$ rpki-client -vvf rpki.apnic.net/member_repository/A9125C3D/2323FD8000D711EE93CB0F7EC4F9AE02/U2uRsXtuG7FjjINYoPpepdDr77c.mft File: U2uRsXtuG7FjjINYoPpepdDr77c.mft (raw, json) Hash identifier: qm0CbauHVCx9riAQcgG4QCDXDPeVRe0rMVlYG2gXrtQ= Subject key identifier: 8E:A6:87:A1:70:2D:D0:AF:FB:C3:F4:96:30:87:34:68:4D:D9:27:56 Authority key identifier: 53:6B:91:B1:7B:6E:1B:B1:63:8C:83:58:A0:FA:5E:A5:D0:EB:EF:B7 Certificate issuer: /CN=A9125C3D/serialNumber=536B91B17B6E1BB1638C8358A0FA5EA5D0EBEFB7 Certificate serial: 0174 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U2uRsXtuG7FjjINYoPpepdDr77c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9125C3D/2323FD8000D711EE93CB0F7EC4F9AE02/U2uRsXtuG7FjjINYoPpepdDr77c.mft Manifest number: 0171 Signing time: Tue 13 May 2025 00:42:54 +0000 Manifest this update: Tue 13 May 2025 00:42:54 +0000 Manifest next update: Tue 20 May 2025 00:42:54 +0000 Files and hashes: 1: U2uRsXtuG7FjjINYoPpepdDr77c.crl (hash: KekRSBnCWcHinGB/HtOUmAw9NJJgg7NAlul2powqj5E=) 2: 234074FA00DD11EE95AF6F7CC4F9AE02.roa (hash: vudAIhef5Qu3uhKZwtVnPdKYRITi3gAfCU8Ph/yVQYE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9125C3D/2323FD8000D711EE93CB0F7EC4F9AE02/U2uRsXtuG7FjjINYoPpepdDr77c.crl rsync://rpki.apnic.net/member_repository/A9125C3D/2323FD8000D711EE93CB0F7EC4F9AE02/U2uRsXtuG7FjjINYoPpepdDr77c.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U2uRsXtuG7FjjINYoPpepdDr77c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 00:42:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 372 (0x174) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9125C3D, serialNumber=536B91B17B6E1BB1638C8358A0FA5EA5D0EBEFB7 Validity Not Before: May 13 00:42:54 2025 GMT Not After : May 20 00:42:54 2025 GMT Subject: CN=6822958e-ecd0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:ff:ca:ad:9e:67:f0:1b:87:fa:76:6f:9e:7e: 6c:85:af:ee:34:bd:74:d2:3d:02:c2:af:e0:a1:a9: 26:04:46:01:b5:ee:7c:fb:70:54:d8:7e:84:00:47: 75:7c:95:b5:c8:fa:15:85:8c:9e:65:f8:8c:66:37: c3:d5:2e:38:fe:76:46:9b:c3:78:bf:14:b1:63:0b: 16:9a:f2:d6:e6:06:1c:54:b5:bb:f0:d1:6f:83:dc: e1:15:b0:22:cb:3b:90:b3:c3:95:67:3b:c9:72:a3: 41:ed:28:6c:6d:f2:fa:5e:8d:00:9d:00:26:fb:f5: 9a:f3:06:6e:55:f7:c0:28:8e:f7:a4:b5:e9:96:ca: 1f:fa:ed:2f:ea:e2:ad:e6:8b:55:81:71:c9:86:e4: cd:14:d3:b4:5a:9d:b4:38:57:53:5d:5c:69:82:c5: 01:aa:ae:cb:3f:87:b3:0e:cb:22:e5:85:f9:5c:9b: 4d:f7:af:3b:5e:49:b6:1e:6f:b5:4e:3f:b4:b7:93: a9:40:1d:90:95:9a:8b:41:68:6b:5e:63:17:ad:bd: c6:f2:97:46:23:5e:1e:87:b0:71:64:ba:59:f1:63: 63:5e:ef:0b:03:44:09:05:1e:b8:cf:49:07:ca:35: 59:49:2c:49:77:a0:2c:be:51:18:ac:5d:03:dc:49: e7:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:A6:87:A1:70:2D:D0:AF:FB:C3:F4:96:30:87:34:68:4D:D9:27:56 X509v3 Authority Key Identifier: keyid:53:6B:91:B1:7B:6E:1B:B1:63:8C:83:58:A0:FA:5E:A5:D0:EB:EF:B7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9125C3D/2323FD8000D711EE93CB0F7EC4F9AE02/U2uRsXtuG7FjjINYoPpepdDr77c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U2uRsXtuG7FjjINYoPpepdDr77c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125C3D/2323FD8000D711EE93CB0F7EC4F9AE02/U2uRsXtuG7FjjINYoPpepdDr77c.