$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8981/1CF6CD746C7F11EF914D7D57C4F9AE02/UgupTND7nnwUDfvAzFi5PPVMIvM.mft File: UgupTND7nnwUDfvAzFi5PPVMIvM.mft (raw, json) Hash identifier: tWzPGkFniiceiln56g7tnKZ3zvdztBMeCZZf84+rIH8= Subject key identifier: B2:A3:19:A5:94:A6:71:36:30:DA:8C:C4:92:8E:7A:68:90:7E:4D:85 Authority key identifier: 52:0B:A9:4C:D0:FB:9E:7C:14:0D:FB:C0:CC:58:B9:3C:F5:4C:22:F3 Certificate issuer: /CN=A91F8981/serialNumber=520BA94CD0FB9E7C140DFBC0CC58B93CF54C22F3 Certificate serial: 9A Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/UgupTND7nnwUDfvAzFi5PPVMIvM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F8981/1CF6CD746C7F11EF914D7D57C4F9AE02/UgupTND7nnwUDfvAzFi5PPVMIvM.mft Manifest number: 99 Signing time: Thu 03 Jul 2025 06:31:53 +0000 Manifest this update: Thu 03 Jul 2025 06:31:52 +0000 Manifest next update: Thu 10 Jul 2025 06:31:52 +0000 Files and hashes: 1: UgupTND7nnwUDfvAzFi5PPVMIvM.crl (hash: w0WbVCHOmwBg9EqsknNeGUNQSYBAIJ2/mTkpc4ugCMg=) 2: D79D112E6C7F11EF92105459C4F9AE02.roa (hash: HfxBV0ZJ9ixuR1eesZIIiZUZrrfXBYTU4Z7Ry5c0lbg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F8981/1CF6CD746C7F11EF914D7D57C4F9AE02/UgupTND7nnwUDfvAzFi5PPVMIvM.crl rsync://rpki.apnic.net/member_repository/A91F8981/1CF6CD746C7F11EF914D7D57C4F9AE02/UgupTND7nnwUDfvAzFi5PPVMIvM.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/UgupTND7nnwUDfvAzFi5PPVMIvM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 154 (0x9a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F8981, serialNumber=520BA94CD0FB9E7C140DFBC0CC58B93CF54C22F3 Validity Not Before: Jul 3 06:31:52 2025 GMT Not After : Jul 10 06:31:52 2025 GMT Subject: CN=686623d8-eca4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:f1:71:d6:95:dc:6b:8d:2c:12:ed:d1:23:5d: 61:96:1e:1f:ad:b6:61:f0:48:e1:5a:ab:b0:5e:9d: cc:01:8c:ac:de:d0:cc:27:4e:3d:48:40:1c:fb:10: 39:b4:93:a9:fa:f9:08:aa:21:04:90:55:62:e4:4a: 8e:d7:fd:53:41:34:3a:8a:2f:9b:a3:0d:72:9b:69: c5:62:77:59:9a:27:37:5d:c5:f4:b9:6e:8d:f3:ab: e7:92:2a:50:2a:fb:5e:09:7f:9c:5a:e7:d6:34:66: 11:6f:c6:7d:a2:88:d0:a9:0b:32:cb:79:51:5b:29: 0e:d6:45:57:e7:fb:31:65:76:12:c8:5e:ea:ed:31: a0:ab:0b:29:8b:bf:1c:ae:eb:96:a2:76:0d:12:e2: 82:19:2d:a3:7b:55:83:b0:dd:b6:75:78:28:92:31: fa:b7:c9:10:a3:d6:60:66:0d:21:72:c5:28:4e:97: ea:e8:78:3e:55:0a:72:10:82:28:30:21:48:c1:b3: 9b:e6:57:41:9d:6e:fb:fc:79:37:9a:21:aa:55:06: 91:77:9a:d6:33:28:bc:e5:74:aa:43:3f:b1:e0:86: 65:51:33:51:ac:f6:74:20:01:a2:0e:48:4d:c5:2b: da:3a:c6:51:2e:4a:2e:5f:2e:70:16:fc:50:5b:fb: 94:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:A3:19:A5:94:A6:71:36:30:DA:8C:C4:92:8E:7A:68:90:7E:4D:85 X509v3 Authority Key Identifier: keyid:52:0B:A9:4C:D0:FB:9E:7C:14:0D:FB:C0:CC:58:B9:3C:F5:4C:22:F3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F8981/1CF6CD746C7F11EF914D7D57C4F9AE02/UgupTND7nnwUDfvAzFi5PPVMIvM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/UgupTND7nnwUDfvAzFi5PPVMIvM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8981/1CF6CD746C7F11EF914D7D57C4F9AE02/UgupTND7nnwUDfvAzFi5PPVMIvM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 37:af:3d:a6:b4:8b:7f:c7:16:8a:a2:5f:22:a6:a2:d7:3a:5e: 00:6e:ce:d0:c6:63:b9:d6:4b:8a:3e:8f:50:6a:a2:ec:74:cf: 66:5a:6d:80:f4:3d:7a:ff:ac:42:61:a1:9c:30:42:47:8c:6d: 90:5d:1f:39:bc:64:40:58:ed:e2:79:c3:a1:d0:4e:38:67:cc: 03:7c:94:b1:fb:de:42:68:96:85:12:14:3b:a0:19:00:ec:f3: 4a:88:5a:18:86:5c:3f:82:f5:c8:ca:ea:a7:13:1b:6f:9f:d9: cb:fd:1a:3c:d7:e2:45:48:b9:d7:e9:e6:ea:95:90:a1:61:3a: ec:f0:ba:de:9d:6f:98:ff:8f:a0:a0:07:2d:9f:b2:9e:77:b1: 87:5c:d8:31:3d:21:9a:8a:5b:4c:3a:8a:23:1e:3f:1d:64:00: ef:b3:46:a1:24:ad:72:f9:85:da:85:21:40:ab:44:bc:06:0e: 5c:b3:13:a6:9c:96:7e:9a:7d:21:6a:c4:53:be:7a:ae:4e:64: a6:40:fc:eb:b9:08:37:a7:f3:39:49:a5:49:41:75:01:80:50: 23:cf:b4:98:07:31:d8:be:d7:66:f4:07:cd:da:02:6c:f5:a5: d6:2a:27:e7:01:ba:0e:71:1c:0b:a5:7d:9f:a6:93:e4:84:6e: 58:00:7a:df -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Rjg5ODExMTAvBgNVBAUTKDUyMEJBOTRDRDBGQjlFN0MxNDBERkJDMENDNThCOTND RjU0QzIyRjMwHhcNMjUwNzAzMDYzMTUyWhcNMjUwNzEwMDYzMTUyWjAYMRYwFAYD VQQDEw02ODY2MjNkOC1lY2E0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr/Fx1pXca40sEu3RI11hlh4frbZh8EjhWquwXp3MAYys3tDMJ049SEAc+xA5 tJOp+vkIqiEEkFVi5EqO1/1TQTQ6ii+bow1ym2nFYndZmic3XcX0uW6N86vnkipQ KvteCX+cWufWNGYRb8Z9oojQqQsyy3lRWykO1kVX5/sxZXYSyF7q7TGgqwspi78c ruuWonYNEuKCGS2je1WDsN22dXgokjH6t8kQo9ZgZg0hcsUoTpfq6Hg+VQpyEIIo MCFIwbOb5ldBnW77/Hk3miGqVQaRd5rWMyi85XSqQz+x4IZlUTNRrPZ0IAGiDkhN xSvaOsZRLkouXy5wFvxQW/uUuQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLKjGaWU pnE2MNqMxJKOemiQfk2FMB8GA1UdIwQYMBaAFFILqUzQ+558FA37wMxYuTz1TCLz MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGODk4MS8xQ0Y2Q0Q3NDZD N0YxMUVGOTE0RDdENTdDNEY5QUUwMi9VZ3VwVE5EN25ud1VEZnZBekZpNVBQVk1J dk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1VndXBUTkQ3bm53VURmdkF6Rmk1UFBWTUl2TS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG ODk4MS8xQ0Y2Q0Q3NDZDN0YxMUVGOTE0RDdENTdDNEY5QUUwMi9VZ3VwVE5EN25u d1VEZnZBekZpNVBQVk1Jdk0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA3rz2mtIt/xxaKol8ipqLXOl4Abs7QxmO51kuKPo9QaqLsdM9mWm2A 9D16/6xCYaGcMEJHjG2QXR85vGRAWO3iecOh0E44Z8wDfJSx+95CaJaFEhQ7oBkA 7PNKiFoYhlw/gvXIyuqnExtvn9nL/Ro81+JFSLnX6ebqlZChYTrs8LrenW+Y/4+g oActn7Ked7GHXNgxPSGailtMOoojHj8dZADvs0ahJK1y+YXahSFAq0S8Bg5csxOm nJZ+mn0hasRTvnquTmSmQPzruQg3p/M5SaVJQXUBgFAjz7SYBzHYvtdm9AfN2gJs 9aXWKifnAboOcRwLpX2fppPkhG5YAHrf -----END CERTIFICATE-----Generated at Fri Jul 4 13:38:14 2025 by rpki-client