5e/KpegFA8g37wtc5gukAS4uR+ziW2mTZ8KQgOlNq6ivHG3 mmewYkDr0lI50u2QD1ItMyvzfCd1BtWY -----END CERTIFICATE-----Generated at Mon Apr 28 23:05:31 2025 by rpki-client on console.sobornost.net