$ rpki-client -vvf rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.mft File: -UBKpSTUNX4MzGnH1A0-ZqLk5t8.mft (raw, json) Hash identifier: RYUdtkkTZFRjVeCBfx9D8NV5x3OCxooadir8vGaP+f0= Subject key identifier: 0F:8D:76:43:E7:6F:8D:DE:CE:42:58:AB:6B:2C:E8:94:F1:F0:A6:98 Authority key identifier: F9:40:4A:A5:24:D4:35:7E:0C:CC:69:C7:D4:0D:3E:66:A2:E4:E6:DF Certificate issuer: /CN=A9170C53/serialNumber=F9404AA524D4357E0CCC69C7D40D3E66A2E4E6DF Certificate serial: 015C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.mft Manifest number: 015A Signing time: Fri 25 Apr 2025 02:49:52 +0000 Manifest this update: Fri 25 Apr 2025 02:49:51 +0000 Manifest next update: Fri 02 May 2025 02:49:51 +0000 Files and hashes: 1: -UBKpSTUNX4MzGnH1A0-ZqLk5t8.crl (hash: jEV20DXSK1Q8ryliF0PhAsEbgyu0ZekXiw7PGa/Zx6o=) 2: C3BB51160DAC11EFB00E6B16C4F9AE02.roa (hash: hGqVPEeuAFuBj/OWUVfAk4cX4VguxOD/9TKwylc/bsY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.crl rsync://rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 02:49:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 348 (0x15c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170C53, serialNumber=F9404AA524D4357E0CCC69C7D40D3E66A2E4E6DF Validity Not Before: Apr 25 02:49:51 2025 GMT Not After : May 2 02:49:51 2025 GMT Subject: CN=680af850-314b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:fb:a2:2a:9f:81:40:6e:46:78:08:f4:e8:b8: 95:e1:6d:c2:b2:eb:ac:b9:5b:9f:46:6a:26:49:68: 38:0a:c6:20:67:e2:9b:9b:dd:92:18:70:1c:63:a6: 6f:e2:eb:21:72:bc:43:5a:93:e5:f9:c2:7e:25:a9: 0f:29:1b:7b:f3:fd:38:49:41:a1:59:e8:59:5c:69: 69:c8:b4:c1:34:06:c1:5e:87:89:6d:b0:93:7f:3d: bc:9b:9f:91:3b:5b:65:1b:84:30:da:f6:d7:ab:da: 09:7c:b9:0d:1d:f0:53:db:54:03:77:99:63:ea:4e: ff:6f:26:13:6d:08:44:3c:0f:20:37:39:d1:c1:84: a4:8b:e8:27:e4:b5:51:76:dd:02:3f:dd:e8:09:3d: 68:18:be:8b:00:84:08:3a:e5:87:c8:53:f9:fc:d6: 48:5b:2f:2a:a8:06:a3:88:65:eb:96:96:d7:87:23: 96:e4:2b:4f:a9:85:cc:8d:80:d1:54:33:09:43:77: a7:36:13:f8:e1:c5:69:64:c7:fc:bc:7b:85:22:f2: 45:70:66:c8:65:a2:03:b1:29:3f:4f:bf:c7:26:d8: bc:93:63:8a:b8:4e:fd:b4:55:49:c0:59:ed:df:4c: dc:b6:53:b5:b5:51:25:a4:5c:e5:ff:3c:87:41:44: 4c:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:8D:76:43:E7:6F:8D:DE:CE:42:58:AB:6B:2C:E8:94:F1:F0:A6:98 X509v3 Authority Key Identifier: keyid:F9:40:4A:A5:24:D4:35:7E:0C:CC:69:C7:D4:0D:3E:66:A2:E4:E6:DF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 