$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF406/3F670C0CA5F211E897A7503AC4F9AE02/vHENBWM8XhGwdEtxrruIriskRuM.mft File: vHENBWM8XhGwdEtxrruIriskRuM.mft (raw, json) Hash identifier: KSALtTHUH2XHGBTFhxq9pkWI5hMtrQmPZAn2cAxC8O0= Subject key identifier: C7:3E:ED:77:29:5A:6D:7D:51:3F:2B:85:9E:70:08:9A:97:95:70:9E Authority key identifier: BC:71:0D:05:63:3C:5E:11:B0:74:4B:71:AE:BB:88:AE:2B:24:46:E3 Certificate issuer: /CN=A91AF406/serialNumber=BC710D05633C5E11B0744B71AEBB88AE2B2446E3 Certificate serial: 134B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vHENBWM8XhGwdEtxrruIriskRuM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AF406/3F670C0CA5F211E897A7503AC4F9AE02/vHENBWM8XhGwdEtxrruIriskRuM.mft Manifest number: 1344 Signing time: Mon 16 Jun 2025 17:03:08 +0000 Manifest this update: Mon 16 Jun 2025 17:03:07 +0000 Manifest next update: Mon 23 Jun 2025 17:03:07 +0000 Files and hashes: 1: vHENBWM8XhGwdEtxrruIriskRuM.crl (hash: uI3U2japX4Ae1skBoilSrRjcqkmejy6OzRLtj5mcM/Q=) 2: C2065F2CA5F311E8B54BF03DC4F9AE02.roa (hash: 7dzMQW8xZe2lq7d8lclvmxKRE19SR0FNahUj7xIAu1o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AF406/3F670C0CA5F211E897A7503AC4F9AE02/vHENBWM8XhGwdEtxrruIriskRuM.crl rsync://rpki.apnic.net/member_repository/A91AF406/3F670C0CA5F211E897A7503AC4F9AE02/vHENBWM8XhGwdEtxrruIriskRuM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vHENBWM8XhGwdEtxrruIriskRuM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 23 Jun 2025 17:03:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4939 (0x134b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AF406, serialNumber=BC710D05633C5E11B0744B71AEBB88AE2B2446E3 Validity Not Before: Jun 16 17:03:07 2025 GMT Not After : Jun 23 17:03:07 2025 GMT Subject: CN=68504e4b-ac9a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:59:bd:f0:60:0a:d6:1c:c9:a3:de:6f:84:40: 2f:01:5e:3d:3c:d3:d5:d1:e6:74:05:b6:6a:b7:ee: e7:43:4d:ba:d0:c8:57:04:39:6e:f0:3b:14:ee:63: c9:ba:ed:fd:ff:f2:f5:13:7c:8d:d8:8d:a8:05:d0: af:36:3f:7a:ad:f5:f1:43:d1:af:43:90:47:7c:20: ec:4e:21:eb:bb:1c:7f:37:d2:fd:6d:21:6b:de:09: 4b:62:89:db:a9:5b:c3:40:67:0e:33:33:f7:0c:97: a3:b0:78:3a:1f:8f:94:3d:9a:e4:72:68:73:f9:60: 14:8f:0e:64:ca:ae:3c:5a:fb:bf:e0:44:b5:7f:7a: 30:0b:c5:0a:50:fb:f1:17:aa:a7:ae:eb:d6:13:8f: aa:43:17:d3:58:5e:1a:8f:0d:ee:56:a6:be:78:18: ea:9c:65:4e:1f:f9:91:7b:fb:69:53:b3:ba:0a:3c: 2d:46:05:73:4c:45:8e:3a:73:5f:ea:a4:9f:da:4e: e6:4b:dd:43:d9:5b:2e:0c:58:88:97:ad:a9:e2:9a: 78:a7:4b:ed:74:b8:fe:28:a6:11:d2:c1:24:ea:65: 6e:38:09:c1:ba:32:d7:a0:86:f2:98:55:56:c4:29: 19:92:78:95:ba:07:0e:9e:f8:70:25:ff:ce:62:5c: 0e:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:3E:ED:77:29:5A:6D:7D:51:3F:2B:85:9E:70:08:9A:97:95:70:9E X509v3 Authority Key Identifier: keyid:BC:71:0D:05:63:3C:5E:11:B0:74:4B:71:AE:BB:88:AE:2B:24:46:E3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AF406/3F670C0CA5F211E897A7503AC4F9AE02/vHENBWM8XhGwdEtxrruIriskRuM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vHENBWM8XhGwdEtxrruIriskRuM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF406/3F670C0CA5F211E897A7503AC4F9AE02/vHENBWM8XhGwdEtxrruIriskRuM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c3:5a:bd:db:b6:75:ef:61:c9:d8:ca:2d:58:9e:e5:8a:55:a6: d5:f1:6f:e3:45:72:f3:17:b6:36:16:39:53:f4:b3:1b:0e:d7: 5b:d0:5e:5e:83:6f:56:f0:11:6a:e8:60:a1:c0:31:a9:3e:fa: 5d:2e:e8:cb:e5:c8:03:27:36:9a:3a:07:fc:d9:90:0b:93:33: 3a:ef:13:59:32:29:42:dc:e3:dd:31:1c:c6:04:03:18:41:93: 73:51:e8:9e:e6:59:8c:75:a6:1d:9c:0c:25:d5:fe:e2:51:23: e4:81:50:75:b4:2c:d2:fb:cd:ca:b5:85:75:7b:9c:71:1b:09: ab:28:4d:83:1d:8b:91:96:f5:a5:c7:93:32:b5:14:d7:48:99: 91:8f:84:11:35:2f:8e:81:09:e1:a2:3d:55:e6:6e:83:74:18: b8:1c:d8:0f:d8:dc:ae:62:a1:6e:52:07:3f:6b:59:c2:6a:5d: 83:35:ea:b9:43:00:b7:e9:a2:d9:ae:32:db:24:c4:8e:0d:89: 7f:aa:d7:7d:41:c2:77:75:85:2b:50:d6:0e:27:44:51:12:a5: fa:ed:70:b8:fa:0b:50:53:3f:9e:78:e5:e0:6d:d7:92:4b:64: d8:e1:94:05:39:9f:7a:32:d9:5a:3f:de:fc:0d:51:15:70:3c: a8:d0:02:6c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICE0swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUY0MDYxMTAvBgNVBAUTKEJDNzEwRDA1NjMzQzVFMTFCMDc0NEI3MUFFQkI4OEFF MkIyNDQ2RTMwHhcNMjUwNjE2MTcwMzA3WhcNMjUwNjIzMTcwMzA3WjAYMRYwFAYD VQQDEw02ODUwNGU0Yi1hYzlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwVm98GAK1hzJo95vhEAvAV49PNPV0eZ0BbZqt+7nQ0260MhXBDlu8DsU7mPJ uu39//L1E3yN2I2oBdCvNj96rfXxQ9GvQ5BHfCDsTiHruxx/N9L9bSFr3glLYonb qVvDQGcOMzP3DJejsHg6H4+UPZrkcmhz+WAUjw5kyq48Wvu/4ES1f3owC8UKUPvx F6qnruvWE4+qQxfTWF4ajw3uVqa+eBjqnGVOH/mRe/tpU7O6CjwtRgVzTEWOOnNf 6qSf2k7mS91D2VsuDFiIl62p4pp4p0vtdLj+KKYR0sEk6mVuOAnBujLXoIbymFVW xCkZkniVugcOnvhwJf/OYlwOPwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMc+7Xcp Wm19UT8rhZ5wCJqXlXCeMB8GA1UdIwQYMBaAFLxxDQVjPF4RsHRLca67iK4rJEbj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRjQwNi8zRjY3MEMwQ0E1 RjIxMUU4OTdBNzUwM0FDNEY5QUUwMi92SEVOQldNOFhoR3dkRXR4cnJ1SXJpc2tS dU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ZIRU5CV004WGhHd2RFdHhycnVJcmlza1J1TS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RjQwNi8zRjY3MEMwQ0E1RjIxMUU4OTdBNzUwM0FDNEY5QUUwMi92SEVOQldNOFho R3dkRXR4cnJ1SXJpc2tSdU0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDDWr3btnXvYcnYyi1YnuWKVabV8W/jRXLzF7Y2FjlT9LMbDtdb0F5e g29W8BFq6GChwDGpPvpdLujL5cgDJzaaOgf82ZALkzM67xNZMilC3OPdMRzGBAMY QZNzUeie5lmMdaYdnAwl1f7iUSPkgVB1tCzS+83KtYV1e5xxGwmrKE2DHYuRlvWl x5MytRTXSJmRj4QRNS+OgQnhoj1V5m6DdBi4HNgP2NyuYqFuUgc/a1nCal2DNeq5 QwC36aLZrjLbJMSODYl/qtd9QcJ3dYUrUNYOJ0RREqX67XC4+gtQUz+eeOXgbdeS S2TY4ZQFOZ96MtlaP978DVEVcDyo0AJs -----END CERTIFICATE-----Generated at Tue Jun 17 01:33:05 2025 by rpki-client