$ rpki-client -vvf rpki.apnic.net/member_repository/A918E023/A654FEF0111C11F0B15AF970C4F9AE02/uc1X4v9PWLuVmpVBoxz99ml2GLI.mft File: uc1X4v9PWLuVmpVBoxz99ml2GLI.mft (raw, json) Hash identifier: Iq+5pBfdT/RvrEyCFc2dZEAbP3KX3f0VssIvSrAHPPE= Subject key identifier: 69:87:DA:E3:23:9A:11:1F:00:05:AD:D0:08:4D:52:A5:DE:0A:94:32 Authority key identifier: B9:CD:57:E2:FF:4F:58:BB:95:9A:95:41:A3:1C:FD:F6:69:76:18:B2 Certificate issuer: /CN=A918E023/serialNumber=B9CD57E2FF4F58BB959A9541A31CFDF6697618B2 Certificate serial: 17 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uc1X4v9PWLuVmpVBoxz99ml2GLI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918E023/A654FEF0111C11F0B15AF970C4F9AE02/uc1X4v9PWLuVmpVBoxz99ml2GLI.mft Manifest number: 16 Signing time: Tue 13 May 2025 07:14:40 +0000 Manifest this update: Tue 13 May 2025 07:14:39 +0000 Manifest next update: Tue 20 May 2025 07:14:39 +0000 Files and hashes: 1: uc1X4v9PWLuVmpVBoxz99ml2GLI.crl (hash: 47i5XfrpySRytwDfXMa7/VEW0hxgHPje1l9NqGe6og0=) 2: C420B2B6111D11F0BE9ABA7AC4F9AE02.roa (hash: BmMWgtMQ3PCdQlZ5TlrzvWUUVUt35N0MZwh0nPjZPiY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918E023/A654FEF0111C11F0B15AF970C4F9AE02/uc1X4v9PWLuVmpVBoxz99ml2GLI.crl rsync://rpki.apnic.net/member_repository/A918E023/A654FEF0111C11F0B15AF970C4F9AE02/uc1X4v9PWLuVmpVBoxz99ml2GLI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uc1X4v9PWLuVmpVBoxz99ml2GLI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 07:14:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23 (0x17) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918E023, serialNumber=B9CD57E2FF4F58BB959A9541A31CFDF6697618B2 Validity Not Before: May 13 07:14:39 2025 GMT Not After : May 20 07:14:39 2025 GMT Subject: CN=6822f15f-909e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:3c:22:de:b2:9d:40:2a:9b:09:f8:fa:53:75: 4e:d3:0c:48:8d:99:89:41:6c:00:6a:d1:63:ab:dd: 80:76:82:97:ab:2e:6d:85:f1:00:c5:a8:1d:76:26: fd:2a:30:3f:d1:cf:4c:11:31:56:91:51:af:39:49: d4:b7:e0:7a:87:c1:6c:33:09:10:11:5e:4e:c8:66: b8:2d:99:94:df:88:f3:d6:89:de:72:8c:be:6f:c2: 6d:40:7e:95:a2:3c:27:fd:47:40:a7:02:09:f7:75: 62:52:ae:26:39:6e:15:63:8b:9c:6c:6f:b5:c3:c7: cf:05:cc:85:99:05:74:bf:60:6b:cc:c5:fd:ca:17: aa:8c:37:a9:47:55:0a:54:69:23:9c:fe:1a:19:bf: bd:16:ef:e4:95:7a:3d:f1:81:72:88:5d:75:ac:35: 69:45:58:8c:a0:10:1c:d4:f5:96:ab:be:d4:7d:29: 22:79:90:03:3c:a5:a6:7f:5f:f9:5a:c8:73:7a:12: d3:9b:4d:13:37:00:2d:ae:bb:57:10:b5:03:70:1a: 77:83:7b:ca:c5:cf:19:65:16:3d:21:ea:75:16:2b: 1c:2e:e6:34:f4:14:bb:a1:9d:81:d5:a7:84:4e:f4: a7:27:84:75:d2:b6:00:cc:7a:e8:7d:fe:d4:53:56: dd:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:87:DA:E3:23:9A:11:1F:00:05:AD:D0:08:4D:52:A5:DE:0A:94:32 X509v3 Authority Key Identifier: keyid:B9:CD:57:E2:FF:4F:58:BB:95:9A:95:41:A3:1C:FD:F6:69:76:18:B2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918E023/A654FEF0111C11F0B15AF970C4F9AE02/uc1X4v9PWLuVmpVBoxz99ml2GLI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uc1X4v9PWLuVmpVBoxz99ml2GLI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918E023/A654FEF0111C11F0B15AF970C4F9AE02/uc1X4v9PWLuVmpVBoxz99ml2GLI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4f:9c:ed:7a:38:3e:2c:70:3c:f7:20:58:0a:58:36:a1:62:a1: 89:12:30:1f:76:37:24:3f:9b:f3:7c:79:8e:bb:9b:53:08:f4: 98:94:0e:93:2b:30:5d:a0:bd:df:6e:8c:67:8a:aa:ed:e7:86: 32:cf:d6:c7:78:cf:62:46:78:14:58:7c:12:da:88:b3:93:15: 00:77:75:e7:47:85:a8:23:0e:4a:b6:a3:15:a5:2f:5f:df:9d: 6f:c5:8f:e8:fd:fa:b6:d4:0e:11:88:c7:e9:61:aa:8f:29:81: f7:cf:cd:e3:15:36:cc:55:0f:4f:fc:b0:65:72:0a:79:b8:a2: b5:66:18:1c:23:15:43:08:a3:89:c6:c1:f8:8c:a4:69:18:a3: 35:f4:eb:78:3e:67:38:ce:fc:e6:96:b8:58:98:46:7b:41:67: c1:66:7c:db:0d:2b:01:e3:dc:35:ea:47:cc:40:01:7d:79:d0: 65:cd:24:94:06:2e:1f:f8:38:ea:41:a0:79:6f:91:98:4b:e7: b9:52:3b:3e:dc:6c:dc:b4:12:df:ca:69:7a:2b:55:60:dc:53: 7a:55:52:1a:40:7a:64:b4:8f:98:f9:19:91:5d:5f:ad:a2:9c: d4:bb:cc:63:57:e5:5b:9c:ac:9b:a7:66:2b:bf:02:b7:94:06: ff:ee:de:0d -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBFzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4 RTAyMzExMC8GA1UEBRMoQjlDRDU3RTJGRjRGNThCQjk1OUE5NTQxQTMxQ0ZERjY2 OTc2MThCMjAeFw0yNTA1MTMwNzE0MzlaFw0yNTA1MjAwNzE0MzlaMBgxFjAUBgNV BAMTDTY4MjJmMTVmLTkwOWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDIPCLesp1AKpsJ+PpTdU7TDEiNmYlBbABq0WOr3YB2gperLm2F8QDFqB12Jv0q MD/Rz0wRMVaRUa85SdS34HqHwWwzCRARXk7IZrgtmZTfiPPWid5yjL5vwm1AfpWi PCf9R0CnAgn3dWJSriY5bhVji5xsb7XDx88FzIWZBXS/YGvMxf3KF6qMN6lHVQpU aSOc/hoZv70W7+SVej3xgXKIXXWsNWlFWIygEBzU9ZarvtR9KSJ5kAM8paZ/X/la yHN6EtObTRM3AC2uu1cQtQNwGneDe8rFzxllFj0h6nUWKxwu5jT0FLuhnYHVp4RO 9KcnhHXStgDMeuh9/tRTVt1DAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUaYfa4yOa ER8ABa3QCE1Spd4KlDIwHwYDVR0jBBgwFoAUuc1X4v9PWLuVmpVBoxz99ml2GLIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThFMDIzL0E2NTRGRUYwMTEx QzExRjBCMTVBRjk3MEM0RjlBRTAyL3VjMVg0djlQV0x1Vm1wVkJveHo5OW1sMkdM SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvdWMxWDR2OVBXTHVWbXBWQm94ejk5bWwyR0xJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThF MDIzL0E2NTRGRUYwMTExQzExRjBCMTVBRjk3MEM0RjlBRTAyL3VjMVg0djlQV0x1 Vm1wVkJveHo5OW1sMkdMSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAE+c7Xo4PixwPPcgWApYNqFioYkSMB92NyQ/m/N8eY67m1MI9JiUDpMr MF2gvd9ujGeKqu3nhjLP1sd4z2JGeBRYfBLaiLOTFQB3dedHhagjDkq2oxWlL1/f nW/Fj+j9+rbUDhGIx+lhqo8pgffPzeMVNsxVD0/8sGVyCnm4orVmGBwjFUMIo4nG wfiMpGkYozX063g+ZzjO/OaWuFiYRntBZ8FmfNsNKwHj3DXqR8xAAX150GXNJJQG Lh/4OOpBoHlvkZhL57lSOz7cbNy0Et/KaXorVWDcU3pVUhpAemS0j5j5GZFdX62i nNS7zGNX5VucrJunZiu/AreUBv/u3g0= -----END CERTIFICATE-----Generated at Tue May 13 15:05:56 2025 by rpki-client