$ rpki-client -vvf rpki.apnic.net/member_repository/A91A9EE2/64324DD81D8811E2BDEF14E108B02CD2/up0rragmh4TwCuhYcC744p5ytLw.mft File: up0rragmh4TwCuhYcC744p5ytLw.mft (raw, json) Hash identifier: BICJ3Nyl3+iNoHzbbYjbLfh14i1fr6JqAhaSU+GQ54U= Subject key identifier: 8C:88:6F:D3:6B:9E:74:63:41:25:A1:98:16:E2:BB:A5:D7:F6:F6:27 Authority key identifier: BA:9D:2B:AD:A8:26:87:84:F0:0A:E8:58:70:2E:F8:E2:9E:72:B4:BC Certificate issuer: /CN=A91A9EE2/serialNumber=BA9D2BADA8268784F00AE858702EF8E29E72B4BC Certificate serial: 3499 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/up0rragmh4TwCuhYcC744p5ytLw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A9EE2/64324DD81D8811E2BDEF14E108B02CD2/up0rragmh4TwCuhYcC744p5ytLw.mft Manifest number: 3487 Signing time: Thu 24 Apr 2025 14:29:30 +0000 Manifest this update: Thu 24 Apr 2025 14:29:29 +0000 Manifest next update: Thu 01 May 2025 14:29:29 +0000 Files and hashes: 1: up0rragmh4TwCuhYcC744p5ytLw.crl (hash: RMCfUyFsBtPsGJw/aVd3QWNyb2+KZHI8aUwAB8aY3EQ=) 2: 58D5764A683311ECB9C17757C4F9AE02.roa (hash: 9sEgtc+Sp4Uok1SqtxGHbFLBelwmukEEkeYE5w5yi/o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A9EE2/64324DD81D8811E2BDEF14E108B02CD2/up0rragmh4TwCuhYcC744p5ytLw.crl rsync://rpki.apnic.net/member_repository/A91A9EE2/64324DD81D8811E2BDEF14E108B02CD2/up0rragmh4TwCuhYcC744p5ytLw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/up0rragmh4TwCuhYcC744p5ytLw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 14:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13465 (0x3499) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A9EE2, serialNumber=BA9D2BADA8268784F00AE858702EF8E29E72B4BC Validity Not Before: Apr 24 14:29:29 2025 GMT Not After : May 1 14:29:29 2025 GMT Subject: CN=680a4ac9-a2fe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:a2:85:a7:bc:97:04:fc:c1:79:e3:28:49:9f: 63:ad:04:5b:5f:7c:c7:2b:2b:41:6e:47:69:f2:1c: b7:a9:48:2e:a6:6b:3c:be:04:35:c0:96:c5:a1:a6: 32:1b:0a:6c:e1:a1:11:7a:3f:29:31:da:83:c2:42: 2e:a3:e4:aa:00:c5:50:c9:f2:96:22:a8:89:80:20: b7:0b:45:0b:dc:db:55:64:8d:05:2e:c4:58:32:58: f5:e1:8d:3c:fc:98:c7:c1:21:a2:22:32:7c:61:d2: 0e:d6:eb:f8:54:03:1e:b7:6d:a7:79:91:71:05:1c: 1b:32:46:a6:03:f2:35:44:3a:55:2b:5b:3c:f0:d0: a9:ee:bf:2c:bf:3b:d6:83:b6:2c:f1:33:cb:fd:3e: 16:ee:05:3c:e7:e9:7c:62:a3:d3:54:9c:1b:2c:1b: a6:75:3a:d0:17:f3:00:a0:d7:f7:12:d6:e2:94:16: 63:15:ba:f8:29:d8:d1:25:d0:c9:73:9e:b7:28:2e: 60:d7:de:f4:b4:26:88:de:e5:a1:5f:da:7f:bf:aa: a1:75:ae:95:99:57:b1:2a:24:44:87:3d:ef:8f:38: 2c:91:15:c6:b4:9b:6a:37:63:f9:24:ae:d9:76:12: 6b:cd:de:e8:ab:31:7b:78:45:bf:dc:d1:c3:5c:7e: 11:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:88:6F:D3:6B:9E:74:63:41:25:A1:98:16:E2:BB:A5:D7:F6:F6:27 X509v3 Authority Key Identifier: keyid:BA:9D:2B:AD:A8:26:87:84:F0:0A:E8:58:70:2E:F8:E2:9E:72:B4:BC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A9EE2/64324DD81D8811E2BDEF14E108B02CD2/up0rragmh4TwCuhYcC744p5ytLw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/up0rragmh4TwCuhYcC744p5ytLw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A9EE2/64324DD81D8811E2BDEF14E108B02CD2/up0rragmh4TwCuhYcC744p5ytLw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2d:38:f5:14:7a:fc:e3:ef:ed:a4:55:64:34:16:a5:74:dd:e0: a9:ae:ad:1c:28:c0:6a:3c:da:e1:ad:76:93:28:0e:fb:b1:c7: 69:c6:81:e7:07:12:6a:25:be:b8:bf:3b:df:50:46:02:00:ff: 4a:46:ca:44:ed:41:1d:45:92:e7:8f:36:9b:7b:93:45:d5:bb: 27:dd:d1:4e:a9:c6:99:ee:d0:23:97:d1:af:0b:8c:f8:cb:74: 3f:94:cd:2c:8f:5e:a8:9b:e8:d5:f5:66:65:bb:8a:e5:3e:2a: 5f:07:0d:94:71:9e:83:fc:0a:d9:bb:cd:32:08:bf:66:96:d7: 9a:a3:5f:ce:c8:ad:d8:72:a8:1b:04:c6:5e:a5:ec:d6:60:7d: e9:0a:80:6e:43:c4:75:09:23:d3:56:8e:d4:7f:5f:8b:2a:78: 6f:bb:71:9b:8e:70:e2:75:cd:44:f3:a0:17:d3:af:bc:f3:ed: 86:e1:48:23:20:02:2a:6a:f8:cd:49:39:1d:cb:41:2f:45:a8: 69:1c:60:0d:9d:2b:9d:fd:0e:28:5f:31:15:18:77:b3:b6:c8: ec:85:4b:e5:a1:b4:20:34:55:63:11:0d:df:6f:80:f3:c0:5c: 5d:a5:2a:c2:c9:99:c1:c7:60:d3:66:a2:3f:77:77:79:c8:cb: 71:73:1b:8e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNJkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTlFRTIxMTAvBgNVBAUTKEJBOUQyQkFEQTgyNjg3ODRGMDBBRTg1ODcwMkVGOEUy OUU3MkI0QkMwHhcNMjUwNDI0MTQyOTI5WhcNMjUwNTAxMTQyOTI5WjAYMRYwFAYD VQQDEw02ODBhNGFjOS1hMmZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtKKFp7yXBPzBeeMoSZ9jrQRbX3zHKytBbkdp8hy3qUgupms8vgQ1wJbFoaYy Gwps4aERej8pMdqDwkIuo+SqAMVQyfKWIqiJgCC3C0UL3NtVZI0FLsRYMlj14Y08 /JjHwSGiIjJ8YdIO1uv4VAMet22neZFxBRwbMkamA/I1RDpVK1s88NCp7r8svzvW g7Ys8TPL/T4W7gU85+l8YqPTVJwbLBumdTrQF/MAoNf3EtbilBZjFbr4KdjRJdDJ c563KC5g1970tCaI3uWhX9p/v6qhda6VmVexKiREhz3vjzgskRXGtJtqN2P5JK7Z dhJrzd7oqzF7eEW/3NHDXH4RoQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIyIb9Nr nnRjQSWhmBbiu6XX9vYnMB8GA1UdIwQYMBaAFLqdK62oJoeE8AroWHAu+OKecrS8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBOUVFMi82NDMyNEREODFE ODgxMUUyQkRFRjE0RTEwOEIwMkNEMi91cDBycmFnbWg0VHdDdWhZY0M3NDRwNXl0 THcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3VwMHJyYWdtaDRUd0N1aFljQzc0NHA1eXRMdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB OUVFMi82NDMyNEREODFEODgxMUUyQkRFRjE0RTEwOEIwMkNEMi91cDBycmFnbWg0 VHdDdWhZY0M3NDRwNXl0THcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAtOPUUevzj7+2kVWQ0FqV03eCprq0cKMBqPNrhrXaTKA77scdpxoHn BxJqJb64vzvfUEYCAP9KRspE7UEdRZLnjzabe5NF1bsn3dFOqcaZ7tAjl9GvC4z4 y3Q/lM0sj16om+jV9WZlu4rlPipfBw2UcZ6D/ArZu80yCL9mlteao1/OyK3Ycqgb BMZepezWYH3pCoBuQ8R1CSPTVo7Uf1+LKnhvu3GbjnDidc1E86AX06+88+2G4Ugj IAIqavjNSTkdy0EvRahpHGANnSud/Q4oXzEVGHeztsjshUvlobQgNFVjEQ3fb4Dz wFxdpSrCyZnBx2DTZqI/d3d5yMtxcxuO -----END CERTIFICATE-----Generated at Sat Apr 26 13:43:29 2025 by rpki-client