$ rpki-client -vvf rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.mft File: -UBKpSTUNX4MzGnH1A0-ZqLk5t8.mft (raw, json) Hash identifier: cOmmevrr+vpiOjJZGQrS+rga3Z/3wklG3AM3+mKFZ5o= Subject key identifier: 71:71:33:A6:D8:7A:6C:37:2B:DC:68:CB:DE:C0:70:0D:9C:71:25:A0 Authority key identifier: F9:40:4A:A5:24:D4:35:7E:0C:CC:69:C7:D4:0D:3E:66:A2:E4:E6:DF Certificate issuer: /CN=A9170C53/serialNumber=F9404AA524D4357E0CCC69C7D40D3E66A2E4E6DF Certificate serial: 0136 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.mft Manifest number: 0135 Signing time: Sat 15 Feb 2025 05:03:43 +0000 Manifest this update: Sat 15 Feb 2025 05:03:42 +0000 Manifest next update: Sat 22 Feb 2025 05:03:42 +0000 Files and hashes: 1: -UBKpSTUNX4MzGnH1A0-ZqLk5t8.crl (hash: Fw1R2g3BUWErUbDWyN7gZlnnw3rNUeKzSQ2RaSaPXdA=) 2: C3BB51160DAC11EFB00E6B16C4F9AE02.roa (hash: qg93oWWTuAPTiOr/0YJ1p+8YAjeXzMdg4Ry+BJ5sjwQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.crl rsync://rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 310 (0x136) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170C53 Validity Not Before: Feb 15 05:03:42 2025 GMT Not After : Feb 22 05:03:42 2025 GMT Subject: CN=67b0202f-16bc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:c9:40:5c:97:a8:10:98:31:70:8e:9f:c4:33: 25:4b:f8:58:39:83:c6:7a:90:54:12:8a:57:76:5e: 23:c2:11:95:5e:8d:a6:ab:64:25:c1:32:d9:16:af: f5:f3:66:d3:99:ac:ba:6f:a7:7d:ce:32:d2:1d:25: 70:f1:45:3c:d7:eb:b0:51:71:53:d7:53:16:1f:82: d6:d2:ad:8c:83:30:0a:92:4e:f7:a5:91:83:28:11: 99:86:ee:75:7e:11:70:f4:df:00:78:84:dc:69:34: 87:37:7c:06:a9:72:e3:93:2a:93:8f:38:88:e1:c8: 12:5c:76:02:ea:6f:bc:28:99:1f:47:47:eb:22:43: e3:50:29:13:e3:fd:05:73:77:6c:d5:04:71:b5:80: 94:01:f6:a1:4a:6f:10:3e:cf:f1:99:dd:69:49:ed: 3a:02:2a:56:60:d3:32:02:82:3c:21:9b:db:1f:50: ce:65:cc:a8:77:9b:a0:46:1a:2a:36:a2:0d:29:41: 24:cb:87:d0:89:b6:5f:01:52:01:67:1f:fa:bf:ef: 16:f7:3a:3b:ca:a4:dc:04:e4:60:12:74:12:7a:18: 9c:7c:7b:8e:f8:70:d8:29:6a:6d:64:9b:ef:11:90: e1:16:ac:0c:a6:95:18:f9:ca:c3:12:d4:8a:75:f8: ee:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:71:33:A6:D8:7A:6C:37:2B:DC:68:CB:DE:C0:70:0D:9C:71:25:A0 X509v3 Authority Key Identifier: keyid:F9:40:4A:A5:24:D4:35:7E:0C:CC:69:C7:D4:0D:3E:66:A2:E4:E6:DF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c3:bd:68:02:48:82:1b:94:f7:26:aa:14:80:a1:f0:98:29:a3: ad:35:71:8e:cb:49:41:2f:11:3e:7b:62:68:b5:94:aa:25:f7: 91:ae:09:83:fd:03:01:43:95:07:98:60:be:94:0c:d3:60:2a: aa:1c:7a:a8:71:c6:38:87:a3:6b:c9:ef:31:5c:37:22:b4:63: fb:39:54:00:5c:b8:c5:eb:66:d7:ff:f0:97:8f:b7:58:e3:de: 7a:a3:78:e5:2a:8d:b5:7a:0c:66:3b:70:c7:7b:be:2e:2b:80: 68:c9:f7:90:89:23:89:d0:63:57:35:aa:81:9d:3e:a7:24:4d: 45:34:a9:02:9d:d4:6b:b9:dd:04:ca:68:be:32:68:e1:39:05: 7d:21:d0:cb:d7:6a:62:39:e0:95:10:9a:4d:c2:e8:72:54:4e: d2:b0:25:66:07:85:11:19:52:fa:68:b9:18:35:d7:5d:20:5e: 00:d2:52:5f:78:07:aa:82:fc:61:53:3a:e4:e7:3e:90:b8:fd: cc:6a:84:c1:89:89:23:e9:6b:dd:74:3b:ae:4a:37:97:9e:7b: c3:c8:95:2d:52:00:bf:85:89:aa:33:71:22:6a:35:c4:cb:f0: 14:24:cd:b3:52:42:a3:7b:57:5c:d2:d1:ff:f7:d1:a4:66:a3: 1f:05:4e:47 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICATYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzBDNTMxMTAvBgNVBAUTKEY5NDA0QUE1MjRENDM1N0UwQ0NDNjlDN0Q0MEQzRTY2 QTJFNEU2REYwHhcNMjUwMjE1MDUwMzQyWhcNMjUwMjIyMDUwMzQyWjAYMRYwFAYD VQQDEw02N2IwMjAyZi0xNmJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyclAXJeoEJgxcI6fxDMlS/hYOYPGepBUEopXdl4jwhGVXo2mq2QlwTLZFq/1 82bTmay6b6d9zjLSHSVw8UU81+uwUXFT11MWH4LW0q2MgzAKkk73pZGDKBGZhu51 fhFw9N8AeITcaTSHN3wGqXLjkyqTjziI4cgSXHYC6m+8KJkfR0frIkPjUCkT4/0F c3ds1QRxtYCUAfahSm8QPs/xmd1pSe06AipWYNMyAoI8IZvbH1DOZcyod5ugRhoq NqINKUEky4fQibZfAVIBZx/6v+8W9zo7yqTcBORgEnQSehicfHuO+HDYKWptZJvv EZDhFqwMppUY+crDEtSKdfjuTQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHFxM6bY emw3K9xoy97AcA2ccSWgMB8GA1UdIwQYMBaAFPlASqUk1DV+DMxpx9QNPmai5Obf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MEM1My9EQjYzQzlBMjEx NzYxMUVFOUM1NTlBM0VDNEY5QUUwMi8tVUJLcFNUVU5YNE16R25IMUEwLVpxTGs1 dDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLy1VQktwU1RVTlg0TXpHbkgxQTAtWnFMazV0OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MEM1My9EQjYzQzlBMjExNzYxMUVFOUM1NTlBM0VDNEY5QUUwMi8tVUJLcFNUVU5Y NE16R25IMUEwLVpxTGs1dDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDDvWgCSIIblPcmqhSAofCYKaOtNXGOy0lBLxE+e2JotZSqJfeRrgmD /QMBQ5UHmGC+lAzTYCqqHHqoccY4h6Nrye8xXDcitGP7OVQAXLjF62bX//CXj7dY 4956o3jlKo21egxmO3DHe74uK4BoyfeQiSOJ0GNXNaqBnT6nJE1FNKkCndRrud0E ymi+MmjhOQV9IdDL12piOeCVEJpNwuhyVE7SsCVmB4URGVL6aLkYNdddIF4A0lJf eAeqgvxhUzrk5z6QuP3MaoTBiYkj6WvddDuuSjeXnnvDyJUtUgC/hYmqM3EiajXE y/AUJM2zUkKje1dc0tH/99GkZqMfBU5H -----END CERTIFICATE-----Generated at Sun Feb 16 15:54:49 2025 by rpki-client