23:18:fb:58:b3:7a:8d:a9:04:b6:41:0a:88:41:fd:a5:2b:f4: 17:91:29:83:31:a9:7e:5b:06:bc:8f:1a:8b:ef:00:97:00:13: b0:a1:aa:ae:c8:f8:01:41:7d:32:41:e5:1d:a5:2f:46:0d:25: f5:d0:b9:50:4d:bd:54:54:17:d6:3c:fc:6e:79:f9:9b:23:3a: 33:1f:57:a5:08:db:7a:f4:2a:73:2e:67:d2:41:08:5b:1f:f0: 9a:dd:8f:78:93:e9:4b:d4:43:1f:23:41:e9:0a:da:03:b2:4d: 0c:9b:20:ed:81:9c:5a:94:d6:b9:b2:17:30:86:f0:14:1e:c9: 37:87:9a:23:81:af:23:31:eb:3b:91:3f:d9:14:59:aa:54:98: 5a:56:b5:c5:2e:cf:28:2b:20:8e:0a:d2:47:d4:79:32:0c:33: ea:6e:e9:68:d5:16:68:61:26:d5:f5:99:5b:8f:f6:8a:47:eb: 56:39:c3:85:2a:2d:2b:0f:dc:bc:02:85:4e:a1:19:68:d6:56: 74:f9:5d:d3:47:68:92:a2:4b:22:99:20:31:87:e6:c6:35:be: 69:52:8c:5a:20:d7:a9:3f:21:68:38:bc:12:89:fd:97:f3:8e: 55:9b:18:a6:3f:a7:aa:e1:36:f6:12:59:38:09:c1:d9:1d:3d: 79:a6:24:54 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAVwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzBDNTMxMTAvBgNVBAUTKEY5NDA0QUE1MjRENDM1N0UwQ0NDNjlDN0Q0MEQzRTY2 QTJFNEU2REYwHhcNMjUwNDI1MDI0OTUxWhcNMjUwNTAyMDI0OTUxWjAYMRYwFAYD VQQDEw02ODBhZjg1MC0zMTRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6/uiKp+BQG5GeAj06LiV4W3CsuusuVufRmomSWg4CsYgZ+Kbm92SGHAcY6Zv 4ushcrxDWpPl+cJ+JakPKRt78/04SUGhWehZXGlpyLTBNAbBXoeJbbCTfz28m5+R O1tlG4Qw2vbXq9oJfLkNHfBT21QDd5lj6k7/byYTbQhEPA8gNznRwYSki+gn5LVR dt0CP93oCT1oGL6LAIQIOuWHyFP5/NZIWy8qqAajiGXrlpbXhyOW5CtPqYXMjYDR VDMJQ3enNhP44cVpZMf8vHuFIvJFcGbIZaIDsSk/T7/HJti8k2OKuE79tFVJwFnt 30zctlO1tVElpFzl/zyHQURM9wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA+NdkPn b43ezkJYq2ss6JTx8KaYMB8GA1UdIwQYMBaAFPlASqUk1DV+DMxpx9QNPmai5Obf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MEM1My9EQjYzQzlBMjEx NzYxMUVFOUM1NTlBM0VDNEY5QUUwMi8tVUJLcFNUVU5YNE16R25IMUEwLVpxTGs1 dDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLy1VQktwU1RVTlg0TXpHbkgxQTAtWnFMazV0OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MEM1My9EQjYzQzlBMjExNzYxMUVFOUM1NTlBM0VDNEY5QUUwMi8tVUJLcFNUVU5Y NE16R25IMUEwLVpxTGs1dDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAjGPtYs3qNqQS2QQqIQf2lK/QXkSmDMal+Wwa8jxqL7wCXABOwoaqu yPgBQX0yQeUdpS9GDSX10LlQTb1UVBfWPPxuefmbIzozH1elCNt69CpzLmfSQQhb H/Ca3Y94k+lL1EMfI0HpCtoDsk0MmyDtgZxalNa5shcwhvAUHsk3h5ojga8jMes7 kT/ZFFmqVJhaVrXFLs8oKyCOCtJH1HkyDDPqbulo1RZoYSbV9Zlbj/aKR+tWOcOF Ki0rD9y8AoVOoRlo1lZ0+V3TR2iSoksimSAxh+bGNb5pUoxaINepPyFoOLwSif2X 845VmximP6eq4Tb2Elk4CcHZHT15piRU -----END CERTIFICATE-----Generated at Sat Apr 26 15:01:51 2025 by rpki-client