$ rpki-client -vvf rpki.apnic.net/member_repository/A9125C3D/2323FD8000D711EE93CB0F7EC4F9AE02/U2uRsXtuG7FjjINYoPpepdDr77c.mft File: U2uRsXtuG7FjjINYoPpepdDr77c.mft (raw, json) Hash identifier: cblv2XX0g7RzciGe3NuFniVxXL2ePy+dwrCa9+HoQPc= Subject key identifier: DD:B6:2C:60:AA:22:1D:8A:98:E5:72:15:9C:E9:FC:43:46:F9:60:06 Authority key identifier: 53:6B:91:B1:7B:6E:1B:B1:63:8C:83:58:A0:FA:5E:A5:D0:EB:EF:B7 Certificate issuer: /CN=A9125C3D/serialNumber=536B91B17B6E1BB1638C8358A0FA5EA5D0EBEFB7 Certificate serial: 016B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U2uRsXtuG7FjjINYoPpepdDr77c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9125C3D/2323FD8000D711EE93CB0F7EC4F9AE02/U2uRsXtuG7FjjINYoPpepdDr77c.mft Manifest number: 0168 Signing time: Fri 25 Apr 2025 00:42:25 +0000 Manifest this update: Fri 25 Apr 2025 00:42:24 +0000 Manifest next update: Fri 02 May 2025 00:42:24 +0000 Files and hashes: 1: U2uRsXtuG7FjjINYoPpepdDr77c.crl (hash: GuBU+2NuvgYXZ0vw+V1GsIKZNYn3QIJNQKlGi0oUQOg=) 2: 234074FA00DD11EE95AF6F7CC4F9AE02.roa (hash: vudAIhef5Qu3uhKZwtVnPdKYRITi3gAfCU8Ph/yVQYE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9125C3D/2323FD8000D711EE93CB0F7EC4F9AE02/U2uRsXtuG7FjjINYoPpepdDr77c.crl rsync://rpki.apnic.net/member_repository/A9125C3D/2323FD8000D711EE93CB0F7EC4F9AE02/U2uRsXtuG7FjjINYoPpepdDr77c.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U2uRsXtuG7FjjINYoPpepdDr77c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 00:42:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 363 (0x16b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9125C3D, serialNumber=536B91B17B6E1BB1638C8358A0FA5EA5D0EBEFB7 Validity Not Before: Apr 25 00:42:24 2025 GMT Not After : May 2 00:42:24 2025 GMT Subject: CN=680ada71-203f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:ec:f4:6b:77:04:9a:32:59:67:3d:7b:1f:af: b8:fc:ca:ed:90:d3:c4:d7:c5:8e:76:1d:c0:8a:0b: 78:56:1d:30:07:8b:e5:f1:7d:9c:4b:5c:71:52:a0: dc:89:e2:23:f9:85:96:c3:d5:9a:a8:52:0f:b4:b2: 6f:f3:55:4b:41:bb:5d:0e:d7:37:24:38:29:bc:72: 34:c3:b5:de:7a:04:e2:ee:04:9e:0d:0d:da:e5:bf: 75:61:bf:e5:c2:ce:e4:43:9a:ef:2e:15:72:b8:8a: f9:30:84:53:18:ef:88:33:4b:cc:8c:e4:a0:7f:a7: a5:6a:0d:e5:f6:02:4e:d3:15:27:95:89:fa:53:29: d3:2a:55:51:55:35:3a:a9:6d:8e:ef:c3:ae:de:2e: 19:62:b1:e3:8d:57:98:00:32:e9:86:9b:02:39:83: cc:ce:58:a3:01:e9:a6:43:ca:f5:ef:2d:a2:ca:86: 0d:57:8e:c0:9a:1c:43:96:e3:4f:12:56:7c:41:56: 55:d8:7f:55:74:a0:b6:ba:f2:57:31:90:38:54:b2: 95:cd:7d:d4:da:f3:4b:a9:3c:85:1e:fa:f4:70:33: bb:cb:51:ca:c3:9d:2c:c4:0f:61:8a:8f:a8:4f:3e: 28:ce:37:5a:db:ae:3d:2b:ed:cb:5d:c8:86:cb:7e: e4:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:B6:2C:60:AA:22:1D:8A:98:E5:72:15:9C:E9:FC:43:46:F9:60:06 X509v3 Authority Key Identifier: keyid:53:6B:91:B1:7B:6E:1B:B1:63:8C:83:58:A0:FA:5E:A5:D0:EB:EF:B7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9125C3D/2323FD8000D711EE93CB0F7EC4F9AE02/U2uRsXtuG7FjjINYoPpepdDr77c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U2uRsXtuG7FjjINYoPpepdDr77c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125C3D/2323FD8000D711EE93CB0F7EC4F9AE02/U2uRsXtuG7FjjINYoPpepdDr77c.