$ rpki-client -vvf rpki.apnic.net/member_repository/A911954F/591A3220914A11EE942CC871C4F9AE02/hf--WNwc9_kcLTgTTiC27wssOl8.mft File: hf--WNwc9_kcLTgTTiC27wssOl8.mft (raw, json) Hash identifier: or1onST0khnYKXdd4m0QHlQ51onmAd4Y/bmGnVtDl+w= Subject key identifier: 22:A4:64:F3:9A:9A:46:42:17:DB:F3:1B:12:F5:82:7C:41:9B:AD:4A Authority key identifier: 85:FF:BE:58:DC:1C:F7:F9:1C:2D:38:13:4E:20:B6:EF:0B:2C:3A:5F Certificate issuer: /CN=A911954F/serialNumber=85FFBE58DC1CF7F91C2D38134E20B6EF0B2C3A5F Certificate serial: A4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hf--WNwc9_kcLTgTTiC27wssOl8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911954F/591A3220914A11EE942CC871C4F9AE02/hf--WNwc9_kcLTgTTiC27wssOl8.mft Manifest number: 01B4 Signing time: Fri 25 Apr 2025 04:06:15 +0000 Manifest this update: Fri 25 Apr 2025 04:06:15 +0000 Manifest next update: Fri 02 May 2025 04:06:15 +0000 Files and hashes: 1: hf--WNwc9_kcLTgTTiC27wssOl8.crl (hash: +2h5+eckmylE9Lv0JEoXKn8ystgASxwlfldU1te27qo=) 2: 6BCEC330344311EFB7DD0D34C4F9AE02.roa (hash: V5GXfj7MVmj/bsrh8ZK5BOMK+sTslcHA1M5O9HLWM8M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911954F/591A3220914A11EE942CC871C4F9AE02/hf--WNwc9_kcLTgTTiC27wssOl8.crl rsync://rpki.apnic.net/member_repository/A911954F/591A3220914A11EE942CC871C4F9AE02/hf--WNwc9_kcLTgTTiC27wssOl8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hf--WNwc9_kcLTgTTiC27wssOl8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 04:06:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 164 (0xa4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911954F, serialNumber=85FFBE58DC1CF7F91C2D38134E20B6EF0B2C3A5F Validity Not Before: Apr 25 04:06:15 2025 GMT Not After : May 2 04:06:15 2025 GMT Subject: CN=680b0a37-fd74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:68:c8:cc:43:ca:8a:29:91:01:b3:16:9a:22: bf:37:f0:94:0f:20:1d:0f:f6:ea:4b:5f:ed:12:4e: 3d:7b:8e:6c:21:63:b3:73:d9:16:39:b5:c4:87:49: 75:18:0f:3a:a0:70:37:75:14:b6:1a:61:87:67:d7: 3b:c2:cc:fa:8d:fd:e7:4b:a1:9c:67:f1:e7:f7:af: e8:61:e8:df:8d:e0:89:f7:51:96:e1:82:0c:34:ab: ed:50:8d:f1:c8:1a:d3:a5:d8:9c:62:90:5e:fa:af: 4d:42:0b:9c:60:ab:f8:dd:7c:bf:33:42:5a:89:c3: cd:4e:e3:0f:1b:c9:da:76:aa:08:43:9b:7e:05:04: e8:31:01:ec:2d:2f:fb:49:95:47:8a:3a:fb:db:be: 0d:cc:78:72:31:bb:df:d9:3c:86:81:69:66:7f:a5: 7d:6c:b2:f4:b3:7f:9f:22:47:f3:bf:9d:57:1c:c1: 69:fc:95:e8:8c:33:68:e1:e4:90:f0:77:73:c0:27: cf:86:9d:a8:25:de:53:38:bf:5c:ea:5f:8e:ef:b3: 2f:22:da:68:28:d3:d5:13:b3:69:f6:4d:ff:b3:64: 78:fd:08:17:4a:bf:45:17:26:30:d1:41:21:48:3b: 25:14:d7:57:fd:82:c3:33:c2:f2:a3:cf:d3:7b:2c: 8b:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:A4:64:F3:9A:9A:46:42:17:DB:F3:1B:12:F5:82:7C:41:9B:AD:4A X509v3 Authority Key Identifier: