$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF406/3F670C0CA5F211E897A7503AC4F9AE02/vHENBWM8XhGwdEtxrruIriskRuM.mft File: vHENBWM8XhGwdEtxrruIriskRuM.mft (raw, json) Hash identifier: 0XSTwe7ZguGNS0Hdyh9OLxzxuAYhc/LMHXmHMZYXjLo= Subject key identifier: 48:BB:8B:C8:B3:12:B1:D8:81:7D:B2:16:13:5B:8A:65:64:21:D4:15 Authority key identifier: BC:71:0D:05:63:3C:5E:11:B0:74:4B:71:AE:BB:88:AE:2B:24:46:E3 Certificate issuer: /CN=A91AF406/serialNumber=BC710D05633C5E11B0744B71AEBB88AE2B2446E3 Certificate serial: 1330 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vHENBWM8XhGwdEtxrruIriskRuM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AF406/3F670C0CA5F211E897A7503AC4F9AE02/vHENBWM8XhGwdEtxrruIriskRuM.mft Manifest number: 1329 Signing time: Thu 24 Apr 2025 17:02:25 +0000 Manifest this update: Thu 24 Apr 2025 17:02:24 +0000 Manifest next update: Thu 01 May 2025 17:02:24 +0000 Files and hashes: 1: vHENBWM8XhGwdEtxrruIriskRuM.crl (hash: H0nvIvrVYI9cfZBSrzGe9f/cpXwKRtLvaTDo2L/pFUY=) 2: C2065F2CA5F311E8B54BF03DC4F9AE02.roa (hash: 7dzMQW8xZe2lq7d8lclvmxKRE19SR0FNahUj7xIAu1o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AF406/3F670C0CA5F211E897A7503AC4F9AE02/vHENBWM8XhGwdEtxrruIriskRuM.crl rsync://rpki.apnic.net/member_repository/A91AF406/3F670C0CA5F211E897A7503AC4F9AE02/vHENBWM8XhGwdEtxrruIriskRuM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vHENBWM8XhGwdEtxrruIriskRuM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:02:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4912 (0x1330) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AF406, serialNumber=BC710D05633C5E11B0744B71AEBB88AE2B2446E3 Validity Not Before: Apr 24 17:02:24 2025 GMT Not After : May 1 17:02:24 2025 GMT Subject: CN=680a6ea0-56ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:03:c8:a4:b8:bb:fb:e9:27:50:08:51:5c:0c: 4f:46:d2:fc:1f:bc:1b:69:c2:06:74:97:82:cc:97: 5f:36:0e:c7:5e:b0:e5:b7:6e:7b:e1:b1:93:e0:d0: 31:76:6b:2a:9b:17:d4:18:eb:8d:eb:a9:38:b9:e7: bf:70:3c:bc:9a:93:e9:6e:9d:3d:b8:a0:55:6a:1e: 3c:2a:bf:74:8a:08:d2:ad:4c:b4:dc:64:25:b5:8d: 34:22:19:78:11:49:c5:3b:0e:dd:b4:58:3e:49:fc: 38:aa:3f:42:65:eb:1d:1c:ef:f1:e1:6d:4a:60:7e: 06:78:7d:34:93:ae:57:ff:aa:37:4e:1e:54:62:71: f2:2e:d8:45:bd:2a:c6:fa:ed:f6:42:58:50:4b:88: 25:df:8b:75:41:ea:5b:80:b6:a2:1b:86:f7:77:25: 36:16:de:be:06:df:2b:c6:c2:68:a6:c3:d6:6c:4b: 60:3a:80:cd:1e:4a:f8:8c:17:e6:ad:11:1c:32:cc: 8b:f8:1c:a4:3f:46:d0:43:72:31:c4:a7:fd:c6:57: 37:46:78:f0:05:21:c5:5b:7f:e8:0d:83:37:a1:c1: 7d:d6:08:24:91:ba:c9:3e:99:a9:2c:84:b4:ea:02: b0:9b:1a:94:16:37:9c:a7:ab:64:92:91:ca:b8:84: ec:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:BB:8B:C8:B3:12:B1:D8:81:7D:B2:16:13:5B:8A:65:64:21:D4:15 X509v3 Authority Key Identifier: keyid:BC:71:0D:05:63:3C:5E:11:B0:74:4B:71:AE:BB:88:AE:2B:24:46:E3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AF406/3F670C0CA5F211E897A7503AC4F9AE02/vHENBWM8XhGwdEtxrruIriskRuM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vHENBWM8XhGwdEtxrruIriskRuM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF406/3F670C0CA5F211E897A7503AC4F9AE02/vHENBWM8XhGwdEtxrruIriskRuM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption be:09:57:2a:ce:2b:ef:b2:8b:15:fa:dd:a2:1a:e9:e9:fb:e2: 29:1a:e8:19:87:4c:f6:bc:32:cb:b2:32:1a:7d:20:d3:df:83: 46:08:b1:0c:11:a3:0f:d6:fe:a8:f5:24:e1:de:34:83:cf:e3: f7:da:8c:c0:d9:9f:52:0f:11:93:ca:64:74:7d:bd:8d:4f:76: 67:a0:00:40:1c:bb:34:4d:96:cf:0a:2a:d0:52:f8:0f:d6:44: 49:1b:1c:7c:4d:7c:86:4e:86:99:00:6b:7f:a8:a2:a3:d2:ac: 20:dc:0c:67:f9:ea:59:14:a1:8c:d6:dc:8e:e2:3e:83:4d:80: d8:97:39:ca:66:25:79:9a:58:e3:f9:bd:b6:df:cc:c2:ad:d4: 13:4b:8a:c5:db:45:b9:a9:cd:9b:57:62:a7:89:dd:9b:8b:6d: 86:f9:b7:57:42:66:ce:47:2a:d8:f4:94:92:af:61:39:2a:f4: a9:ee:a1:7d:67:c1:dd:4f:4e:05:b7:f1:d1:c7:ff:da:20:7f: 82:d8:75:16:71:b2:f2:d2:88:4c:f6:f0:e6:d4:b6:24:28:5f: b7:97:59:b6:2c:14:6a:f5:dd:d9:7c:8f:bb:92:ba:9b:e7:aa: c9:6f:3c:cb:d8:dd:ca:93:bc:45:16:ec:0a:0a:b5:6c:d2:b1: 07:27:fd:f5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEzAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUY0MDYxMTAvBgNVBAUTKEJDNzEwRDA1NjMzQzVFMTFCMDc0NEI3MUFFQkI4OEFF MkIyNDQ2RTMwHhcNMjUwNDI0MTcwMjI0WhcNMjUwNTAxMTcwMjI0WjAYMRYwFAYD VQQDEw02ODBhNmVhMC01NmZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtQPIpLi7++knUAhRXAxPRtL8H7wbacIGdJeCzJdfNg7HXrDlt2574bGT4NAx dmsqmxfUGOuN66k4uee/cDy8mpPpbp09uKBVah48Kr90igjSrUy03GQltY00Ihl4 EUnFOw7dtFg+Sfw4qj9CZesdHO/x4W1KYH4GeH00k65X/6o3Th5UYnHyLthFvSrG +u32QlhQS4gl34t1QepbgLaiG4b3dyU2Ft6+Bt8rxsJopsPWbEtgOoDNHkr4jBfm rREcMsyL+BykP0bQQ3IxxKf9xlc3RnjwBSHFW3/oDYM3ocF91ggkkbrJPpmpLIS0 6gKwmxqUFjecp6tkkpHKuITstwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEi7i8iz ErHYgX2yFhNbimVkIdQVMB8GA1UdIwQYMBaAFLxxDQVjPF4RsHRLca67iK4rJEbj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRjQwNi8zRjY3MEMwQ0E1 RjIxMUU4OTdBNzUwM0FDNEY5QUUwMi92SEVOQldNOFhoR3dkRXR4cnJ1SXJpc2tS dU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ZIRU5CV004WGhHd2RFdHhycnVJcmlza1J1TS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RjQwNi8zRjY3MEMwQ0E1RjIxMUU4OTdBNzUwM0FDNEY5QUUwMi92SEVOQldNOFho R3dkRXR4cnJ1SXJpc2tSdU0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC+CVcqzivvsosV+t2iGunp++IpGugZh0z2vDLLsjIafSDT34NGCLEM EaMP1v6o9STh3jSDz+P32ozA2Z9SDxGTymR0fb2NT3ZnoABAHLs0TZbPCirQUvgP 1kRJGxx8TXyGToaZAGt/qKKj0qwg3Axn+epZFKGM1tyO4j6DTYDYlznKZiV5mljj +b2238zCrdQTS4rF20W5qc2bV2Knid2bi22G+bdXQmbORyrY9JSSr2E5KvSp7qF9 Z8HdT04Ft/HRx//aIH+C2HUWcbLy0ohM9vDm1LYkKF+3l1m2LBRq9d3ZfI+7krqb 56rJbzzL2N3Kk7xFFuwKCrVs0rEHJ/31 -----END CERTIFICATE-----Generated at Sat Apr 26 12:23:49 2025 by rpki-client