$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1149/24BB24CE9E4911E99F8BCC59C4F9AE02/uDQBz7xAXPtS_aD-vUoCt7HOJ2I.mft File: uDQBz7xAXPtS_aD-vUoCt7HOJ2I.mft (raw, json) Hash identifier: F3X00wdLRtOLnY6BigUKHuko0gaY3CsOb2V5lSwlgFE= Subject key identifier: 2F:2E:7F:12:F8:28:3F:3D:12:FB:8D:88:38:C6:91:46:FC:E4:79:BF Authority key identifier: B8:34:01:CF:BC:40:5C:FB:52:FD:A0:FE:BD:4A:02:B7:B1:CE:27:62 Certificate issuer: /CN=A91D1149/serialNumber=B83401CFBC405CFB52FDA0FEBD4A02B7B1CE2762 Certificate serial: 0E3E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uDQBz7xAXPtS_aD-vUoCt7HOJ2I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D1149/24BB24CE9E4911E99F8BCC59C4F9AE02/uDQBz7xAXPtS_aD-vUoCt7HOJ2I.mft Manifest number: 0E35 Signing time: Sat 12 Apr 2025 17:40:51 +0000 Manifest this update: Sat 12 Apr 2025 17:40:51 +0000 Manifest next update: Sat 19 Apr 2025 17:40:51 +0000 Files and hashes: 1: uDQBz7xAXPtS_aD-vUoCt7HOJ2I.crl (hash: rf71q5TUSjZ37OyujHn89jCPDs9D8PcxiSkFVXmguOE=) 2: BD22841E9E4911E9A136D25AC4F9AE02.roa (hash: CD3KMyXKPVQJ5ERiU0fhGp4XONa4jeSt2SNuNzmurV8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D1149/24BB24CE9E4911E99F8BCC59C4F9AE02/uDQBz7xAXPtS_aD-vUoCt7HOJ2I.crl rsync://rpki.apnic.net/member_repository/A91D1149/24BB24CE9E4911E99F8BCC59C4F9AE02/uDQBz7xAXPtS_aD-vUoCt7HOJ2I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uDQBz7xAXPtS_aD-vUoCt7HOJ2I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 19 Apr 2025 17:40:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3646 (0xe3e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D1149, serialNumber=B83401CFBC405CFB52FDA0FEBD4A02B7B1CE2762 Validity Not Before: Apr 12 17:40:51 2025 GMT Not After : Apr 19 17:40:51 2025 GMT Subject: CN=67faa5a3-defa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:46:42:10:03:79:5d:db:f6:f9:51:57:fe:ac: 16:01:87:8d:13:dc:38:12:c2:99:f0:b0:6f:77:4e: 08:b1:c3:49:98:97:6e:01:57:e1:9a:64:f1:4a:d9: f7:7e:3a:99:6b:11:4e:a5:ae:ef:cf:ff:87:bc:89: 32:0d:cf:20:83:25:d2:f1:3d:e1:9d:ae:e8:a5:2d: 05:1a:aa:73:5f:45:96:72:51:85:af:f7:11:1c:50: d4:16:5d:96:48:c1:c5:86:39:12:8b:a6:15:29:b5: b2:4b:88:9d:ca:b9:c0:58:94:3f:01:36:2e:23:c7: 06:7a:48:31:d9:97:6f:ed:cd:00:a5:a8:be:a6:22: 6d:fd:72:77:9c:44:82:75:dd:40:3d:8a:60:8d:7d: f8:c8:41:78:e7:d3:f5:e9:f1:4d:3f:50:2b:85:48: 95:07:6f:40:30:41:1b:b3:9c:9f:ac:0f:cd:51:3c: e8:df:1d:b1:5f:0c:3b:9c:23:e8:0b:55:2d:4d:d5: f8:55:9e:f3:41:b0:95:94:bb:78:6a:d1:eb:94:98: 93:fd:86:b3:40:77:78:df:b0:93:9e:e0:f6:67:28: ee:b9:25:7c:04:59:69:0f:70:e2:90:b6:1e:03:dd: 36:87:d0:22:6a:51:e0:82:37:8d:8a:df:f4:4d:35: 66:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:2E:7F:12:F8:28:3F:3D:12:FB:8D:88:38:C6:91:46:FC:E4:79:BF X509v3 Authority Key Identifier: keyid:B8:34:01:CF:BC:40:5C:FB:52:FD:A0:FE:BD:4A:02:B7:B1:CE:27:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D1149/24BB24CE9E4911E99F8BCC59C4F9AE02/uDQBz7xAXPtS_aD-vUoCt7HOJ2I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uDQBz7xAXPtS_aD-vUoCt7HOJ2I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1149/24BB24CE9E4911E99F8BCC59C4F9AE02/uDQBz7xAXPtS_aD-vUoCt7HOJ2I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 85:a4:8b:85:b2:56:40:6d:d5:09:17:74:7e:3c:29:af:71:39: 1c:c9:ce:6a:17:81:2c:ac:83:1e:53:0c:c0:01:61:2b:05:33: 4b:75:74:9e:ac:a8:cb:f1:b2:68:e6:4e:66:95:23:5c:23:5c: 9f:0b:f7:78:8f:9a:a9:85:6d:41:42:6a:6d:8a:61:d1:04:98: a4:96:11:34:fb:9e:b8:2c:ce:b3:72:b3:6d:77:f8:5c:c1:42: a0:cb:56:36:e9:27:54:e3:83:1b:cf:f2:f6:d2:f9:ca:91:ef: d8:51:ed:93:c7:8f:b3:75:49:36:85:3e:88:6e:19:e2:79:d0: af:c2:1d:fd:a1:e9:6e:51:e6:44:d4:8d:b7:30:9a:18:40:ae: fe:9f:e3:fd:4f:4f:da:f0:92:c2:c5:31:37:59:4c:1a:16:c8: 3c:7e:12:e8:2c:5e:8c:94:90:4d:5a:5f:30:4a:7a:2b:ce:1b: b0:11:fd:a8:6f:37:e6:ab:6b:91:70:88:4e:be:f0:64:f3:31: 88:d9:49:07:c7:ab:b4:c8:08:21:92:e6:cb:8f:e5:f7:af:1d: 74:01:57:e0:26:08:23:d9:d3:aa:46:13:8f:67:3d:0b:81:93: 4b:60:f7:46:4e:f1:e7:fb:1a:db:a9:9a:c2:72:19:cd:b5:43: 5a:57:63:24 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDj4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDExNDkxMTAvBgNVBAUTKEI4MzQwMUNGQkM0MDVDRkI1MkZEQTBGRUJENEEwMkI3 QjFDRTI3NjIwHhcNMjUwNDEyMTc0MDUxWhcNMjUwNDE5MTc0MDUxWjAYMRYwFAYD VQQDEw02N2ZhYTVhMy1kZWZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4EZCEAN5Xdv2+VFX/qwWAYeNE9w4EsKZ8LBvd04IscNJmJduAVfhmmTxStn3 fjqZaxFOpa7vz/+HvIkyDc8ggyXS8T3hna7opS0FGqpzX0WWclGFr/cRHFDUFl2W SMHFhjkSi6YVKbWyS4idyrnAWJQ/ATYuI8cGekgx2Zdv7c0Apai+piJt/XJ3nESC dd1APYpgjX34yEF459P16fFNP1ArhUiVB29AMEEbs5yfrA/NUTzo3x2xXww7nCPo C1UtTdX4VZ7zQbCVlLt4atHrlJiT/YazQHd437CTnuD2ZyjuuSV8BFlpD3DikLYe A902h9AialHggjeNit/0TTVmyQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC8ufxL4 KD89EvuNiDjGkUb85Hm/MB8GA1UdIwQYMBaAFLg0Ac+8QFz7Uv2g/r1KArexzidi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTE0OS8yNEJCMjRDRTlF NDkxMUU5OUY4QkNDNTlDNEY5QUUwMi91RFFCejd4QVhQdFNfYUQtdlVvQ3Q3SE9K MkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3VEUUJ6N3hBWFB0U19hRC12VW9DdDdIT0oySS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MTE0OS8yNEJCMjRDRTlFNDkxMUU5OUY4QkNDNTlDNEY5QUUwMi91RFFCejd4QVhQ dFNfYUQtdlVvQ3Q3SE9KMkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCFpIuFslZAbdUJF3R+PCmvcTkcyc5qF4EsrIMeUwzAAWErBTNLdXSe rKjL8bJo5k5mlSNcI1yfC/d4j5qphW1BQmptimHRBJiklhE0+564LM6zcrNtd/hc wUKgy1Y26SdU44Mbz/L20vnKke/YUe2Tx4+zdUk2hT6IbhniedCvwh39oeluUeZE 1I23MJoYQK7+n+P9T0/a8JLCxTE3WUwaFsg8fhLoLF6MlJBNWl8wSnorzhuwEf2o bzfmq2uRcIhOvvBk8zGI2UkHx6u0yAghkubLj+X3rx10AVfgJggj2dOqRhOPZz0L gZNLYPdGTvHn+xrbqZrCchnNtUNaV2Mk -----END CERTIFICATE-----Generated at Sun Apr 13 05:55:30 2025 by rpki-client