$ rpki-client -vvf rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/HhI4RWNx50SJRiLpisHuVbQUXhA.mft File: HhI4RWNx50SJRiLpisHuVbQUXhA.mft (raw, json) Hash identifier: 3VSSUK39D7BSq+0R3PT0rOY8x8mFeM27wxMcu6HgWJc= Subject key identifier: 4C:1B:58:3F:F7:C4:BE:15:DE:3C:51:24:CF:9E:5C:F8:AA:A5:CF:C0 Authority key identifier: 1E:12:38:45:63:71:E7:44:89:46:22:E9:8A:C1:EE:55:B4:14:5E:10 Certificate issuer: /CN=A917E678/serialNumber=1E1238456371E744894622E98AC1EE55B4145E10 Certificate serial: 1538 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HhI4RWNx50SJRiLpisHuVbQUXhA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/HhI4RWNx50SJRiLpisHuVbQUXhA.mft Manifest number: 14F3 Signing time: Thu 24 Apr 2025 16:55:21 +0000 Manifest this update: Thu 24 Apr 2025 16:55:20 +0000 Manifest next update: Thu 01 May 2025 16:55:20 +0000 Files and hashes: 1: HhI4RWNx50SJRiLpisHuVbQUXhA.crl (hash: hrF3ciYQhTMuAyZSwEMD30ma0Ozp/b/iXf8zAHi8Ls8=) 2: 1E7AFF46066811ED8098BF45C4F9AE02.roa (hash: 1gfBWxubtAHaO2L7yyFmTjuANtEXOgERKbVVtHqz/Y4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/HhI4RWNx50SJRiLpisHuVbQUXhA.crl rsync://rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/HhI4RWNx50SJRiLpisHuVbQUXhA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HhI4RWNx50SJRiLpisHuVbQUXhA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 16:55:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5432 (0x1538) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E678, serialNumber=1E1238456371E744894622E98AC1EE55B4145E10 Validity Not Before: Apr 24 16:55:20 2025 GMT Not After : May 1 16:55:20 2025 GMT Subject: CN=680a6cf9-fca1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:1d:08:30:c3:30:a0:eb:83:bf:6e:8f:be:35: 58:69:12:33:a1:75:27:a0:0c:26:6a:c0:d9:b3:79: 0b:c2:ce:f9:63:0d:ce:f4:77:21:9e:75:82:80:a2: 91:28:fc:d8:c2:97:6a:d3:c5:13:98:2d:58:99:77: de:ea:b1:c7:31:d1:fd:69:e7:d0:a9:70:f7:e7:56: b7:74:5c:3d:37:9c:4c:70:26:bf:49:5e:4f:f7:96: 42:f9:e8:ad:2a:c8:68:af:4a:2e:e6:b4:fa:4f:45: 60:3f:3c:bd:2f:b7:06:cf:7a:f9:85:19:78:82:af: 9b:24:58:30:ca:3b:16:c8:67:73:f9:8a:25:e3:2f: d5:2b:3a:97:c8:35:c7:de:ff:76:7f:2d:07:59:2f: 9b:fa:2e:31:9d:db:36:73:d8:a5:b6:e6:8b:24:55: 3e:15:57:2a:9d:35:21:03:ba:7a:67:67:62:42:22: f1:02:7f:0b:7d:f2:0e:24:ea:b6:53:a8:3f:7b:05: e0:35:e4:6d:ef:6a:fc:18:c3:60:4e:e9:52:27:eb: e6:c0:ad:a4:d1:68:2d:99:5c:b7:b6:3d:ff:26:9b: c4:de:94:2c:5d:1c:6e:4a:b2:35:dc:d5:98:51:4a: e4:56:ce:1b:c7:10:96:e7:af:14:72:7a:2d:8d:a6: c9:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:1B:58:3F:F7:C4:BE:15:DE:3C:51:24:CF:9E:5C:F8:AA:A5:CF:C0 X509v3 Authority Key Identifier: keyid:1E:12:38:45:63:71:E7:44:89:46:22:E9:8A:C1:EE:55:B4:14:5E:10 