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3c:26:19:e8:ec:dd:5e:e1:af:ef:ba:61:93:d4:a8:66:28:ed: 38:61:63:6e:b8:bf:19:6c:4a:63:72:d5:e2:53:e7:f9:74:04: 02:36:a3:74:34:ae:24:d2:2c:8e:29:6a:f8:05:c4:78:d4:e6: 6c:56:fa:64:ea:50:d8:f2:7b:6b:9e:76:d3:59:04:a6:02:c1: 47:19:71:af:f7:ec:8c:fb:64:61:bd:dc:84:e7:c2:1b:e0:65: 81:9c:73:0a:dc:d6:b5:26:38:47:cf:ca:94:cd:08:95:72:e5: 3e:b1:c1:5a:8b:d1:ef:f2:60:bd:d7:75:75:0a:cf:84:e0:44: b9:45:0d:b1:8a:9b:2b:f5:ec:d6:0b:3b:77:e0:37:da:c6:5d: 42:f8:e4:fe:60:c0:c0:94:c9:9b:78:25:84:37:a9:97:0a:a2: 1b:fd:84:af:45:d9:0e:2e:11:ee:47:ce:e1:3d:a8:57:81:d8: 9b:b5:26:61:9d:49:0b:19:60:13:54:98:8e:7c:af:ab:14:c5: 6d:f7:aa:29:76:b9:8f:a7:d1:86:71:6c:91:11:a0:7a:b7:84: 0a:f7:82:9b:f4:60:41:1d:b7:d6:8b:87:b7:87:5d:57:8c:b2: 78:52:72:71:c4:37:f4:4c:0e:da:09:8a:94:b3:e0:ec:3c:a2: 41:0a:35:b1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAWswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjVDM0QxMTAvBgNVBAUTKDUzNkI5MUIxN0I2RTFCQjE2MzhDODM1OEEwRkE1RUE1 RDBFQkVGQjcwHhcNMjUwNDI1MDA0MjI0WhcNMjUwNTAyMDA0MjI0WjAYMRYwFAYD VQQDEw02ODBhZGE3MS0yMDNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx+z0a3cEmjJZZz17H6+4/MrtkNPE18WOdh3Aigt4Vh0wB4vl8X2cS1xxUqDc ieIj+YWWw9WaqFIPtLJv81VLQbtdDtc3JDgpvHI0w7XeegTi7gSeDQ3a5b91Yb/l ws7kQ5rvLhVyuIr5MIRTGO+IM0vMjOSgf6elag3l9gJO0xUnlYn6UynTKlVRVTU6 qW2O78Ou3i4ZYrHjjVeYADLphpsCOYPMzlijAemmQ8r17y2iyoYNV47AmhxDluNP ElZ8QVZV2H9VdKC2uvJXMZA4VLKVzX3U2vNLqTyFHvr0cDO7y1HKw50sxA9hio+o Tz4ozjda2649K+3LXciGy37k5QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN22LGCq Ih2KmOVyFZzp/ENG+WAGMB8GA1UdIwQYMBaAFFNrkbF7bhuxY4yDWKD6XqXQ6++3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNUMzRC8yMzIzRkQ4MDAw RDcxMUVFOTNDQjBGN0VDNEY5QUUwMi9VMnVSc1h0dUc3RmpqSU5Zb1BwZXBkRHI3 N2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1UydVJzWHR1RzdGampJTllvUHBlcGREcjc3Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NUMzRC8yMzIzRkQ4MDAwRDcxMUVFOTNDQjBGN0VDNEY5QUUwMi9VMnVSc1h0dUc3 RmpqSU5Zb1BwZXBkRHI3N2MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA8Jhno7N1e4a/vumGT1KhmKO04YWNuuL8ZbEpjctXiU+f5dAQCNqN0 NK4k0iyOKWr4BcR41OZsVvpk6lDY8ntrnnbTWQSmAsFHGXGv9+yM+2RhvdyE58Ib 4GWBnHMK3Na1JjhHz8qUzQiVcuU+scFai9Hv8mC913V1Cs+E4ES5RQ2xipsr9ezW Czt34Dfaxl1C+OT+YMDAlMmbeCWEN6mXCqIb/YSvRdkOLhHuR87hPahXgdibtSZh nUkLGWATVJiOfK+rFMVt96opdrmPp9GGcWyREaB6t4QK94Kb9GBBHbfWi4e3h11X jLJ4UnJxxDf0TA7aCYqUs+DsPKJBCjWx -----END CERTIFICATE-----Generated at Sat Apr 26 17:00:07 2025 by rpki-client