$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBA81/CE136BD0745711ECB3987518C4F9AE02/umn8tA4zSXV_ok-OM1eRxfAEXVg.mft File: umn8tA4zSXV_ok-OM1eRxfAEXVg.mft (raw, json) Hash identifier: vHiJGVf9GtaICS5zLyJOrjqy02t/+wWakAbUXQRrn5M= Subject key identifier: 1B:7E:E0:1E:3F:AC:F4:1A:67:45:E1:B3:35:65:D2:6C:4A:19:97:41 Authority key identifier: BA:69:FC:B4:0E:33:49:75:7F:A2:4F:8E:33:57:91:C5:F0:04:5D:58 Certificate issuer: /CN=A91EBA81/serialNumber=BA69FCB40E3349757FA24F8E335791C5F0045D58 Certificate serial: 0409 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/umn8tA4zSXV_ok-OM1eRxfAEXVg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EBA81/CE136BD0745711ECB3987518C4F9AE02/umn8tA4zSXV_ok-OM1eRxfAEXVg.mft Manifest number: 03FE Signing time: Fri 25 Apr 2025 00:16:59 +0000 Manifest this update: Fri 25 Apr 2025 00:16:59 +0000 Manifest next update: Fri 02 May 2025 00:16:58 +0000 Files and hashes: 1: umn8tA4zSXV_ok-OM1eRxfAEXVg.crl (hash: Uqp9ZkAs1mTkYmAHMzwqZKWVrpcp1PGK3e5ACFK/KYo=) 2: 159DA092E9B711EFB8454123C4F9AE02.roa (hash: tjoX2rKURmmp0SIpilUWla3AD/nRXhfocceVz0iL1og=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EBA81/CE136BD0745711ECB3987518C4F9AE02/umn8tA4zSXV_ok-OM1eRxfAEXVg.crl rsync://rpki.apnic.net/member_repository/A91EBA81/CE136BD0745711ECB3987518C4F9AE02/umn8tA4zSXV_ok-OM1eRxfAEXVg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/umn8tA4zSXV_ok-OM1eRxfAEXVg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 00:16:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1033 (0x409) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EBA81, serialNumber=BA69FCB40E3349757FA24F8E335791C5F0045D58 Validity Not Before: Apr 25 00:16:59 2025 GMT Not After : May 2 00:16:58 2025 GMT Subject: CN=680ad47b-6cb4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:26:06:94:cb:81:c9:81:65:74:f2:8b:72:54: 01:73:9d:37:f0:a3:fd:e9:a5:27:7f:21:06:ff:fb: 78:42:2e:3b:ac:79:33:13:e0:48:12:ca:fc:2e:32: 69:7f:cd:94:b3:0d:85:50:10:ee:cd:19:01:d8:ed: 66:07:01:de:db:09:19:c3:11:ee:02:5d:96:44:b0: 9a:e9:9b:c4:8e:68:af:58:eb:1d:a4:b4:a0:b7:a6: b1:50:ff:48:a0:86:33:26:b9:5f:5a:c5:d0:7e:9d: dc:a6:f7:2d:3b:93:fb:9b:ab:b1:37:70:8c:73:9f: e5:00:91:25:d2:e0:1d:7d:4e:0e:1f:1e:05:47:ff: 29:d5:17:e4:5f:12:90:8e:03:14:74:e8:49:dc:2d: 9b:15:6d:0a:1e:e8:e4:59:7d:12:7c:bd:47:d6:16: 00:4d:80:d7:29:b0:c8:e3:00:f3:a5:5a:45:07:cc: e1:54:76:ae:b7:aa:d8:3a:ed:1f:5f:d0:2c:f0:14: d5:d7:dc:8d:55:fd:0c:6b:92:fc:e8:f6:96:8d:b2: de:29:fa:c0:41:72:41:8e:5c:33:42:c5:54:89:cd: f5:68:d9:7c:d8:ed:fa:e6:7c:bf:74:a8:1b:5e:23: 48:e7:4c:8c:d8:59:90:26:da:e0:ef:9f:8f:73:07: 44:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:7E:E0:1E:3F:AC:F4:1A:67:45:E1:B3:35:65:D2:6C:4A:19:97:41 X509v3 Authority Key Identifier: keyid:BA:69:FC:B4:0E:33:49:75:7F:A2:4F:8E:33:57:91:C5:F0:04:5D:58 