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 18:90:e9:c1:81:48:5d:f7:38:7c:45:99:5a:58:d4:0d:ef:77: 3b:c0:52:bc:e7:20:c6:70:26:d1:44:e9:ed:f6:67:15:12:d2: 6f:fa:2e:e4:bb:bd:12:6f:13:3a:a2:97:aa:11:dd:b3:84:ee: 47:54:49:9e:2e:29:b8:c0:44:21:02:2f:07:46:f4:f3:4b:9e: 37:a1:d7:02:64:96:b3:f6:bd:f2:ca:fd:54:cb:c0:e2:d9:3e: 6a:6c:78:64:ae:4e:cb:f6:7a:7b:e3:25:92:7d:35:0e:a2:1b: 28:ec:3a:bb:e4:2d:45:06:9d:c1:56:d6:9f:51:76:df:32:d9: fb:74:a5:fb:01:8c:53:48:11:03:88:77:95:83:14:ca:0b:6e: 98:25:45:a8:dc:b2:3a:59:33:12:e5:d9:2d:6c:47:bb:bc:f6: 2c:ad:86:9c:16:a2:9b:b7:03:df:4f:b3:ee:57:ea:3a:52:62: 49:3a:d2:39:49:ba:ec:11:98:20:80:b2:67:0b:c1:fb:04:93: 3b:72:91:55:ee:1a:80:a2:1a:d9:b5:0b:69:a7:87:8a:14:ab: d2:a3:c6:dd:24:f8:7f:3c:61:b8:cc:cc:46:5f:09:c8:40:68: 7e:95:a1:af:3b:c5:7b:44:f5:6d:19:4e:34:d4:ab:3f:1b:5d: 54:67:a8:e6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAXQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjVDM0QxMTAvBgNVBAUTKDUzNkI5MUIxN0I2RTFCQjE2MzhDODM1OEEwRkE1RUE1 RDBFQkVGQjcwHhcNMjUwNTEzMDA0MjU0WhcNMjUwNTIwMDA0MjU0WjAYMRYwFAYD VQQDEw02ODIyOTU4ZS1lY2QwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuP/KrZ5n8BuH+nZvnn5sha/uNL100j0Cwq/goakmBEYBte58+3BU2H6EAEd1 fJW1yPoVhYyeZfiMZjfD1S44/nZGm8N4vxSxYwsWmvLW5gYcVLW78NFvg9zhFbAi yzuQs8OVZzvJcqNB7ShsbfL6Xo0AnQAm+/Wa8wZuVffAKI73pLXplsof+u0v6uKt 5otVgXHJhuTNFNO0Wp20OFdTXVxpgsUBqq7LP4ezDssi5YX5XJtN9687Xkm2Hm+1 Tj+0t5OpQB2QlZqLQWhrXmMXrb3G8pdGI14eh7BxZLpZ8WNjXu8LA0QJBR64z0kH yjVZSSxJd6AsvlEYrF0D3EnnCQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFI6mh6Fw LdCv+8P0ljCHNGhN2SdWMB8GA1UdIwQYMBaAFFNrkbF7bhuxY4yDWKD6XqXQ6++3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNUMzRC8yMzIzRkQ4MDAw RDcxMUVFOTNDQjBGN0VDNEY5QUUwMi9VMnVSc1h0dUc3RmpqSU5Zb1BwZXBkRHI3 N2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1UydVJzWHR1RzdGampJTllvUHBlcGREcjc3Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NUMzRC8yMzIzRkQ4MDAwRDcxMUVFOTNDQjBGN0VDNEY5QUUwMi9VMnVSc1h0dUc3 RmpqSU5Zb1BwZXBkRHI3N2MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAYkOnBgUhd9zh8RZlaWNQN73c7wFK85yDGcCbRROnt9mcVEtJv+i7k u70SbxM6opeqEd2zhO5HVEmeLim4wEQhAi8HRvTzS543odcCZJaz9r3yyv1Uy8Di 2T5qbHhkrk7L9np74yWSfTUOohso7Dq75C1FBp3BVtafUXbfMtn7dKX7AYxTSBED iHeVgxTKC26YJUWo3LI6WTMS5dktbEe7vPYsrYacFqKbtwPfT7PuV+o6UmJJOtI5 SbrsEZgggLJnC8H7BJM7cpFV7hqAohrZtQtpp4eKFKvSo8bdJPh/PGG4zMxGXwnI QGh+laGvO8V7RPVtGU401Ks/G11UZ6jm -----END CERTIFICATE-----Generated at Wed May 14 19:59:38 2025 by rpki-client