$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8119/4E2D7A38514011E98D983B61C4F9AE02/UT3TCM11FCJ69R2AXlVApqn10zk.mft File: UT3TCM11FCJ69R2AXlVApqn10zk.mft (raw, json) Hash identifier: 07Lr2cZfo7b/L2JRKlxbn6m+Ktd2o2N/Q+gmDiD0pUw= Subject key identifier: E8:52:90:56:32:5B:61:E9:81:9C:77:41:7C:A2:6D:3B:8C:81:7E:86 Authority key identifier: 51:3D:D3:08:CD:75:14:22:7A:F5:1D:80:5E:55:40:A6:A9:F5:D3:39 Certificate issuer: /CN=A91F8119/serialNumber=513DD308CD7514227AF51D805E5540A6A9F5D339 Certificate serial: 0FAC Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/UT3TCM11FCJ69R2AXlVApqn10zk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F8119/4E2D7A38514011E98D983B61C4F9AE02/UT3TCM11FCJ69R2AXlVApqn10zk.mft Manifest number: 0FA5 Signing time: Fri 14 Feb 2025 16:03:22 +0000 Manifest this update: Fri 14 Feb 2025 16:03:22 +0000 Manifest next update: Fri 21 Feb 2025 16:03:22 +0000 Files and hashes: 1: UT3TCM11FCJ69R2AXlVApqn10zk.crl (hash: Mlxsti4h9QzPEwdA2tVLimENc1ZDkScfpei7aliCTO4=) 2: 8BCB105015EA11EC86834E2FC4F9AE02.roa (hash: OwotHwrsvHfL9c2xwdii3HVlS9hQiSq8fqoBsWtp67U=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F8119/4E2D7A38514011E98D983B61C4F9AE02/UT3TCM11FCJ69R2AXlVApqn10zk.crl rsync://rpki.apnic.net/member_repository/A91F8119/4E2D7A38514011E98D983B61C4F9AE02/UT3TCM11FCJ69R2AXlVApqn10zk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/UT3TCM11FCJ69R2AXlVApqn10zk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4012 (0xfac) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F8119 Validity Not Before: Feb 14 16:03:22 2025 GMT Not After : Feb 21 16:03:22 2025 GMT Subject: CN=67af694a-2413 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:98:5d:e6:a8:96:10:1d:45:3c:37:76:e1:d5: 35:f8:6c:29:17:c6:e4:91:48:f0:a5:df:6f:02:db: 00:18:4e:8e:23:7c:f6:20:04:2c:42:55:e4:b9:a9: b9:da:53:53:98:29:cd:e4:14:40:57:ac:c8:18:9b: 04:94:db:ea:89:54:84:24:cb:11:d1:ec:d5:a7:83: 7f:a4:4b:84:ad:72:5d:e8:10:86:4b:0b:27:c3:9d: 65:9e:68:f7:4f:92:b0:b4:7c:b5:b6:d5:aa:dd:dc: 28:f3:18:3b:a3:ad:72:e3:d4:99:e1:02:2b:6f:21: 62:90:5e:14:10:64:34:e7:9e:68:61:fa:83:b1:ac: 27:c3:86:9b:58:66:83:5d:1a:1b:d8:3e:f3:dc:a4: f7:b3:45:90:e0:48:28:27:90:81:cb:2f:3d:44:c5: b3:e5:f0:b2:41:72:13:16:27:cb:19:94:4f:a5:dd: d5:3e:8d:c8:4e:19:5e:79:b8:4a:cd:a4:0c:a3:a2: 8b:99:03:58:8d:59:cd:d8:ed:92:84:11:ce:0f:87: 67:cf:85:44:79:67:dc:db:40:57:ba:2b:e6:81:0f: 0b:51:db:7c:8e:d4:12:54:be:90:8c:82:43:97:c9: 04:38:f9:7e:84:fa:6c:53:79:a2:bc:ae:98:ef:d2: 03:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:52:90:56:32:5B:61:E9:81:9C:77:41:7C:A2:6D:3B:8C:81:7E:86 X509v3 Authority Key Identifier: keyid:51:3D:D3:08:CD:75:14:22:7A:F5:1D:80:5E:55:40:A6:A9:F5:D3:39 