$ rpki-client -vvf rpki.apnic.net/member_repository/A9132B7A/06A19602644D11EE84D4034FC4F9AE02/h7_uyP-fsmiAINtZpiLBOhXlryA.mft File: h7_uyP-fsmiAINtZpiLBOhXlryA.mft (raw, json) Hash identifier: QExSsSMrlPliQZ0OQD2vAVtEiCItqUD4lvSKiUIZZuQ= Subject key identifier: 19:5B:52:64:BF:9E:8B:58:E5:EE:76:A8:8F:64:3F:B7:3B:96:44:B6 Authority key identifier: 87:BF:EE:C8:FF:9F:B2:68:80:20:DB:59:A6:22:C1:3A:15:E5:AF:20 Certificate issuer: /CN=A9132B7A/serialNumber=87BFEEC8FF9FB2688020DB59A622C13A15E5AF20 Certificate serial: 012F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7_uyP-fsmiAINtZpiLBOhXlryA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9132B7A/06A19602644D11EE84D4034FC4F9AE02/h7_uyP-fsmiAINtZpiLBOhXlryA.mft Manifest number: 012A Signing time: Fri 25 Apr 2025 03:46:20 +0000 Manifest this update: Fri 25 Apr 2025 03:46:19 +0000 Manifest next update: Fri 02 May 2025 03:46:19 +0000 Files and hashes: 1: h7_uyP-fsmiAINtZpiLBOhXlryA.crl (hash: nuTkgJtC9rYyfTn8nYcfqHATFDlSb/r1i6+UeZYytqY=) 2: 28382F96644E11EEA1DCB653C4F9AE02.roa (hash: tkC94LIcazFbktBOOWxjViOTNkAmC8Zs4gf9iesOvuI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9132B7A/06A19602644D11EE84D4034FC4F9AE02/h7_uyP-fsmiAINtZpiLBOhXlryA.crl rsync://rpki.apnic.net/member_repository/A9132B7A/06A19602644D11EE84D4034FC4F9AE02/h7_uyP-fsmiAINtZpiLBOhXlryA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7_uyP-fsmiAINtZpiLBOhXlryA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 03:46:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 303 (0x12f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9132B7A, serialNumber=87BFEEC8FF9FB2688020DB59A622C13A15E5AF20 Validity Not Before: Apr 25 03:46:19 2025 GMT Not After : May 2 03:46:19 2025 GMT Subject: CN=680b058c-44d6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:7e:de:ca:ab:2b:df:9a:96:b3:99:c4:e1:29: 8b:8c:98:f4:65:be:5c:35:00:d7:35:23:c2:20:9b: d8:c1:be:88:c2:d8:68:bf:66:a5:22:ec:5b:58:5e: 9f:06:7e:47:da:58:62:ac:e9:00:2f:7e:be:c0:d2: 30:11:e0:7a:68:4e:6c:ea:d2:93:34:e6:aa:aa:1e: e6:3f:a2:b9:a9:ca:a3:25:a3:dc:cc:bd:b6:61:bb: bd:55:0e:da:60:00:24:16:12:4e:e8:d6:5e:ab:36: a6:1c:41:c6:12:69:53:c5:ef:44:29:99:48:2f:59: 38:fa:fa:07:8a:2c:81:fe:36:04:1e:c2:cf:f7:72: 09:f6:26:d4:43:35:31:82:8e:65:25:89:b3:78:ed: b4:77:c3:d0:85:29:73:2f:ce:d9:14:aa:18:7c:67: bc:c4:e7:0f:27:6a:c5:6d:dc:e9:77:7f:32:11:3e: 27:bd:f9:41:1e:cb:9f:f4:75:0b:d5:49:97:b5:ff: a2:bd:77:ec:43:50:1f:5c:ef:8f:bd:f5:44:49:45: 72:59:3b:ba:a9:10:b2:55:a0:50:50:d9:8f:44:68: b6:b8:bc:02:11:07:5b:35:b8:ff:7c:b5:4d:2a:d1: 91:33:62:cf:15:12:93:2b:c3:dc:ed:20:be:48:00: 63:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:5B:52:64:BF:9E:8B:58:E5:EE:76:A8:8F:64:3F:B7:3B:96:44:B6 X509v3 Authority Key Identifier: keyid:87:BF:EE:C8:FF:9F:B2:68:80:20:DB:59:A6:22:C1:3A:15:E5:AF:20 