$ rpki-client -vvf rpki.apnic.net/member_repository/A9142127/337FBA44546D11EABDD3C117C4F9AE02/uko-NN2arQAtSR0TxciM5c3Jk6o.mft File: uko-NN2arQAtSR0TxciM5c3Jk6o.mft (raw, json) Hash identifier: L4Xrx0mSRg6FjIGgkFbgJKkUM+lJHTSEL9PJYsaHzQs= Subject key identifier: 26:DE:97:38:24:4F:DB:78:9E:2E:29:C0:8F:BA:AF:B8:83:6F:0C:D5 Authority key identifier: BA:4A:3E:34:DD:9A:AD:00:2D:49:1D:13:C5:C8:8C:E5:CD:C9:93:AA Certificate issuer: /CN=A9142127/serialNumber=BA4A3E34DD9AAD002D491D13C5C88CE5CDC993AA Certificate serial: 0AA9 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/uko-NN2arQAtSR0TxciM5c3Jk6o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9142127/337FBA44546D11EABDD3C117C4F9AE02/uko-NN2arQAtSR0TxciM5c3Jk6o.mft Manifest number: 0AA3 Signing time: Sat 10 May 2025 19:17:42 +0000 Manifest this update: Sat 10 May 2025 19:17:42 +0000 Manifest next update: Sat 17 May 2025 19:17:42 +0000 Files and hashes: 1: uko-NN2arQAtSR0TxciM5c3Jk6o.crl (hash: fbTsYrkZYkFjGP1V2UNMg8EfEDjWVnbzeGf/Qw+MksA=) 2: 2FCB8FBA56DC11EA8D75187CC4F9AE02.roa (hash: 1RC1hvOn8M5X9ccmY3hdnJuLljVCrrYvq7AQQg0ulGE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9142127/337FBA44546D11EABDD3C117C4F9AE02/uko-NN2arQAtSR0TxciM5c3Jk6o.crl rsync://rpki.apnic.net/member_repository/A9142127/337FBA44546D11EABDD3C117C4F9AE02/uko-NN2arQAtSR0TxciM5c3Jk6o.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/uko-NN2arQAtSR0TxciM5c3Jk6o.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 19:17:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2729 (0xaa9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9142127, serialNumber=BA4A3E34DD9AAD002D491D13C5C88CE5CDC993AA Validity Not Before: May 10 19:17:42 2025 GMT Not After : May 17 19:17:42 2025 GMT Subject: CN=681fa656-5c2b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:22:e8:da:50:ba:1c:76:9f:1b:fe:89:a7:75: 91:16:70:4e:67:95:36:b9:28:3f:30:6a:38:2c:21: 5f:93:67:3e:00:89:82:57:85:bf:45:98:fa:b8:5c: 26:fa:6b:66:41:7e:10:2c:de:4c:47:63:31:2c:6b: b9:d0:06:9e:0e:f3:e6:5f:41:23:9f:3b:27:13:f6: 0a:a8:ea:5a:ce:dc:c2:f9:87:78:13:2b:da:e5:66: de:ce:dc:9b:a7:f4:47:56:2b:42:1c:24:64:fb:c6: ae:f7:08:04:10:4c:e4:9b:27:f7:fa:df:62:43:18: 4e:96:c6:8d:bf:db:29:c9:dd:3b:25:80:0b:1c:14: b6:9d:bb:29:c3:de:4e:a1:d7:ad:c4:d4:5d:ab:3c: 4b:c3:39:de:70:48:72:b3:88:92:de:c7:15:05:ed: b8:4d:30:e3:f6:41:ef:0a:45:2e:b6:49:bd:9e:80: 4d:de:85:80:a4:f3:a0:55:4c:56:ab:97:1d:47:9b: ac:d9:f7:71:f9:59:c8:12:24:7d:e4:db:83:dc:b4: e8:96:1b:6b:26:ae:76:c6:5e:57:ff:96:62:80:ae: e6:43:77:bc:32:75:44:5e:dc:63:b9:c3:f6:8f:c0: a6:f9:47:a1:eb:d6:5d:e1:d9:25:c2:91:a1:4d:ea: d6:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:DE:97:38:24:4F:DB:78:9E:2E:29:C0:8F:BA:AF:B8:83:6F:0C:D5 X509v3 Authority Key Identifier: keyid:BA:4A:3E:34:DD:9A:AD:00:2D:49:1D:13:C5:C8:8C:E5:CD:C9:93:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9142127/337FBA44546D11EABDD3C117C4F9AE02/uko-NN2arQAtSR0TxciM5c3Jk6o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/uko-NN2arQAtSR0TxciM5c3Jk6o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9142127/337FBA44546D11EABDD3C117C4F9AE02/uko-NN2arQAtSR0TxciM5c3Jk6o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 41:23:cc:3f:5e:ee:06:d2:fc:2a:55:ff:94:4a:81:85:99:42: e0:f0:cb:4f:fe:35:ae:25:4f:fc:43:eb:ec:a0:e7:67:8b:69: c0:84:0c:a5:ee:41:67:97:3a:8a:3f:d8:ae:5f:fa:d2:4c:05: ac:e0:58:e0:62:ce:ab:7b:df:a2:47:2e:b8:bd:52:7c:1a:ee: 5c:53:75:68:14:0a:cf:f5:ae:35:c5:bd:96:29:f0:65:0c:4f: 1b:99:cd:25:0b:fa:c5:37:4b:40:07:d2:f0:97:6d:77:0b:05: 41:94:16:59:21:7b:00:7e:6c:5f:61:77:3e:65:cb:3f:35:54: 38:24:af:b2:e2:4c:5a:6b:32:e1:2c:45:1e:85:f8:65:a8:be: b2:91:0b:a8:82:ed:e9:0c:79:39:35:7a:75:b8:e3:65:6d:f5: 3b:2c:40:ba:37:ee:fb:f5:a1:24:c7:6a:99:bd:a4:02:72:f3: e7:3f:5c:24:14:2d:93:b8:56:53:3d:19:a4:0a:e2:4a:92:f4: af:26:47:22:de:92:af:2c:48:a4:60:90:7c:1b:ce:10:8e:26: 9e:c4:37:ab:8c:f6:8f:53:6b:0c:05:d6:20:9c:94:3b:6b:d9: 36:bc:d6:6f:d3:45:3f:24:33:a5:46:76:bf:46:6b:3c:86:9d: 01:64:47:5d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCqkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDIxMjcxMTAvBgNVBAUTKEJBNEEzRTM0REQ5QUFEMDAyRDQ5MUQxM0M1Qzg4Q0U1 Q0RDOTkzQUEwHhcNMjUwNTEwMTkxNzQyWhcNMjUwNTE3MTkxNzQyWjAYMRYwFAYD VQQDEw02ODFmYTY1Ni01YzJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6iLo2lC6HHafG/6Jp3WRFnBOZ5U2uSg/MGo4LCFfk2c+AImCV4W/RZj6uFwm +mtmQX4QLN5MR2MxLGu50AaeDvPmX0EjnzsnE/YKqOpaztzC+Yd4Eyva5Wbeztyb p/RHVitCHCRk+8au9wgEEEzkmyf3+t9iQxhOlsaNv9spyd07JYALHBS2nbspw95O odetxNRdqzxLwznecEhys4iS3scVBe24TTDj9kHvCkUutkm9noBN3oWApPOgVUxW q5cdR5us2fdx+VnIEiR95NuD3LTolhtrJq52xl5X/5ZigK7mQ3e8MnVEXtxjucP2 j8Cm+Ueh69Zd4dklwpGhTerWaQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCbelzgk T9t4ni4pwI+6r7iDbwzVMB8GA1UdIwQYMBaAFLpKPjTdmq0ALUkdE8XIjOXNyZOq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MjEyNy8zMzdGQkE0NDU0 NkQxMUVBQkREM0MxMTdDNEY5QUUwMi91a28tTk4yYXJRQXRTUjBUeGNpTTVjM0pr Nm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL3Vrby1OTjJhclFBdFNSMFR4Y2lNNWMzSms2by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 MjEyNy8zMzdGQkE0NDU0NkQxMUVBQkREM0MxMTdDNEY5QUUwMi91a28tTk4yYXJR QXRTUjBUeGNpTTVjM0prNm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBBI8w/Xu4G0vwqVf+USoGFmULg8MtP/jWuJU/8Q+vsoOdni2nAhAyl 7kFnlzqKP9iuX/rSTAWs4FjgYs6re9+iRy64vVJ8Gu5cU3VoFArP9a41xb2WKfBl DE8bmc0lC/rFN0tAB9Lwl213CwVBlBZZIXsAfmxfYXc+Zcs/NVQ4JK+y4kxaazLh LEUehfhlqL6ykQuogu3pDHk5NXp1uONlbfU7LEC6N+779aEkx2qZvaQCcvPnP1wk FC2TuFZTPRmkCuJKkvSvJkci3pKvLEikYJB8G84QjiaexDerjPaPU2sMBdYgnJQ7 a9k2vNZv00U/JDOlRna/Rms8hp0BZEdd -----END CERTIFICATE-----Generated at Mon May 12 05:40:13 2025 by rpki-client