$ rpki-client -vvf rpki.apnic.net/member_repository/A918EC78/192EFF085DCB11EA84E02943C4F9AE02/hIp5q1BB5xzmIlC1f8Hg9Ul4yTo.mft File: hIp5q1BB5xzmIlC1f8Hg9Ul4yTo.mft (raw, json) Hash identifier: Ns5HglTBaK0sOdD7Q9vdL3iVkIN1sbkVYFT/Cf5ysIs= Subject key identifier: E8:15:C6:46:CA:99:41:75:AA:FD:57:73:2F:EA:D5:82:78:C1:B2:B4 Authority key identifier: 84:8A:79:AB:50:41:E7:1C:E6:22:50:B5:7F:C1:E0:F5:49:78:C9:3A Certificate issuer: /CN=A918EC78/serialNumber=848A79AB5041E71CE62250B57FC1E0F54978C93A Certificate serial: 0A6E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIp5q1BB5xzmIlC1f8Hg9Ul4yTo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EC78/192EFF085DCB11EA84E02943C4F9AE02/hIp5q1BB5xzmIlC1f8Hg9Ul4yTo.mft Manifest number: 0A68 Signing time: Thu 24 Apr 2025 19:31:23 +0000 Manifest this update: Thu 24 Apr 2025 19:31:22 +0000 Manifest next update: Thu 01 May 2025 19:31:22 +0000 Files and hashes: 1: hIp5q1BB5xzmIlC1f8Hg9Ul4yTo.crl (hash: c5/zHeishzqmpgBuoy7rrGBs9978bzLFbjOddio7QIQ=) 2: BF77D1785DCB11EA880A7643C4F9AE02.roa (hash: H4kc+9yjECNKJF53s7PJuRCRHGgJ3Wfs6TYEVDFyAU4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EC78/192EFF085DCB11EA84E02943C4F9AE02/hIp5q1BB5xzmIlC1f8Hg9Ul4yTo.crl rsync://rpki.apnic.net/member_repository/A918EC78/192EFF085DCB11EA84E02943C4F9AE02/hIp5q1BB5xzmIlC1f8Hg9Ul4yTo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIp5q1BB5xzmIlC1f8Hg9Ul4yTo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:31:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2670 (0xa6e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EC78, serialNumber=848A79AB5041E71CE62250B57FC1E0F54978C93A Validity Not Before: Apr 24 19:31:22 2025 GMT Not After : May 1 19:31:22 2025 GMT Subject: CN=680a918a-81ab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:e2:fa:7a:94:ea:68:9e:e7:79:92:0e:0f:8f: 78:07:cb:38:1c:05:4a:5d:31:f2:a1:39:3b:8b:f9: 06:3c:6b:82:17:5d:a3:c1:dc:e2:fe:66:82:fd:1d: 09:a6:58:ca:cb:5f:15:84:02:36:8b:c1:04:e3:82: 7d:a6:b1:64:aa:e0:3b:4b:24:26:a5:ae:cc:04:36: d8:0b:17:be:b6:1d:9b:00:9f:fd:a3:d0:6c:cf:18: b9:09:ca:72:48:5b:6b:86:15:41:e6:72:b4:ed:ea: 74:c1:2d:45:2a:ea:75:4e:3d:c6:c7:4b:0f:75:bd: b8:9d:3c:a3:b8:85:72:1c:86:cd:b4:46:30:6b:6f: f6:82:6e:e2:f2:ba:2f:83:f2:bb:26:11:78:02:a4: 4d:e5:43:24:4f:1d:30:1b:c6:24:52:d4:06:42:be: e7:5b:a3:93:d0:76:1c:32:2f:49:00:18:93:db:53: 74:eb:35:4e:73:24:32:33:f9:5f:dd:07:65:22:9a: 11:04:b6:40:4a:9a:3e:52:4c:9b:dc:13:bc:94:11: b1:cc:30:a0:62:99:e9:fe:05:8f:0b:fd:50:5d:59: 9e:a9:0e:f5:34:3f:7f:7a:d7:03:5a:81:9e:4d:00: 8d:6a:a4:b9:6f:91:06:2a:a6:a6:0e:54:e1:49:10: f1:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:15:C6:46:CA:99:41:75:AA:FD:57:73:2F:EA:D5:82:78:C1:B2:B4 X509v3 Authority Key Identifier: keyid:84:8A:79:AB:50:41:E7:1C:E6:22:50:B5:7F:C1:E0:F5:49:78:C9:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EC78/192EFF085DCB11EA84E02943C4F9AE02/hIp5q1BB5xzmIlC1f8Hg9Ul4yTo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIp5q1BB5xzmIlC1f8Hg9Ul4yTo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EC78/192EFF085DCB11EA84E02943C4F9AE02/hIp5q1BB5xzmIlC1f8Hg9Ul4yTo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 96:62:b7:8f:d1:5d:b1:98:bc:0e:6f:83:d0:2f:d1:be:cb:d1: ec:22:6e:4f:a4:74:4f:e3:8b:0b:75:43:31:57:69:9c:c8:8b: 00:45:0c:83:24:a4:ba:47:ad:4d:92:d7:13:84:8f:a2:6c:47: c1:b4:43:4d:57:e4:2d:8c:60:47:6d:34:22:cb:7e:b1:84:9a: 03:44:14:e3:eb:4f:44:28:c5:c4:62:85:27:42:6b:12:80:de: 31:8a:92:64:cd:cb:cd:f3:56:09:92:7c:e4:fc:eb:fd:0d:b4: fa:f9:fa:19:88:2e:6a:05:ee:4a:bb:9f:24:1e:1c:4c:de:13: 2c:5c:5f:42:68:51:ac:1c:8d:24:78:08:f9:5b:9d:5b:f3:a4: d4:08:4c:ba:ea:7f:ee:7b:1e:84:83:19:7b:9e:fa:b6:88:d1: ae:19:bb:37:c6:9b:f6:74:20:04:7e:0f:9f:c7:7d:98:29:a0: e9:ec:98:79:cd:bc:63:a9:a4:3a:85:5a:85:07:2f:33:4d:7c: 0b:aa:a7:81:56:c5:ae:2f:9d:13:74:7c:c4:39:b9:cd:7c:81: d0:0e:f0:83:2a:b8:57:14:31:66:ad:d9:f9:b0:ce:01:4f:59: 61:5b:83:ee:9d:d3:84:4e:e3:23:a9:28:b4:b4:31:be:cd:40: 5a:f4:ab:4d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCm4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVDNzgxMTAvBgNVBAUTKDg0OEE3OUFCNTA0MUU3MUNFNjIyNTBCNTdGQzFFMEY1 NDk3OEM5M0EwHhcNMjUwNDI0MTkzMTIyWhcNMjUwNTAxMTkzMTIyWjAYMRYwFAYD VQQDEw02ODBhOTE4YS04MWFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5uL6epTqaJ7neZIOD494B8s4HAVKXTHyoTk7i/kGPGuCF12jwdzi/maC/R0J pljKy18VhAI2i8EE44J9prFkquA7SyQmpa7MBDbYCxe+th2bAJ/9o9Bszxi5Ccpy SFtrhhVB5nK07ep0wS1FKup1Tj3Gx0sPdb24nTyjuIVyHIbNtEYwa2/2gm7i8rov g/K7JhF4AqRN5UMkTx0wG8YkUtQGQr7nW6OT0HYcMi9JABiT21N06zVOcyQyM/lf 3QdlIpoRBLZASpo+Ukyb3BO8lBGxzDCgYpnp/gWPC/1QXVmeqQ71ND9/etcDWoGe TQCNaqS5b5EGKqamDlThSRDxYwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOgVxkbK mUF1qv1Xcy/q1YJ4wbK0MB8GA1UdIwQYMBaAFISKeatQQecc5iJQtX/B4PVJeMk6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RUM3OC8xOTJFRkYwODVE Q0IxMUVBODRFMDI5NDNDNEY5QUUwMi9oSXA1cTFCQjV4em1JbEMxZjhIZzlVbDR5 VG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hJcDVxMUJCNXh6bUlsQzFmOEhnOVVsNHlUby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 RUM3OC8xOTJFRkYwODVEQ0IxMUVBODRFMDI5NDNDNEY5QUUwMi9oSXA1cTFCQjV4 em1JbEMxZjhIZzlVbDR5VG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCWYreP0V2xmLwOb4PQL9G+y9HsIm5PpHRP44sLdUMxV2mcyIsARQyD JKS6R61NktcThI+ibEfBtENNV+QtjGBHbTQiy36xhJoDRBTj609EKMXEYoUnQmsS gN4xipJkzcvN81YJknzk/Ov9DbT6+foZiC5qBe5Ku58kHhxM3hMsXF9CaFGsHI0k eAj5W51b86TUCEy66n/uex6Egxl7nvq2iNGuGbs3xpv2dCAEfg+fx32YKaDp7Jh5 zbxjqaQ6hVqFBy8zTXwLqqeBVsWuL50TdHzEObnNfIHQDvCDKrhXFDFmrdn5sM4B T1lhW4PundOETuMjqSi0tDG+zUBa9KtN -----END CERTIFICATE-----Generated at Sat Apr 26 12:38:56 2025 by rpki-client