$ rpki-client -vvf rpki.apnic.net/member_repository/A91352C6/1EDFE496B1D411EAA46F001AC4F9AE02/HaAa_AiIyqYXHgoOdBz8kE7S328.mft File: HaAa_AiIyqYXHgoOdBz8kE7S328.mft (raw, json) Hash identifier: 5JhALO4+H34OUJCy9U63ZrBeZy65bsygXnlXLSKQIsA= Subject key identifier: 9A:8B:B6:16:81:3E:4D:37:B5:C5:80:E1:67:3D:59:6E:5C:27:AC:D5 Authority key identifier: 1D:A0:1A:FC:08:88:CA:A6:17:1E:0A:0E:74:1C:FC:90:4E:D2:DF:6F Certificate issuer: /CN=A91352C6/serialNumber=1DA01AFC0888CAA6171E0A0E741CFC904ED2DF6F Certificate serial: 08BF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HaAa_AiIyqYXHgoOdBz8kE7S328.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91352C6/1EDFE496B1D411EAA46F001AC4F9AE02/HaAa_AiIyqYXHgoOdBz8kE7S328.mft Manifest number: 08B9 Signing time: Thu 24 Apr 2025 20:22:14 +0000 Manifest this update: Thu 24 Apr 2025 20:22:14 +0000 Manifest next update: Thu 01 May 2025 20:22:14 +0000 Files and hashes: 1: HaAa_AiIyqYXHgoOdBz8kE7S328.crl (hash: gA7VCpacarzmJ4PLJJyOOyLYs+P4orz/iBAQR+lF/os=) 2: 939AAE78B1D511EA8E3DAE1CC4F9AE02.roa (hash: KFIHw6tMuHLxcRTo8fAv1CEG7OYhkgzMk8UZPi5UKvY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91352C6/1EDFE496B1D411EAA46F001AC4F9AE02/HaAa_AiIyqYXHgoOdBz8kE7S328.crl rsync://rpki.apnic.net/member_repository/A91352C6/1EDFE496B1D411EAA46F001AC4F9AE02/HaAa_AiIyqYXHgoOdBz8kE7S328.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HaAa_AiIyqYXHgoOdBz8kE7S328.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:22:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2239 (0x8bf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91352C6, serialNumber=1DA01AFC0888CAA6171E0A0E741CFC904ED2DF6F Validity Not Before: Apr 24 20:22:14 2025 GMT Not After : May 1 20:22:14 2025 GMT Subject: CN=680a9d76-2c68 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:01:ea:be:53:77:01:1e:b8:6b:ec:41:35:7e: f7:6a:a3:5e:00:88:fb:ad:a0:8d:63:c6:80:d3:c2: ed:e7:c2:c0:2b:e9:e6:ab:65:35:c1:84:be:ff:d8: b9:0e:fd:14:6e:02:97:0c:71:05:19:00:d2:53:58: e3:3e:5f:97:db:0b:90:c9:41:a8:41:0f:bf:8a:1d: 53:e0:52:5a:24:f5:6e:10:50:43:28:ca:bd:a2:66: 18:ad:63:80:77:05:97:ae:58:2c:52:1e:0a:ac:bc: 4d:02:89:b3:7a:c6:dd:16:a9:e8:74:51:60:6b:a1: a6:f5:49:fa:38:62:e8:e8:8c:8e:48:5d:03:55:99: f8:d7:60:9b:26:92:6b:ff:c6:22:cd:6c:28:05:27: 4c:86:d8:74:0b:be:fb:83:0d:3a:1b:d5:6d:93:9b: 44:0d:90:d8:25:f4:a9:9f:88:7c:d5:7a:15:11:cf: f9:d2:fa:35:f1:c7:d2:81:a7:6a:fa:73:f7:ba:f0: 1b:41:16:81:55:4a:d0:2f:b6:d7:1c:29:00:60:8a: ab:31:6c:50:ce:98:1e:8b:2a:5d:ce:8e:f6:07:4c: 71:56:11:e0:6b:9e:5b:dc:fb:65:29:81:a4:8d:81: 84:c4:15:d2:c3:ef:3e:42:d7:e6:69:79:23:f4:c2: 3e:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:8B:B6:16:81:3E:4D:37:B5:C5:80:E1:67:3D:59:6E:5C:27:AC:D5 X509v3 Authority Key Identifier: keyid:1D:A0:1A:FC:08:88:CA:A6:17:1E:0A:0E:74:1C:FC:90:4E:D2:DF:6F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91352C6/1EDFE496B1D411EAA46F001AC4F9AE02/HaAa_AiIyqYXHgoOdBz8kE7S328.