$ rpki-client -vvf rpki.apnic.net/member_repository/A91CA735/D0E9B1EE639B11EF9B4D2A5DC4F9AE02/U3sbocAbSGNHOKoRWa4rlVkN3ZE.mft File: U3sbocAbSGNHOKoRWa4rlVkN3ZE.mft (raw, json) Hash identifier: v65HzkxziqcdBiGcz1rGSPGpnp2luYHUAOmqLHhyDs8= Subject key identifier: 47:24:12:87:86:1F:45:94:2C:14:FF:A5:8B:12:51:4C:46:5C:D5:A0 Authority key identifier: 53:7B:1B:A1:C0:1B:48:63:47:38:AA:11:59:AE:2B:95:59:0D:DD:91 Certificate issuer: /CN=A91CA735/serialNumber=537B1BA1C01B48634738AA1159AE2B95590DDD91 Certificate serial: 83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3sbocAbSGNHOKoRWa4rlVkN3ZE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CA735/D0E9B1EE639B11EF9B4D2A5DC4F9AE02/U3sbocAbSGNHOKoRWa4rlVkN3ZE.mft Manifest number: 81 Signing time: Fri 25 Apr 2025 05:40:10 +0000 Manifest this update: Fri 25 Apr 2025 05:40:09 +0000 Manifest next update: Fri 02 May 2025 05:40:09 +0000 Files and hashes: 1: U3sbocAbSGNHOKoRWa4rlVkN3ZE.crl (hash: +0CCei2p2RQT/hsVbrXJ0cOC9YrdecftXdr+vCzQY24=) 2: 38D25300639D11EFB668775FC4F9AE02.roa (hash: IIflfQCAxW1X5tnyPUSdNiUWUvRyGX/zn4vbskdXfXg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CA735/D0E9B1EE639B11EF9B4D2A5DC4F9AE02/U3sbocAbSGNHOKoRWa4rlVkN3ZE.crl rsync://rpki.apnic.net/member_repository/A91CA735/D0E9B1EE639B11EF9B4D2A5DC4F9AE02/U3sbocAbSGNHOKoRWa4rlVkN3ZE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3sbocAbSGNHOKoRWa4rlVkN3ZE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 05:40:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 131 (0x83) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CA735, serialNumber=537B1BA1C01B48634738AA1159AE2B95590DDD91 Validity Not Before: Apr 25 05:40:09 2025 GMT Not After : May 2 05:40:09 2025 GMT Subject: CN=680b2039-4442 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:f4:ec:c2:f1:f8:e2:b4:cc:f6:c4:ab:e3:ce: 7b:68:43:27:59:f9:a1:3b:b4:66:b3:a4:0b:45:f4: 05:f3:e9:ba:8a:e0:7f:91:45:10:a1:4d:14:17:1c: 35:26:c8:a2:b0:c4:1f:f6:e7:79:ac:45:18:f9:e6: 93:56:81:44:92:ef:0f:80:70:d2:ad:50:22:6e:cc: 66:1f:c3:5a:10:56:1f:13:35:b6:b0:f1:c7:3c:92: 16:1c:8a:6e:1d:78:11:e6:a3:01:27:5a:47:f6:cd: 09:e0:51:61:4c:5b:ab:7b:fe:c1:8b:08:85:01:e4: bf:5b:10:94:52:9e:a0:8c:8f:48:54:22:8f:82:7b: 48:5e:b1:d7:ed:6d:04:cf:12:25:59:9d:66:95:c9: 58:07:7e:ec:48:37:da:dd:5d:6a:4d:b4:9f:4c:86: 7a:a1:cf:87:9f:90:e5:2a:66:b0:aa:2c:06:eb:c5: 53:bb:b5:7d:24:6a:0a:ca:f8:d3:f5:ce:e6:87:1f: eb:d5:4d:93:b0:27:5a:31:be:61:d9:c1:85:b9:41: 78:67:c8:59:a8:80:5e:13:e7:9d:27:06:33:7f:94: 7e:42:ef:e3:21:8f:98:cf:87:51:14:46:7a:5c:f7: 3a:86:23:bc:8e:14:40:99:00:6c:98:3e:36:1c:e5: 97:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:24:12:87:86:1F:45:94:2C:14:FF:A5:8B:12:51:4C:46:5C:D5:A0 X509v3 Authority Key Identifier: keyid:53:7B:1B:A1:C0:1B:48:63:47:38:AA:11:59:AE:2B:95:59:0D:DD:91 