$ rpki-client -vvf rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft File: hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft (raw, json) Hash identifier: xVhyuuiV0v9hL8se/v767olHmaqVt63IWLFLTbayOPY= Subject key identifier: 9E:3D:4A:C4:D2:F1:C8:49:0C:94:A7:74:09:46:64:C2:DD:39:C8:A4 Authority key identifier: 85:9D:18:4F:41:C3:48:98:B7:29:8C:99:10:75:CC:CF:51:67:9A:F1 Certificate issuer: /CN=A91A5BCD/serialNumber=859D184F41C34898B7298C991075CCCF51679AF1 Certificate serial: 09E7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft Manifest number: 09DA Signing time: Thu 24 Apr 2025 19:48:53 +0000 Manifest this update: Thu 24 Apr 2025 19:48:52 +0000 Manifest next update: Thu 01 May 2025 19:48:52 +0000 Files and hashes: 1: hZ0YT0HDSJi3KYyZEHXMz1FnmvE.crl (hash: GO9fvQSKj+zHWxlSTMOsI3iRut8ms+BCRe749+PmYcE=) 2: 5B5A8050DDBC11EC8378E737C4F9AE02.roa (hash: na5Q578rSQBZFcX5/CcksCy+xsZYnJfxZssE9M4rEDg=) 3: 5A3B7CECDDBC11EC8378E737C4F9AE02.roa (hash: lwmo/gkmzYuWybDmK+FVsOggd5dBx+ce2atYLFTNz2E=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.crl rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:48:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2535 (0x9e7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A5BCD, serialNumber=859D184F41C34898B7298C991075CCCF51679AF1 Validity Not Before: Apr 24 19:48:52 2025 GMT Not After : May 1 19:48:52 2025 GMT Subject: CN=680a95a5-5540 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:0f:5a:53:12:dd:59:1e:bb:a5:7e:90:66:9d: 99:0a:8f:81:36:c4:6c:58:68:59:8a:6c:22:b9:aa: 24:4f:18:14:08:92:d1:c7:c6:91:82:26:d3:d4:3a: 0b:ac:be:be:e9:21:f4:35:a9:56:09:04:db:d3:00: 36:58:54:ef:4a:7c:2c:14:c3:cb:bf:5e:7c:35:87: d9:30:87:8b:97:1e:8a:d2:e0:e8:37:0e:0b:04:3e: 90:9e:72:69:a6:41:35:06:9c:3f:e1:23:53:97:19: 88:a0:b9:2a:97:85:c0:bb:c0:39:04:03:67:67:aa: 28:a6:bb:81:c3:c6:05:90:4f:31:8a:0e:3c:b2:b2: ed:dc:a5:79:f6:da:46:c0:27:1b:0e:1d:62:a1:46: 1a:ce:4d:08:f8:c4:cb:ac:64:ff:38:79:e1:ce:79: 03:cb:50:e4:7d:9a:b6:62:b5:f3:76:45:09:3c:85: b0:41:0a:ca:cd:55:b3:14:45:b5:f0:15:0a:7f:20: 4a:3f:1b:21:4c:ab:a9:93:c4:74:59:f3:c1:4c:f8: 9f:0e:be:bd:74:89:98:d1:31:cd:1d:71:05:41:54: 62:c8:80:29:7b:e6:b8:92:ff:fb:b8:22:0c:c1:b0: 21:04:c2:24:76:33:02:c1:45:24:2b:8a:d4:6a:f4: b0:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:3D:4A:C4:D2:F1:C8:49:0C:94:A7:74:09:46:64:C2:DD:39:C8:A4 X509v3 Authority Key Identifier: keyid:85:9D:18:4F:41:C3:48:98:B7:29:8C:99:10:75:CC:CF:51:67:9A:F1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 