$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8119/4E2D7A38514011E98D983B61C4F9AE02/UT3TCM11FCJ69R2AXlVApqn10zk.mft File: UT3TCM11FCJ69R2AXlVApqn10zk.mft (raw, json) Hash identifier: jbz/UeFK70NMAWZwdmieGwIuMuUooq0qW9Cz7t7Cygc= Subject key identifier: 72:3C:BD:44:50:FB:F1:41:89:21:8A:84:34:A9:E0:1C:22:ED:AB:FA Authority key identifier: 51:3D:D3:08:CD:75:14:22:7A:F5:1D:80:5E:55:40:A6:A9:F5:D3:39 Certificate issuer: /CN=A91F8119/serialNumber=513DD308CD7514227AF51D805E5540A6A9F5D339 Certificate serial: 0FCB Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/UT3TCM11FCJ69R2AXlVApqn10zk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F8119/4E2D7A38514011E98D983B61C4F9AE02/UT3TCM11FCJ69R2AXlVApqn10zk.mft Manifest number: 0FC4 Signing time: Wed 16 Apr 2025 15:46:20 +0000 Manifest this update: Wed 16 Apr 2025 15:46:19 +0000 Manifest next update: Wed 23 Apr 2025 15:46:19 +0000 Files and hashes: 1: UT3TCM11FCJ69R2AXlVApqn10zk.crl (hash: 9HZv6EvdFR2IV7NR6c7ovfuyCwo36PRbSE4K70fDoIQ=) 2: 8BCB105015EA11EC86834E2FC4F9AE02.roa (hash: OwotHwrsvHfL9c2xwdii3HVlS9hQiSq8fqoBsWtp67U=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F8119/4E2D7A38514011E98D983B61C4F9AE02/UT3TCM11FCJ69R2AXlVApqn10zk.crl rsync://rpki.apnic.net/member_repository/A91F8119/4E2D7A38514011E98D983B61C4F9AE02/UT3TCM11FCJ69R2AXlVApqn10zk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/UT3TCM11FCJ69R2AXlVApqn10zk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 23 Apr 2025 15:46:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4043 (0xfcb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F8119, serialNumber=513DD308CD7514227AF51D805E5540A6A9F5D339 Validity Not Before: Apr 16 15:46:19 2025 GMT Not After : Apr 23 15:46:19 2025 GMT Subject: CN=67ffd0cb-4576 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:47:46:d5:f7:fc:60:8b:74:36:79:8c:52:cd: 28:7d:63:de:9f:4f:4a:95:7b:0b:37:0e:19:30:8b: fa:c3:64:ab:bc:92:08:3f:10:53:b3:9e:e4:aa:9e: 89:65:30:01:fb:db:0b:07:67:35:99:70:44:ec:82: ac:48:81:77:b7:c0:f6:b7:bf:37:52:7a:58:a8:e5: c3:6e:d5:03:09:0a:8d:1f:dc:65:d4:ef:d7:ea:b7: 44:6f:fd:a9:fd:19:5a:76:61:4e:7a:e0:05:05:a7: 45:bc:a7:00:22:dc:60:6c:ec:1d:78:1f:56:4c:9c: 55:b1:63:42:6a:15:aa:36:01:c2:c1:47:5c:cd:42: 56:ec:fe:67:98:ae:32:ba:21:68:76:52:80:cc:43: f7:6d:d5:8a:4a:88:ec:a4:98:2a:c9:f9:59:37:d9: ef:0f:3b:e5:c0:63:9e:54:1e:3e:a0:44:8f:79:aa: c9:59:72:09:80:42:a2:51:d3:86:86:4b:25:38:8f: 32:15:24:b6:13:25:57:d0:53:a1:14:dd:0a:e3:d2: 3d:1a:3b:0b:da:c2:ca:96:87:6e:ab:64:85:c8:f0: 04:06:80:04:79:4b:3b:c5:30:33:47:36:d4:78:98: 4c:06:6a:f0:bb:49:23:e6:ea:bc:c3:f8:76:c9:e4: 9c:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:3C:BD:44:50:FB:F1:41:89:21:8A:84:34:A9:E0:1C:22:ED:AB:FA X509v3 Authority Key Identifier: keyid:51:3D:D3:08:CD:75:14:22:7A:F5:1D:80:5E:55:40:A6:A9:F5:D3:39 