$ rpki-client -vvf rpki.apnic.net/member_repository/A91509C4/4B8961381D8B11E28A33C7E508B02CD2/hQaYWfujzd6OwbgaHgTdYFCzgRM.mft File: hQaYWfujzd6OwbgaHgTdYFCzgRM.mft (raw, json) Hash identifier: 3V0ZTTUJGO97jgKPLHRJjYKYNbBjbo/70g0NetYxDUE= Subject key identifier: 0A:D4:0D:E3:D7:68:AE:8A:20:C1:06:AA:C3:1F:FD:91:3C:6D:56:FA Authority key identifier: 85:06:98:59:FB:A3:CD:DE:8E:C1:B8:1A:1E:04:DD:60:50:B3:81:13 Certificate issuer: /CN=A91509C4/serialNumber=85069859FBA3CDDE8EC1B81A1E04DD6050B38113 Certificate serial: 3473 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hQaYWfujzd6OwbgaHgTdYFCzgRM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91509C4/4B8961381D8B11E28A33C7E508B02CD2/hQaYWfujzd6OwbgaHgTdYFCzgRM.mft Manifest number: 3473 Signing time: Thu 24 Apr 2025 14:33:58 +0000 Manifest this update: Thu 24 Apr 2025 14:33:57 +0000 Manifest next update: Thu 01 May 2025 14:33:57 +0000 Files and hashes: 1: hQaYWfujzd6OwbgaHgTdYFCzgRM.crl (hash: xUO14PX0gOMCzMaQAJLnX02zt11S3WpN61YmCmI+eXI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91509C4/4B8961381D8B11E28A33C7E508B02CD2/hQaYWfujzd6OwbgaHgTdYFCzgRM.crl rsync://rpki.apnic.net/member_repository/A91509C4/4B8961381D8B11E28A33C7E508B02CD2/hQaYWfujzd6OwbgaHgTdYFCzgRM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hQaYWfujzd6OwbgaHgTdYFCzgRM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 14:33:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13427 (0x3473) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509C4, serialNumber=85069859FBA3CDDE8EC1B81A1E04DD6050B38113 Validity Not Before: Apr 24 14:33:57 2025 GMT Not After : May 1 14:33:57 2025 GMT Subject: CN=680a4bd6-56ad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:c1:d5:55:9a:55:c9:25:36:c7:ee:b0:a8:3a: c8:86:36:43:45:08:fc:83:e2:bc:52:8c:ec:19:21: 87:f7:5d:b7:29:fe:d5:f6:b6:70:4b:62:be:8e:1c: a5:ca:5d:7e:af:40:8e:f6:78:2d:0e:d0:02:0d:4f: 8d:20:23:9b:a4:e1:36:bf:1b:d3:1f:2f:a8:40:db: ac:98:4c:2d:86:ce:44:a2:6d:d6:d6:91:4b:fb:b3: 96:c5:72:33:af:a2:fb:88:55:97:10:ef:20:0d:e9: 47:cb:b8:ba:b8:b3:3a:99:0c:28:0b:e6:d8:ce:a9: 72:45:c5:d0:ff:66:d5:69:da:b0:f1:c9:c1:01:08: 6d:f0:9c:e7:df:f4:f8:87:a4:b3:28:f3:c8:38:e9: 2f:f6:3c:72:f9:d8:34:be:1e:ca:4e:b9:9d:b4:4d: 16:eb:6b:5e:09:05:4d:6b:3f:73:44:39:bb:af:74: 74:e3:55:06:02:15:82:a8:c8:8f:25:eb:40:3f:bd: 23:f2:1e:13:3b:bb:5a:35:e9:62:9a:84:3b:75:5a: 3e:db:ab:60:63:52:4d:fb:62:c6:bb:ba:4c:d6:8f: 75:0f:3e:fe:15:d7:70:3a:8e:66:8b:52:4f:14:b9: b3:3d:1e:a7:d5:6f:58:a6:b9:e2:9a:c2:b8:a5:46: f9:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:D4:0D:E3:D7:68:AE:8A:20:C1:06:AA:C3:1F:FD:91:3C:6D:56:FA X509v3 Authority Key Identifier: keyid:85:06:98:59:FB:A3:CD:DE:8E:C1:B8:1A:1E:04:DD:60:50:B3:81:13 