$ rpki-client -vvf rpki.apnic.net/member_repository/A9157031/7A004F787EC911EC84EC4418C4F9AE02/UOUO2vZKLCW3MSOWc9kHD2GDAnk.mft File: UOUO2vZKLCW3MSOWc9kHD2GDAnk.mft (raw, json) Hash identifier: 2beoeYQ0/Cat5+9uspKm93bls6FoksiARXzL+YsQiAs= Subject key identifier: E9:5B:38:C0:8A:62:48:BA:98:67:E8:18:7F:79:90:48:B9:AE:B8:F8 Authority key identifier: 50:E5:0E:DA:F6:4A:2C:25:B7:31:23:96:73:D9:07:0F:61:83:02:79 Certificate issuer: /CN=A9157031/serialNumber=50E50EDAF64A2C25B731239673D9070F61830279 Certificate serial: 03D8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UOUO2vZKLCW3MSOWc9kHD2GDAnk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157031/7A004F787EC911EC84EC4418C4F9AE02/UOUO2vZKLCW3MSOWc9kHD2GDAnk.mft Manifest number: 03D4 Signing time: Fri 25 Apr 2025 00:21:05 +0000 Manifest this update: Fri 25 Apr 2025 00:21:05 +0000 Manifest next update: Fri 02 May 2025 00:21:05 +0000 Files and hashes: 1: UOUO2vZKLCW3MSOWc9kHD2GDAnk.crl (hash: dDgaDr959PmhOlt/x9QF1HV1t43UNn9nvXQ+vcgudwo=) 2: 32D8FF34C99E11ED98E9BE5BC4F9AE02.roa (hash: c5V6Lua8bVtI2cCUYsdMWFX4y1DX6zS+QDVuvCq2xVw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157031/7A004F787EC911EC84EC4418C4F9AE02/UOUO2vZKLCW3MSOWc9kHD2GDAnk.crl rsync://rpki.apnic.net/member_repository/A9157031/7A004F787EC911EC84EC4418C4F9AE02/UOUO2vZKLCW3MSOWc9kHD2GDAnk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UOUO2vZKLCW3MSOWc9kHD2GDAnk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 00:21:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 984 (0x3d8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157031, serialNumber=50E50EDAF64A2C25B731239673D9070F61830279 Validity Not Before: Apr 25 00:21:05 2025 GMT Not After : May 2 00:21:05 2025 GMT Subject: CN=680ad571-ed14 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:4e:68:09:2e:d1:b1:ab:01:63:8e:32:e7:29: 95:ad:b7:d6:87:64:84:32:83:a3:c1:6d:ed:5f:83: a7:be:f0:91:a6:5f:a0:ae:b0:42:ed:d1:8f:77:97: b3:e0:30:e9:83:d5:51:84:81:cc:ad:03:9f:a2:f4: af:03:b3:8e:4f:15:64:0a:15:c5:88:a8:a6:c7:f9: 23:0c:c9:f7:b5:02:ba:b4:6d:55:b3:dd:59:14:37: 46:b6:10:f1:65:69:be:0b:1b:fa:18:fe:4e:f4:ba: 3e:e6:69:62:de:19:d0:6d:01:c1:68:5a:0b:ca:88: 93:ad:1b:d8:c4:bb:7b:af:c8:fd:d2:37:46:81:41: 9c:8d:a2:96:45:a6:ec:8c:34:00:12:a7:c7:8a:0b: f1:da:51:d5:7d:ce:48:7b:7f:c4:75:d5:92:df:46: 98:6a:fa:de:6a:7e:dd:e7:7e:36:4a:66:74:cb:d3: 00:21:c8:1e:31:98:d0:9e:8b:47:fe:cb:41:bc:06: 97:27:18:42:e0:9a:46:52:1c:28:3c:c0:f3:d9:e2: 56:bb:6a:81:76:a4:fe:e6:72:f5:6e:a6:ac:a0:fa: 42:00:86:45:f3:4b:a6:cd:8e:ff:4e:c8:97:11:de: f7:73:e8:d4:91:93:3f:f1:f8:d6:6b:0b:65:7a:ed: e4:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:5B:38:C0:8A:62:48:BA:98:67:E8:18:7F:79:90:48:B9:AE:B8:F8 X509v3 Authority Key Identifier: keyid:50:E5:0E:DA:F6:4A:2C:25:B7:31:23:96:73:D9:07:0F:61:83:02:79 