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EBA81/CE136BD0745711ECB3987518C4F9AE02/umn8tA4zSXV_ok-OM1eRxfAEXVg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/umn8tA4zSXV_ok-OM1eRxfAEXVg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBA81/CE136BD0745711ECB3987518C4F9AE02/umn8tA4zSXV_ok-OM1eRxfAEXVg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption cc:35:0e:55:e8:b8:e4:e1:bc:52:64:a2:9d:49:bb:ed:7f:84: bc:31:d7:27:9d:09:50:01:0c:05:56:da:52:a9:7e:b0:64:35: 75:27:5c:ae:21:fe:a1:c0:91:d4:84:c6:c9:e6:ab:7e:59:d6: 1a:03:49:33:a7:00:d4:77:58:6f:39:8b:14:b6:b8:a4:ac:c7: d9:a1:35:4c:d3:c1:aa:5b:ab:d2:7c:e8:b2:32:15:f3:29:64: f6:2f:b8:3c:c4:c8:05:76:a3:5f:5f:67:47:87:cd:64:9c:22: 6d:95:8e:69:e9:1c:4a:e3:9a:f1:55:c7:ad:79:3d:b8:bc:4d: d4:46:7f:bf:93:c7:72:00:80:61:de:71:3e:bb:33:41:a6:77: ee:8f:81:f9:72:f5:8a:e8:68:e0:31:df:37:75:9c:8b:30:7b: 31:46:78:aa:a7:97:11:f0:1a:f4:4b:29:9f:57:61:48:69:db: 1d:61:56:20:73:5d:7b:77:67:23:46:5e:c2:93:c8:8c:bc:52: d5:e6:2c:28:25:9f:e9:ae:83:83:6e:89:3f:7d:d2:4a:30:01: e0:b9:b2:c5:85:9d:da:55:39:9a:e8:bf:f6:73:d8:f8:58:b5: fd:0f:a5:8d:00:d7:9d:94:84:f3:cb:8d:c0:8f:ab:1a:6a:58: 1a:ed:56:c9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBAkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUJBODExMTAvBgNVBAUTKEJBNjlGQ0I0MEUzMzQ5NzU3RkEyNEY4RTMzNTc5MUM1 RjAwNDVENTgwHhcNMjUwNDI1MDAxNjU5WhcNMjUwNTAyMDAxNjU4WjAYMRYwFAYD VQQDEw02ODBhZDQ3Yi02Y2I0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4iYGlMuByYFldPKLclQBc5038KP96aUnfyEG//t4Qi47rHkzE+BIEsr8LjJp f82Usw2FUBDuzRkB2O1mBwHe2wkZwxHuAl2WRLCa6ZvEjmivWOsdpLSgt6axUP9I oIYzJrlfWsXQfp3cpvctO5P7m6uxN3CMc5/lAJEl0uAdfU4OHx4FR/8p1RfkXxKQ jgMUdOhJ3C2bFW0KHujkWX0SfL1H1hYATYDXKbDI4wDzpVpFB8zhVHaut6rYOu0f X9As8BTV19yNVf0Ma5L86PaWjbLeKfrAQXJBjlwzQsVUic31aNl82O365ny/dKgb XiNI50yM2FmQJtrg75+PcwdEEQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBt+4B4/ rPQaZ0XhszVl0mxKGZdBMB8GA1UdIwQYMBaAFLpp/LQOM0l1f6JPjjNXkcXwBF1Y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkE4MS9DRTEzNkJEMDc0 NTcxMUVDQjM5ODc1MThDNEY5QUUwMi91bW44dEE0elNYVl9vay1PTTFlUnhmQUVY VmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3Vtbjh0QTR6U1hWX29rLU9NMWVSeGZBRVhWZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QkE4MS9DRTEzNkJEMDc0NTcxMUVDQjM5ODc1MThDNEY5QUUwMi91bW44dEE0elNY Vl9vay1PTTFlUnhmQUVYVmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDMNQ5V6Ljk4bxSZKKdSbvtf4S8MdcnnQlQAQwFVtpSqX6wZDV1J1yu If6hwJHUhMbJ5qt+WdYaA0kzpwDUd1hvOYsUtrikrMfZoTVM08GqW6vSfOiyMhXz KWT2L7g8xMgFdqNfX2dHh81knCJtlY5p6RxK45rxVceteT24vE3URn+/k8dyAIBh 3nE+uzNBpnfuj4H5cvWK6GjgMd83dZyLMHsxRniqp5cR8Br0SymfV2FIadsdYVYg c117d2cjRl7Ck8iMvFLV5iwoJZ/proODbok/fdJKMAHgubLFhZ3aVTma6L/2c9j4 WLX9D6WNANedlITzy43Aj6saalga7VbJ -----END CERTIFICATE-----Generated at Sat Apr 26 15:06:47 2025 by rpki-client