$ rpki-client -vvf rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.mft File: He-yCnpR7hjdetBq2qxJEePi95Q.mft (raw, json) Hash identifier: HA2PrTJITDk9kHzFyplpaWe0UTmy9/FARyFYB3UBw0s= Subject key identifier: AF:36:10:A8:DD:E3:A3:8D:84:BF:23:33:21:7C:4F:EE:F7:37:DA:1B Authority key identifier: 1D:EF:B2:0A:7A:51:EE:18:DD:7A:D0:6A:DA:AC:49:11:E3:E2:F7:94 Certificate issuer: /CN=A91285E3/serialNumber=1DEFB20A7A51EE18DD7AD06ADAAC4911E3E2F794 Certificate serial: 01CD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He-yCnpR7hjdetBq2qxJEePi95Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.mft Manifest number: 01C7 Signing time: Fri 25 Apr 2025 02:10:27 +0000 Manifest this update: Fri 25 Apr 2025 02:10:27 +0000 Manifest next update: Fri 02 May 2025 02:10:27 +0000 Files and hashes: 1: He-yCnpR7hjdetBq2qxJEePi95Q.crl (hash: pK6X7XQkm0sMPHT6Dc9Md2FqMy6VOSZR+z/sjaUtLb4=) 2: 54365208708411EDA8B14246C4F9AE02.roa (hash: mCCSZ+9WYvhaMFX9tC0Iaz2gMx4GH4ZGb0UPoAirqT8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.crl rsync://rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He-yCnpR7hjdetBq2qxJEePi95Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 02:10:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 461 (0x1cd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91285E3, serialNumber=1DEFB20A7A51EE18DD7AD06ADAAC4911E3E2F794 Validity Not Before: Apr 25 02:10:27 2025 GMT Not After : May 2 02:10:27 2025 GMT Subject: CN=680aef13-875b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:b5:be:7d:e9:e0:56:30:b2:56:81:65:aa:30: 06:b9:14:20:d2:0b:4d:5b:1f:2e:78:a7:33:71:4f: 42:7b:ea:d2:2d:e4:dc:f8:e1:05:7b:c0:d8:37:4f: 54:09:c2:fc:7a:33:80:28:82:87:cc:63:53:5a:7f: f4:7d:8b:24:e5:76:0b:6b:f9:d6:2f:65:32:6f:65: 12:de:82:ee:92:81:be:ba:03:25:34:84:2e:6e:cb: 2b:69:7c:b7:16:3e:de:7b:d7:db:3e:74:a3:77:f0: e1:41:c8:c2:de:ea:f5:f9:fa:74:71:73:0f:8f:ad: 5b:39:ca:5c:45:a7:80:88:70:8b:52:d2:49:e2:45: da:0b:7f:fc:62:ff:d4:0a:e6:48:4c:8c:c5:af:3d: 3c:77:48:89:b1:e2:55:ab:48:8d:68:da:9c:09:1e: 7d:84:94:28:02:eb:ea:f0:18:93:19:d1:18:58:0e: 30:36:f4:7c:37:23:ad:41:fd:ad:5c:aa:d3:43:21: dd:a9:53:f7:b1:64:bf:7a:63:58:0f:93:c3:17:3f: bb:d8:e7:2d:87:ec:8a:3b:bb:09:33:70:9b:f5:09: e8:b0:47:1d:2b:b5:a8:bd:2b:8b:9d:4d:ae:ca:be: 95:7b:6b:1c:a6:58:e9:8b:d1:d2:0a:ff:0f:6c:b1: 39:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:36:10:A8:DD:E3:A3:8D:84:BF:23:33:21:7C:4F:EE:F7:37:DA:1B X509v3 Authority Key Identifier: keyid:1D:EF:B2:0A:7A:51:EE:18:DD:7A:D0:6A:DA:AC:49:11:E3:E2:F7:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He-yCnpR7hjdetBq2qxJEePi95Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9f:b4:dc:00:2c:f2:34:dd:76:3e:0d:cc:aa:cf:e2:f0:f8:c1: a3:ee:fa:91:65:ab:41:0a:2f:0d:04:a0:9e:b4:c2:e4:66:69: bb:fc:e6:c5:05:05:08:95:83:35:c9:0d:9b:36:32:da:fd:b7: 71:1c:89:19:99:a5:74:a5:53:b8:98:a9:ad:ee:44:ba:06:7b: 22:a4:80:9c:5f:4f:10:59:87:a5:19:9b:2d:47:a8:fb:d4:3c: 0a:97:8d:82:9c:fc:9d:ac:4a:2f:fe:4f:68:07:3b:6a:86:35: e3:f3:89:07:04:7d:c3:37:1d:ad:76:be:ec:b5:22:0e:27:ed: 01:a2:23:b5:1a:08:0b:09:10:92:87:74:38:71:a7:3b:1c:99: 53:45:86:e1:87:01:5a:73:c7:f0:9c:4d:b3:ff:81:f0:11:42: d9:22:9d:16:6a:ea:91:57:97:15:93:6b:ab:c5:ff:52:b0:b4: 7c:64:b1:41:34:ea:72:4f:8a:8f:9c:59:0d:a9:6c:77:c1:2f: 90:ad:d1:ee:83:96:e1:b9:ad:7b:5e:1e:80:4d:9b:d3:47:c4: a5:3c:d3:b2:43:85:7f:c0:f0:2a:94:64:5f:c3:13:19:17:3e: 0c:26:0e:24:35:66:af:ce:9c:00:8f:71:a8:11:28:67:d3:26: 58:fe:d3:33 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAc0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mjg1RTMxMTAvBgNVBAUTKDFERUZCMjBBN0E1MUVFMThERDdBRDA2QURBQUM0OTEx RTNFMkY3OTQwHhcNMjUwNDI1MDIxMDI3WhcNMjUwNTAyMDIxMDI3WjAYMRYwFAYD VQQDEw02ODBhZWYxMy04NzViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx7W+fengVjCyVoFlqjAGuRQg0gtNWx8ueKczcU9Ce+rSLeTc+OEFe8DYN09U CcL8ejOAKIKHzGNTWn/0fYsk5XYLa/nWL2Uyb2US3oLukoG+ugMlNIQubssraXy3 Fj7ee9fbPnSjd/DhQcjC3ur1+fp0cXMPj61bOcpcRaeAiHCLUtJJ4kXaC3/8Yv/U CuZITIzFrz08d0iJseJVq0iNaNqcCR59hJQoAuvq8BiTGdEYWA4wNvR8NyOtQf2t XKrTQyHdqVP3sWS/emNYD5PDFz+72Octh+yKO7sJM3Cb9QnosEcdK7WovSuLnU2u yr6Ve2scpljpi9HSCv8PbLE5rQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFK82EKjd 46ONhL8jMyF8T+73N9obMB8GA1UdIwQYMBaAFB3vsgp6Ue4Y3XrQatqsSRHj4veU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyODVFMy8xQjEyQTgyNDcw NzkxMUVEQkFBN0NEMjZDNEY5QUUwMi9IZS15Q25wUjdoamRldEJxMnF4SkVlUGk5 NVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hlLXlDbnBSN2hqZGV0QnEycXhKRWVQaTk1US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy ODVFMy8xQjEyQTgyNDcwNzkxMUVEQkFBN0NEMjZDNEY5QUUwMi9IZS15Q25wUjdo amRldEJxMnF4SkVlUGk5NVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCftNwALPI03XY+Dcyqz+Lw+MGj7vqRZatBCi8NBKCetMLkZmm7/ObF BQUIlYM1yQ2bNjLa/bdxHIkZmaV0pVO4mKmt7kS6BnsipICcX08QWYelGZstR6j7 1DwKl42CnPydrEov/k9oBztqhjXj84kHBH3DNx2tdr7stSIOJ+0BoiO1GggLCRCS h3Q4cac7HJlTRYbhhwFac8fwnE2z/4HwEULZIp0WauqRV5cVk2urxf9SsLR8ZLFB NOpyT4qPnFkNqWx3wS+QrdHug5bhua17Xh6ATZvTR8SlPNOyQ4V/wPAqlGRfwxMZ Fz4MJg4kNWavzpwAj3GoEShn0yZY/tMz -----END CERTIFICATE-----Generated at Sat Apr 26 04:22:55 2025 by rpki-client