$ rpki-client -vvf rpki.apnic.net/member_repository/A9199836/2936FFB2362E11EC8909E86FC4F9AE02/xUMJ3BErZYYnvTagMHLnXQYDZNM.mft File: xUMJ3BErZYYnvTagMHLnXQYDZNM.mft (raw, json) Hash identifier: bK5IGGUd/5sPEasXpATPLgbgGYWB3umLU4hErEmXqRs= Subject key identifier: 2A:3C:61:7F:AF:D1:D3:F5:E7:FB:44:16:90:39:99:AB:28:C9:B5:47 Authority key identifier: C5:43:09:DC:11:2B:65:86:27:BD:36:A0:30:72:E7:5D:06:03:64:D3 Certificate issuer: /CN=A9199836/serialNumber=C54309DC112B658627BD36A03072E75D060364D3 Certificate serial: 04B3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xUMJ3BErZYYnvTagMHLnXQYDZNM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9199836/2936FFB2362E11EC8909E86FC4F9AE02/xUMJ3BErZYYnvTagMHLnXQYDZNM.mft Manifest number: 04AE Signing time: Tue 01 Jul 2025 00:25:44 +0000 Manifest this update: Tue 01 Jul 2025 00:25:43 +0000 Manifest next update: Tue 08 Jul 2025 00:25:43 +0000 Files and hashes: 1: xUMJ3BErZYYnvTagMHLnXQYDZNM.crl (hash: eCYCST9fa49HGyWjtYPNwFPWInu0x5jc88iB5dABlj0=) 2: 029F318A366F11ECA773E263C4F9AE02.roa (hash: XUaIWvSjvHJx2WjE0nq5LCjXyTsCoEUciSF2lpWLzf8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9199836/2936FFB2362E11EC8909E86FC4F9AE02/xUMJ3BErZYYnvTagMHLnXQYDZNM.crl rsync://rpki.apnic.net/member_repository/A9199836/2936FFB2362E11EC8909E86FC4F9AE02/xUMJ3BErZYYnvTagMHLnXQYDZNM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xUMJ3BErZYYnvTagMHLnXQYDZNM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 00:25:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1203 (0x4b3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9199836, serialNumber=C54309DC112B658627BD36A03072E75D060364D3 Validity Not Before: Jul 1 00:25:43 2025 GMT Not After : Jul 8 00:25:43 2025 GMT Subject: CN=68632b07-448f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:bc:c2:2d:1b:41:8e:e4:c5:78:41:31:44:a3: 18:97:84:c5:c1:b1:92:4a:62:a2:c5:e9:f6:94:aa: c3:ad:06:12:30:3b:16:08:b2:2b:20:85:06:a7:d9: 5b:11:ac:1e:1c:86:f9:45:b9:b0:af:ca:f1:81:e7: 9d:3e:30:b8:48:ea:51:a9:fa:d8:35:f8:5a:33:a5: bf:07:4c:75:c6:52:58:fd:7a:b7:da:ba:56:55:e1: 79:f9:fb:00:f2:b4:4b:e2:0e:17:e5:62:dc:b7:7a: d1:0f:d7:96:96:1a:08:c5:5c:12:61:b0:16:6c:0c: cf:b6:52:3c:d4:30:1f:5d:90:f5:89:9a:d2:61:dc: 93:dc:04:71:35:c0:f9:d4:8a:b1:ad:2d:52:cd:08: 4e:b4:d2:50:44:17:79:30:a3:63:e6:a0:25:06:eb: c7:d5:0c:bd:d6:b7:e0:1f:a7:5c:d4:2b:5a:56:58: c3:42:b1:62:b2:e5:22:9c:aa:17:11:2b:b5:1e:84: d0:cf:2e:c6:2b:c2:4a:33:e0:3e:3e:a0:c1:7b:b6: ec:b1:39:e5:d2:72:ac:9d:8d:74:b9:b1:32:c5:6f: a7:7a:ce:9c:15:fe:c2:42:09:48:c2:44:25:de:c4: 60:02:9e:88:c5:d0:2b:e1:01:e4:a7:d9:09:f3:09: dd:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:3C:61:7F:AF:D1:D3:F5:E7:FB:44:16:90:39:99:AB:28:C9:B5:47 X509v3 Authority Key Identifier: