$ rpki-client -vvf rpki.apnic.net/member_repository/A91DE7DE/C332AFB604E111E98EA7D872C4F9AE02/fn-3i_rxIdy3dJPgd5raTNDVmBo.mft File: fn-3i_rxIdy3dJPgd5raTNDVmBo.mft (raw, json) Hash identifier: vObXiP7D8JSs+nmXXBnM88olcRGi6HAY6rRXar+dSnQ= Subject key identifier: 33:85:DC:AB:F3:DB:DD:10:A3:42:70:FD:08:D7:6C:51:CA:0A:23:BE Authority key identifier: 7E:7F:B7:8B:FA:F1:21:DC:B7:74:93:E0:77:9A:DA:4C:D0:D5:98:1A Certificate issuer: /CN=A91DE7DE/serialNumber=7E7FB78BFAF121DCB77493E0779ADA4CD0D5981A Certificate serial: 1151 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/fn-3i_rxIdy3dJPgd5raTNDVmBo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DE7DE/C332AFB604E111E98EA7D872C4F9AE02/fn-3i_rxIdy3dJPgd5raTNDVmBo.mft Manifest number: 114A Signing time: Mon 28 Apr 2025 17:28:14 +0000 Manifest this update: Mon 28 Apr 2025 17:28:14 +0000 Manifest next update: Mon 05 May 2025 17:28:14 +0000 Files and hashes: 1: fn-3i_rxIdy3dJPgd5raTNDVmBo.crl (hash: T3nCAUTgaVlvYoMoF3jLiT59fwKipO0MwmCB/TwfGTQ=) 2: D728B250060011F0A0448C64C4F9AE02.roa (hash: 63yl1Teyi3N0la02MDXzZvU9fOguPMEqkEgxVdH5wiQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DE7DE/C332AFB604E111E98EA7D872C4F9AE02/fn-3i_rxIdy3dJPgd5raTNDVmBo.crl rsync://rpki.apnic.net/member_repository/A91DE7DE/C332AFB604E111E98EA7D872C4F9AE02/fn-3i_rxIdy3dJPgd5raTNDVmBo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/fn-3i_rxIdy3dJPgd5raTNDVmBo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 05 May 2025 14:50:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4433 (0x1151) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DE7DE, serialNumber=7E7FB78BFAF121DCB77493E0779ADA4CD0D5981A Validity Not Before: Apr 28 17:28:14 2025 GMT Not After : May 5 17:28:14 2025 GMT Subject: CN=680fbaae-50f4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:86:c8:0a:c3:7d:5c:34:6f:22:29:c5:84:9e: 9f:1c:92:1f:6d:9f:72:f6:7a:66:94:00:b7:07:b3: 22:e9:9c:81:c6:a0:ed:1b:b8:5f:3c:d3:bd:a6:4a: 80:2d:47:a9:fd:18:3b:db:c8:f7:68:95:f9:fe:2e: 32:35:a9:2a:45:7d:54:6a:78:73:dc:a5:81:fd:4f: 43:f0:f2:5b:cf:5a:dc:83:04:a6:d3:4d:94:56:df: 69:7e:3d:3d:1a:3c:72:ca:df:5e:09:80:ce:4a:f5: 87:ec:6d:7a:41:69:b7:61:64:ab:39:03:37:c6:f6: 2f:1e:de:f8:40:6a:06:8b:db:e3:f6:63:a7:f6:20: 80:e0:9b:83:74:2b:17:06:35:c8:17:42:49:a9:be: 1c:7d:05:13:21:4b:d4:ca:d5:cd:73:3b:eb:fd:b7: d3:e4:04:46:2b:e4:e6:ee:b9:f3:95:0b:db:8e:39: 36:b2:be:c9:5c:26:80:fa:69:d6:14:32:5e:d2:80: 1e:b8:70:cd:91:88:16:42:2c:5c:51:3d:08:a6:f7: 7a:ae:40:45:ec:2d:de:79:66:3e:32:b5:8a:58:8d: 17:c4:c0:6e:2c:1f:8b:77:74:51:4c:fd:6c:9f:75: 50:a1:be:3e:de:55:be:06:3b:af:27:2e:02:23:41: 8c:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:85:DC:AB:F3:DB:DD:10:A3:42:70:FD:08:D7:6C:51:CA:0A:23:BE X509v3 Authority Key Identifier: keyid:7E:7F:B7:8B:FA:F1:21:DC:B7:74:93:E0:77:9A:DA:4C:D0:D5:98:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DE7DE/C332AFB604E111E98EA7D872C4F9AE02/fn-3i_rxIdy3dJPgd5raTNDVmBo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/fn-3i_rxIdy3dJPgd5raTNDVmBo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DE7DE/C332AFB604E111E98EA7D872C4F9AE02/fn-3i_rxIdy3dJPgd5raTNDVmBo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6a:2f:80:dc:74:3a:e4:49:22:d4:4a:57:24:9f:65:77:ab:17: a0:3b:ff:0c:05:93:ff:b9:17:a6:f7:66:b6:48:a2:41:4b:4f: 08:8f:7e:36:d6:bf:a8:62:ab:1c:4c:87:a9:eb:d3:0c:24:bc: 0d:a1:c9:09:3d:25:fc:9f:85:38:e4:ec:e9:55:d4:f8:52:bd: 60:23:7d:b3:1f:c5:fc:9f:be:08:7f:c3:f1:59:d4:a1:dc:ab: 5c:14:f7:a0:5f:39:da:05:24:11:ba:fd:f3:06:bc:1f:94:0a: d1:28:a4:1d:d4:5b:d4:3b:c0:d2:f7:1a:61:e9:4a:69:33:e7: 38:2f:fe:8c:b8:dc:ed:1d:36:2a:cd:41:1c:e9:c9:69:50:07: 33:be:4a:c8:ac:56:64:76:55:66:4c:49:3a:e5:75:5c:bf:c5: 06:53:ca:4c:7c:0d:5b:a3:be:27:a2:f9:49:cc:c8:22:66:a6: 52:6c:b8:a6:40:ec:e5:2a:b1:61:7c:48:95:be:2d:ce:1e:5c: a5:05:4c:b9:21:1a:7e:15:1c:8b:1a:fe:d8:ef:bc:86:25:99: 0c:35:a0:a5:ac:65:74:84:0b:c2:86:53:8a:d7:af:15:cd:ed: ed:c1:c6:c4:5d:51:48:c3:2e:04:5b:d0:0d:32:ab:a7:ef:69: 58:45:0b:f4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEVEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REU3REUxMTAvBgNVBAUTKDdFN0ZCNzhCRkFGMTIxRENCNzc0OTNFMDc3OUFEQTRD RDBENTk4MUEwHhcNMjUwNDI4MTcyODE0WhcNMjUwNTA1MTcyODE0WjAYMRYwFAYD VQQDEw02ODBmYmFhZS01MGY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxYbICsN9XDRvIinFhJ6fHJIfbZ9y9npmlAC3B7Mi6ZyBxqDtG7hfPNO9pkqA LUep/Rg728j3aJX5/i4yNakqRX1Uanhz3KWB/U9D8PJbz1rcgwSm002UVt9pfj09 Gjxyyt9eCYDOSvWH7G16QWm3YWSrOQM3xvYvHt74QGoGi9vj9mOn9iCA4JuDdCsX BjXIF0JJqb4cfQUTIUvUytXNczvr/bfT5ARGK+Tm7rnzlQvbjjk2sr7JXCaA+mnW FDJe0oAeuHDNkYgWQixcUT0Ipvd6rkBF7C3eeWY+MrWKWI0XxMBuLB+Ld3RRTP1s n3VQob4+3lW+BjuvJy4CI0GMDwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDOF3Kvz 290Qo0Jw/QjXbFHKCiO+MB8GA1UdIwQYMBaAFH5/t4v68SHct3ST4Hea2kzQ1Zga MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERTdERS9DMzMyQUZCNjA0 RTExMUU5OEVBN0Q4NzJDNEY5QUUwMi9mbi0zaV9yeElkeTNkSlBnZDVyYVRORFZt Qm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2ZuLTNpX3J4SWR5M2RKUGdkNXJhVE5EVm1Cby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE RTdERS9DMzMyQUZCNjA0RTExMUU5OEVBN0Q4NzJDNEY5QUUwMi9mbi0zaV9yeElk eTNkSlBnZDVyYVRORFZtQm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBqL4DcdDrkSSLUSlckn2V3qxegO/8MBZP/uRem92a2SKJBS08Ij342 1r+oYqscTIep69MMJLwNockJPSX8n4U45OzpVdT4Ur1gI32zH8X8n74If8PxWdSh 3KtcFPegXznaBSQRuv3zBrwflArRKKQd1FvUO8DS9xph6UppM+c4L/6MuNztHTYq zUEc6clpUAczvkrIrFZkdlVmTEk65XVcv8UGU8pMfA1bo74novlJzMgiZqZSbLim QOzlKrFhfEiVvi3OHlylBUy5IRp+FRyLGv7Y77yGJZkMNaClrGV0hAvChlOK168V ze3twcbEXVFIwy4EW9ANMqun72lYRQv0 -----END CERTIFICATE-----Generated at Mon Apr 28 20:11:11 2025 by rpki-client on console.sobornost.net