$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/UcJhG0Yd1RGDWlFB-K7lAtOjmus.mft File: UcJhG0Yd1RGDWlFB-K7lAtOjmus.mft (raw, json) Hash identifier: 6Zamqvfg6kBNCQjFTgwIrmEQQ2f+EINhbhyYPLGPZHY= Subject key identifier: 53:97:BE:46:23:EF:93:52:2A:B0:2C:8D:B4:6A:5A:C3:DE:5F:92:2F Authority key identifier: 51:C2:61:1B:46:1D:D5:11:83:5A:51:41:F8:AE:E5:02:D3:A3:9A:EB Certificate issuer: /CN=A91EBA1C/serialNumber=51C2611B461DD511835A5141F8AEE502D3A39AEB Certificate serial: 2258 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UcJhG0Yd1RGDWlFB-K7lAtOjmus.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/UcJhG0Yd1RGDWlFB-K7lAtOjmus.mft Manifest number: 2219 Signing time: Thu 24 Apr 2025 15:54:34 +0000 Manifest this update: Thu 24 Apr 2025 15:54:34 +0000 Manifest next update: Thu 01 May 2025 15:54:34 +0000 Files and hashes: 1: UcJhG0Yd1RGDWlFB-K7lAtOjmus.crl (hash: qmkW62FH+RJuD06hbeyw3JckLrUogGP3OelVG7wUiak=) 2: 6E12CFE0D6D511EEB73F802EC4F9AE02.roa (hash: fu2Y/ef9m4hYpradbNhhquwt+T6O3zblslaEMelPVBA=) 3: 8D93B9E0D8E911EE85D9881FC4F9AE02.roa (hash: AmGEU/vI25utL7crZoKrtfl5OSwvLwWyEhptdWMwqps=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/UcJhG0Yd1RGDWlFB-K7lAtOjmus.crl rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/UcJhG0Yd1RGDWlFB-K7lAtOjmus.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UcJhG0Yd1RGDWlFB-K7lAtOjmus.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 15:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8792 (0x2258) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EBA1C, serialNumber=51C2611B461DD511835A5141F8AEE502D3A39AEB Validity Not Before: Apr 24 15:54:34 2025 GMT Not After : May 1 15:54:34 2025 GMT Subject: CN=680a5eba-fefb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:c7:4a:d9:04:55:32:22:00:9f:90:7a:32:de: 3d:1b:c1:f4:f9:00:ea:c9:4b:78:83:31:1e:67:21: d3:ae:4e:48:cc:f5:fd:da:3a:cf:b0:ac:9b:8c:43: 43:84:32:ce:65:49:8a:db:b2:0d:8e:46:94:17:7f: a5:8c:cd:85:3d:95:f1:41:d5:91:9d:8e:f5:1c:6f: a3:63:a6:cd:1e:2b:0b:c9:8e:15:aa:95:76:5a:e9: 5f:e9:ac:49:cd:42:21:8f:d1:7b:3c:9b:65:6d:57: ba:3f:eb:39:82:ee:0b:0e:45:4d:54:9f:a9:80:87: 6c:d3:a7:ed:00:de:6c:e5:95:c7:da:6d:76:20:ce: a7:62:72:81:d7:c8:20:24:35:5c:fd:4d:53:13:e4: 80:a9:ad:96:46:6a:d3:7a:c2:6c:28:c4:be:72:12: 76:46:da:27:6f:9a:5f:e0:e3:cd:37:c4:48:e4:9a: 5b:fa:f2:10:9f:4b:49:e7:10:55:a9:34:75:a2:15: 50:c9:8c:9c:89:c1:d9:09:6b:d0:f7:e5:9b:4f:1b: 2f:a9:d4:03:d6:c9:77:1d:a8:05:fe:a3:0c:0c:19: 90:8a:04:50:b5:a0:1c:30:ac:b2:17:0b:d6:b5:8f: 1e:7a:f4:71:4f:0b:fb:d6:a8:a8:9a:1b:51:f9:08: e1:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:97:BE:46:23:EF:93:52:2A:B0:2C:8D:B4:6A:5A:C3:DE:5F:92:2F X509v3 Authority Key Identifier: keyid:51:C2:61:1B:46:1D:D5:11:83:5A:51:41:F8:AE:E5:02:D3:A3:9A:EB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/UcJhG0Yd1RGDWlFB-K7lAtOjmus.