keyid:C5:43:09:DC:11:2B:65:86:27:BD:36:A0:30:72:E7:5D:06:03:64:D3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9199836/2936FFB2362E11EC8909E86FC4F9AE02/xUMJ3BErZYYnvTagMHLnXQYDZNM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xUMJ3BErZYYnvTagMHLnXQYDZNM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9199836/2936FFB2362E11EC8909E86FC4F9AE02/xUMJ3BErZYYnvTagMHLnXQYDZNM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2e:40:84:7c:7f:5a:9a:c8:ed:8f:0b:48:76:04:a3:e1:a4:f4: 7e:81:e8:8b:58:e2:82:12:2f:fc:1e:53:b2:17:c1:85:f4:91: 6f:83:03:9d:f2:33:1f:cf:60:56:3a:9b:b5:6c:3c:1c:35:24: db:13:ff:9b:1d:ca:71:6e:71:47:89:16:41:c1:b1:fb:1f:b5: ef:14:d0:91:99:ab:0f:db:46:df:a9:c8:6b:6d:06:09:18:3a: 4c:16:80:45:45:f0:53:c3:ec:ad:29:87:e5:29:8a:ad:f8:28: 7b:45:3b:79:44:1e:78:2d:f6:85:4f:da:4d:35:9c:03:86:b1: 77:81:d6:d6:35:1b:88:64:09:d7:31:4a:60:01:eb:c8:5f:5e: 34:1f:52:02:1c:53:9a:05:c4:65:06:64:86:08:72:78:78:11: 76:ce:c2:e3:8b:ca:04:65:ce:e4:8d:ef:1d:b8:d7:20:39:c7: 22:81:d5:a3:e4:59:52:a4:55:10:ba:26:a7:69:50:dd:35:fc: de:f2:53:90:12:55:99:a5:16:c3:16:44:0c:31:75:ab:c9:01: 78:63:57:2e:a6:88:e5:b6:ff:59:24:66:a1:4b:77:94:a3:db: 21:1f:4b:8b:8b:e8:62:cf:fa:34:b9:21:d4:86:d9:c1:aa:29: cc:8f:b9:4d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBLMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTk4MzYxMTAvBgNVBAUTKEM1NDMwOURDMTEyQjY1ODYyN0JEMzZBMDMwNzJFNzVE MDYwMzY0RDMwHhcNMjUwNzAxMDAyNTQzWhcNMjUwNzA4MDAyNTQzWjAYMRYwFAYD VQQDEw02ODYzMmIwNy00NDhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzbzCLRtBjuTFeEExRKMYl4TFwbGSSmKixen2lKrDrQYSMDsWCLIrIIUGp9lb EaweHIb5Rbmwr8rxgeedPjC4SOpRqfrYNfhaM6W/B0x1xlJY/Xq32rpWVeF5+fsA 8rRL4g4X5WLct3rRD9eWlhoIxVwSYbAWbAzPtlI81DAfXZD1iZrSYdyT3ARxNcD5 1IqxrS1SzQhOtNJQRBd5MKNj5qAlBuvH1Qy91rfgH6dc1CtaVljDQrFisuUinKoX ESu1HoTQzy7GK8JKM+A+PqDBe7bssTnl0nKsnY10ubEyxW+nes6cFf7CQglIwkQl 3sRgAp6IxdAr4QHkp9kJ8wndIQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCo8YX+v 0dP15/tEFpA5masoybVHMB8GA1UdIwQYMBaAFMVDCdwRK2WGJ702oDBy510GA2TT MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OTgzNi8yOTM2RkZCMjM2 MkUxMUVDODkwOUU4NkZDNEY5QUUwMi94VU1KM0JFclpZWW52VGFnTUhMblhRWURa Tk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hVTUozQkVyWllZbnZUYWdNSExuWFFZRFpOTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 OTgzNi8yOTM2RkZCMjM2MkUxMUVDODkwOUU4NkZDNEY5QUUwMi94VU1KM0JFclpZ WW52VGFnTUhMblhRWURaTk0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAuQIR8f1qayO2PC0h2BKPhpPR+geiLWOKCEi/8HlOyF8GF9JFvgwOd 8jMfz2BWOpu1bDwcNSTbE/+bHcpxbnFHiRZBwbH7H7XvFNCRmasP20bfqchrbQYJ GDpMFoBFRfBTw+ytKYflKYqt+Ch7RTt5RB54LfaFT9pNNZwDhrF3gdbWNRuIZAnX MUpgAevIX140H1ICHFOaBcRlBmSGCHJ4eBF2zsLji8oEZc7kje8duNcgOccigdWj 5FlSpFUQuianaVDdNfze8lOQElWZpRbDFkQMMXWryQF4Y1cupojltv9ZJGahS3eU o9shH0uLi+hiz/o0uSHUhtnBqinMj7lN -----END CERTIFICATE-----Generated at Wed Jul 2 21:57:32 2025 by rpki-client