$ rpki-client -vvf rpki.apnic.net/member_repository/A91934DE/A941D5E2D8E411ED92EA3620C4F9AE02/_UnAZPyj6S3swYqPUElLIfwB8lY.mft File: _UnAZPyj6S3swYqPUElLIfwB8lY.mft (raw, json) Hash identifier: ct4X4PjIA9843Idhql4O0tNshORmqNPs3NvvuTP6wno= Subject key identifier: F7:C5:4E:F4:6E:EB:CB:57:4B:7D:FA:8B:E9:C0:35:82:C1:CF:E9:ED Authority key identifier: FD:49:C0:64:FC:A3:E9:2D:EC:C1:8A:8F:50:49:4B:21:FC:01:F2:56 Certificate issuer: /CN=A91934DE/serialNumber=FD49C064FCA3E92DECC18A8F50494B21FC01F256 Certificate serial: 018C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_UnAZPyj6S3swYqPUElLIfwB8lY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91934DE/A941D5E2D8E411ED92EA3620C4F9AE02/_UnAZPyj6S3swYqPUElLIfwB8lY.mft Manifest number: 017F Signing time: Sat 05 Apr 2025 03:13:33 +0000 Manifest this update: Sat 05 Apr 2025 03:13:33 +0000 Manifest next update: Sat 12 Apr 2025 03:13:33 +0000 Files and hashes: 1: _UnAZPyj6S3swYqPUElLIfwB8lY.crl (hash: tZUjy02tee5o2mgeg5/aEAW/BY7R7Na8ucGd1SS5op4=) 2: 358556D2D98F11EDA9A38028C4F9AE02.roa (hash: w60npFN7Kaoau14A8nUumKIk6Z7FI9jzoRmBuAraQgw=) 3: 05F11BACDF4A11EDA4190947C4F9AE02.roa (hash: xNw6lqRZVzml6zGHz7sRyZFWQnA5LMwPw8PJ9UjVWeM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91934DE/A941D5E2D8E411ED92EA3620C4F9AE02/_UnAZPyj6S3swYqPUElLIfwB8lY.crl rsync://rpki.apnic.net/member_repository/A91934DE/A941D5E2D8E411ED92EA3620C4F9AE02/_UnAZPyj6S3swYqPUElLIfwB8lY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_UnAZPyj6S3swYqPUElLIfwB8lY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 03:13:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 396 (0x18c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91934DE Validity Not Before: Apr 5 03:13:33 2025 GMT Not After : Apr 12 03:13:33 2025 GMT Subject: CN=67f09fdd-e74f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:9b:d8:3b:1f:e3:1b:dc:c6:77:fa:dc:6b:b2: d2:9f:5f:1e:36:e9:a8:e4:50:64:14:3b:9b:ba:23: 6b:b2:17:4a:1d:cb:5c:fa:d1:0c:dc:e3:ef:19:5f: 14:25:f0:85:79:a0:97:d7:21:89:35:28:43:31:25: 86:ac:cb:e9:fa:51:be:6e:79:5d:82:ee:da:f2:1d: 20:9d:28:4e:1d:2a:ff:3c:36:a4:29:f2:b7:b4:c5: 73:79:36:70:b7:94:d5:79:b0:be:7b:ee:4c:bd:38: cc:b0:56:aa:e2:9b:1d:70:91:a2:d3:4d:b8:0f:87: 21:62:d8:08:af:da:16:0e:91:61:da:d4:65:09:9b: d7:b1:bf:f1:db:d4:5c:ae:9a:8e:ff:2c:df:eb:bc: 1c:00:77:4a:2b:36:8d:ba:95:2e:0f:5d:4a:c9:a6: a8:0f:4d:71:9a:d2:44:99:c7:2b:1a:9b:b9:b7:cd: 1a:5e:6c:dc:cb:e9:1e:94:ba:3c:f5:6e:08:c2:5d: d7:14:10:78:06:02:50:52:7b:96:55:99:24:f4:84: 0a:ea:fd:e2:ab:59:31:ac:20:9d:98:92:0d:75:c6: 02:e1:96:2b:16:e6:4d:ec:03:42:ad:eb:b2:9d:db: a6:9a:d4:f9:37:8f:5e:c6:65:6d:08:4a:9e:28:3e: 36:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:C5:4E:F4:6E:EB:CB:57:4B:7D:FA:8B:E9:C0:35:82:C1:CF:E9:ED X509v3 Authority Key Identifier: keyid:FD:49:C0:64:FC:A3:E9:2D:EC:C1:8A:8F:50:49:4B:21:FC:01:F2:56 