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HaAa_AiIyqYXHgoOdBz8kE7S328.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91352C6/1EDFE496B1D411EAA46F001AC4F9AE02/HaAa_AiIyqYXHgoOdBz8kE7S328.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 28:db:8f:96:4a:99:47:40:21:d2:10:ed:6c:6a:f5:83:26:70: f1:e4:7d:62:67:83:4d:a1:0f:2a:da:c9:cc:21:1f:bc:8b:4c: 8a:8f:6c:0b:03:47:62:41:c8:3a:c2:93:ba:49:7e:77:ab:3f: 09:b2:13:c0:13:17:3e:af:5a:1f:35:fd:ab:98:ba:53:11:34: 59:b1:93:75:58:f9:01:c9:d7:7e:6d:a0:f8:1f:8c:a1:de:71: a4:6e:47:20:25:e4:3b:78:91:47:73:dc:5b:89:ff:28:4b:7b: 8d:25:34:f5:17:4d:09:d2:76:0b:ba:45:1a:40:d3:c3:37:62: 44:42:3f:6c:e2:ea:28:85:a0:a2:95:0b:f0:09:84:14:e2:2c: dd:82:5a:92:27:f1:cc:3f:a7:1f:11:ff:7a:ef:0f:a0:c4:65: ec:e6:12:78:9d:18:ae:0e:e0:03:6a:3f:8e:34:4a:4d:a0:fa: 4e:56:fe:5e:de:3c:77:62:bc:56:86:2d:ec:da:64:bb:41:06: ae:7b:fb:10:7b:e7:61:7c:e1:c9:c3:a5:8f:6b:24:91:83:c8: f7:7a:53:84:80:cb:14:04:0c:2e:6c:17:14:8c:30:8a:90:5e: 89:0b:42:b2:4e:ea:7f:d1:c8:93:03:84:5d:a6:01:fe:50:af: 67:4f:0f:1a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCL8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzUyQzYxMTAvBgNVBAUTKDFEQTAxQUZDMDg4OENBQTYxNzFFMEEwRTc0MUNGQzkw NEVEMkRGNkYwHhcNMjUwNDI0MjAyMjE0WhcNMjUwNTAxMjAyMjE0WjAYMRYwFAYD VQQDEw02ODBhOWQ3Ni0yYzY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwAHqvlN3AR64a+xBNX73aqNeAIj7raCNY8aA08Lt58LAK+nmq2U1wYS+/9i5 Dv0UbgKXDHEFGQDSU1jjPl+X2wuQyUGoQQ+/ih1T4FJaJPVuEFBDKMq9omYYrWOA dwWXrlgsUh4KrLxNAomzesbdFqnodFFga6Gm9Un6OGLo6IyOSF0DVZn412CbJpJr /8YizWwoBSdMhth0C777gw06G9Vtk5tEDZDYJfSpn4h81XoVEc/50vo18cfSgadq +nP3uvAbQRaBVUrQL7bXHCkAYIqrMWxQzpgeiypdzo72B0xxVhHga55b3PtlKYGk jYGExBXSw+8+QtfmaXkj9MI+1QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJqLthaB Pk03tcWA4Wc9WW5cJ6zVMB8GA1UdIwQYMBaAFB2gGvwIiMqmFx4KDnQc/JBO0t9v MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNTJDNi8xRURGRTQ5NkIx RDQxMUVBQTQ2RjAwMUFDNEY5QUUwMi9IYUFhX0FpSXlxWVhIZ29PZEJ6OGtFN1Mz MjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hhQWFfQWlJeXFZWEhnb09kQno4a0U3UzMyOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NTJDNi8xRURGRTQ5NkIxRDQxMUVBQTQ2RjAwMUFDNEY5QUUwMi9IYUFhX0FpSXlx WVhIZ29PZEJ6OGtFN1MzMjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAo24+WSplHQCHSEO1savWDJnDx5H1iZ4NNoQ8q2snMIR+8i0yKj2wL A0diQcg6wpO6SX53qz8JshPAExc+r1ofNf2rmLpTETRZsZN1WPkBydd+baD4H4yh 3nGkbkcgJeQ7eJFHc9xbif8oS3uNJTT1F00J0nYLukUaQNPDN2JEQj9s4uoohaCi lQvwCYQU4izdglqSJ/HMP6cfEf967w+gxGXs5hJ4nRiuDuADaj+ONEpNoPpOVv5e 3jx3YrxWhi3s2mS7QQaue/sQe+dhfOHJw6WPaySRg8j3elOEgMsUBAwubBcUjDCK kF6JC0KyTup/0ciTA4RdpgH+UK9nTw8a -----END CERTIFICATE-----Generated at Sat Apr 26 12:36:52 2025 by rpki-client