$ rpki-client -vvf rpki.apnic.net/member_repository/A913E2B3/20E67DD812F411EA89420430C4F9AE02/UoaLCQH1W0B4uRpzRRym0iMSyKs.mft File: UoaLCQH1W0B4uRpzRRym0iMSyKs.mft (raw, json) Hash identifier: 5wrdqtCUkEjSI61Qe1K6kJt+GwI5CWVUM87B+1OS63w= Subject key identifier: 20:41:AB:56:1C:BF:24:82:E0:63:30:E5:34:E1:29:E8:DD:E2:21:B1 Authority key identifier: 52:86:8B:09:01:F5:5B:40:78:B9:1A:73:45:1C:A6:D2:23:12:C8:AB Certificate issuer: /CN=A913E2B3/serialNumber=52868B0901F55B4078B91A73451CA6D22312C8AB Certificate serial: 0BF9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UoaLCQH1W0B4uRpzRRym0iMSyKs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913E2B3/20E67DD812F411EA89420430C4F9AE02/UoaLCQH1W0B4uRpzRRym0iMSyKs.mft Manifest number: 0BEB Signing time: Fri 18 Apr 2025 18:51:42 +0000 Manifest this update: Fri 18 Apr 2025 18:51:41 +0000 Manifest next update: Fri 25 Apr 2025 18:51:41 +0000 Files and hashes: 1: UoaLCQH1W0B4uRpzRRym0iMSyKs.crl (hash: OqUi4gDpWckjd2fIZ//OgWutMOqu9tOCTLcPgW9NLQs=) 2: 399AB6DA4ED511ED84336740C4F9AE02.roa (hash: xH17spaHhMO4029wjNj4ZW6FqoA9g6CON6QQbD7o3j0=) 3: 3AB1E0D44ED511ED84336740C4F9AE02.roa (hash: J+JzfdPnvnmB6Ay3Ml+qeWmcjb1XIfVxnUqGVNUN7Ko=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913E2B3/20E67DD812F411EA89420430C4F9AE02/UoaLCQH1W0B4uRpzRRym0iMSyKs.crl rsync://rpki.apnic.net/member_repository/A913E2B3/20E67DD812F411EA89420430C4F9AE02/UoaLCQH1W0B4uRpzRRym0iMSyKs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UoaLCQH1W0B4uRpzRRym0iMSyKs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Apr 2025 18:24:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3065 (0xbf9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913E2B3, serialNumber=52868B0901F55B4078B91A73451CA6D22312C8AB Validity Not Before: Apr 18 18:51:41 2025 GMT Not After : Apr 25 18:51:41 2025 GMT Subject: CN=68029f3d-4eea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:cb:b8:e0:9c:03:7c:65:d1:04:1f:95:81:c0: 7d:60:29:2b:c4:81:75:dd:b4:8c:cb:74:7b:84:a0: 98:08:98:22:f2:9f:af:77:52:2b:67:b7:d6:ce:74: a8:b4:03:cc:9f:ad:c0:b2:ca:c1:d1:e1:f1:7f:ef: d3:4a:8b:a4:69:37:96:15:07:b6:bd:2d:fa:48:2e: 8a:eb:e7:bf:db:f2:73:a6:4c:00:dd:df:73:4a:65: 7d:57:58:74:8b:2c:35:8d:71:3c:cb:7c:58:6d:34: 57:a2:6e:e8:2b:58:8e:3d:2e:eb:76:0e:57:bf:6a: 78:55:00:28:b9:54:46:ec:15:1c:e8:89:ca:81:25: 2d:4f:1b:a3:b3:a2:5f:9a:56:ff:a6:d0:a3:95:fb: 22:21:aa:ec:15:05:10:32:e3:a3:31:e8:f2:f1:cb: 9a:2c:d1:d8:c5:d6:af:ee:f8:11:01:d6:ce:a7:62: 89:dd:08:b3:f8:ca:5b:dc:e4:4f:ce:02:3f:92:0a: 5b:5d:f5:50:42:c7:00:e7:5e:15:7a:c7:3c:4f:1a: 78:a8:db:19:ad:21:3d:2a:bf:28:28:3b:29:f0:fc: 12:02:df:46:76:c5:c3:6c:f3:bc:c3:6b:2e:92:85: 92:6d:c4:e4:54:11:95:c8:93:49:62:d8:33:4d:99: f7:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:41:AB:56:1C:BF:24:82:E0:63:30:E5:34:E1:29:E8:DD:E2:21:B1 X509v3 Authority Key Identifier: keyid:52:86:8B:09:01:F5:5B:40:78:B9:1A:73:45:1C:A6:D2:23:12:C8:AB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913E2B3/20E67DD812F411EA89420430C4F9AE02/UoaLCQH1W0B4uRpzRRym0iMSyKs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UoaLCQH1W0B4uRpzRRym0iMSyKs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913E2B3/20E67DD812F411EA89420430C4F9AE02/UoaLCQH1W0B4uRpzRRym0iMSyKs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 01:8a:72:a9:a9:83:1e:53:d7:47:76:0d:9f:8b:ab:c7:46:a1: 4c:4d:79:8e:8f:70:1a:76:18:27:43:34:82:76:68:a2:0d:b3: 50:4e:14:ac:d6:d3:29:e9:78:e8:9f:d6:f8:e9:a1:77:e1:93: 42:f8:8b:3b:da:ad:7f:c5:73:bf:95:7e:e6:2a:6d:7e:91:eb: b8:92:47:b0:86:2f:01:5e:06:b1:5c:a7:56:98:d8:72:1d:c9: e6:00:49:20:d3:c4:49:ac:5d:0f:3b:32:ad:f2:05:7b:05:c0: 94:ba:54:77:68:04:2d:b6:0b:b8:75:66:ab:08:23:86:0b:86: 4d:4b:bc:48:25:36:d8:8b:72:a8:95:0c:d6:24:77:dd:a3:89: bf:fc:90:7a:3f:c5:d9:d4:5f:b4:19:50:c8:99:b6:be:fb:23: 75:48:1e:c3:a0:72:cc:ab:d6:45:ab:14:66:ee:2b:06:e8:8e: 80:0e:ea:5e:bc:a1:01:2d:c2:e1:6f:01:72:9e:86:13:ec:59: e7:f7:90:39:e8:4f:38:32:62:51:dd:14:07:eb:40:b4:b5:f0: 30:23:80:c6:41:83:73:72:ac:b4:51:ca:14:d8:03:fb:a2:ae: 47:78:4f:00:0e:ac:51:03:45:cf:d4:a5:7b:47:9e:f4:c9:36: cc:bd:c4:4b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC/kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0UyQjMxMTAvBgNVBAUTKDUyODY4QjA5MDFGNTVCNDA3OEI5MUE3MzQ1MUNBNkQy MjMxMkM4QUIwHhcNMjUwNDE4MTg1MTQxWhcNMjUwNDI1MTg1MTQxWjAYMRYwFAYD VQQDEw02ODAyOWYzZC00ZWVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvsu44JwDfGXRBB+VgcB9YCkrxIF13bSMy3R7hKCYCJgi8p+vd1IrZ7fWznSo tAPMn63AssrB0eHxf+/TSoukaTeWFQe2vS36SC6K6+e/2/JzpkwA3d9zSmV9V1h0 iyw1jXE8y3xYbTRXom7oK1iOPS7rdg5Xv2p4VQAouVRG7BUc6InKgSUtTxujs6Jf mlb/ptCjlfsiIarsFQUQMuOjMejy8cuaLNHYxdav7vgRAdbOp2KJ3Qiz+Mpb3ORP zgI/kgpbXfVQQscA514Vesc8Txp4qNsZrSE9Kr8oKDsp8PwSAt9GdsXDbPO8w2su koWSbcTkVBGVyJNJYtgzTZn3uwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCBBq1Yc vySC4GMw5TThKejd4iGxMB8GA1UdIwQYMBaAFFKGiwkB9VtAeLkac0UcptIjEsir MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRTJCMy8yMEU2N0REODEy RjQxMUVBODk0MjA0MzBDNEY5QUUwMi9Vb2FMQ1FIMVcwQjR1UnB6UlJ5bTBpTVN5 S3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1VvYUxDUUgxVzBCNHVScHpSUnltMGlNU3lLcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz RTJCMy8yMEU2N0REODEyRjQxMUVBODk0MjA0MzBDNEY5QUUwMi9Vb2FMQ1FIMVcw QjR1UnB6UlJ5bTBpTVN5S3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQABinKpqYMeU9dHdg2fi6vHRqFMTXmOj3AadhgnQzSCdmiiDbNQThSs 1tMp6Xjon9b46aF34ZNC+Is72q1/xXO/lX7mKm1+keu4kkewhi8BXgaxXKdWmNhy HcnmAEkg08RJrF0POzKt8gV7BcCUulR3aAQttgu4dWarCCOGC4ZNS7xIJTbYi3Ko lQzWJHfdo4m//JB6P8XZ1F+0GVDImba++yN1SB7DoHLMq9ZFqxRm7isG6I6ADupe vKEBLcLhbwFynoYT7Fnn95A56E84MmJR3RQH60C0tfAwI4DGQYNzcqy0UcoU2AP7 oq5HeE8ADqxRA0XP1KV7R570yTbMvcRL -----END CERTIFICATE-----Generated at Sat Apr 19 01:04:55 2025 by rpki-client