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91934DE/A941D5E2D8E411ED92EA3620C4F9AE02/_UnAZPyj6S3swYqPUElLIfwB8lY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_UnAZPyj6S3swYqPUElLIfwB8lY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91934DE/A941D5E2D8E411ED92EA3620C4F9AE02/_UnAZPyj6S3swYqPUElLIfwB8lY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption af:a2:b9:94:51:8f:6d:87:f9:fc:64:ad:d2:91:ca:b6:8c:e1: ef:31:19:e1:09:81:03:1f:81:e7:45:ac:b0:3e:4e:ee:46:b7: 69:ae:82:b0:f3:9d:e5:8c:5d:f1:8e:51:31:80:bd:80:71:f1: 8b:95:5f:db:84:2b:89:46:2c:fb:30:ad:a2:e9:93:ab:b0:40: 28:3c:6e:74:b8:b1:98:f0:07:e3:76:91:7f:23:51:29:e5:41: 4e:84:7d:61:9e:5e:8d:14:01:ae:40:71:9d:5f:a5:59:79:1c: 7d:5c:87:e4:00:1a:6b:c1:ea:f2:21:f2:8c:bd:64:89:b7:3b: c3:3a:3f:aa:a1:f7:88:d7:11:4c:32:45:fa:44:c8:97:8d:08: 30:48:e5:89:14:50:39:bf:c1:bb:47:78:45:7a:6b:f2:ac:4b: ff:97:2d:58:c2:b4:74:02:b4:fb:bb:ca:d1:6e:f3:64:30:c5: bf:19:bc:f6:d8:11:5a:2e:9c:21:e5:8b:09:b0:0d:b9:26:0f: e5:00:71:34:5c:43:1d:71:8f:c3:29:ae:52:de:c5:62:92:fa: a4:74:33:cc:c2:68:6f:70:e5:e3:cb:0b:58:ad:81:f3:62:a9: cc:0f:f4:37:6e:6f:e1:ab:a2:72:85:b3:da:50:4a:36:d9:2b: fc:6a:fb:24 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAYwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTM0REUxMTAvBgNVBAUTKEZENDlDMDY0RkNBM0U5MkRFQ0MxOEE4RjUwNDk0QjIx RkMwMUYyNTYwHhcNMjUwNDA1MDMxMzMzWhcNMjUwNDEyMDMxMzMzWjAYMRYwFAYD VQQDEw02N2YwOWZkZC1lNzRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwZvYOx/jG9zGd/rca7LSn18eNumo5FBkFDubuiNrshdKHctc+tEM3OPvGV8U JfCFeaCX1yGJNShDMSWGrMvp+lG+bnldgu7a8h0gnShOHSr/PDakKfK3tMVzeTZw t5TVebC+e+5MvTjMsFaq4psdcJGi0024D4chYtgIr9oWDpFh2tRlCZvXsb/x29Rc rpqO/yzf67wcAHdKKzaNupUuD11KyaaoD01xmtJEmccrGpu5t80aXmzcy+kelLo8 9W4Iwl3XFBB4BgJQUnuWVZkk9IQK6v3iq1kxrCCdmJINdcYC4ZYrFuZN7ANCreuy ndummtT5N49exmVtCEqeKD42eQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPfFTvRu 68tXS336i+nANYLBz+ntMB8GA1UdIwQYMBaAFP1JwGT8o+kt7MGKj1BJSyH8AfJW MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MzRERS9BOTQxRDVFMkQ4 RTQxMUVEOTJFQTM2MjBDNEY5QUUwMi9fVW5BWlB5ajZTM3N3WXFQVUVsTElmd0I4 bFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL19VbkFaUHlqNlMzc3dZcVBVRWxMSWZ3QjhsWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 MzRERS9BOTQxRDVFMkQ4RTQxMUVEOTJFQTM2MjBDNEY5QUUwMi9fVW5BWlB5ajZT M3N3WXFQVUVsTElmd0I4bFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCvormUUY9th/n8ZK3Skcq2jOHvMRnhCYEDH4HnRaywPk7uRrdproKw 853ljF3xjlExgL2AcfGLlV/bhCuJRiz7MK2i6ZOrsEAoPG50uLGY8AfjdpF/I1Ep 5UFOhH1hnl6NFAGuQHGdX6VZeRx9XIfkABprweryIfKMvWSJtzvDOj+qofeI1xFM MkX6RMiXjQgwSOWJFFA5v8G7R3hFemvyrEv/ly1YwrR0ArT7u8rRbvNkMMW/Gbz2 2BFaLpwh5YsJsA25Jg/lAHE0XEMdcY/DKa5S3sVikvqkdDPMwmhvcOXjywtYrYHz YqnMD/Q3bm/hq6JyhbPaUEo22Sv8avsk -----END CERTIFICATE-----Generated at Sun Apr 6 21:38:07 2025 by rpki-client