$ rpki-client -vvf rpki.apnic.net/member_repository/A91736BD/22C621A86EE511EDB9C45385C4F9AE02/U-LhNFJFffIe8ly6OyYQ0BKpBtI.mft File: U-LhNFJFffIe8ly6OyYQ0BKpBtI.mft (raw, json) Hash identifier: oGY14WxRnhj2gdEa88Vqd9sN7lBzNBvVR93LuDkem2I= Subject key identifier: F7:E7:FB:7D:11:66:D8:66:B9:22:B0:B3:44:C3:1B:B4:E7:4C:7C:20 Authority key identifier: 53:E2:E1:34:52:45:7D:F2:1E:F2:5C:BA:3B:26:10:D0:12:A9:06:D2 Certificate issuer: /CN=A91736BD/serialNumber=53E2E13452457DF21EF25CBA3B2610D012A906D2 Certificate serial: 01CC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U-LhNFJFffIe8ly6OyYQ0BKpBtI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91736BD/22C621A86EE511EDB9C45385C4F9AE02/U-LhNFJFffIe8ly6OyYQ0BKpBtI.mft Manifest number: 01C8 Signing time: Sat 03 May 2025 02:27:07 +0000 Manifest this update: Sat 03 May 2025 02:27:07 +0000 Manifest next update: Sat 10 May 2025 02:27:07 +0000 Files and hashes: 1: U-LhNFJFffIe8ly6OyYQ0BKpBtI.crl (hash: ji3qOJ78cH5Ppg8cV3pCaFU9V+kaRaW0Z+8G//EvypY=) 2: EB8C9B546EE911ED8F07B022C4F9AE02.roa (hash: aHr48jg9C6XT7m5IpFV6+gOg/wu3/75OLv4ksFQsrBE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91736BD/22C621A86EE511EDB9C45385C4F9AE02/U-LhNFJFffIe8ly6OyYQ0BKpBtI.crl rsync://rpki.apnic.net/member_repository/A91736BD/22C621A86EE511EDB9C45385C4F9AE02/U-LhNFJFffIe8ly6OyYQ0BKpBtI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U-LhNFJFffIe8ly6OyYQ0BKpBtI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 10 May 2025 02:27:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 460 (0x1cc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91736BD, serialNumber=53E2E13452457DF21EF25CBA3B2610D012A906D2 Validity Not Before: May 3 02:27:07 2025 GMT Not After : May 10 02:27:07 2025 GMT Subject: CN=68157efb-d6a9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:f0:da:ca:1a:a6:66:46:e4:da:b4:0c:09:77: 12:5c:a3:25:0c:20:6e:14:6c:ff:8d:21:e2:99:78: 32:fb:33:50:22:b0:23:ca:c2:a0:19:8e:dd:bb:d9: 14:a3:1c:9e:2d:6e:0c:fe:63:79:a2:9a:6b:30:41: 2a:d3:1c:0c:f4:c6:46:af:07:34:3f:14:30:39:98: 13:76:b0:48:a5:d4:c9:a1:35:78:2c:33:2a:73:d3: 1e:be:ad:8a:13:b6:fc:95:f4:b3:ea:32:e5:3e:96: 45:69:54:e0:69:f4:03:09:ab:d4:6d:37:40:b1:a6: 09:04:74:72:21:9f:3f:aa:36:33:61:59:c8:2e:45: d0:58:4c:70:31:ea:57:7d:21:ee:dc:61:15:ad:6c: 49:bd:1c:2e:3f:22:23:5f:a1:b7:9c:01:3b:14:09: dd:f5:f6:c2:b1:f1:38:bb:e7:f8:17:83:32:51:6d: be:c2:4d:46:f0:e9:69:cb:d2:1f:82:c0:09:69:50: c1:c7:10:90:c7:f0:1e:9d:1b:09:7a:78:94:65:84: 46:0f:1b:c1:f1:bb:eb:90:c7:c5:a2:07:11:2a:a0: 42:f1:e3:96:ac:30:b7:34:7b:ee:5a:66:f0:78:d1: ab:9f:f0:fb:b7:f0:a4:18:42:ad:ef:d9:90:2a:7f: c8:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:E7:FB:7D:11:66:D8:66:B9:22:B0:B3:44:C3:1B:B4:E7:4C:7C:20 X509v3 Authority Key Identifier: keyid:53:E2:E1:34:52:45:7D:F2:1E:F2:5C:BA:3B:26:10:D0:12:A9:06:D2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91736BD/22C621A86EE511EDB9C45385C4F9AE02/U-LhNFJFffIe8ly6OyYQ0BKpBtI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U-LhNFJFffIe8ly6OyYQ0BKpBtI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91736BD/22C621A86EE511EDB9C45385C4F9AE02/U-LhNFJFffIe8ly6OyYQ0BKpBtI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 01:e7:80:f6:5e:59:c2:32:04:83:1d:34:dd:a0:56:11:1a:70: a7:c6:71:f6:e7:0f:af:95:21:7c:c8:c5:d1:19:0c:88:9d:bf: 56:4b:52:19:4b:53:20:6f:08:a1:85:10:76:48:3f:8f:31:e4: ce:22:f8:a5:6d:01:14:bc:84:42:a4:75:4f:27:71:0d:a3:a7: d6:af:c6:ac:e4:f8:7a:81:2d:ef:31:fb:ac:2d:0c:12:ad:c2: 23:2c:e7:3d:58:de:11:01:e6:6c:ff:52:f2:6f:32:ea:d8:7e: c8:24:ea:7f:fa:55:e1:60:f4:3e:3b:ba:4e:90:63:59:06:d2: 10:b1:6f:a6:d2:b3:84:60:62:c1:a5:ff:f8:0a:39:25:15:ec: 90:b8:6b:f5:9d:d9:fc:41:ae:ab:0b:64:fb:61:ee:19:10:c9: f9:ed:1c:79:02:86:42:44:17:c8:e6:72:5b:ad:78:b1:3a:51: f6:6c:85:6f:c3:23:36:4a:19:92:42:69:30:9d:e0:14:0f:19: 1c:48:c7:dd:7f:54:02:2e:b1:f8:5a:d5:ab:aa:55:07:f7:3b: f1:01:eb:7f:f1:54:ec:43:62:8d:4d:93:1f:db:5d:7c:6d:15: 01:9e:c9:d2:95:80:2f:d2:94:e1:42:2d:36:c6:13:82:07:cb: 25:6d:b0:22 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAcwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzM2QkQxMTAvBgNVBAUTKDUzRTJFMTM0NTI0NTdERjIxRUYyNUNCQTNCMjYxMEQw MTJBOTA2RDIwHhcNMjUwNTAzMDIyNzA3WhcNMjUwNTEwMDIyNzA3WjAYMRYwFAYD VQQDEw02ODE1N2VmYi1kNmE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAlfDayhqmZkbk2rQMCXcSXKMlDCBuFGz/jSHimXgy+zNQIrAjysKgGY7du9kU oxyeLW4M/mN5opprMEEq0xwM9MZGrwc0PxQwOZgTdrBIpdTJoTV4LDMqc9Mevq2K E7b8lfSz6jLlPpZFaVTgafQDCavUbTdAsaYJBHRyIZ8/qjYzYVnILkXQWExwMepX fSHu3GEVrWxJvRwuPyIjX6G3nAE7FAnd9fbCsfE4u+f4F4MyUW2+wk1G8Olpy9If gsAJaVDBxxCQx/AenRsJeniUZYRGDxvB8bvrkMfFogcRKqBC8eOWrDC3NHvuWmbw eNGrn/D7t/CkGEKt79mQKn/I3QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPfn+30R ZthmuSKws0TDG7TnTHwgMB8GA1UdIwQYMBaAFFPi4TRSRX3yHvJcujsmENASqQbS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MzZCRC8yMkM2MjFBODZF RTUxMUVEQjlDNDUzODVDNEY5QUUwMi9VLUxoTkZKRmZmSWU4bHk2T3lZUTBCS3BC dEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1UtTGhORkpGZmZJZThseTZPeVlRMEJLcEJ0SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MzZCRC8yMkM2MjFBODZFRTUxMUVEQjlDNDUzODVDNEY5QUUwMi9VLUxoTkZKRmZm SWU4bHk2T3lZUTBCS3BCdEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAB54D2XlnCMgSDHTTdoFYRGnCnxnH25w+vlSF8yMXRGQyInb9WS1IZ S1MgbwihhRB2SD+PMeTOIvilbQEUvIRCpHVPJ3ENo6fWr8as5Ph6gS3vMfusLQwS rcIjLOc9WN4RAeZs/1LybzLq2H7IJOp/+lXhYPQ+O7pOkGNZBtIQsW+m0rOEYGLB pf/4CjklFeyQuGv1ndn8Qa6rC2T7Ye4ZEMn57Rx5AoZCRBfI5nJbrXixOlH2bIVv wyM2ShmSQmkwneAUDxkcSMfdf1QCLrH4WtWrqlUH9zvxAet/8VTsQ2KNTZMf2118 bRUBnsnSlYAv0pThQi02xhOCB8slbbAi -----END CERTIFICATE-----Generated at Sun May 4 11:36:25 2025 by rpki-client