keyid:85:FF:BE:58:DC:1C:F7:F9:1C:2D:38:13:4E:20:B6:EF:0B:2C:3A:5F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911954F/591A3220914A11EE942CC871C4F9AE02/hf--WNwc9_kcLTgTTiC27wssOl8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hf--WNwc9_kcLTgTTiC27wssOl8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911954F/591A3220914A11EE942CC871C4F9AE02/hf--WNwc9_kcLTgTTiC27wssOl8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 22:14:ea:a5:40:97:1f:ca:1e:d1:d2:38:f8:90:e0:16:50:1a: 64:b8:64:fd:11:8f:ae:16:4d:c2:16:11:1f:d4:8d:29:e6:d5: 6d:a6:c0:8c:b4:6a:a6:34:62:86:52:b3:eb:a7:f7:b3:f5:16: 19:59:5a:4b:6b:19:10:ab:64:25:d2:c6:37:8c:6d:72:16:ce: 88:2f:ff:d1:15:b9:9d:b9:c2:3b:eb:1c:a1:d1:b0:aa:06:f2: 60:ed:64:9f:a1:38:aa:23:ff:22:2f:43:a8:12:77:5c:a4:27: 15:8f:f2:a4:0f:75:ab:46:e4:fc:22:df:e1:ce:4c:cd:8d:aa: 4a:12:4d:72:1c:1d:6f:66:ad:ca:e3:ae:b8:99:06:b1:de:02: 8e:3d:6d:9b:d2:01:b4:e5:e7:8f:3e:d4:3e:c4:ff:b6:31:62: b7:94:3e:ba:14:11:85:d2:b8:02:69:3a:72:e1:42:10:e5:ac: 33:b0:25:d3:8f:bb:2a:3d:41:09:d0:a6:e8:30:3e:5b:04:4d: d9:7e:89:9f:b1:5b:49:b9:54:43:82:b5:8d:9c:85:23:2f:fa: d8:2d:21:46:f4:53:3f:cd:c3:c2:ef:d9:64:c4:35:fc:cc:f4: c9:89:cd:56:52:6b:8e:fe:8d:01:44:47:c3:58:5e:fa:18:fc: f7:c2:ea:17 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTk1NEYxMTAvBgNVBAUTKDg1RkZCRTU4REMxQ0Y3RjkxQzJEMzgxMzRFMjBCNkVG MEIyQzNBNUYwHhcNMjUwNDI1MDQwNjE1WhcNMjUwNTAyMDQwNjE1WjAYMRYwFAYD VQQDEw02ODBiMGEzNy1mZDc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7WjIzEPKiimRAbMWmiK/N/CUDyAdD/bqS1/tEk49e45sIWOzc9kWObXEh0l1 GA86oHA3dRS2GmGHZ9c7wsz6jf3nS6GcZ/Hn96/oYejfjeCJ91GW4YIMNKvtUI3x yBrTpdicYpBe+q9NQgucYKv43Xy/M0JaicPNTuMPG8nadqoIQ5t+BQToMQHsLS/7 SZVHijr7274NzHhyMbvf2TyGgWlmf6V9bLL0s3+fIkfzv51XHMFp/JXojDNo4eSQ 8HdzwCfPhp2oJd5TOL9c6l+O77MvItpoKNPVE7Np9k3/s2R4/QgXSr9FFyYw0UEh SDslFNdX/YLDM8Lyo8/TeyyLWQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCKkZPOa mkZCF9vzGxL1gnxBm61KMB8GA1UdIwQYMBaAFIX/vljcHPf5HC04E04gtu8LLDpf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOTU0Ri81OTFBMzIyMDkx NEExMUVFOTQyQ0M4NzFDNEY5QUUwMi9oZi0tV053Yzlfa2NMVGdUVGlDMjd3c3NP bDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hmLS1XTndjOV9rY0xUZ1RUaUMyN3dzc09sOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx OTU0Ri81OTFBMzIyMDkxNEExMUVFOTQyQ0M4NzFDNEY5QUUwMi9oZi0tV053Yzlf a2NMVGdUVGlDMjd3c3NPbDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAiFOqlQJcfyh7R0jj4kOAWUBpkuGT9EY+uFk3CFhEf1I0p5tVtpsCM tGqmNGKGUrPrp/ez9RYZWVpLaxkQq2Ql0sY3jG1yFs6IL//RFbmducI76xyh0bCq BvJg7WSfoTiqI/8iL0OoEndcpCcVj/KkD3WrRuT8It/hzkzNjapKEk1yHB1vZq3K 4664mQax3gKOPW2b0gG05eePPtQ+xP+2MWK3lD66FBGF0rgCaTpy4UIQ5awzsCXT j7sqPUEJ0KboMD5bBE3ZfomfsVtJuVRDgrWNnIUjL/rYLSFG9FM/zcPC79lkxDX8 zPTJic1WUmuO/o0BREfDWF76GPz3wuoX -----END CERTIFICATE-----Generated at Sat Apr 26 13:02:15 2025 by rpki-client