$ rpki-client -vvf rpki.apnic.net/member_repository/A91A459D/5FAB972E7EF611EAA979A32DC4F9AE02/UrIZlUKcRPin9OyZ5TBAhw1tOFs.mft File: UrIZlUKcRPin9OyZ5TBAhw1tOFs.mft (raw, json) Hash identifier: nP/8ukFkaQoy+HVyykskJEfow6AkY4JAR1sAVCCh3bA= Subject key identifier: EA:79:30:7C:20:54:50:FD:9C:50:6E:1A:3E:F4:AD:94:DF:B5:09:83 Authority key identifier: 52:B2:19:95:42:9C:44:F8:A7:F4:EC:99:E5:30:40:87:0D:6D:38:5B Certificate issuer: /CN=A91A459D/serialNumber=52B21995429C44F8A7F4EC99E53040870D6D385B Certificate serial: 09D2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UrIZlUKcRPin9OyZ5TBAhw1tOFs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A459D/5FAB972E7EF611EAA979A32DC4F9AE02/UrIZlUKcRPin9OyZ5TBAhw1tOFs.mft Manifest number: 09CB Signing time: Wed 14 May 2025 20:03:53 +0000 Manifest this update: Wed 14 May 2025 20:03:52 +0000 Manifest next update: Wed 21 May 2025 20:03:52 +0000 Files and hashes: 1: UrIZlUKcRPin9OyZ5TBAhw1tOFs.crl (hash: +Bmgk4uXdm6ZzeklkKhs1jxoQYL65qrSVSsCdZwBCQs=) 2: 21028CF67EF811EAAD47CD30C4F9AE02.roa (hash: +gB8ZHO5MMKVGP2yT3GNNhFPo53EwfTpImIrJ+ySljI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A459D/5FAB972E7EF611EAA979A32DC4F9AE02/UrIZlUKcRPin9OyZ5TBAhw1tOFs.crl rsync://rpki.apnic.net/member_repository/A91A459D/5FAB972E7EF611EAA979A32DC4F9AE02/UrIZlUKcRPin9OyZ5TBAhw1tOFs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UrIZlUKcRPin9OyZ5TBAhw1tOFs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 21 May 2025 20:03:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2514 (0x9d2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A459D, serialNumber=52B21995429C44F8A7F4EC99E53040870D6D385B Validity Not Before: May 14 20:03:52 2025 GMT Not After : May 21 20:03:52 2025 GMT Subject: CN=6824f728-2204 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:30:9f:19:e9:28:64:82:13:de:cd:26:d0:35: d0:3b:92:8c:ca:f5:83:7e:0e:e0:96:e8:96:bd:48: 47:5b:26:7c:8d:c8:17:fd:19:6c:83:57:b0:a2:1e: 8c:1a:96:61:65:2a:96:df:03:71:6c:8e:bd:30:06: 9b:b1:45:36:ba:c4:48:f1:59:2b:4f:9c:cb:0f:9f: 61:e8:f6:9a:0b:b8:5c:c1:fa:c0:a8:12:fe:55:1b: 4a:8c:57:2f:1a:be:8b:3f:4a:d9:48:4e:ca:28:c8: 01:ba:4f:c4:5b:56:16:92:53:99:b5:90:23:f3:04: 2f:a2:de:cd:af:bf:89:b8:f6:fa:fe:5a:b8:c3:32: 5d:ef:50:d6:f5:98:5b:e7:50:4a:51:e8:de:bf:02: 28:95:39:2e:d5:28:1c:54:a1:f3:b0:51:ff:8a:82: fa:d5:05:ca:73:36:5e:25:07:ef:4f:c7:da:1c:fd: 6a:bb:a6:09:77:93:c2:dc:d8:6c:18:c0:e1:5c:7e: 2a:03:a8:a2:0e:70:0a:5d:21:87:2f:a7:b2:fc:b7: 3d:8f:9b:c6:46:35:11:1e:9b:09:98:f7:b3:5f:97: 40:b1:42:9c:33:20:0e:85:ed:f0:de:61:8f:54:ef: 96:7b:f2:57:70:09:32:2f:03:a8:62:e9:21:bb:58: 54:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:79:30:7C:20:54:50:FD:9C:50:6E:1A:3E:F4:AD:94:DF:B5:09:83 X509v3 Authority Key Identifier: keyid:52:B2:19:95:42:9C:44:F8:A7:F4:EC:99:E5:30:40:87:0D:6D:38:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A459D/5FAB972E7EF611EAA979A32DC4F9AE02/UrIZlUKcRPin9OyZ5TBAhw1tOFs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UrIZlUKcRPin9OyZ5TBAhw1tOFs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A459D/5FAB972E7EF611EAA979A32DC4F9AE02/UrIZlUKcRPin9OyZ5TBAhw1tOFs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 29:1e:05:ef:70:c0:09:3b:50:2a:30:b6:d4:ad:6c:73:2d:1a: d0:4f:9e:24:2d:d4:15:90:8e:58:48:41:ed:20:0e:47:0d:79: fc:b6:f9:6a:6b:09:9d:e6:7d:b0:28:46:ff:bb:5a:62:14:14: 4b:14:c9:92:2e:f2:01:c1:2e:e2:33:fd:44:55:63:30:19:0f: 6d:a1:2d:c9:fb:10:c3:41:cd:74:11:67:69:12:98:5a:24:6a: 88:f4:49:5b:73:09:ee:cb:42:26:bf:22:dd:98:6c:e8:cb:17: fa:dc:c7:73:e1:2b:0f:1d:e8:b0:fd:a4:d6:ae:ad:69:f2:33: 44:ad:97:f1:c3:ee:93:5c:64:19:a9:3a:50:64:8b:48:e6:46: 7d:b2:38:32:b4:60:1f:ef:83:3c:85:88:07:c1:58:82:1c:80: 47:9d:d3:ad:7e:57:10:2a:b1:ea:46:73:0d:98:aa:de:ef:b2: 93:81:81:dc:ce:12:15:a0:bf:26:45:fe:d6:7e:1a:9d:de:61: b8:39:b9:7c:a0:11:66:ef:f7:e3:0f:40:1c:ea:9e:b7:e2:47: af:b2:77:11:a2:24:20:4d:5c:99:09:b4:7e:02:9f:3a:cc:97: 83:5e:d2:98:fb:77:86:b4:33:1d:33:87:bb:e5:93:30:3b:f1: 21:1d:26:99 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCdIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTQ1OUQxMTAvBgNVBAUTKDUyQjIxOTk1NDI5QzQ0RjhBN0Y0RUM5OUU1MzA0MDg3 MEQ2RDM4NUIwHhcNMjUwNTE0MjAwMzUyWhcNMjUwNTIxMjAwMzUyWjAYMRYwFAYD VQQDEw02ODI0ZjcyOC0yMjA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7DCfGekoZIIT3s0m0DXQO5KMyvWDfg7gluiWvUhHWyZ8jcgX/Rlsg1ewoh6M GpZhZSqW3wNxbI69MAabsUU2usRI8VkrT5zLD59h6PaaC7hcwfrAqBL+VRtKjFcv Gr6LP0rZSE7KKMgBuk/EW1YWklOZtZAj8wQvot7Nr7+JuPb6/lq4wzJd71DW9Zhb 51BKUejevwIolTku1SgcVKHzsFH/ioL61QXKczZeJQfvT8faHP1qu6YJd5PC3Nhs GMDhXH4qA6iiDnAKXSGHL6ey/Lc9j5vGRjURHpsJmPezX5dAsUKcMyAOhe3w3mGP VO+We/JXcAkyLwOoYukhu1hUyQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOp5MHwg VFD9nFBuGj70rZTftQmDMB8GA1UdIwQYMBaAFFKyGZVCnET4p/TsmeUwQIcNbThb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDU5RC81RkFCOTcyRTdF RjYxMUVBQTk3OUEzMkRDNEY5QUUwMi9VcklabFVLY1JQaW45T3laNVRCQWh3MXRP RnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1VySVpsVUtjUlBpbjlPeVo1VEJBaHcxdE9Gcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NDU5RC81RkFCOTcyRTdFRjYxMUVBQTk3OUEzMkRDNEY5QUUwMi9VcklabFVLY1JQ aW45T3laNVRCQWh3MXRPRnMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQApHgXvcMAJO1AqMLbUrWxzLRrQT54kLdQVkI5YSEHtIA5HDXn8tvlq awmd5n2wKEb/u1piFBRLFMmSLvIBwS7iM/1EVWMwGQ9toS3J+xDDQc10EWdpEpha JGqI9Elbcwnuy0ImvyLdmGzoyxf63Mdz4SsPHeiw/aTWrq1p8jNErZfxw+6TXGQZ qTpQZItI5kZ9sjgytGAf74M8hYgHwViCHIBHndOtflcQKrHqRnMNmKre77KTgYHc zhIVoL8mRf7Wfhqd3mG4Obl8oBFm7/fjD0Ac6p634kevsncRoiQgTVyZCbR+Ap86 zJeDXtKY+3eGtDMdM4e75ZMwO/EhHSaZ -----END CERTIFICATE-----Generated at Thu May 15 22:29:06 2025 by rpki-client