$ rpki-client -vvf rpki.apnic.net/member_repository/A916EB98/B0FC35DC2ACA11EA87562740C4F9AE02/U3pyvmM5N4xMTSlwK-12dczMFGo.mft File: U3pyvmM5N4xMTSlwK-12dczMFGo.mft (raw, json) Hash identifier: 9FqFh7SbANntl4p7SrWT+8k5fH0D9bL+Mob64HdbhYI= Subject key identifier: 32:FF:25:0A:60:4A:8F:A7:3E:A9:78:30:FE:E6:D9:19:7B:7B:DD:46 Authority key identifier: 53:7A:72:BE:63:39:37:8C:4C:4D:29:70:2B:ED:76:75:CC:CC:14:6A Certificate issuer: /CN=A916EB98/serialNumber=537A72BE6339378C4C4D29702BED7675CCCC146A Certificate serial: 0B86 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3pyvmM5N4xMTSlwK-12dczMFGo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916EB98/B0FC35DC2ACA11EA87562740C4F9AE02/U3pyvmM5N4xMTSlwK-12dczMFGo.mft Manifest number: 0B7F Signing time: Fri 30 May 2025 19:14:07 +0000 Manifest this update: Fri 30 May 2025 19:14:06 +0000 Manifest next update: Fri 06 Jun 2025 19:14:06 +0000 Files and hashes: 1: U3pyvmM5N4xMTSlwK-12dczMFGo.crl (hash: TdTFuAUjK86VBKkgKZeUHJsFr94YE7QJcTI8+28wrOU=) 2: DD716A222ACC11EAAB36B444C4F9AE02.roa (hash: 9YLAXbZ28k13vNilzcTMcnMd0WVPI4XdwJeol/Aq30I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916EB98/B0FC35DC2ACA11EA87562740C4F9AE02/U3pyvmM5N4xMTSlwK-12dczMFGo.crl rsync://rpki.apnic.net/member_repository/A916EB98/B0FC35DC2ACA11EA87562740C4F9AE02/U3pyvmM5N4xMTSlwK-12dczMFGo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3pyvmM5N4xMTSlwK-12dczMFGo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 19:14:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2950 (0xb86) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916EB98, serialNumber=537A72BE6339378C4C4D29702BED7675CCCC146A Validity Not Before: May 30 19:14:06 2025 GMT Not After : Jun 6 19:14:06 2025 GMT Subject: CN=683a037f-ab51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:82:5b:68:a0:f2:34:91:5a:6d:68:e3:d9:c3: 19:f3:98:46:b4:7b:38:ec:88:37:b2:36:84:58:94: 5d:da:cc:f7:f3:04:e0:92:dd:fb:fc:3a:e7:48:b6: 25:84:ec:1e:6c:b1:d6:13:18:23:57:7f:f9:9a:04: 52:4b:61:71:09:91:25:cd:f2:0c:48:ae:a8:04:89: 0b:61:57:f7:b1:14:b3:c4:5b:03:10:24:12:ef:07: 91:e1:e5:70:11:50:42:cd:12:72:79:c9:22:ec:b9: db:48:e1:3d:97:a0:24:45:72:c6:7a:4d:d9:57:c3: 4a:68:fc:3d:f9:89:99:80:20:12:4b:d7:70:2c:6d: 1d:1f:31:b7:a3:d9:e7:74:5d:bd:b1:7e:9e:2c:78: eb:83:d9:ee:c1:94:64:d9:53:03:e0:09:f0:87:19: bf:86:60:12:a9:4c:b7:75:14:0d:f5:24:57:12:eb: e0:7d:90:00:cf:fa:03:22:44:91:44:fd:50:7d:d5: 24:0a:b5:6a:3b:1e:f9:4e:e1:ea:8f:37:04:06:b3: 99:98:90:b1:0a:13:3b:b1:1d:84:67:ca:29:90:6c: 98:cc:15:af:73:e3:30:d1:f6:97:77:a1:a8:02:2d: 32:ae:ea:bc:97:55:da:d3:08:db:3f:35:bb:ef:ff: 0a:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:FF:25:0A:60:4A:8F:A7:3E:A9:78:30:FE:E6:D9:19:7B:7B:DD:46 X509v3 Authority Key Identifier: keyid:53:7A:72:BE:63:39:37:8C:4C:4D:29:70:2B:ED:76:75:CC:CC:14:6A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916EB98/B0FC35DC2ACA11EA87562740C4F9AE02/U3pyvmM5N4xMTSlwK-12dczMFGo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3pyvmM5N4xMTSlwK-12dczMFGo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916EB98/B0FC35DC2ACA11EA87562740C4F9AE02/U3pyvmM5N4xMTSlwK-12dczMFGo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5e:77:d7:ae:81:19:90:45:c5:b2:6f:30:20:85:f0:0b:77:01: 9b:40:58:75:8f:46:1c:f9:bd:8c:61:de:62:02:80:64:5e:46: 44:07:e9:f6:66:9f:c7:48:80:11:51:21:38:e8:0f:73:3a:23: 35:bd:0e:97:cb:75:2d:ce:63:e8:58:61:40:dd:4f:1c:86:31: d4:73:eb:ef:4d:27:6e:c7:50:cf:fc:b1:09:04:b3:17:ed:3b: 18:ca:16:59:ef:02:db:72:84:26:72:b3:a2:b0:1d:c9:43:63: 7a:99:93:04:20:02:eb:36:95:5d:61:94:70:b0:5f:f7:64:1f: fe:61:2e:b4:f7:73:c0:91:f0:09:83:17:25:c5:8d:48:f2:44: 8e:4a:94:63:e0:d6:9e:9e:fc:9a:ed:58:51:0b:fb:76:b4:30: ec:6e:fa:c7:71:18:53:96:39:bc:72:4f:1a:b8:20:3b:70:ea: 3d:4d:16:cf:5c:74:26:29:9f:0f:6e:f4:12:3d:64:87:6f:ad: 7b:f1:e9:3c:c4:ca:6c:a1:6e:14:c0:09:c1:1e:4a:64:47:d4: 56:cd:8e:3c:91:2e:a2:5a:6b:73:a2:64:97:50:b9:83:8b:b7: cb:ee:f9:36:ac:d0:9f:1a:86:10:db:10:33:26:2b:c1:13:18: 77:18:d6:8a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC4YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkVCOTgxMTAvBgNVBAUTKDUzN0E3MkJFNjMzOTM3OEM0QzREMjk3MDJCRUQ3Njc1 Q0NDQzE0NkEwHhcNMjUwNTMwMTkxNDA2WhcNMjUwNjA2MTkxNDA2WjAYMRYwFAYD VQQDEw02ODNhMDM3Zi1hYjUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxYJbaKDyNJFabWjj2cMZ85hGtHs47Ig3sjaEWJRd2sz38wTgkt37/DrnSLYl hOwebLHWExgjV3/5mgRSS2FxCZElzfIMSK6oBIkLYVf3sRSzxFsDECQS7weR4eVw EVBCzRJyecki7LnbSOE9l6AkRXLGek3ZV8NKaPw9+YmZgCASS9dwLG0dHzG3o9nn dF29sX6eLHjrg9nuwZRk2VMD4Anwhxm/hmASqUy3dRQN9SRXEuvgfZAAz/oDIkSR RP1QfdUkCrVqOx75TuHqjzcEBrOZmJCxChM7sR2EZ8opkGyYzBWvc+Mw0faXd6Go Ai0yruq8l1Xa0wjbPzW77/8KYwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDL/JQpg So+nPql4MP7m2Rl7e91GMB8GA1UdIwQYMBaAFFN6cr5jOTeMTE0pcCvtdnXMzBRq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RUI5OC9CMEZDMzVEQzJB Q0ExMUVBODc1NjI3NDBDNEY5QUUwMi9VM3B5dm1NNU40eE1UU2x3Sy0xMmRjek1G R28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1UzcHl2bU01TjR4TVRTbHdLLTEyZGN6TUZHby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 RUI5OC9CMEZDMzVEQzJBQ0ExMUVBODc1NjI3NDBDNEY5QUUwMi9VM3B5dm1NNU40 eE1UU2x3Sy0xMmRjek1GR28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBed9eugRmQRcWybzAghfALdwGbQFh1j0Yc+b2MYd5iAoBkXkZEB+n2 Zp/HSIARUSE46A9zOiM1vQ6Xy3UtzmPoWGFA3U8chjHUc+vvTSdux1DP/LEJBLMX 7TsYyhZZ7wLbcoQmcrOisB3JQ2N6mZMEIALrNpVdYZRwsF/3ZB/+YS6093PAkfAJ gxclxY1I8kSOSpRj4Naenvya7VhRC/t2tDDsbvrHcRhTljm8ck8auCA7cOo9TRbP XHQmKZ8PbvQSPWSHb6178ek8xMpsoW4UwAnBHkpkR9RWzY48kS6iWmtzomSXULmD i7fL7vk2rNCfGoYQ2xAzJivBExh3GNaK -----END CERTIFICATE-----Generated at Sat May 31 16:26:57 2025 by rpki-client