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UcJhG0Yd1RGDWlFB-K7lAtOjmus.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/UcJhG0Yd1RGDWlFB-K7lAtOjmus.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption e9:be:63:2f:9c:59:a5:6c:84:82:70:f2:56:b3:91:6b:bd:11: 82:e6:70:21:40:a0:58:fe:6f:a2:cf:d5:57:9d:5d:96:5a:ce: 11:31:ac:0c:db:0b:f1:45:f5:4d:f0:6b:69:c8:ca:76:79:6e: 46:10:1f:72:c2:60:bb:5e:08:64:38:5d:75:9f:e4:e2:ee:c1: 27:1e:d4:2b:6e:7f:7d:00:40:ec:78:14:b9:4f:5e:36:fa:81: 17:9f:00:64:e3:5b:26:8d:8b:1e:97:4e:4a:67:2e:b9:cc:02: 4f:95:97:d5:01:0f:c7:b9:4c:40:7c:a1:50:81:07:41:ba:48: 2d:09:a4:c4:46:32:d3:f5:70:bc:74:45:b6:9c:15:cc:fc:70: 97:22:ff:fb:a3:14:89:63:73:d4:8a:50:7f:48:b8:d9:ec:35: 49:73:f1:c0:81:10:bd:b6:1c:bb:33:b1:17:42:7e:25:61:11: 20:98:63:b6:8e:eb:25:89:be:ed:ae:21:45:8c:ff:5d:01:3f: 83:e6:2c:c3:df:77:27:70:a1:08:5a:d9:4e:62:09:d4:fb:ce: 9e:ba:fd:b5:2f:f8:4a:ef:45:3e:e9:94:93:21:1d:77:6f:56: d2:10:3b:c9:1e:02:28:a4:c8:e0:7b:23:90:5b:06:fb:e5:5e: f3:9e:f7:e7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICIlgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUJBMUMxMTAvBgNVBAUTKDUxQzI2MTFCNDYxREQ1MTE4MzVBNTE0MUY4QUVFNTAy RDNBMzlBRUIwHhcNMjUwNDI0MTU1NDM0WhcNMjUwNTAxMTU1NDM0WjAYMRYwFAYD VQQDEw02ODBhNWViYS1mZWZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx8dK2QRVMiIAn5B6Mt49G8H0+QDqyUt4gzEeZyHTrk5IzPX92jrPsKybjEND hDLOZUmK27INjkaUF3+ljM2FPZXxQdWRnY71HG+jY6bNHisLyY4VqpV2Wulf6axJ zUIhj9F7PJtlbVe6P+s5gu4LDkVNVJ+pgIds06ftAN5s5ZXH2m12IM6nYnKB18gg JDVc/U1TE+SAqa2WRmrTesJsKMS+chJ2Rtonb5pf4OPNN8RI5Jpb+vIQn0tJ5xBV qTR1ohVQyYycicHZCWvQ9+WbTxsvqdQD1sl3HagF/qMMDBmQigRQtaAcMKyyFwvW tY8eevRxTwv71qiomhtR+Qjh5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFOXvkYj 75NSKrAsjbRqWsPeX5IvMB8GA1UdIwQYMBaAFFHCYRtGHdURg1pRQfiu5QLTo5rr MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkExQy82M0IyMTRBMkM4 MTUxMUU1ODFEMjA4ODRDNEY5QUUwMi9VY0poRzBZZDFSR0RXbEZCLUs3bEF0T2pt dXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1VjSmhHMFlkMVJHRFdsRkItSzdsQXRPam11cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QkExQy82M0IyMTRBMkM4MTUxMUU1ODFEMjA4ODRDNEY5QUUwMi9VY0poRzBZZDFS R0RXbEZCLUs3bEF0T2ptdXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDpvmMvnFmlbISCcPJWs5FrvRGC5nAhQKBY/m+iz9VXnV2WWs4RMawM 2wvxRfVN8GtpyMp2eW5GEB9ywmC7XghkOF11n+Ti7sEnHtQrbn99AEDseBS5T142 +oEXnwBk41smjYsel05KZy65zAJPlZfVAQ/HuUxAfKFQgQdBukgtCaTERjLT9XC8 dEW2nBXM/HCXIv/7oxSJY3PUilB/SLjZ7DVJc/HAgRC9thy7M7EXQn4lYREgmGO2 juslib7triFFjP9dAT+D5izD33cncKEIWtlOYgnU+86euv21L/hK70U+6ZSTIR13 b1bSEDvJHgIopMjgeyOQWwb75V7znvfn -----END CERTIFICATE-----Generated at Sat Apr 26 12:31:58 2025 by rpki-client