46:3b:b2:7f:fb:03:56:92:90:73:57:73:c1:b9:9e:a2:66:28: c5:89:0d:f0:7a:94:88:cd:41:5c:05:ea:38:0d:5e:bc:19:24: b3:9b:87:61:7b:d8:e8:e1:78:54:b7:46:42:7e:22:8a:50:94: 75:a6:3a:95:67:7c:cb:ec:ea:17:4b:21:6c:60:66:4a:09:e5: ef:38:49:e3:04:56:76:08:17:06:91:ce:dd:38:25:cc:4a:9c: c8:73:61:77:f8:67:f8:e4:38:be:ef:81:d6:c9:31:0c:b1:fd: 1c:58:45:9e:f5:16:75:e3:58:da:db:26:0c:54:dd:12:4d:ac: 0a:36:be:e1:9c:66:b0:e7:7a:b7:a8:e5:8c:45:be:eb:58:69: d6:e8:e3:b5:31:a3:a0:31:c8:f6:a2:cc:2a:cb:4a:04:a5:2c: aa:76:0e:84:6b:bf:09:c7:ce:5e:53:61:28:d2:bc:0f:aa:67: 48:81:6a:19:83:13:1c:e3:72:6f:9a:7f:e7:a9:7a:3a:d8:2e: b7:3a:2e:e9:c7:74:76:5a:aa:90:26:9b:21:94:b5:ad:13:59: 73:c2:a3:71:81:3d:b9:10:ab:1a:57:85:ce:1f:03:4b:68:6e: 05:06:8d:6b:74:f9:94:2b:64:2d:61:71:7f:c0:3d:f0:62:61: bc:50:1b:af -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCecwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTVCQ0QxMTAvBgNVBAUTKDg1OUQxODRGNDFDMzQ4OThCNzI5OEM5OTEwNzVDQ0NG NTE2NzlBRjEwHhcNMjUwNDI0MTk0ODUyWhcNMjUwNTAxMTk0ODUyWjAYMRYwFAYD VQQDEw02ODBhOTVhNS01NTQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuA9aUxLdWR67pX6QZp2ZCo+BNsRsWGhZimwiuaokTxgUCJLRx8aRgibT1DoL rL6+6SH0NalWCQTb0wA2WFTvSnwsFMPLv158NYfZMIeLlx6K0uDoNw4LBD6QnnJp pkE1Bpw/4SNTlxmIoLkql4XAu8A5BANnZ6oopruBw8YFkE8xig48srLt3KV59tpG wCcbDh1ioUYazk0I+MTLrGT/OHnhznkDy1DkfZq2YrXzdkUJPIWwQQrKzVWzFEW1 8BUKfyBKPxshTKupk8R0WfPBTPifDr69dImY0THNHXEFQVRiyIApe+a4kv/7uCIM wbAhBMIkdjMCwUUkK4rUavSwPQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ49SsTS 8chJDJSndAlGZMLdOcikMB8GA1UdIwQYMBaAFIWdGE9Bw0iYtymMmRB1zM9RZ5rx MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNUJDRC82MUQwQzQ4NjdB M0ExMUVBQkY4QjU4MjZDNEY5QUUwMi9oWjBZVDBIRFNKaTNLWXlaRUhYTXoxRm5t dkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2haMFlUMEhEU0ppM0tZeVpFSFhNejFGbm12RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NUJDRC82MUQwQzQ4NjdBM0ExMUVBQkY4QjU4MjZDNEY5QUUwMi9oWjBZVDBIRFNK aTNLWXlaRUhYTXoxRm5tdkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBGO7J/+wNWkpBzV3PBuZ6iZijFiQ3wepSIzUFcBeo4DV68GSSzm4dh e9jo4XhUt0ZCfiKKUJR1pjqVZ3zL7OoXSyFsYGZKCeXvOEnjBFZ2CBcGkc7dOCXM SpzIc2F3+Gf45Di+74HWyTEMsf0cWEWe9RZ141ja2yYMVN0STawKNr7hnGaw53q3 qOWMRb7rWGnW6OO1MaOgMcj2oswqy0oEpSyqdg6Ea78Jx85eU2Eo0rwPqmdIgWoZ gxMc43Jvmn/nqXo62C63Oi7px3R2WqqQJpshlLWtE1lzwqNxgT25EKsaV4XOHwNL aG4FBo1rdPmUK2QtYXF/wD3wYmG8UBuv -----END CERTIFICATE-----Generated at Sat Apr 26 13:09:36 2025 by rpki-client