$ rpki-client -vvf rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.mft File: -UBKpSTUNX4MzGnH1A0-ZqLk5t8.mft (raw, json) Hash identifier: eokMdzJb9ZNPJFIY5vSxQeWk+Hyovlju9WRCbpYcUrw= Subject key identifier: 43:9D:60:89:EC:0B:0A:10:7F:89:9C:50:70:40:A5:37:18:0A:65:79 Authority key identifier: F9:40:4A:A5:24:D4:35:7E:0C:CC:69:C7:D4:0D:3E:66:A2:E4:E6:DF Certificate issuer: /CN=A9170C53/serialNumber=F9404AA524D4357E0CCC69C7D40D3E66A2E4E6DF Certificate serial: 0164 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.mft Manifest number: 0162 Signing time: Sun 11 May 2025 02:33:10 +0000 Manifest this update: Sun 11 May 2025 02:33:10 +0000 Manifest next update: Sun 18 May 2025 02:33:10 +0000 Files and hashes: 1: -UBKpSTUNX4MzGnH1A0-ZqLk5t8.crl (hash: MfI8NTPYkjYBmn99lsqv6Na5xoS2/WvRr+4ofmmwH/s=) 2: C3BB51160DAC11EFB00E6B16C4F9AE02.roa (hash: hGqVPEeuAFuBj/OWUVfAk4cX4VguxOD/9TKwylc/bsY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.crl rsync://rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 02:33:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 356 (0x164) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170C53, serialNumber=F9404AA524D4357E0CCC69C7D40D3E66A2E4E6DF Validity Not Before: May 11 02:33:10 2025 GMT Not After : May 18 02:33:10 2025 GMT Subject: CN=68200c66-87fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:a3:17:e1:ff:9a:19:e5:9d:31:1a:f9:e6:fb: eb:5e:b7:c4:8c:32:37:b1:38:a3:5b:d1:ba:25:81: 58:95:2c:6b:88:17:ff:25:a2:ff:13:ca:20:9f:4f: 78:a8:ee:46:a7:82:42:f9:47:57:58:17:00:b9:10: fd:6a:cc:a4:42:60:ec:bc:ec:f8:a4:ab:7e:d7:9f: a3:af:c8:7e:d9:79:dc:27:b8:ad:04:89:56:21:57: a4:fd:d5:2b:3c:53:4c:a1:d0:ab:5d:a8:0d:dc:b8: 3c:e0:3c:1a:42:66:44:e3:26:26:77:d1:66:89:51: 04:af:2d:4e:9d:93:ff:df:c5:4a:78:d8:76:e5:09: 09:2b:1f:ed:9d:9a:63:f6:3c:08:2d:1e:fb:09:3e: 94:af:4b:84:35:b8:70:20:fb:01:e6:87:dd:0a:bd: 10:62:7d:12:d5:4a:ed:06:f7:44:9d:e1:2b:48:1e: 8e:73:cd:da:f1:e3:64:aa:75:f4:c0:ee:cd:2a:bc: d6:ae:fc:7c:f6:0a:2b:8f:da:de:d9:4c:f4:77:fb: db:8a:79:41:fb:c2:d7:e4:9e:58:72:db:72:ca:de: fa:ff:1a:25:05:7a:8d:85:84:da:f0:23:47:12:ca: e7:e2:67:7d:9e:94:00:b9:8e:ee:0f:f8:84:81:d2: 63:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:9D:60:89:EC:0B:0A:10:7F:89:9C:50:70:40:A5:37:18:0A:65:79 X509v3 Authority Key Identifier: keyid:F9:40:4A:A5:24:D4:35:7E:0C:CC:69:C7:D4:0D:3E:66:A2:E4:E6:DF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3d:43:6a:2a:07:a8:b3:b3:81:ac:99:16:bb:c6:64:74:79:0c: b9:2e:4c:7e:65:95:c4:dc:cf:36:6d:a7:5b:48:49:8a:f6:a5: 8b:7f:4f:31:c5:80:e0:b6:d2:9c:1a:98:13:63:bc:6c:7c:df: 51:0e:fc:a5:36:6b:da:cd:76:c9:3a:67:ac:b1:d1:52:a6:83: 3b:c4:71:04:5f:e5:77:0b:f4:20:62:71:15:29:83:5c:3d:59: bf:86:45:01:33:7b:b7:66:39:42:06:72:73:e8:22:fc:89:bd: 6b:89:b4:76:cd:e9:7f:12:98:f2:73:6f:56:95:76:6a:bd:ad: 8b:ec:81:5e:59:6b:56:fe:c0:df:f4:13:ec:23:02:29:47:38: 03:93:9d:65:d9:4f:2e:1c:be:84:8b:3e:66:fd:f3:e3:de:c3: 57:4a:2d:4c:0a:b8:58:5b:73:01:ad:2d:02:42:9b:fb:ec:b7: d8:22:08:93:35:ba:73:5f:b4:f6:da:a3:9c:b2:c1:68:29:33: 23:be:a1:09:9e:ef:40:27:1e:ac:9d:0c:e2:1c:30:e4:41:25: e6:ac:ea:87:60:8b:9b:64:33:e6:82:69:2d:cc:e9:74:d8:64: ae:a1:e4:f0:aa:d1:10:24:c5:b0:03:9d:53:cb:ec:0e:c8:f7: 5d:ea:d3:ba -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAWQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzBDNTMxMTAvBgNVBAUTKEY5NDA0QUE1MjRENDM1N0UwQ0NDNjlDN0Q0MEQzRTY2 QTJFNEU2REYwHhcNMjUwNTExMDIzMzEwWhcNMjUwNTE4MDIzMzEwWjAYMRYwFAYD VQQDEw02ODIwMGM2Ni04N2ZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsaMX4f+aGeWdMRr55vvrXrfEjDI3sTijW9G6JYFYlSxriBf/JaL/E8ogn094 qO5Gp4JC+UdXWBcAuRD9asykQmDsvOz4pKt+15+jr8h+2XncJ7itBIlWIVek/dUr PFNModCrXagN3Lg84DwaQmZE4yYmd9FmiVEEry1OnZP/38VKeNh25QkJKx/tnZpj 9jwILR77CT6Ur0uENbhwIPsB5ofdCr0QYn0S1UrtBvdEneErSB6Oc83a8eNkqnX0 wO7NKrzWrvx89gorj9re2Uz0d/vbinlB+8LX5J5Ycttyyt76/xolBXqNhYTa8CNH Esrn4md9npQAuY7uD/iEgdJjwwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEOdYIns CwoQf4mcUHBApTcYCmV5MB8GA1UdIwQYMBaAFPlASqUk1DV+DMxpx9QNPmai5Obf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MEM1My9EQjYzQzlBMjEx NzYxMUVFOUM1NTlBM0VDNEY5QUUwMi8tVUJLcFNUVU5YNE16R25IMUEwLVpxTGs1 dDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLy1VQktwU1RVTlg0TXpHbkgxQTAtWnFMazV0OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MEM1My9EQjYzQzlBMjExNzYxMUVFOUM1NTlBM0VDNEY5QUUwMi8tVUJLcFNUVU5Y NE16R25IMUEwLVpxTGs1dDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA9Q2oqB6izs4GsmRa7xmR0eQy5Lkx+ZZXE3M82badbSEmK9qWLf08x xYDgttKcGpgTY7xsfN9RDvylNmvazXbJOmessdFSpoM7xHEEX+V3C/QgYnEVKYNc PVm/hkUBM3u3ZjlCBnJz6CL8ib1ribR2zel/Epjyc29WlXZqva2L7IFeWWtW/sDf 9BPsIwIpRzgDk51l2U8uHL6Eiz5m/fPj3sNXSi1MCrhYW3MBrS0CQpv77LfYIgiT NbpzX7T22qOcssFoKTMjvqEJnu9AJx6snQziHDDkQSXmrOqHYIubZDPmgmktzOl0 2GSuoeTwqtEQJMWwA51Ty+wOyPdd6tO6 -----END CERTIFICATE-----Generated at Mon May 12 15:59:48 2025 by rpki-client