$ rpki-client -vvf rpki.apnic.net/member_repository/A9118EB2/7AC767DE066911EDB0AE8E37C4F9AE02/hgOgrKcgSw7-1k23DeUcdboDk1U.mft File: hgOgrKcgSw7-1k23DeUcdboDk1U.mft (raw, json) Hash identifier: aJaQpJdw2UwKur+IELwWc6kHNBgQw5yxxH1eA64I3/k= Subject key identifier: 7D:DE:B0:4B:FE:6F:65:1D:78:4F:5D:53:F2:42:3B:A1:3E:B2:F1:38 Authority key identifier: 86:03:A0:AC:A7:20:4B:0E:FE:D6:4D:B7:0D:E5:1C:75:BA:03:93:55 Certificate issuer: /CN=A9118EB2/serialNumber=8603A0ACA7204B0EFED64DB70DE51C75BA039355 Certificate serial: 02A0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hgOgrKcgSw7-1k23DeUcdboDk1U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9118EB2/7AC767DE066911EDB0AE8E37C4F9AE02/hgOgrKcgSw7-1k23DeUcdboDk1U.mft Manifest number: 028F Signing time: Fri 25 Apr 2025 01:25:54 +0000 Manifest this update: Fri 25 Apr 2025 01:25:54 +0000 Manifest next update: Fri 02 May 2025 01:25:54 +0000 Files and hashes: 1: hgOgrKcgSw7-1k23DeUcdboDk1U.crl (hash: ZyppCy/bjClTlZQejJveTuRJyrbowicJ6sWy4RO2by0=) 2: 208C7D2E066C11EDB31C2239C4F9AE02.roa (hash: JpDBusAldNWd+IJVkNhhqJJDrViCPn/caif2F0IdJAY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9118EB2/7AC767DE066911EDB0AE8E37C4F9AE02/hgOgrKcgSw7-1k23DeUcdboDk1U.crl rsync://rpki.apnic.net/member_repository/A9118EB2/7AC767DE066911EDB0AE8E37C4F9AE02/hgOgrKcgSw7-1k23DeUcdboDk1U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hgOgrKcgSw7-1k23DeUcdboDk1U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 01:25:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 672 (0x2a0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9118EB2, serialNumber=8603A0ACA7204B0EFED64DB70DE51C75BA039355 Validity Not Before: Apr 25 01:25:54 2025 GMT Not After : May 2 01:25:54 2025 GMT Subject: CN=680ae4a2-b99e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:52:54:dd:64:f7:2a:a1:8e:80:11:e8:f3:ce: cd:89:52:c9:18:87:b1:f1:de:bd:f2:f7:bc:01:9e: 2b:83:52:f8:b9:d4:08:91:ce:00:f3:7e:ed:f1:86: 94:fa:f6:ed:41:97:4b:08:e2:d0:0e:64:1c:c0:3e: cd:e1:91:72:48:1d:b3:76:5f:a5:5b:5a:ba:32:de: b3:03:4f:46:80:14:61:33:09:71:b9:bd:7f:2a:11: db:2f:77:47:e9:c2:32:e4:dc:67:6d:97:12:50:9c: 8f:c9:5c:e1:99:f2:fc:13:cd:e0:cc:72:57:b3:0a: 00:74:ed:fe:8e:55:35:e2:3b:63:35:0e:87:5b:87: 4b:22:da:30:7a:aa:57:f2:87:80:f2:6d:c3:38:55: aa:95:ff:5d:46:55:5b:1e:2e:4a:f1:df:c6:f0:8d: a1:aa:38:92:05:77:23:1e:3f:0a:86:95:3c:86:c4: 46:5b:01:36:00:7d:1f:ab:84:91:38:f3:42:7e:7a: 6c:15:35:3e:a0:1d:18:5b:eb:8a:90:21:1d:67:65: f4:b7:6c:b3:f4:0c:23:bc:9a:17:83:ce:74:fd:4c: ab:1a:53:db:9f:fe:52:2b:0c:3f:5a:e6:ad:b2:57: f8:34:3a:7c:8a:18:4d:3f:30:95:ea:3a:26:6f:31: 0b:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:DE:B0:4B:FE:6F:65:1D:78:4F:5D:53:F2:42:3B:A1:3E:B2:F1:38 X509v3 Authority Key Identifier: keyid:86:03:A0:AC:A7:20:4B:0E:FE:D6:4D:B7:0D:E5:1C:75:BA:03:93:55 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9118EB2/7AC767DE066911EDB0AE8E37C4F9AE02/hgOgrKcgSw7-1k23DeUcdboDk1U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hgOgrKcgSw7-1k23DeUcdboDk1U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9118EB2/7AC767DE066911EDB0AE8E37C4F9AE02/hgOgrKcgSw7-1k23DeUcdboDk1U.