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91509C4/4B8961381D8B11E28A33C7E508B02CD2/hQaYWfujzd6OwbgaHgTdYFCzgRM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hQaYWfujzd6OwbgaHgTdYFCzgRM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91509C4/4B8961381D8B11E28A33C7E508B02CD2/hQaYWfujzd6OwbgaHgTdYFCzgRM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 65:76:fd:47:4c:14:b4:4b:59:c4:af:24:1b:8d:41:9c:db:b3: f9:d9:1c:5b:32:29:31:41:3a:31:41:66:17:10:8d:35:19:4f: 63:0f:b4:1f:42:cc:99:1b:94:c8:e8:a8:d8:69:5f:25:98:d8: 3f:e0:47:f2:ea:39:20:a7:a8:23:87:3f:01:3a:66:7c:2d:63: 38:ff:60:1a:dd:36:42:fd:ec:e5:0a:f8:99:13:7a:60:cf:2e: 77:5d:20:48:cb:01:51:85:a4:9e:a1:4c:c8:4d:c6:ae:a9:20: be:a7:34:2e:20:4e:6c:aa:e9:c4:15:71:fc:13:48:a1:72:67: 6f:ab:07:65:7b:51:8e:fd:eb:53:42:48:bf:37:df:28:7e:e9: b6:af:c5:c2:81:60:c8:c0:b5:58:81:21:24:b1:a9:4f:86:ee: ad:13:c6:70:68:56:84:4d:83:87:b8:4f:dc:17:7d:88:ea:37: 2b:24:3b:91:8e:3a:32:9b:3d:3c:6c:fe:3f:bb:73:d4:30:f6: 0e:7f:52:07:7a:d8:3e:98:bf:bb:cd:28:2d:50:82:40:38:bb: fe:d4:9b:3c:eb:d7:f7:0d:5b:6e:60:c2:ad:7d:ac:f8:c9:e4: 24:30:fe:34:da:cd:11:6d:34:13:c5:87:f6:78:3e:cf:f3:73: c6:ff:64:ab -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNHMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTA5QzQxMTAvBgNVBAUTKDg1MDY5ODU5RkJBM0NEREU4RUMxQjgxQTFFMDRERDYw NTBCMzgxMTMwHhcNMjUwNDI0MTQzMzU3WhcNMjUwNTAxMTQzMzU3WjAYMRYwFAYD VQQDEw02ODBhNGJkNi01NmFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1sHVVZpVySU2x+6wqDrIhjZDRQj8g+K8UozsGSGH9123Kf7V9rZwS2K+jhyl yl1+r0CO9ngtDtACDU+NICObpOE2vxvTHy+oQNusmEwths5Eom3W1pFL+7OWxXIz r6L7iFWXEO8gDelHy7i6uLM6mQwoC+bYzqlyRcXQ/2bVadqw8cnBAQht8Jzn3/T4 h6SzKPPIOOkv9jxy+dg0vh7KTrmdtE0W62teCQVNaz9zRDm7r3R041UGAhWCqMiP JetAP70j8h4TO7taNelimoQ7dVo+26tgY1JN+2LGu7pM1o91Dz7+FddwOo5mi1JP FLmzPR6n1W9YprnimsK4pUb5kQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFArUDePX aK6KIMEGqsMf/ZE8bVb6MB8GA1UdIwQYMBaAFIUGmFn7o83ejsG4Gh4E3WBQs4ET MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MDlDNC80Qjg5NjEzODFE OEIxMUUyOEEzM0M3RTUwOEIwMkNEMi9oUWFZV2Z1anpkNk93YmdhSGdUZFlGQ3pn Uk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hRYVlXZnVqemQ2T3diZ2FIZ1RkWUZDemdSTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 MDlDNC80Qjg5NjEzODFEOEIxMUUyOEEzM0M3RTUwOEIwMkNEMi9oUWFZV2Z1anpk Nk93YmdhSGdUZFlGQ3pnUk0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBldv1HTBS0S1nEryQbjUGc27P52RxbMikxQToxQWYXEI01GU9jD7Qf QsyZG5TI6KjYaV8lmNg/4Efy6jkgp6gjhz8BOmZ8LWM4/2Aa3TZC/ezlCviZE3pg zy53XSBIywFRhaSeoUzITcauqSC+pzQuIE5squnEFXH8E0ihcmdvqwdle1GO/etT Qki/N98ofum2r8XCgWDIwLVYgSEksalPhu6tE8ZwaFaETYOHuE/cF32I6jcrJDuR jjoymz08bP4/u3PUMPYOf1IHetg+mL+7zSgtUIJAOLv+1Js869f3DVtuYMKtfaz4 yeQkMP402s0RbTQTxYf2eD7P83PG/2Sr -----END CERTIFICATE-----Generated at Sat Apr 26 03:53:58 2025 by rpki-client