$ rpki-client -vvf rpki.apnic.net/member_repository/A9117715/BC1C5F107CB811EAB0F6475DC4F9AE02/hhe5_iqn_uIl8uDS3IdkCYE33m0.mft File: hhe5_iqn_uIl8uDS3IdkCYE33m0.mft (raw, json) Hash identifier: n3AkWpz0UpyrncYKQ7/oTG724hNEDADy7nPdn2QeDoY= Subject key identifier: 0B:D4:61:34:2E:36:B0:5F:DB:F3:21:E1:B8:DC:25:FD:72:8E:1E:9B Authority key identifier: 86:17:B9:FE:2A:A7:FE:E2:25:F2:E0:D2:DC:87:64:09:81:37:DE:6D Certificate issuer: /CN=A9117715/serialNumber=8617B9FE2AA7FEE225F2E0D2DC8764098137DE6D Certificate serial: 09D1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hhe5_iqn_uIl8uDS3IdkCYE33m0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9117715/BC1C5F107CB811EAB0F6475DC4F9AE02/hhe5_iqn_uIl8uDS3IdkCYE33m0.mft Manifest number: 09CA Signing time: Thu 24 Apr 2025 19:50:40 +0000 Manifest this update: Thu 24 Apr 2025 19:50:40 +0000 Manifest next update: Thu 01 May 2025 19:50:40 +0000 Files and hashes: 1: hhe5_iqn_uIl8uDS3IdkCYE33m0.crl (hash: c1Ukkd9WMqXuq0/MddFnkkYxO0uggrqB887fMpsbxH4=) 2: E118A9DA7CB911EABD07CE5EC4F9AE02.roa (hash: 3BzJCKxq6lxeVjXVlpYVRMXqU7zHik0ruN2Ba5iWxOQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9117715/BC1C5F107CB811EAB0F6475DC4F9AE02/hhe5_iqn_uIl8uDS3IdkCYE33m0.crl rsync://rpki.apnic.net/member_repository/A9117715/BC1C5F107CB811EAB0F6475DC4F9AE02/hhe5_iqn_uIl8uDS3IdkCYE33m0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hhe5_iqn_uIl8uDS3IdkCYE33m0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:50:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2513 (0x9d1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9117715, serialNumber=8617B9FE2AA7FEE225F2E0D2DC8764098137DE6D Validity Not Before: Apr 24 19:50:40 2025 GMT Not After : May 1 19:50:40 2025 GMT Subject: CN=680a9610-f801 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:3f:69:87:99:47:2d:35:ef:01:ed:f2:64:b9: 85:8b:df:c5:eb:ed:a8:cd:a4:fe:fc:cc:d3:60:db: 41:58:97:ba:15:18:25:9d:28:22:47:29:fa:ec:95: eb:38:8c:d1:5e:24:08:90:b0:e2:b3:43:f1:c4:e3: de:ac:2c:b4:1a:25:ec:5f:e6:3a:df:ee:b3:fd:b7: 4c:80:89:4f:d7:84:e5:d1:b7:1d:9b:e7:67:8e:a1: f1:37:6a:68:ce:6a:6a:fa:09:44:5f:d6:d4:97:84: 04:95:a3:3c:e9:24:fa:03:bd:ed:05:d1:73:4c:d5: 77:6d:92:dd:1c:fc:6e:45:ad:36:93:64:95:d8:44: 24:29:a2:f4:7e:21:ce:1c:ae:49:f5:5f:c0:a8:64: 30:a2:c0:50:43:ab:81:e5:f6:a0:0b:6c:07:9d:42: 3b:88:c1:f0:35:7e:86:a6:a0:34:e1:fb:6a:12:78: 7a:cf:a5:64:c1:4d:c8:27:c6:c4:3d:37:36:0b:77: b4:1f:9b:17:6c:a0:b3:10:48:1d:76:88:24:ff:77: 42:89:05:82:2b:2e:e0:90:c8:0c:82:5e:6d:9c:7d: 10:04:4c:a6:59:68:0a:6b:03:57:29:b0:63:b4:60: dc:16:95:3c:30:cf:67:dd:4d:54:df:3e:22:2a:93: 06:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:D4:61:34:2E:36:B0:5F:DB:F3:21:E1:B8:DC:25:FD:72:8E:1E:9B X509v3 Authority Key Identifier: keyid:86:17:B9:FE:2A:A7:FE:E2:25:F2:E0:D2:DC:87:64:09:81:37:DE:6D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9117715/BC1C5F107CB811EAB0F6475DC4F9AE02/hhe5_iqn_uIl8uDS3IdkCYE33m0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hhe5_iqn_uIl8uDS3IdkCYE33m0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9117715/BC1C5F107CB811EAB0F6475DC4F9AE02/hhe5_iqn_uIl8uDS3IdkCYE33m0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0c:2d:90:90:47:d6:9a:4e:5c:c6:4c:03:ea:b6:62:b3:2e:0c: 1c:d7:21:ec:93:d5:ad:e9:85:5b:26:e8:11:c3:cd:8f:f7:5d: 0b:85:c5:ad:24:62:64:9d:f8:bd:60:36:36:4f:84:01:91:96: 8b:2e:cb:eb:9a:e4:dd:c3:f7:b3:73:1a:2e:d3:aa:b0:3d:b1: b9:90:21:2e:cd:47:d8:ce:f8:5c:0b:06:83:e1:93:dd:71:ad: d5:56:d0:20:48:17:13:5b:76:85:8f:8a:1a:15:df:fa:57:41: 47:6c:ef:59:02:5f:7e:3d:57:a6:2f:21:88:d1:19:69:d9:71: 39:d4:64:dd:e9:84:ca:e4:0b:5a:6b:52:72:1d:44:c8:fa:04: e2:25:f4:0f:ff:7a:7b:ed:93:ea:4e:0f:50:ee:6f:55:87:b3: 8b:eb:2d:30:26:98:f9:f8:78:3c:db:82:85:17:eb:18:dd:d5: a3:bf:11:8d:62:ab:bf:f1:64:36:90:7a:93:b5:da:b2:bf:6c: 07:ad:10:3e:15:19:f3:b7:43:c1:09:b8:7b:e8:91:8e:c2:a2: 20:f5:c2:09:ff:81:9f:b0:5e:8d:e6:65:f7:96:42:de:12:6d: 72:41:4a:74:a0:cf:c3:3d:b9:e7:b5:2c:c4:fa:b2:42:9b:88: a2:c1:9e:ef -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCdEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTc3MTUxMTAvBgNVBAUTKDg2MTdCOUZFMkFBN0ZFRTIyNUYyRTBEMkRDODc2NDA5 ODEzN0RFNkQwHhcNMjUwNDI0MTk1MDQwWhcNMjUwNTAxMTk1MDQwWjAYMRYwFAYD VQQDEw02ODBhOTYxMC1mODAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzD9ph5lHLTXvAe3yZLmFi9/F6+2ozaT+/MzTYNtBWJe6FRglnSgiRyn67JXr OIzRXiQIkLDis0PxxOPerCy0GiXsX+Y63+6z/bdMgIlP14Tl0bcdm+dnjqHxN2po zmpq+glEX9bUl4QElaM86ST6A73tBdFzTNV3bZLdHPxuRa02k2SV2EQkKaL0fiHO HK5J9V/AqGQwosBQQ6uB5fagC2wHnUI7iMHwNX6GpqA04ftqEnh6z6VkwU3IJ8bE PTc2C3e0H5sXbKCzEEgddogk/3dCiQWCKy7gkMgMgl5tnH0QBEymWWgKawNXKbBj tGDcFpU8MM9n3U1U3z4iKpMGPQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAvUYTQu NrBf2/Mh4bjcJf1yjh6bMB8GA1UdIwQYMBaAFIYXuf4qp/7iJfLg0tyHZAmBN95t MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNzcxNS9CQzFDNUYxMDdD QjgxMUVBQjBGNjQ3NURDNEY5QUUwMi9oaGU1X2lxbl91SWw4dURTM0lka0NZRTMz bTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hoZTVfaXFuX3VJbDh1RFMzSWRrQ1lFMzNtMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx NzcxNS9CQzFDNUYxMDdDQjgxMUVBQjBGNjQ3NURDNEY5QUUwMi9oaGU1X2lxbl91 SWw4dURTM0lka0NZRTMzbTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAMLZCQR9aaTlzGTAPqtmKzLgwc1yHsk9Wt6YVbJugRw82P910LhcWt JGJknfi9YDY2T4QBkZaLLsvrmuTdw/ezcxou06qwPbG5kCEuzUfYzvhcCwaD4ZPd ca3VVtAgSBcTW3aFj4oaFd/6V0FHbO9ZAl9+PVemLyGI0Rlp2XE51GTd6YTK5Ata a1JyHUTI+gTiJfQP/3p77ZPqTg9Q7m9Vh7OL6y0wJpj5+Hg824KFF+sY3dWjvxGN Yqu/8WQ2kHqTtdqyv2wHrRA+FRnzt0PBCbh76JGOwqIg9cIJ/4GfsF6N5mX3lkLe Em1yQUp0oM/DPbnntSzE+rJCm4iiwZ7v -----END CERTIFICATE-----Generated at Sat Apr 26 17:36:25 2025 by rpki-client