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157031/7A004F787EC911EC84EC4418C4F9AE02/UOUO2vZKLCW3MSOWc9kHD2GDAnk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UOUO2vZKLCW3MSOWc9kHD2GDAnk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157031/7A004F787EC911EC84EC4418C4F9AE02/UOUO2vZKLCW3MSOWc9kHD2GDAnk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption aa:5e:df:79:5e:8e:9b:75:07:ce:9b:41:cc:31:09:6f:79:20: 7a:83:f7:ae:3c:cf:fa:54:84:c8:9c:f8:cc:f7:bc:c8:5b:c6: ef:c2:80:2a:eb:fa:3b:01:4c:a9:04:93:63:26:fc:f6:54:b6: 1d:e5:c4:42:25:90:2b:00:e5:5d:02:ea:3e:5c:59:cd:30:9d: bc:5f:44:8c:2d:0e:55:69:75:2f:d1:bb:63:8c:96:f4:2e:04: 82:a2:fa:ba:f4:f6:8c:53:f8:c7:90:78:ea:74:79:7c:8f:ac: 06:a1:9f:26:74:7a:79:e3:b9:72:49:1f:db:71:78:02:9d:be: 16:ba:6d:21:d7:fd:62:c3:5a:c3:03:66:05:7b:b8:2e:bf:6e: 42:03:75:76:3c:3b:46:ea:d8:61:0a:3e:7e:fc:d4:44:f7:89: ae:1b:89:9a:53:5a:c6:9c:87:1d:4b:78:73:a9:37:6e:7a:69: 37:d2:26:ab:a6:b8:7b:5d:8b:6d:ad:2c:3d:41:16:29:71:da: ac:82:b3:0f:f5:cd:4c:97:b2:3c:73:97:68:65:10:f5:6f:b0: ec:e6:b1:9f:21:b2:5e:df:72:53:fa:8a:b4:66:39:c5:be:e4: 04:94:10:86:ce:95:bb:3a:f4:67:dd:da:17:07:5e:88:ca:42: 6b:20:2a:96 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA9gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTcwMzExMTAvBgNVBAUTKDUwRTUwRURBRjY0QTJDMjVCNzMxMjM5NjczRDkwNzBG NjE4MzAyNzkwHhcNMjUwNDI1MDAyMTA1WhcNMjUwNTAyMDAyMTA1WjAYMRYwFAYD VQQDEw02ODBhZDU3MS1lZDE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu05oCS7RsasBY44y5ymVrbfWh2SEMoOjwW3tX4OnvvCRpl+grrBC7dGPd5ez 4DDpg9VRhIHMrQOfovSvA7OOTxVkChXFiKimx/kjDMn3tQK6tG1Vs91ZFDdGthDx ZWm+Cxv6GP5O9Lo+5mli3hnQbQHBaFoLyoiTrRvYxLt7r8j90jdGgUGcjaKWRabs jDQAEqfHigvx2lHVfc5Ie3/EddWS30aYavrean7d5342SmZ0y9MAIcgeMZjQnotH /stBvAaXJxhC4JpGUhwoPMDz2eJWu2qBdqT+5nL1bqasoPpCAIZF80umzY7/TsiX Ed73c+jUkZM/8fjWawtleu3khQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOlbOMCK Yki6mGfoGH95kEi5rrj4MB8GA1UdIwQYMBaAFFDlDtr2SiwltzEjlnPZBw9hgwJ5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NzAzMS83QTAwNEY3ODdF QzkxMUVDODRFQzQ0MThDNEY5QUUwMi9VT1VPMnZaS0xDVzNNU09XYzlrSEQyR0RB bmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1VPVU8ydlpLTENXM01TT1djOWtIRDJHREFuay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 NzAzMS83QTAwNEY3ODdFQzkxMUVDODRFQzQ0MThDNEY5QUUwMi9VT1VPMnZaS0xD VzNNU09XYzlrSEQyR0RBbmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCqXt95Xo6bdQfOm0HMMQlveSB6g/euPM/6VITInPjM97zIW8bvwoAq 6/o7AUypBJNjJvz2VLYd5cRCJZArAOVdAuo+XFnNMJ28X0SMLQ5VaXUv0btjjJb0 LgSCovq69PaMU/jHkHjqdHl8j6wGoZ8mdHp547lySR/bcXgCnb4Wum0h1/1iw1rD A2YFe7guv25CA3V2PDtG6thhCj5+/NRE94muG4maU1rGnIcdS3hzqTduemk30iar prh7XYttrSw9QRYpcdqsgrMP9c1Ml7I8c5doZRD1b7Ds5rGfIbJe33JT+oq0ZjnF vuQElBCGzpW7OvRn3doXB16IykJrICqW -----END CERTIFICATE-----Generated at Sat Apr 26 12:54:54 2025 by rpki-client