$ rpki-client -vvf rpki.apnic.net/member_repository/A9195A3D/69EFCDD26EC211EC878A102BC4F9AE02/uCJfHrhnZkfDWdvBEL_u3rRP1eg.mft File: uCJfHrhnZkfDWdvBEL_u3rRP1eg.mft (raw, json) Hash identifier: QoAREIdTILTS6/Y8BAo32ffHQopogYj+EtMJ3DiFssA= Subject key identifier: 06:67:AE:31:2F:D6:3C:F8:7F:D8:3C:89:6F:BE:D7:C6:5C:2B:F9:FF Authority key identifier: B8:22:5F:1E:B8:67:66:47:C3:59:DB:C1:10:BF:EE:DE:B4:4F:D5:E8 Certificate issuer: /CN=A9195A3D/serialNumber=B8225F1EB8676647C359DBC110BFEEDEB44FD5E8 Certificate serial: 040E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uCJfHrhnZkfDWdvBEL_u3rRP1eg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9195A3D/69EFCDD26EC211EC878A102BC4F9AE02/uCJfHrhnZkfDWdvBEL_u3rRP1eg.mft Manifest number: 040A Signing time: Sat 31 May 2025 00:37:18 +0000 Manifest this update: Sat 31 May 2025 00:37:17 +0000 Manifest next update: Sat 07 Jun 2025 00:37:17 +0000 Files and hashes: 1: uCJfHrhnZkfDWdvBEL_u3rRP1eg.crl (hash: 4O05Ca59eNUCVPR77woS9RFkEGNq2ow8GBQimqgr7GM=) 2: 5AFB85086EC411ECB8E7492BC4F9AE02.roa (hash: oUra7O+qGlxXyvA9M/ITxDdx10bLDrqiVyv7cNbRzSo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9195A3D/69EFCDD26EC211EC878A102BC4F9AE02/uCJfHrhnZkfDWdvBEL_u3rRP1eg.crl rsync://rpki.apnic.net/member_repository/A9195A3D/69EFCDD26EC211EC878A102BC4F9AE02/uCJfHrhnZkfDWdvBEL_u3rRP1eg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uCJfHrhnZkfDWdvBEL_u3rRP1eg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 00:37:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1038 (0x40e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9195A3D, serialNumber=B8225F1EB8676647C359DBC110BFEEDEB44FD5E8 Validity Not Before: May 31 00:37:17 2025 GMT Not After : Jun 7 00:37:17 2025 GMT Subject: CN=683a4f3d-223a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:44:e9:c6:16:eb:eb:1f:c5:f0:92:ca:fd:d4: e9:43:c4:b1:dd:72:f6:b1:46:38:a9:06:cd:1d:96: b4:d2:c8:d9:90:38:d6:78:db:13:d7:aa:3d:81:ed: 72:d8:12:60:50:1e:44:0e:18:5a:9d:e8:e1:51:18: b5:3c:e0:1a:5d:c4:7e:ae:40:39:21:04:f6:fd:be: b2:1e:bc:28:ef:5c:bc:62:25:0c:7b:8f:0f:2a:70: 7e:ad:a8:a9:2a:31:2b:72:97:03:13:8e:ec:38:0a: 0d:f4:e9:5d:28:e0:ea:39:18:a9:11:40:dc:99:0a: d7:5b:df:ef:17:46:00:ca:3d:ed:35:82:a1:fa:0e: 3c:0f:9b:39:72:ae:95:2a:dc:9e:03:1c:77:35:f2: f2:bb:44:a6:4c:74:a6:d3:72:93:8b:f2:d3:99:ba: f6:e4:d4:52:ca:5e:f8:34:01:dd:41:e0:85:9a:d5: 79:09:c4:f6:5c:c4:ff:21:12:9b:f8:1f:8d:29:1e: 6d:1c:2e:69:6d:78:1b:aa:2d:30:5c:01:73:57:2e: e8:4d:87:f6:51:35:78:63:5b:e7:f3:b3:64:ac:60: 96:8a:2d:95:c7:35:da:db:d8:8b:23:1e:19:2c:1d: 00:51:16:b7:49:3d:ca:63:91:62:10:72:36:0e:15: 6d:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:67:AE:31:2F:D6:3C:F8:7F:D8:3C:89:6F:BE:D7:C6:5C:2B:F9:FF X509v3 Authority Key Identifier: keyid:B8:22:5F:1E:B8:67:66:47:C3:59:DB:C1:10:BF:EE:DE:B4:4F:D5:E8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9195A3D/69EFCDD26EC211EC878A102BC4F9AE02/uCJfHrhnZkfDWdvBEL_u3rRP1eg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uCJfHrhnZkfDWdvBEL_u3rRP1eg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9195A3D/69EFCDD26EC211EC878A102BC4F9AE02/uCJfHrhnZkfDWdvBEL_u3rRP1eg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 42:ae:40:f1:d4:98:8c:d4:eb:13:ac:aa:4e:c9:dc:1d:16:22: 22:a6:9c:99:d1:45:50:8f:5f:ee:8c:08:e2:84:16:08:e5:69: 20:76:5e:da:3e:3e:a5:c0:ff:be:41:94:d0:01:32:fc:88:77: d0:77:63:d6:30:5d:51:6f:0a:50:a1:41:75:4e:1e:fb:12:96: 24:54:67:f6:01:f8:35:6f:65:f5:99:32:1c:cd:ff:97:43:30: 13:49:86:b0:f1:b3:2a:4b:5d:1d:5c:a1:32:bc:22:de:84:0c: 03:63:81:75:fb:9a:97:2e:3d:24:87:ae:17:6b:bb:1b:17:d4: d6:89:53:e3:33:03:ac:aa:24:dc:c8:3c:03:d1:27:8b:a8:82: 0a:a2:6b:80:7b:3e:5b:77:10:da:46:b4:39:19:af:99:80:64: 99:ea:09:e3:34:91:f8:d7:d3:4c:f9:28:8c:ea:a4:0d:d9:85: af:83:a0:db:74:5a:5f:a6:8b:50:f3:9c:44:e3:b6:12:0f:80: 85:18:bc:46:b5:5d:fa:a0:75:45:82:a0:4c:3f:e1:1c:51:e5: 54:a1:93:c4:83:2f:ec:0f:d1:6e:6c:2a:29:ad:de:4f:4a:67: 65:41:84:21:50:55:d8:24:a4:13:7b:25:4d:74:fc:ab:f4:00: 18:c3:d3:ec -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBA4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTVBM0QxMTAvBgNVBAUTKEI4MjI1RjFFQjg2NzY2NDdDMzU5REJDMTEwQkZFRURF QjQ0RkQ1RTgwHhcNMjUwNTMxMDAzNzE3WhcNMjUwNjA3MDAzNzE3WjAYMRYwFAYD VQQDEw02ODNhNGYzZC0yMjNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3ETpxhbr6x/F8JLK/dTpQ8Sx3XL2sUY4qQbNHZa00sjZkDjWeNsT16o9ge1y 2BJgUB5EDhhanejhURi1POAaXcR+rkA5IQT2/b6yHrwo71y8YiUMe48PKnB+raip KjErcpcDE47sOAoN9OldKODqORipEUDcmQrXW9/vF0YAyj3tNYKh+g48D5s5cq6V KtyeAxx3NfLyu0SmTHSm03KTi/LTmbr25NRSyl74NAHdQeCFmtV5CcT2XMT/IRKb +B+NKR5tHC5pbXgbqi0wXAFzVy7oTYf2UTV4Y1vn87NkrGCWii2VxzXa29iLIx4Z LB0AURa3ST3KY5FiEHI2DhVtmQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAZnrjEv 1jz4f9g8iW++18ZcK/n/MB8GA1UdIwQYMBaAFLgiXx64Z2ZHw1nbwRC/7t60T9Xo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NUEzRC82OUVGQ0REMjZF QzIxMUVDODc4QTEwMkJDNEY5QUUwMi91Q0pmSHJoblprZkRXZHZCRUxfdTNyUlAx ZWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3VDSmZIcmhuWmtmRFdkdkJFTF91M3JSUDFlZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NUEzRC82OUVGQ0REMjZFQzIxMUVDODc4QTEwMkJDNEY5QUUwMi91Q0pmSHJoblpr ZkRXZHZCRUxfdTNyUlAxZWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBCrkDx1JiM1OsTrKpOydwdFiIippyZ0UVQj1/ujAjihBYI5Wkgdl7a Pj6lwP++QZTQATL8iHfQd2PWMF1RbwpQoUF1Th77EpYkVGf2Afg1b2X1mTIczf+X QzATSYaw8bMqS10dXKEyvCLehAwDY4F1+5qXLj0kh64Xa7sbF9TWiVPjMwOsqiTc yDwD0SeLqIIKomuAez5bdxDaRrQ5Ga+ZgGSZ6gnjNJH419NM+SiM6qQN2YWvg6Db dFpfpotQ85xE47YSD4CFGLxGtV36oHVFgqBMP+EcUeVUoZPEgy/sD9FubCoprd5P SmdlQYQhUFXYJKQTeyVNdPyr9AAYw9Ps -----END CERTIFICATE-----Generated at Sat May 31 15:23:09 2025 by rpki-client