$ rpki-client -vvf rpki.apnic.net/member_repository/A9130837/E3F87CB236E311ECBC8CC250C4F9AE02/U2i4yNaWPq2DmQWkhvU8RLBBpe8.mft File: U2i4yNaWPq2DmQWkhvU8RLBBpe8.mft (raw, json) Hash identifier: PWFdD3UE8qYtwyNV1ys7v9rHw78vceSjFiR+0tp93ro= Subject key identifier: 54:B1:DB:AE:39:D5:31:C8:2F:5F:52:07:C5:6D:A8:68:3D:13:CA:1F Authority key identifier: 53:68:B8:C8:D6:96:3E:AD:83:99:05:A4:86:F5:3C:44:B0:41:A5:EF Certificate issuer: /CN=A9130837/serialNumber=5368B8C8D6963EAD839905A486F53C44B041A5EF Certificate serial: 048F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U2i4yNaWPq2DmQWkhvU8RLBBpe8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9130837/E3F87CB236E311ECBC8CC250C4F9AE02/U2i4yNaWPq2DmQWkhvU8RLBBpe8.mft Manifest number: 0488 Signing time: Tue 08 Apr 2025 23:46:14 +0000 Manifest this update: Tue 08 Apr 2025 23:46:14 +0000 Manifest next update: Tue 15 Apr 2025 23:46:14 +0000 Files and hashes: 1: U2i4yNaWPq2DmQWkhvU8RLBBpe8.crl (hash: fAcIplF9QNE3w3n9AJUFr/z3L19rKdFfBl9I1NoalD8=) 2: 1C032F5A36E711EC9581EC54C4F9AE02.roa (hash: zuaM96z3jhp+fAEf2SKv65O5x2n5mX1/wYZc1QfKJIE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9130837/E3F87CB236E311ECBC8CC250C4F9AE02/U2i4yNaWPq2DmQWkhvU8RLBBpe8.crl rsync://rpki.apnic.net/member_repository/A9130837/E3F87CB236E311ECBC8CC250C4F9AE02/U2i4yNaWPq2DmQWkhvU8RLBBpe8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U2i4yNaWPq2DmQWkhvU8RLBBpe8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 15 Apr 2025 23:46:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1167 (0x48f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9130837 Validity Not Before: Apr 8 23:46:14 2025 GMT Not After : Apr 15 23:46:14 2025 GMT Subject: CN=67f5b546-ff0d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:c7:57:c1:42:48:cb:15:22:7a:c6:42:7f:ae: 83:aa:7e:c2:09:2a:25:f2:6d:36:29:4b:20:72:53: e3:66:5f:7d:7d:5e:9a:f7:e2:fb:a7:ee:bd:05:86: c0:bc:9a:c0:34:b1:e7:96:a5:ec:2e:4a:6c:60:f8: 6a:37:a6:6f:68:de:d5:25:be:c0:ad:db:ca:72:40: 33:43:d4:eb:ed:05:ef:19:03:91:e7:11:46:eb:0f: c3:cf:e5:96:4f:b7:b4:42:32:4c:6b:3f:bb:a8:3f: c9:ab:46:54:29:27:52:5e:bf:4c:9f:8e:ec:77:1e: a7:76:38:db:d8:33:b9:e8:a6:91:87:8c:f8:1f:fa: ae:45:48:c0:26:84:66:56:0a:0d:f9:58:0f:ec:eb: ff:7a:60:5b:d7:32:fa:c7:14:07:18:dc:db:05:0d: 6e:bb:bb:a1:6f:32:8b:4a:b1:9c:31:59:2d:ca:9a: b5:89:42:58:95:6f:c0:99:74:9f:38:d3:dd:4f:b3: 02:1b:1f:a9:bb:7b:22:95:6c:7a:4f:04:3c:a1:1e: a5:71:30:02:8a:17:58:1b:49:bd:a1:d9:18:4b:d1: 42:d2:59:b1:f4:33:2d:94:e9:ae:a1:af:cf:57:30: d3:c0:a0:14:3e:44:cc:69:5f:cd:96:e4:3f:c0:25: 3a:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:B1:DB:AE:39:D5:31:C8:2F:5F:52:07:C5:6D:A8:68:3D:13:CA:1F X509v3 Authority Key Identifier: keyid:53:68:B8:C8:D6:96:3E:AD:83:99:05:A4:86:F5:3C:44:B0:41:A5:EF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9130837/E3F87CB236E311ECBC8CC250C4F9AE02/U2i4yNaWPq2DmQWkhvU8RLBBpe8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U2i4yNaWPq2DmQWkhvU8RLBBpe8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9130837/E3F87CB236E311ECBC8CC250C4F9AE02/U2i4yNaWPq2DmQWkhvU8RLBBpe8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b9:e8:d2:cf:3a:fa:45:95:37:d8:26:bf:5b:2d:97:7a:24:51: ad:c3:7a:12:a1:a8:f8:ed:19:a7:b4:23:c8:bb:e5:9a:26:25: 60:f1:92:8f:fb:0c:7f:0e:7c:15:f3:01:2c:90:65:bd:63:81: 7d:73:eb:4d:85:a1:f0:81:46:38:ed:66:06:9d:08:30:dc:c9: b0:41:00:1d:27:89:4f:fd:b5:00:99:b3:e6:58:88:68:e2:ae: 88:c0:af:c2:fe:98:18:79:c2:fe:81:20:cb:9e:41:b3:12:ea: f8:2e:f7:14:0b:1a:7e:e6:0f:4c:c5:a4:f9:24:30:2a:3d:fc: 36:7c:54:0c:4a:35:f8:5c:05:6e:e0:89:8a:00:d9:2d:18:b7: d8:ec:02:8c:7a:cd:79:53:c1:50:b9:1b:cb:ff:50:30:3a:af: e3:be:10:3b:b4:f0:22:54:45:63:92:4d:bd:e7:11:7c:b6:f8: 60:f8:f5:a4:85:92:fd:1a:0e:4f:32:72:c1:78:7d:a6:81:14: 44:90:a0:2c:6f:0b:89:13:66:fd:5e:96:a3:b0:aa:ea:13:35: 80:9c:64:75:c9:99:dd:57:f5:64:6c:e2:7b:56:04:95:98:53: f0:06:d4:78:78:37:1c:0b:d0:ad:b2:e7:48:df:92:4d:ff:ec: 9b:7c:2b:f3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBI8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzA4MzcxMTAvBgNVBAUTKDUzNjhCOEM4RDY5NjNFQUQ4Mzk5MDVBNDg2RjUzQzQ0 QjA0MUE1RUYwHhcNMjUwNDA4MjM0NjE0WhcNMjUwNDE1MjM0NjE0WjAYMRYwFAYD VQQDEw02N2Y1YjU0Ni1mZjBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqcdXwUJIyxUiesZCf66Dqn7CCSol8m02KUsgclPjZl99fV6a9+L7p+69BYbA vJrANLHnlqXsLkpsYPhqN6ZvaN7VJb7ArdvKckAzQ9Tr7QXvGQOR5xFG6w/Dz+WW T7e0QjJMaz+7qD/Jq0ZUKSdSXr9Mn47sdx6ndjjb2DO56KaRh4z4H/quRUjAJoRm VgoN+VgP7Ov/emBb1zL6xxQHGNzbBQ1uu7uhbzKLSrGcMVktypq1iUJYlW/AmXSf ONPdT7MCGx+pu3silWx6TwQ8oR6lcTACihdYG0m9odkYS9FC0lmx9DMtlOmuoa/P VzDTwKAUPkTMaV/NluQ/wCU6GwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFSx2645 1THIL19SB8VtqGg9E8ofMB8GA1UdIwQYMBaAFFNouMjWlj6tg5kFpIb1PESwQaXv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMDgzNy9FM0Y4N0NCMjM2 RTMxMUVDQkM4Q0MyNTBDNEY5QUUwMi9VMmk0eU5hV1BxMkRtUVdraHZVOFJMQkJw ZTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1UyaTR5TmFXUHEyRG1RV2todlU4UkxCQnBlOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz MDgzNy9FM0Y4N0NCMjM2RTMxMUVDQkM4Q0MyNTBDNEY5QUUwMi9VMmk0eU5hV1Bx MkRtUVdraHZVOFJMQkJwZTgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC56NLPOvpFlTfYJr9bLZd6JFGtw3oSoaj47RmntCPIu+WaJiVg8ZKP +wx/DnwV8wEskGW9Y4F9c+tNhaHwgUY47WYGnQgw3MmwQQAdJ4lP/bUAmbPmWIho 4q6IwK/C/pgYecL+gSDLnkGzEur4LvcUCxp+5g9MxaT5JDAqPfw2fFQMSjX4XAVu 4ImKANktGLfY7AKMes15U8FQuRvL/1AwOq/jvhA7tPAiVEVjkk295xF8tvhg+PWk hZL9Gg5PMnLBeH2mgRREkKAsbwuJE2b9XpajsKrqEzWAnGR1yZndV/VkbOJ7VgSV mFPwBtR4eDccC9CtsudI35JN/+ybfCvz -----END CERTIFICATE-----Generated at Fri Apr 11 20:04:09 2025 by rpki-client