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F8119/4E2D7A38514011E98D983B61C4F9AE02/UT3TCM11FCJ69R2AXlVApqn10zk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/UT3TCM11FCJ69R2AXlVApqn10zk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8119/4E2D7A38514011E98D983B61C4F9AE02/UT3TCM11FCJ69R2AXlVApqn10zk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 98:c1:c1:cc:73:6a:39:29:67:96:0e:87:b9:c8:6b:2f:99:82: 12:56:7d:da:df:c7:93:8a:e4:51:ba:67:e5:04:5a:ee:20:0a: 8d:f8:08:b2:1b:1e:1a:85:e6:b4:a4:38:3a:a4:e5:97:a4:7f: b3:fd:8a:ea:4c:48:17:00:11:fd:86:ac:87:f9:72:3a:92:dc: f7:29:eb:14:74:d2:6c:96:fd:e0:5a:90:f0:d2:7c:5d:e8:85: fb:55:8f:fe:3e:1e:4a:15:fc:0b:a7:09:7f:3c:6c:55:02:c0: 06:56:d6:5b:a2:ff:b6:c0:23:1c:37:8b:01:b5:cd:ea:de:bd: a4:88:31:45:f4:db:c0:18:3a:e4:84:4b:95:b4:3a:34:82:21: ca:22:1c:4d:3f:3f:93:cb:96:d9:cc:74:76:fa:97:3d:0d:8e: 5e:56:0e:ae:bd:10:4f:dd:2e:da:fc:4c:cf:aa:2e:ac:17:0e: e8:33:33:56:75:a5:b6:6a:91:d3:3e:60:2c:fe:2e:a8:65:45: 9b:53:b4:c3:de:04:b6:04:dc:f6:51:41:1a:49:af:f2:97:05: dd:8b:11:cf:a7:c2:74:0d:79:7c:5f:4c:ba:65:25:07:46:c6: dc:34:fe:32:cf:82:03:07:7f:a3:44:77:42:3f:2e:3f:38:84: 83:2d:a5:56 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICD8swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjgxMTkxMTAvBgNVBAUTKDUxM0REMzA4Q0Q3NTE0MjI3QUY1MUQ4MDVFNTU0MEE2 QTlGNUQzMzkwHhcNMjUwNDE2MTU0NjE5WhcNMjUwNDIzMTU0NjE5WjAYMRYwFAYD VQQDEw02N2ZmZDBjYi00NTc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvUdG1ff8YIt0NnmMUs0ofWPen09KlXsLNw4ZMIv6w2SrvJIIPxBTs57kqp6J ZTAB+9sLB2c1mXBE7IKsSIF3t8D2t783UnpYqOXDbtUDCQqNH9xl1O/X6rdEb/2p /RladmFOeuAFBadFvKcAItxgbOwdeB9WTJxVsWNCahWqNgHCwUdczUJW7P5nmK4y uiFodlKAzEP3bdWKSojspJgqyflZN9nvDzvlwGOeVB4+oESPearJWXIJgEKiUdOG hkslOI8yFSS2EyVX0FOhFN0K49I9GjsL2sLKloduq2SFyPAEBoAEeUs7xTAzRzbU eJhMBmrwu0kj5uq8w/h2yeScdQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHI8vURQ +/FBiSGKhDSp4Bwi7av6MB8GA1UdIwQYMBaAFFE90wjNdRQievUdgF5VQKap9dM5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGODExOS80RTJEN0EzODUx NDAxMUU5OEQ5ODNCNjFDNEY5QUUwMi9VVDNUQ00xMUZDSjY5UjJBWGxWQXBxbjEw emsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1VUM1RDTTExRkNKNjlSMkFYbFZBcHFuMTB6ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG ODExOS80RTJEN0EzODUxNDAxMUU5OEQ5ODNCNjFDNEY5QUUwMi9VVDNUQ00xMUZD SjY5UjJBWGxWQXBxbjEwemsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCYwcHMc2o5KWeWDoe5yGsvmYISVn3a38eTiuRRumflBFruIAqN+Aiy Gx4ahea0pDg6pOWXpH+z/YrqTEgXABH9hqyH+XI6ktz3KesUdNJslv3gWpDw0nxd 6IX7VY/+Ph5KFfwLpwl/PGxVAsAGVtZbov+2wCMcN4sBtc3q3r2kiDFF9NvAGDrk hEuVtDo0giHKIhxNPz+Ty5bZzHR2+pc9DY5eVg6uvRBP3S7a/EzPqi6sFw7oMzNW daW2apHTPmAs/i6oZUWbU7TD3gS2BNz2UUEaSa/ylwXdixHPp8J0DXl8X0y6ZSUH RsbcNP4yz4IDB3+jRHdCPy4/OISDLaVW -----END CERTIFICATE-----Generated at Thu Apr 17 09:35:40 2025 by rpki-client