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/HhI4RWNx50SJRiLpisHuVbQUXhA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HhI4RWNx50SJRiLpisHuVbQUXhA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/HhI4RWNx50SJRiLpisHuVbQUXhA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 53:66:01:43:55:e6:77:0c:be:5d:53:1b:85:40:07:78:fd:0b: dc:c4:e8:80:ac:ad:c5:ae:cd:63:a5:74:1f:95:2c:19:45:ca: 0a:eb:a1:06:5f:ac:22:60:d2:d9:79:a8:dd:e1:30:88:f5:71: 4c:0b:b6:45:3f:c2:f0:11:48:94:39:b0:05:22:cb:84:0a:48: d6:1b:46:4a:b6:5f:dd:45:de:04:a4:32:60:0d:40:d1:91:dd: b7:30:21:ad:c1:22:03:43:e1:72:ab:8a:0a:6d:eb:81:78:cf: 0f:f8:75:c1:1c:10:17:2a:3b:c2:42:99:30:24:d1:10:2c:13: bd:22:62:a4:84:2c:37:b5:8b:0f:c3:47:c6:79:89:5c:57:b8: 49:4f:cf:4a:c5:04:41:34:95:60:81:48:36:f2:d0:b6:4a:a4: 92:04:28:1f:07:8a:75:ff:b2:0d:39:d8:75:86:b6:d6:b2:07: 4a:61:f6:c3:d7:6f:a3:d1:45:a9:62:b6:a5:6e:6b:82:7f:e2: 11:32:92:da:f6:43:51:0d:27:1e:04:8a:ee:04:44:ed:f1:2f: b9:2c:89:47:3e:aa:1b:29:80:49:b3:ac:d0:0f:65:98:6f:2b: fb:42:f4:76:76:9c:ea:d5:55:fe:aa:84:89:a5:72:95:92:6c: 84:43:6a:33 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFTgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0U2NzgxMTAvBgNVBAUTKDFFMTIzODQ1NjM3MUU3NDQ4OTQ2MjJFOThBQzFFRTU1 QjQxNDVFMTAwHhcNMjUwNDI0MTY1NTIwWhcNMjUwNTAxMTY1NTIwWjAYMRYwFAYD VQQDEw02ODBhNmNmOS1mY2ExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuh0IMMMwoOuDv26PvjVYaRIzoXUnoAwmasDZs3kLws75Yw3O9HchnnWCgKKR KPzYwpdq08UTmC1YmXfe6rHHMdH9aefQqXD351a3dFw9N5xMcCa/SV5P95ZC+eit Kshor0ou5rT6T0VgPzy9L7cGz3r5hRl4gq+bJFgwyjsWyGdz+Yol4y/VKzqXyDXH 3v92fy0HWS+b+i4xnds2c9iltuaLJFU+FVcqnTUhA7p6Z2diQiLxAn8LffIOJOq2 U6g/ewXgNeRt72r8GMNgTulSJ+vmwK2k0WgtmVy3tj3/JpvE3pQsXRxuSrI13NWY UUrkVs4bxxCW568UcnotjabJLQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEwbWD/3 xL4V3jxRJM+eXPiqpc/AMB8GA1UdIwQYMBaAFB4SOEVjcedEiUYi6YrB7lW0FF4Q MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTY3OC82OTdFMzU2QTY5 NTcxMUU4QTQyQkU2ODBDNEY5QUUwMi9IaEk0UldOeDUwU0pSaUxwaXNIdVZiUVVY aEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0hoSTRSV054NTBTSlJpTHBpc0h1VmJRVVhoQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTY3OC82OTdFMzU2QTY5NTcxMUU4QTQyQkU2ODBDNEY5QUUwMi9IaEk0UldOeDUw U0pSaUxwaXNIdVZiUVVYaEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBTZgFDVeZ3DL5dUxuFQAd4/QvcxOiArK3Frs1jpXQflSwZRcoK66EG X6wiYNLZeajd4TCI9XFMC7ZFP8LwEUiUObAFIsuECkjWG0ZKtl/dRd4EpDJgDUDR kd23MCGtwSIDQ+Fyq4oKbeuBeM8P+HXBHBAXKjvCQpkwJNEQLBO9ImKkhCw3tYsP w0fGeYlcV7hJT89KxQRBNJVggUg28tC2SqSSBCgfB4p1/7INOdh1hrbWsgdKYfbD 12+j0UWpYralbmuCf+IRMpLa9kNRDSceBIruBETt8S+5LIlHPqobKYBJs6zQD2WY byv7QvR2dpzq1VX+qoSJpXKVkmyEQ2oz -----END CERTIFICATE-----Generated at Sat Apr 26 17:16:19 2025 by rpki-client