$ rpki-client -vvf rpki.apnic.net/member_repository/A916EB98/B0FC35DC2ACA11EA87562740C4F9AE02/U3pyvmM5N4xMTSlwK-12dczMFGo.mft File: U3pyvmM5N4xMTSlwK-12dczMFGo.mft (raw, json) Hash identifier: 1ZGyRGA0z71HcM1NgcNM1k1k5sAf3oVSfLcW+R5+dGA= Subject key identifier: 88:6E:03:C1:1D:87:4C:3F:F5:F5:5F:DE:BC:30:3B:DB:AD:68:CA:24 Authority key identifier: 53:7A:72:BE:63:39:37:8C:4C:4D:29:70:2B:ED:76:75:CC:CC:14:6A Certificate issuer: /CN=A916EB98/serialNumber=537A72BE6339378C4C4D29702BED7675CCCC146A Certificate serial: 0B7A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3pyvmM5N4xMTSlwK-12dczMFGo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916EB98/B0FC35DC2ACA11EA87562740C4F9AE02/U3pyvmM5N4xMTSlwK-12dczMFGo.mft Manifest number: 0B73 Signing time: Sun 04 May 2025 18:53:14 +0000 Manifest this update: Sun 04 May 2025 18:53:14 +0000 Manifest next update: Sun 11 May 2025 18:53:14 +0000 Files and hashes: 1: U3pyvmM5N4xMTSlwK-12dczMFGo.crl (hash: /NuXe1evKO1SlOWgxUdgq4HRrMUrgmci3FQWN2c5Zaw=) 2: DD716A222ACC11EAAB36B444C4F9AE02.roa (hash: 9YLAXbZ28k13vNilzcTMcnMd0WVPI4XdwJeol/Aq30I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916EB98/B0FC35DC2ACA11EA87562740C4F9AE02/U3pyvmM5N4xMTSlwK-12dczMFGo.crl rsync://rpki.apnic.net/member_repository/A916EB98/B0FC35DC2ACA11EA87562740C4F9AE02/U3pyvmM5N4xMTSlwK-12dczMFGo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3pyvmM5N4xMTSlwK-12dczMFGo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 11 May 2025 18:53:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2938 (0xb7a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916EB98, serialNumber=537A72BE6339378C4C4D29702BED7675CCCC146A Validity Not Before: May 4 18:53:14 2025 GMT Not After : May 11 18:53:14 2025 GMT Subject: CN=6817b79a-332f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:4d:1e:0f:56:3c:29:cc:e3:43:29:20:4d:7c: 23:6e:fc:c9:48:ac:f6:eb:b3:07:e4:02:6f:a1:d4: 30:2f:f8:0e:4b:85:ca:1e:ab:05:95:e8:48:dd:dc: e2:03:aa:48:9d:f5:69:4f:05:7d:1a:87:36:f5:77: 16:d3:e0:4f:96:37:f5:70:0c:eb:68:65:ec:e9:d2: 1c:bf:0a:d9:bd:42:8c:fa:92:86:21:8a:a0:6b:79: 55:b0:d7:06:6f:22:b2:9a:4a:9f:90:aa:df:cb:6b: 30:b3:22:3d:71:34:33:04:43:f6:60:b2:84:bb:32: 3c:d5:47:f1:b5:bc:b7:be:08:2d:fd:2d:95:79:88: 9c:50:f1:32:2d:55:93:45:51:ea:03:f2:80:29:b5: df:f1:42:3d:cc:e0:1c:a2:06:87:06:48:10:4f:ab: e3:63:0d:a9:36:2d:1e:80:dd:26:79:d4:e3:00:76: 78:a0:c4:03:95:8e:83:8c:d0:60:14:71:73:4c:57: 5d:3a:33:f1:4f:27:41:86:8a:cd:88:75:3d:15:4a: f0:af:5c:f9:7a:08:e4:cd:3f:0b:6f:dc:7b:df:5f: 68:1f:9e:1a:9f:28:06:91:84:10:43:dc:5e:c9:49: 2d:59:eb:f6:f2:54:63:4c:7e:bc:84:5b:05:a4:06: ae:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:6E:03:C1:1D:87:4C:3F:F5:F5:5F:DE:BC:30:3B:DB:AD:68:CA:24 X509v3 Authority Key Identifier: keyid:53:7A:72:BE:63:39:37:8C:4C:4D:29:70:2B:ED:76:75:CC:CC:14:6A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916EB98/B0FC35DC2ACA11EA87562740C4F9AE02/U3pyvmM5N4xMTSlwK-12dczMFGo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3pyvmM5N4xMTSlwK-12dczMFGo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916EB98/B0FC35DC2ACA11EA87562740C4F9AE02/U3pyvmM5N4xMTSlwK-12dczMFGo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 38:c3:fa:8d:66:30:f5:2d:7b:3d:53:e8:62:f5:a6:45:8a:28: 3a:5d:6f:76:c2:3a:86:6c:05:0e:2c:0c:7d:9a:66:57:87:9b: 93:86:26:0b:9e:a2:a3:55:8f:2a:5d:bb:93:d0:7c:e9:5e:eb: 23:6b:9a:55:39:47:18:a7:cc:50:c9:c0:ea:68:d5:eb:89:59: 36:79:aa:4b:69:f8:03:1d:67:bf:ca:aa:6e:c5:be:23:52:7d: 78:5c:48:e0:81:95:5e:52:22:6d:45:a4:65:ea:88:13:0c:c2: 64:23:eb:59:c2:c7:d9:c3:6f:04:63:26:a7:57:5a:e4:28:d3: e3:ff:8f:f8:f7:05:f4:da:3b:f7:c3:d9:2f:34:c0:40:6e:cd: 12:6c:9a:4c:17:a1:5d:e2:7f:d7:49:b4:93:cb:96:86:b1:7b: 91:ac:54:14:8f:e4:d1:fd:df:79:ba:02:f4:52:0f:4b:a5:31: eb:ec:33:33:d6:5c:fe:8a:67:43:00:b6:2f:e7:4c:b0:5d:a0: 4f:37:a7:c8:70:7a:a1:61:45:dc:e6:2c:a7:82:4f:3d:7e:ea: e8:aa:f4:a2:eb:cf:1c:17:ed:ab:26:31:5e:7e:c2:6a:cd:da: 1e:33:ac:4d:4e:06:a6:0f:d0:2d:9d:b8:1b:86:72:00:9f:91: 77:c7:5b:0e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC3owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkVCOTgxMTAvBgNVBAUTKDUzN0E3MkJFNjMzOTM3OEM0QzREMjk3MDJCRUQ3Njc1 Q0NDQzE0NkEwHhcNMjUwNTA0MTg1MzE0WhcNMjUwNTExMTg1MzE0WjAYMRYwFAYD VQQDEw02ODE3Yjc5YS0zMzJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxE0eD1Y8KczjQykgTXwjbvzJSKz267MH5AJvodQwL/gOS4XKHqsFlehI3dzi A6pInfVpTwV9Goc29XcW0+BPljf1cAzraGXs6dIcvwrZvUKM+pKGIYqga3lVsNcG byKymkqfkKrfy2swsyI9cTQzBEP2YLKEuzI81Ufxtby3vggt/S2VeYicUPEyLVWT RVHqA/KAKbXf8UI9zOAcogaHBkgQT6vjYw2pNi0egN0medTjAHZ4oMQDlY6DjNBg FHFzTFddOjPxTydBhorNiHU9FUrwr1z5egjkzT8Lb9x7319oH54anygGkYQQQ9xe yUktWev28lRjTH68hFsFpAauZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIhuA8Ed h0w/9fVf3rwwO9utaMokMB8GA1UdIwQYMBaAFFN6cr5jOTeMTE0pcCvtdnXMzBRq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RUI5OC9CMEZDMzVEQzJB Q0ExMUVBODc1NjI3NDBDNEY5QUUwMi9VM3B5dm1NNU40eE1UU2x3Sy0xMmRjek1G R28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1UzcHl2bU01TjR4TVRTbHdLLTEyZGN6TUZHby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 RUI5OC9CMEZDMzVEQzJBQ0ExMUVBODc1NjI3NDBDNEY5QUUwMi9VM3B5dm1NNU40 eE1UU2x3Sy0xMmRjek1GR28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA4w/qNZjD1LXs9U+hi9aZFiig6XW92wjqGbAUOLAx9mmZXh5uThiYL nqKjVY8qXbuT0HzpXusja5pVOUcYp8xQycDqaNXriVk2eapLafgDHWe/yqpuxb4j Un14XEjggZVeUiJtRaRl6ogTDMJkI+tZwsfZw28EYyanV1rkKNPj/4/49wX02jv3 w9kvNMBAbs0SbJpMF6Fd4n/XSbSTy5aGsXuRrFQUj+TR/d95ugL0Ug9LpTHr7DMz 1lz+imdDALYv50ywXaBPN6fIcHqhYUXc5iyngk89furoqvSi688cF+2rJjFefsJq zdoeM6xNTgamD9AtnbgbhnIAn5F3x1sO -----END CERTIFICATE-----Generated at Tue May 6 03:04:27 2025 by rpki-client