$ rpki-client -vvf rpki.apnic.net/member_repository/A919FD74/5367B6BE1A3811EAA0E8A23DC4F9AE02/hnoHFJZqnX2LIC37HeIhPALANic.mft File: hnoHFJZqnX2LIC37HeIhPALANic.mft (raw, json) Hash identifier: bf2TNbOp4kCEiup88jKRg7w15Yyjhzphxan/EJjFxAQ= Subject key identifier: 17:A8:99:D8:5C:16:FD:99:22:3A:0C:E8:D0:30:82:AC:16:79:39:17 Authority key identifier: 86:7A:07:14:96:6A:9D:7D:8B:20:2D:FB:1D:E2:21:3C:02:C0:36:27 Certificate issuer: /CN=A919FD74/serialNumber=867A0714966A9D7D8B202DFB1DE2213C02C03627 Certificate serial: 0BCA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hnoHFJZqnX2LIC37HeIhPALANic.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919FD74/5367B6BE1A3811EAA0E8A23DC4F9AE02/hnoHFJZqnX2LIC37HeIhPALANic.mft Manifest number: 0BC3 Signing time: Thu 24 Apr 2025 18:46:15 +0000 Manifest this update: Thu 24 Apr 2025 18:46:14 +0000 Manifest next update: Thu 01 May 2025 18:46:14 +0000 Files and hashes: 1: hnoHFJZqnX2LIC37HeIhPALANic.crl (hash: DdjEnWttkaL0bpP2/6/DzmNgFBfvbbsLlcnhu7KTlDY=) 2: D1DB990C1A3811EAB6F9C83DC4F9AE02.roa (hash: oYtKqIUNSIUuh/+KpPti5KOAL0KI5TmVO0WB52ytTkI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919FD74/5367B6BE1A3811EAA0E8A23DC4F9AE02/hnoHFJZqnX2LIC37HeIhPALANic.crl rsync://rpki.apnic.net/member_repository/A919FD74/5367B6BE1A3811EAA0E8A23DC4F9AE02/hnoHFJZqnX2LIC37HeIhPALANic.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hnoHFJZqnX2LIC37HeIhPALANic.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 18:46:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3018 (0xbca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919FD74, serialNumber=867A0714966A9D7D8B202DFB1DE2213C02C03627 Validity Not Before: Apr 24 18:46:14 2025 GMT Not After : May 1 18:46:14 2025 GMT Subject: CN=680a86f6-7bd6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:b7:54:0a:ea:dd:bf:75:9d:01:1f:fc:e9:53: 60:79:b2:80:dd:7a:29:cf:24:1b:77:79:a5:3c:33: 4f:d9:47:da:e2:e2:20:d4:2e:dc:8c:1d:7d:27:5d: b0:78:b9:59:4b:00:08:68:10:12:8f:75:fb:3a:e3: 63:69:d6:a0:d3:c6:5b:a3:eb:44:9e:b1:2c:78:13: c5:f5:a8:23:8c:19:1c:37:98:d6:92:84:da:a0:e0: 3a:35:62:c0:b5:ce:8d:b6:9c:06:e6:89:7a:85:0e: 54:a6:dc:79:58:8d:3d:14:d6:d8:02:ed:f2:34:0e: ea:43:f4:53:26:c0:1d:59:97:d1:98:42:b3:9a:83: 63:9f:b0:30:c3:30:f5:68:5b:1f:f5:1c:ec:c6:dd: 73:45:74:fc:9e:eb:e7:fc:3f:d7:07:21:08:9d:e3: ad:4d:f0:ba:e8:a3:eb:5e:58:f7:9f:aa:6a:c3:ef: d8:74:25:a2:ff:bc:c1:4c:ad:d7:25:82:4e:63:f8: 09:10:ad:a6:4c:0d:c2:e8:40:67:4f:15:72:9c:8d: 59:62:35:db:00:f9:01:62:39:d8:9a:52:98:81:6f: 84:ac:46:ff:67:28:74:e9:38:ac:6d:98:0b:71:bf: 17:6c:d8:c4:7f:47:ef:b4:7f:86:4b:3f:57:7f:f6: 85:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:A8:99:D8:5C:16:FD:99:22:3A:0C:E8:D0:30:82:AC:16:79:39:17 X509v3 Authority Key Identifier: keyid:86:7A:07:14:96:6A:9D:7D:8B:20:2D:FB:1D:E2:21:3C:02:C0:36:27 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919FD74/5367B6BE1A3811EAA0E8A23DC4F9AE02/hnoHFJZqnX2LIC37HeIhPALANic.