$ rpki-client -vvf rpki.apnic.net/member_repository/A914D9C3/45CC82CC806911EF82C9773CC4F9AE02/HlwQfv0DzxPSFKOaaizo3a0wRw4.mft File: HlwQfv0DzxPSFKOaaizo3a0wRw4.mft (raw, json) Hash identifier: 5zzaRLmXXtRiM7Hm9gsAL4/qw+Q+Aa4nDr75aAZZmms= Subject key identifier: EB:4B:BA:18:D2:C8:DC:40:90:72:B0:98:F5:4E:8F:EF:45:0B:E9:BE Authority key identifier: 1E:5C:10:7E:FD:03:CF:13:D2:14:A3:9A:6A:2C:E8:DD:AD:30:47:0E Certificate issuer: /CN=A914D9C3/serialNumber=1E5C107EFD03CF13D214A39A6A2CE8DDAD30470E Certificate serial: 72 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HlwQfv0DzxPSFKOaaizo3a0wRw4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914D9C3/45CC82CC806911EF82C9773CC4F9AE02/HlwQfv0DzxPSFKOaaizo3a0wRw4.mft Manifest number: 6F Signing time: Fri 25 Apr 2025 05:53:21 +0000 Manifest this update: Fri 25 Apr 2025 05:53:20 +0000 Manifest next update: Fri 02 May 2025 05:53:20 +0000 Files and hashes: 1: HlwQfv0DzxPSFKOaaizo3a0wRw4.crl (hash: eHLokshU4P0qQNdeEvgWXlUuv+IA9WbTNZzD5ZaJhKE=) 2: F7B3707C806911EF8C30A03DC4F9AE02.roa (hash: 9WzRWZ39qEL+BS0hCUtMSeDhBI46JI/Ih27Az+Uy8VI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914D9C3/45CC82CC806911EF82C9773CC4F9AE02/HlwQfv0DzxPSFKOaaizo3a0wRw4.crl rsync://rpki.apnic.net/member_repository/A914D9C3/45CC82CC806911EF82C9773CC4F9AE02/HlwQfv0DzxPSFKOaaizo3a0wRw4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HlwQfv0DzxPSFKOaaizo3a0wRw4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 05:53:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 114 (0x72) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914D9C3, serialNumber=1E5C107EFD03CF13D214A39A6A2CE8DDAD30470E Validity Not Before: Apr 25 05:53:20 2025 GMT Not After : May 2 05:53:20 2025 GMT Subject: CN=680b2351-554a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:8d:8d:ec:e2:36:1f:e6:7b:ea:18:d6:6d:18: 2b:79:30:5a:ee:14:a0:6b:41:a1:fc:29:f5:bb:05: f9:8c:b0:2f:9a:fa:de:7e:d3:d2:88:28:f3:28:34: fa:19:a1:75:c4:50:45:99:6a:bf:fd:78:b0:e9:28: 2f:96:73:79:f7:c1:e1:18:f2:ee:b4:7e:ec:d9:ea: f8:04:6e:59:6b:0e:40:cf:e0:9f:b6:d5:6b:07:9b: 76:88:67:25:d7:44:6c:fc:48:e9:f1:6f:06:65:9e: 82:b7:6c:94:4b:83:f0:89:f7:85:8e:b4:a7:31:c2: 8f:0d:e7:0a:a6:73:97:09:61:98:ca:8b:74:bc:28: f4:5a:da:70:e7:a8:78:8e:45:de:8b:1c:33:e1:9d: 31:af:77:4b:c4:2b:e0:e1:1a:40:b5:9a:5c:86:76: 39:33:54:33:02:e0:ea:5b:61:08:a7:e5:9f:0d:5a: 52:8e:38:c6:70:08:44:4d:09:e3:3f:60:77:09:0f: eb:5b:e4:0c:54:72:31:99:29:65:04:72:e9:24:8d: fb:84:75:b1:9e:90:e4:73:58:86:19:aa:86:a4:99: f0:e6:81:14:dc:25:37:2c:3e:84:c8:b2:2f:56:64: 95:dc:da:54:4d:33:96:6f:3f:f4:64:4c:fb:f2:68: 04:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:4B:BA:18:D2:C8:DC:40:90:72:B0:98:F5:4E:8F:EF:45:0B:E9:BE X509v3 Authority Key Identifier: keyid:1E:5C:10:7E:FD:03:CF:13:D2:14:A3:9A:6A:2C:E8:DD:AD:30:47:0E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914D9C3/45CC82CC806911EF82C9773CC4F9AE02/HlwQfv0DzxPSFKOaaizo3a0wRw4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HlwQfv0DzxPSFKOaaizo3a0wRw4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914D9C3/45CC82CC806911EF82C9773CC4F9AE02/HlwQfv0DzxPSFKOaaizo3a0wRw4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0d:b6:7b:53:45:e9:76:57:b6:46:fb:d3:3d:2b:48:02:80:f9: 1d:cb:d7:63:04:27:3e:f6:a3:ff:25:ab:86:bc:26:5d:c3:77: 1f:77:40:64:9b:86:ab:3d:fc:ce:ce:98:53:1e:e3:4b:7a:9f: e7:13:c8:5f:4a:ad:5d:57:b5:ba:e3:5c:02:81:52:f1:21:6f: f9:d2:8d:d0:d5:dd:6e:ab:fe:94:cb:b3:73:ce:a4:b4:49:2d: c7:d5:60:b4:f0:0f:e8:01:61:83:8d:8e:22:57:86:62:ae:c4: d2:fe:26:c9:61:d6:ff:a9:70:16:04:28:aa:90:ab:c8:55:bf: ec:55:da:e3:fe:e4:92:5e:95:a9:16:91:91:43:e1:dc:fa:da: 82:33:32:c5:0b:9d:bf:0b:1e:af:0d:66:f3:31:d0:fe:22:9b: 0d:fb:6b:5b:4a:51:ff:fd:9d:e4:d2:f3:0e:0a:c7:07:9b:d1: 0c:e1:22:8c:09:f7:e0:4b:06:84:79:4a:b6:71:7b:8f:66:84: a2:7d:af:b9:9a:3f:e2:85:50:74:c4:26:11:5c:b9:13:61:f7: 5e:dc:04:92:ca:18:d0:04:98:ee:41:f4:b1:b8:2c:79:04:a3: 47:4b:f5:84:38:f9:d2:32:a5:72:cf:72:a7:61:13:a8:a5:d8: 76:87:f5:c3 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBcjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 RDlDMzExMC8GA1UEBRMoMUU1QzEwN0VGRDAzQ0YxM0QyMTRBMzlBNkEyQ0U4RERB RDMwNDcwRTAeFw0yNTA0MjUwNTUzMjBaFw0yNTA1MDIwNTUzMjBaMBgxFjAUBgNV BAMTDTY4MGIyMzUxLTU1NGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCgjY3s4jYf5nvqGNZtGCt5MFruFKBrQaH8KfW7BfmMsC+a+t5+09KIKPMoNPoZ oXXEUEWZar/9eLDpKC+Wc3n3weEY8u60fuzZ6vgEbllrDkDP4J+21WsHm3aIZyXX RGz8SOnxbwZlnoK3bJRLg/CJ94WOtKcxwo8N5wqmc5cJYZjKi3S8KPRa2nDnqHiO Rd6LHDPhnTGvd0vEK+DhGkC1mlyGdjkzVDMC4OpbYQin5Z8NWlKOOMZwCERNCeM/ YHcJD+tb5AxUcjGZKWUEcukkjfuEdbGekORzWIYZqoakmfDmgRTcJTcsPoTIsi9W ZJXc2lRNM5ZvP/RkTPvyaARRAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU60u6GNLI 3ECQcrCY9U6P70UL6b4wHwYDVR0jBBgwFoAUHlwQfv0DzxPSFKOaaizo3a0wRw4w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTREOUMzLzQ1Q0M4MkNDODA2 OTExRUY4MkM5NzczQ0M0RjlBRTAyL0hsd1FmdjBEenhQU0ZLT2FhaXpvM2Ewd1J3 NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvSGx3UWZ2MER6eFBTRktPYWFpem8zYTB3Unc0LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRE OUMzLzQ1Q0M4MkNDODA2OTExRUY4MkM5NzczQ0M0RjlBRTAyL0hsd1FmdjBEenhQ U0ZLT2FhaXpvM2Ewd1J3NC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAA22e1NF6XZXtkb70z0rSAKA+R3L12MEJz72o/8lq4a8Jl3Ddx93QGSb hqs9/M7OmFMe40t6n+cTyF9KrV1XtbrjXAKBUvEhb/nSjdDV3W6r/pTLs3POpLRJ LcfVYLTwD+gBYYONjiJXhmKuxNL+Jslh1v+pcBYEKKqQq8hVv+xV2uP+5JJelakW kZFD4dz62oIzMsULnb8LHq8NZvMx0P4imw37a1tKUf/9neTS8w4Kxweb0QzhIowJ 9+BLBoR5SrZxe49mhKJ9r7maP+KFUHTEJhFcuRNh917cBJLKGNAEmO5B9LG4LHkE o0dL9YQ4+dIypXLPcqdhE6il2HaH9cM= -----END CERTIFICATE-----Generated at Sat Apr 26 04:25:42 2025 by rpki-client