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F8119/4E2D7A38514011E98D983B61C4F9AE02/UT3TCM11FCJ69R2AXlVApqn10zk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/UT3TCM11FCJ69R2AXlVApqn10zk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8119/4E2D7A38514011E98D983B61C4F9AE02/UT3TCM11FCJ69R2AXlVApqn10zk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 80:b6:d7:65:74:83:9c:c1:23:e9:06:18:de:fe:a1:c4:d7:65: 28:e9:9b:82:b3:3f:11:0b:94:f5:ff:5b:9a:50:91:14:55:40: e4:dd:3b:23:f9:ec:7a:7d:90:47:c0:99:c0:72:a3:cf:1e:fe: 60:bc:1f:eb:6f:6d:fe:1c:f3:c3:de:c7:09:dd:09:94:a2:00: 04:97:95:09:c2:db:22:48:ee:28:06:6f:4e:d0:ad:2c:0a:ec: 2a:6d:21:0a:9e:78:35:1a:4f:00:bc:34:39:c7:42:cb:1d:7c: d4:f2:ff:35:ff:47:bf:f2:bf:3b:df:43:9c:bc:7a:9a:60:dc: 1f:f3:7b:b4:07:a1:39:b0:9b:42:f5:43:c7:07:f0:b4:1b:cc: f9:49:7f:c5:9d:c9:f6:a7:c1:80:29:0f:e0:88:0f:cb:fb:1e: 1c:f7:43:1d:63:57:92:5c:1e:40:99:dc:3a:fa:40:bf:67:78: 80:4b:b0:f0:92:3e:17:25:bf:da:ed:21:9d:04:45:d2:b0:61: 90:2c:e7:76:11:de:2c:6b:0e:c1:2a:93:da:05:6a:48:94:be: 7c:62:f9:a5:88:11:67:8a:75:ba:c1:01:1b:2f:9f:99:9d:bf: e7:10:c4:ef:ad:d9:9a:bd:6c:4d:ea:e4:75:18:c0:fe:3c:7e: 7e:cd:df:ac -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICD6wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjgxMTkxMTAvBgNVBAUTKDUxM0REMzA4Q0Q3NTE0MjI3QUY1MUQ4MDVFNTU0MEE2 QTlGNUQzMzkwHhcNMjUwMjE0MTYwMzIyWhcNMjUwMjIxMTYwMzIyWjAYMRYwFAYD VQQDEw02N2FmNjk0YS0yNDEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3Zhd5qiWEB1FPDd24dU1+GwpF8bkkUjwpd9vAtsAGE6OI3z2IAQsQlXkuam5 2lNTmCnN5BRAV6zIGJsElNvqiVSEJMsR0ezVp4N/pEuErXJd6BCGSwsnw51lnmj3 T5KwtHy1ttWq3dwo8xg7o61y49SZ4QIrbyFikF4UEGQ0555oYfqDsawnw4abWGaD XRob2D7z3KT3s0WQ4EgoJ5CByy89RMWz5fCyQXITFifLGZRPpd3VPo3IThleebhK zaQMo6KLmQNYjVnN2O2ShBHOD4dnz4VEeWfc20BXuivmgQ8LUdt8jtQSVL6QjIJD l8kEOPl+hPpsU3mivK6Y79ID/wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOhSkFYy W2HpgZx3QXyibTuMgX6GMB8GA1UdIwQYMBaAFFE90wjNdRQievUdgF5VQKap9dM5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGODExOS80RTJEN0EzODUx NDAxMUU5OEQ5ODNCNjFDNEY5QUUwMi9VVDNUQ00xMUZDSjY5UjJBWGxWQXBxbjEw emsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1VUM1RDTTExRkNKNjlSMkFYbFZBcHFuMTB6ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG ODExOS80RTJEN0EzODUxNDAxMUU5OEQ5ODNCNjFDNEY5QUUwMi9VVDNUQ00xMUZD SjY5UjJBWGxWQXBxbjEwemsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCAttdldIOcwSPpBhje/qHE12Uo6ZuCsz8RC5T1/1uaUJEUVUDk3Tsj +ex6fZBHwJnAcqPPHv5gvB/rb23+HPPD3scJ3QmUogAEl5UJwtsiSO4oBm9O0K0s CuwqbSEKnng1Gk8AvDQ5x0LLHXzU8v81/0e/8r8730OcvHqaYNwf83u0B6E5sJtC 9UPHB/C0G8z5SX/Fncn2p8GAKQ/giA/L+x4c90MdY1eSXB5Amdw6+kC/Z3iAS7Dw kj4XJb/a7SGdBEXSsGGQLOd2Ed4saw7BKpPaBWpIlL58YvmliBFninW6wQEbL5+Z nb/nEMTvrdmavWxN6uR1GMD+PH5+zd+s -----END CERTIFICATE-----Generated at Sun Feb 16 15:52:55 2025 by rpki-client