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hnoHFJZqnX2LIC37HeIhPALANic.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919FD74/5367B6BE1A3811EAA0E8A23DC4F9AE02/hnoHFJZqnX2LIC37HeIhPALANic.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 65:3e:a0:48:0b:03:86:d7:e7:e2:80:3e:4d:d9:72:14:67:0d: de:0c:01:1f:db:c4:4e:5e:65:3c:48:35:33:e8:3c:30:c7:38: 83:09:28:cb:c2:b4:cc:b2:c5:3b:77:22:05:ce:eb:36:33:6d: f1:6d:a8:43:c9:b1:3b:d9:88:c3:a0:ff:8e:7c:5a:61:28:53: ce:df:ae:e5:b6:48:c2:a3:a6:84:2f:cb:da:f8:ff:fb:16:0f: fc:02:3d:d1:ac:f6:e8:04:fe:67:b9:36:3a:dc:a2:40:43:1c: 79:8d:e3:dc:7f:cc:02:6b:c1:37:62:f5:c7:36:55:94:89:91: 19:66:68:b3:37:37:2b:27:c8:62:5b:78:bb:cd:2a:59:df:8e: 5d:66:51:ff:43:7a:74:4c:fa:1c:f3:5f:7c:98:1a:56:fb:6b: a0:80:f0:47:4a:41:a2:0a:71:58:09:84:bd:dc:e0:98:26:5c: 5b:86:9e:49:db:4e:b6:4f:dd:d1:25:95:8d:92:46:21:a1:64: ab:26:33:4a:98:14:e3:c9:2f:6d:32:c2:d9:df:24:62:57:3c: d5:f4:e5:39:22:ef:da:8f:fb:f3:93:18:5f:8c:f1:dd:fc:0c: 3f:ff:a8:75:11:83:0e:71:08:88:61:a3:d9:d2:06:bc:8d:dc: 91:24:e2:2f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC8owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUZENzQxMTAvBgNVBAUTKDg2N0EwNzE0OTY2QTlEN0Q4QjIwMkRGQjFERTIyMTND MDJDMDM2MjcwHhcNMjUwNDI0MTg0NjE0WhcNMjUwNTAxMTg0NjE0WjAYMRYwFAYD VQQDEw02ODBhODZmNi03YmQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAubdUCurdv3WdAR/86VNgebKA3XopzyQbd3mlPDNP2Ufa4uIg1C7cjB19J12w eLlZSwAIaBASj3X7OuNjadag08Zbo+tEnrEseBPF9agjjBkcN5jWkoTaoOA6NWLA tc6NtpwG5ol6hQ5Uptx5WI09FNbYAu3yNA7qQ/RTJsAdWZfRmEKzmoNjn7AwwzD1 aFsf9Rzsxt1zRXT8nuvn/D/XByEIneOtTfC66KPrXlj3n6pqw+/YdCWi/7zBTK3X JYJOY/gJEK2mTA3C6EBnTxVynI1ZYjXbAPkBYjnYmlKYgW+ErEb/Zyh06TisbZgL cb8XbNjEf0fvtH+GSz9Xf/aFlwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBeomdhc Fv2ZIjoM6NAwgqwWeTkXMB8GA1UdIwQYMBaAFIZ6BxSWap19iyAt+x3iITwCwDYn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RkQ3NC81MzY3QjZCRTFB MzgxMUVBQTBFOEEyM0RDNEY5QUUwMi9obm9IRkpacW5YMkxJQzM3SGVJaFBBTEFO aWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hub0hGSlpxblgyTElDMzdIZUloUEFMQU5pYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 RkQ3NC81MzY3QjZCRTFBMzgxMUVBQTBFOEEyM0RDNEY5QUUwMi9obm9IRkpacW5Y MkxJQzM3SGVJaFBBTEFOaWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBlPqBICwOG1+figD5N2XIUZw3eDAEf28ROXmU8SDUz6DwwxziDCSjL wrTMssU7dyIFzus2M23xbahDybE72YjDoP+OfFphKFPO367ltkjCo6aEL8va+P/7 Fg/8Aj3RrPboBP5nuTY63KJAQxx5jePcf8wCa8E3YvXHNlWUiZEZZmizNzcrJ8hi W3i7zSpZ345dZlH/Q3p0TPoc8198mBpW+2uggPBHSkGiCnFYCYS93OCYJlxbhp5J 2062T93RJZWNkkYhoWSrJjNKmBTjyS9tMsLZ3yRiVzzV9OU5Iu/aj/vzkxhfjPHd /Aw//6h1EYMOcQiIYaPZ0ga8jdyRJOIv -----END CERTIFICATE-----Generated at Sat Apr 26 04:37:47 2025 by rpki-client