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 31:62:28:05:95:1c:a0:ee:cb:2c:79:9f:0f:fb:e8:0d:22:3a: f4:e1:d2:10:53:ed:d8:bf:42:d8:46:94:09:4b:ec:94:87:75: 35:da:17:21:97:e8:9c:33:c6:31:f7:97:cc:86:e5:75:48:49: 64:30:7f:4d:9b:2e:8b:46:fe:dc:b4:f0:03:74:82:85:99:3b: 0f:4d:66:f7:b1:bf:6a:fe:af:e9:1d:04:83:4e:a7:74:b5:6d: aa:df:07:6d:5b:30:12:dd:4a:22:9c:1c:25:f9:98:61:bf:7b: d0:93:69:16:8d:ff:2d:3f:51:77:64:a1:c2:89:b9:d0:3e:8e: 79:c1:e7:be:a7:71:06:35:90:25:4d:46:42:18:57:09:23:be: b0:78:8e:5b:f0:14:e8:d7:29:73:f8:a2:be:79:28:d2:5a:11: 7a:79:c3:72:d4:45:f4:c9:d4:b3:c9:3f:72:a7:82:7e:0a:b4: 37:c4:4a:64:3a:d6:1d:8f:d0:cc:42:d2:c3:d0:68:67:be:9c: 5a:98:1d:06:39:c9:35:40:ac:04:7b:3a:d6:b2:45:29:cd:2d: ae:ab:87:72:0d:8e:1b:de:57:3b:ac:d9:8f:44:00:df:fc:33: bd:c0:88:b6:7f:a7:b5:ef:de:c8:e6:72:28:e2:e8:e0:71:2c: da:26:16:9f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAqAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MThFQjIxMTAvBgNVBAUTKDg2MDNBMEFDQTcyMDRCMEVGRUQ2NERCNzBERTUxQzc1 QkEwMzkzNTUwHhcNMjUwNDI1MDEyNTU0WhcNMjUwNTAyMDEyNTU0WjAYMRYwFAYD VQQDEw02ODBhZTRhMi1iOTllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAq1JU3WT3KqGOgBHo887NiVLJGIex8d698ve8AZ4rg1L4udQIkc4A837t8YaU +vbtQZdLCOLQDmQcwD7N4ZFySB2zdl+lW1q6Mt6zA09GgBRhMwlxub1/KhHbL3dH 6cIy5NxnbZcSUJyPyVzhmfL8E83gzHJXswoAdO3+jlU14jtjNQ6HW4dLItoweqpX 8oeA8m3DOFWqlf9dRlVbHi5K8d/G8I2hqjiSBXcjHj8KhpU8hsRGWwE2AH0fq4SR OPNCfnpsFTU+oB0YW+uKkCEdZ2X0t2yz9AwjvJoXg850/UyrGlPbn/5SKww/Wuat slf4NDp8ihhNPzCV6jombzELUQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH3esEv+ b2UdeE9dU/JCO6E+svE4MB8GA1UdIwQYMBaAFIYDoKynIEsO/tZNtw3lHHW6A5NV MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOEVCMi83QUM3NjdERTA2 NjkxMUVEQjBBRThFMzdDNEY5QUUwMi9oZ09ncktjZ1N3Ny0xazIzRGVVY2Rib0Rr MVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hnT2dyS2NnU3c3LTFrMjNEZVVjZGJvRGsxVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx OEVCMi83QUM3NjdERTA2NjkxMUVEQjBBRThFMzdDNEY5QUUwMi9oZ09ncktjZ1N3 Ny0xazIzRGVVY2Rib0RrMVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAxYigFlRyg7ssseZ8P++gNIjr04dIQU+3Yv0LYRpQJS+yUh3U12hch l+icM8Yx95fMhuV1SElkMH9Nmy6LRv7ctPADdIKFmTsPTWb3sb9q/q/pHQSDTqd0 tW2q3wdtWzAS3UoinBwl+Zhhv3vQk2kWjf8tP1F3ZKHCibnQPo55wee+p3EGNZAl TUZCGFcJI76weI5b8BTo1ylz+KK+eSjSWhF6ecNy1EX0ydSzyT9yp4J+CrQ3xEpk OtYdj9DMQtLD0GhnvpxamB0GOck1QKwEezrWskUpzS2uq4dyDY4b3lc7rNmPRADf /DO9wIi2f6e1797I5nIo4ujgcSzaJhaf -----END CERTIFICATE-----Generated at Sat Apr 26 12:33:47 2025 by rpki-client