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9132B7A/06A19602644D11EE84D4034FC4F9AE02/h7_uyP-fsmiAINtZpiLBOhXlryA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7_uyP-fsmiAINtZpiLBOhXlryA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9132B7A/06A19602644D11EE84D4034FC4F9AE02/h7_uyP-fsmiAINtZpiLBOhXlryA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 08:eb:c1:f6:be:be:a6:71:b6:88:f8:3c:a6:2b:e2:cd:d2:e1: 87:57:00:92:69:e9:b4:d3:24:e4:b4:1f:c2:41:94:be:b2:a6: 6a:4e:0a:1b:f4:bd:50:3e:98:bd:d5:59:ff:68:ed:a6:02:03: 45:e8:ce:41:c5:ab:89:b1:18:e8:4a:37:3e:6a:2c:64:4d:e3: 47:cb:af:53:3f:c1:39:f8:d8:b8:d5:99:37:bd:04:19:92:8e: 8c:34:a2:27:05:7a:cd:57:bb:35:1e:69:ef:bb:81:3e:99:40: 9a:61:aa:1c:a4:0c:08:e9:0b:5c:54:d4:6c:6c:61:89:9a:ac: 38:65:4b:89:87:bb:ee:7e:5d:2b:c6:0c:92:80:56:11:30:d2: df:bd:a7:82:24:3f:81:01:43:7a:22:77:b3:66:7e:c2:f6:fa: d0:2e:ee:e2:16:71:05:9b:5c:c2:3a:9c:af:4a:41:f0:20:0e: b7:b9:d8:00:17:42:aa:3a:c4:c7:4c:00:be:b7:b9:2a:2f:17: bb:62:f5:86:4c:1f:c6:9f:40:ce:1c:fa:aa:61:67:0d:3f:73: 8f:76:94:27:cf:75:9c:35:dd:87:77:e7:32:2d:0e:91:d4:a9: de:38:d2:e2:ad:41:d9:af:69:06:10:b8:d4:77:a8:e5:66:fc: d7:7d:e4:97 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAS8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzJCN0ExMTAvBgNVBAUTKDg3QkZFRUM4RkY5RkIyNjg4MDIwREI1OUE2MjJDMTNB MTVFNUFGMjAwHhcNMjUwNDI1MDM0NjE5WhcNMjUwNTAyMDM0NjE5WjAYMRYwFAYD VQQDEw02ODBiMDU4Yy00NGQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvn7eyqsr35qWs5nE4SmLjJj0Zb5cNQDXNSPCIJvYwb6Iwthov2alIuxbWF6f Bn5H2lhirOkAL36+wNIwEeB6aE5s6tKTNOaqqh7mP6K5qcqjJaPczL22Ybu9VQ7a YAAkFhJO6NZeqzamHEHGEmlTxe9EKZlIL1k4+voHiiyB/jYEHsLP93IJ9ibUQzUx go5lJYmzeO20d8PQhSlzL87ZFKoYfGe8xOcPJ2rFbdzpd38yET4nvflBHsuf9HUL 1UmXtf+ivXfsQ1AfXO+PvfVESUVyWTu6qRCyVaBQUNmPRGi2uLwCEQdbNbj/fLVN KtGRM2LPFRKTK8Pc7SC+SABjNQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBlbUmS/ notY5e52qI9kP7c7lkS2MB8GA1UdIwQYMBaAFIe/7sj/n7JogCDbWaYiwToV5a8g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMkI3QS8wNkExOTYwMjY0 NEQxMUVFODRENDAzNEZDNEY5QUUwMi9oN191eVAtZnNtaUFJTnRacGlMQk9oWGxy eUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2g3X3V5UC1mc21pQUlOdFpwaUxCT2hYbHJ5QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz MkI3QS8wNkExOTYwMjY0NEQxMUVFODRENDAzNEZDNEY5QUUwMi9oN191eVAtZnNt aUFJTnRacGlMQk9oWGxyeUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAI68H2vr6mcbaI+DymK+LN0uGHVwCSaem00yTktB/CQZS+sqZqTgob 9L1QPpi91Vn/aO2mAgNF6M5BxauJsRjoSjc+aixkTeNHy69TP8E5+Ni41Zk3vQQZ ko6MNKInBXrNV7s1Hmnvu4E+mUCaYaocpAwI6QtcVNRsbGGJmqw4ZUuJh7vufl0r xgySgFYRMNLfvaeCJD+BAUN6InezZn7C9vrQLu7iFnEFm1zCOpyvSkHwIA63udgA F0KqOsTHTAC+t7kqLxe7YvWGTB/Gn0DOHPqqYWcNP3OPdpQnz3WcNd2Hd+cyLQ6R 1KneONLirUHZr2kGELjUd6jlZvzXfeSX -----END CERTIFICATE-----Generated at Sat Apr 26 04:34:20 2025 by rpki-client