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CA735/D0E9B1EE639B11EF9B4D2A5DC4F9AE02/U3sbocAbSGNHOKoRWa4rlVkN3ZE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3sbocAbSGNHOKoRWa4rlVkN3ZE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CA735/D0E9B1EE639B11EF9B4D2A5DC4F9AE02/U3sbocAbSGNHOKoRWa4rlVkN3ZE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0c:ab:cb:d2:03:f7:cd:f7:1f:62:28:f4:a0:fc:9e:8a:f1:6d: 4a:7d:b0:29:8f:c8:9d:b3:db:26:86:01:69:fa:c7:82:43:95: 6a:a6:66:9f:bc:55:5b:81:a9:69:b7:c3:cc:7f:b1:9e:fd:be: e5:73:06:1a:f1:0b:17:1b:8a:85:6f:15:e7:9e:5e:35:a9:9b: 47:fb:61:35:9f:5d:23:8a:1b:14:22:5d:10:b4:cf:3b:74:22: 12:7a:b4:26:e4:42:21:12:f2:63:b8:3f:87:0c:11:89:21:ea: 35:e4:8e:fd:0e:08:34:50:8a:8d:bb:d9:fe:29:66:71:df:7c: 59:aa:b9:3d:7f:7e:23:af:16:17:2f:68:f5:cb:7d:45:7d:02: 5d:29:13:fb:a0:f2:95:63:2a:8c:18:89:65:14:f9:cc:2f:12: 84:9b:af:42:9f:4f:67:36:f4:38:81:e5:4f:5e:61:13:1c:d8: 7d:87:52:88:fa:85:b4:30:00:27:72:16:dc:e9:dc:ae:eb:a4: 69:16:01:2c:19:f1:98:b6:80:8f:ae:b5:aa:73:2b:bb:a0:78: cc:34:d9:32:3d:ca:f5:2e:7d:2f:6b:32:e3:55:b5:22:17:d5: 86:f1:ee:1b:ad:78:47:a0:22:c0:2b:31:68:e3:08:7c:4f:19: 45:f0:c1:69 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0E3MzUxMTAvBgNVBAUTKDUzN0IxQkExQzAxQjQ4NjM0NzM4QUExMTU5QUUyQjk1 NTkwREREOTEwHhcNMjUwNDI1MDU0MDA5WhcNMjUwNTAyMDU0MDA5WjAYMRYwFAYD VQQDEw02ODBiMjAzOS00NDQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtPTswvH44rTM9sSr4857aEMnWfmhO7Rms6QLRfQF8+m6iuB/kUUQoU0UFxw1 JsiisMQf9ud5rEUY+eaTVoFEku8PgHDSrVAibsxmH8NaEFYfEzW2sPHHPJIWHIpu HXgR5qMBJ1pH9s0J4FFhTFure/7BiwiFAeS/WxCUUp6gjI9IVCKPgntIXrHX7W0E zxIlWZ1mlclYB37sSDfa3V1qTbSfTIZ6oc+Hn5DlKmawqiwG68VTu7V9JGoKyvjT 9c7mhx/r1U2TsCdaMb5h2cGFuUF4Z8hZqIBeE+edJwYzf5R+Qu/jIY+Yz4dRFEZ6 XPc6hiO8jhRAmQBsmD42HOWXqQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEckEoeG H0WULBT/pYsSUUxGXNWgMB8GA1UdIwQYMBaAFFN7G6HAG0hjRziqEVmuK5VZDd2R MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQTczNS9EMEU5QjFFRTYz OUIxMUVGOUI0RDJBNURDNEY5QUUwMi9VM3Nib2NBYlNHTkhPS29SV2E0cmxWa04z WkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1Uzc2JvY0FiU0dOSE9Lb1JXYTRybFZrTjNaRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD QTczNS9EMEU5QjFFRTYzOUIxMUVGOUI0RDJBNURDNEY5QUUwMi9VM3Nib2NBYlNH TkhPS29SV2E0cmxWa04zWkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAMq8vSA/fN9x9iKPSg/J6K8W1KfbApj8ids9smhgFp+seCQ5Vqpmaf vFVbgalpt8PMf7Ge/b7lcwYa8QsXG4qFbxXnnl41qZtH+2E1n10jihsUIl0QtM87 dCISerQm5EIhEvJjuD+HDBGJIeo15I79Dgg0UIqNu9n+KWZx33xZqrk9f34jrxYX L2j1y31FfQJdKRP7oPKVYyqMGIllFPnMLxKEm69Cn09nNvQ4geVPXmETHNh9h1KI +oW0MAAnchbc6dyu66RpFgEsGfGYtoCPrrWqcyu7oHjMNNkyPcr1Ln0vazLjVbUi F9WG8e4brXhHoCLAKzFo4wh8TxlF8MFp -----END CERTIFICATE-----Generated at Sat Apr 26 17:22:50 2025 by rpki-client