$ rpki-client -vvf rpki.apnic.net/member_repository/A914E950/CBF06F308DDC11ECA1400C69C4F9AE02/2HXmPHNQjdifas3MBgFEoIwIZtw.mft File: 2HXmPHNQjdifas3MBgFEoIwIZtw.mft (raw, json) Hash identifier: CgAqo17jORa4sWE/gRJACWV9dwj/yl2t10UM7nnaCyg= Subject key identifier: 5D:AC:01:43:7A:E6:3A:98:CF:81:80:5A:E9:29:48:57:28:C9:04:2C Authority key identifier: D8:75:E6:3C:73:50:8D:D8:9F:6A:CD:CC:06:01:44:A0:8C:08:66:DC Certificate issuer: /CN=A914E950/serialNumber=D875E63C73508DD89F6ACDCC060144A08C0866DC Certificate serial: 03AF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2HXmPHNQjdifas3MBgFEoIwIZtw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914E950/CBF06F308DDC11ECA1400C69C4F9AE02/2HXmPHNQjdifas3MBgFEoIwIZtw.mft Manifest number: 03AB Signing time: Fri 25 Apr 2025 00:28:37 +0000 Manifest this update: Fri 25 Apr 2025 00:28:36 +0000 Manifest next update: Fri 02 May 2025 00:28:36 +0000 Files and hashes: 1: 2HXmPHNQjdifas3MBgFEoIwIZtw.crl (hash: XVxVYcal2zEAOSdffYvr1h6FaX9A+qWjCG6/M+cgE+U=) 2: 6199B5668DE011ECB9F9C06EC4F9AE02.roa (hash: 2v76irvv8YBootZ9ixmNS7BdVolsdY5VCXkGVLqaKlA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914E950/CBF06F308DDC11ECA1400C69C4F9AE02/2HXmPHNQjdifas3MBgFEoIwIZtw.crl rsync://rpki.apnic.net/member_repository/A914E950/CBF06F308DDC11ECA1400C69C4F9AE02/2HXmPHNQjdifas3MBgFEoIwIZtw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2HXmPHNQjdifas3MBgFEoIwIZtw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 00:28:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 943 (0x3af) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914E950, serialNumber=D875E63C73508DD89F6ACDCC060144A08C0866DC Validity Not Before: Apr 25 00:28:36 2025 GMT Not After : May 2 00:28:36 2025 GMT Subject: CN=680ad735-b7a4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:de:3e:22:f5:5c:d2:56:bd:99:ef:69:97:e2: 68:72:ac:d8:1d:a4:91:76:20:eb:dd:7d:9f:06:3a: eb:f3:b4:7c:85:57:29:f1:53:2b:87:cb:87:9b:67: ab:0e:73:b5:0f:d7:c0:3c:7a:99:34:a7:96:db:45: 44:ac:ee:44:b0:05:41:3a:48:f1:c1:5d:d5:21:40: e5:b8:ed:b6:98:dd:20:6a:69:8b:07:3f:2b:8d:50: 12:f0:f4:6e:2e:ea:cd:79:1c:a5:7b:b2:48:d3:14: 91:da:f1:db:d6:d3:e1:f1:2a:33:d4:2e:a1:0d:c5: 35:e8:3c:54:8e:57:94:73:5e:67:76:63:10:44:0b: 4a:57:ba:ee:e0:22:9e:ce:bb:07:f3:a9:c0:0b:05: 6b:40:75:2e:c9:aa:3a:8e:b3:c0:10:fa:c2:15:4a: f6:1d:db:c1:30:f9:74:d9:cc:e4:5b:fc:10:ec:fe: fe:d0:5b:87:bd:c2:1d:20:c1:02:87:1c:b0:99:54: d2:d9:84:35:2b:c1:7a:a6:8b:4d:83:6c:47:66:26: 9e:de:cf:11:55:ab:fb:dd:d5:52:21:78:95:c5:e6: 2d:ed:e3:83:3f:71:50:97:de:67:29:6f:a2:b8:cd: ed:22:67:7c:f6:9f:49:ce:96:e4:a9:f3:8d:9f:30: 79:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:AC:01:43:7A:E6:3A:98:CF:81:80:5A:E9:29:48:57:28:C9:04:2C X509v3 Authority Key Identifier: keyid:D8:75:E6:3C:73:50:8D:D8:9F:6A:CD:CC:06:01:44:A0:8C:08:66:DC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914E950/CBF06F308DDC11ECA1400C69C4F9AE02/2HXmPHNQjdifas3MBgFEoIwIZtw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2HXmPHNQjdifas3MBgFEoIwIZtw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914E950/CBF06F308DDC11ECA1400C69C4F9AE02/2HXmPHNQjdifas3MBgFEoIwIZtw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1c:8e:70:bd:a2:e0:11:97:7f:72:00:c1:07:48:67:d6:80:a3: 7a:44:a3:36:db:b6:cb:43:b2:45:bc:bc:69:5b:a0:5f:7a:1e: 09:65:63:3e:75:87:47:0b:3e:f2:e3:a9:9f:cd:c2:72:b1:38: e8:7a:fb:5b:50:77:75:5d:68:38:b3:4b:e2:e9:15:44:b5:c4: 4e:ed:22:2a:8d:1d:70:9c:6c:de:9e:8c:db:d8:73:c0:08:f2: 76:d2:7b:5c:68:da:a6:dd:56:68:2d:6a:8c:aa:1a:fe:a9:a4: 83:82:58:a2:85:9a:ef:81:00:7a:1e:33:c3:d2:6c:2c:47:cd: 2f:57:c9:41:e6:cf:46:5b:80:91:e8:07:76:68:51:e7:d2:0f: 12:99:cd:68:83:f5:8a:01:da:cf:07:bf:36:a2:d6:7f:cc:54: ea:be:06:b2:b9:2e:6a:e0:bd:0f:38:d6:74:3a:6c:a3:e5:7d: eb:29:3c:8c:4c:48:7e:50:bc:38:28:6d:b2:a6:f5:bc:58:83: 72:4a:cc:23:16:93:2d:50:ad:fa:09:27:74:f4:c7:98:43:99: 6b:2a:b9:8f:72:c3:9a:71:03:e8:02:2e:8a:47:bc:d7:7d:76: 28:2d:28:d6:4e:06:68:8e:0a:40:3d:ca:0a:13:38:83:39:07: 9d:8b:2a:b3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA68wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEU5NTAxMTAvBgNVBAUTKEQ4NzVFNjNDNzM1MDhERDg5RjZBQ0RDQzA2MDE0NEEw OEMwODY2REMwHhcNMjUwNDI1MDAyODM2WhcNMjUwNTAyMDAyODM2WjAYMRYwFAYD VQQDEw02ODBhZDczNS1iN2E0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy94+IvVc0la9me9pl+JocqzYHaSRdiDr3X2fBjrr87R8hVcp8VMrh8uHm2er DnO1D9fAPHqZNKeW20VErO5EsAVBOkjxwV3VIUDluO22mN0gammLBz8rjVAS8PRu LurNeRyle7JI0xSR2vHb1tPh8Soz1C6hDcU16DxUjleUc15ndmMQRAtKV7ru4CKe zrsH86nACwVrQHUuyao6jrPAEPrCFUr2HdvBMPl02czkW/wQ7P7+0FuHvcIdIMEC hxywmVTS2YQ1K8F6potNg2xHZiae3s8RVav73dVSIXiVxeYt7eODP3FQl95nKW+i uM3tImd89p9JzpbkqfONnzB5BQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF2sAUN6 5jqYz4GAWukpSFcoyQQsMB8GA1UdIwQYMBaAFNh15jxzUI3Yn2rNzAYBRKCMCGbc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RTk1MC9DQkYwNkYzMDhE REMxMUVDQTE0MDBDNjlDNEY5QUUwMi8ySFhtUEhOUWpkaWZhczNNQmdGRW9Jd0la dHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJIWG1QSE5RamRpZmFzM01CZ0ZFb0l3SVp0dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RTk1MC9DQkYwNkYzMDhEREMxMUVDQTE0MDBDNjlDNEY5QUUwMi8ySFhtUEhOUWpk aWZhczNNQmdGRW9Jd0ladHcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAcjnC9ouARl39yAMEHSGfWgKN6RKM227bLQ7JFvLxpW6Bfeh4JZWM+ dYdHCz7y46mfzcJysTjoevtbUHd1XWg4s0vi6RVEtcRO7SIqjR1wnGzenozb2HPA CPJ20ntcaNqm3VZoLWqMqhr+qaSDgliihZrvgQB6HjPD0mwsR80vV8lB5s9GW4CR 6Ad2aFHn0g8Smc1og/WKAdrPB782otZ/zFTqvgayuS5q4L0PONZ0Omyj5X3rKTyM TEh+ULw4KG2ypvW8WINySswjFpMtUK36CSd09MeYQ5lrKrmPcsOacQPoAi6KR7zX fXYoLSjWTgZojgpAPcoKEziDOQediyqz -----END CERTIFICATE-----Generated at Sat Apr 26 04:28:46 2025 by rpki-client