$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1FA8/E861FD3AAFD911E8B2ED4C7FC4F9AE02/HE6fP4AFBaQLoWW2wCBAWiLGSzs.mft File: HE6fP4AFBaQLoWW2wCBAWiLGSzs.mft (raw, json) Hash identifier: 3nqIFaVM2yC/wglPZgTeDRa/e1WSjShr7353rCBFdBQ= Subject key identifier: BE:44:4E:C9:9F:15:38:FB:05:3D:95:56:A0:3D:5C:9F:D1:94:09:E4 Authority key identifier: 1C:4E:9F:3F:80:05:05:A4:0B:A1:65:B6:C0:20:40:5A:22:C6:4B:3B Certificate issuer: /CN=A91B1FA8/serialNumber=1C4E9F3F800505A40BA165B6C020405A22C64B3B Certificate serial: 135B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HE6fP4AFBaQLoWW2wCBAWiLGSzs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B1FA8/E861FD3AAFD911E8B2ED4C7FC4F9AE02/HE6fP4AFBaQLoWW2wCBAWiLGSzs.mft Manifest number: 1331 Signing time: Thu 24 Apr 2025 17:03:48 +0000 Manifest this update: Thu 24 Apr 2025 17:03:47 +0000 Manifest next update: Thu 01 May 2025 17:03:47 +0000 Files and hashes: 1: HE6fP4AFBaQLoWW2wCBAWiLGSzs.crl (hash: Qe6vCh8/8ospZ76BaSCoA52YKx1Cl9IlJo2A7KWKtLg=) 2: 40366CF0F8C811EBB7BFD243C4F9AE02.roa (hash: YO0KSyMg3rhBagYoGztB5o5uMcRrrSiw068DI4yqRmI=) 3: E4A74BE6255211EB96B9B269C4F9AE02.roa (hash: WXuqlnvJ/kQYgmajvkp6WqRXIhVjEPtrsEAuBi7s1vA=) 4: 538F7B12B1D711EBB3C0A24AC4F9AE02.roa (hash: VriM0YGDOfhzo18xUQqToLLJGd+19KKo1Yju23Rp1tg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B1FA8/E861FD3AAFD911E8B2ED4C7FC4F9AE02/HE6fP4AFBaQLoWW2wCBAWiLGSzs.crl rsync://rpki.apnic.net/member_repository/A91B1FA8/E861FD3AAFD911E8B2ED4C7FC4F9AE02/HE6fP4AFBaQLoWW2wCBAWiLGSzs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HE6fP4AFBaQLoWW2wCBAWiLGSzs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:03:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4955 (0x135b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B1FA8, serialNumber=1C4E9F3F800505A40BA165B6C020405A22C64B3B Validity Not Before: Apr 24 17:03:47 2025 GMT Not After : May 1 17:03:47 2025 GMT Subject: CN=680a6ef4-7c7d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:2e:6a:24:57:be:3d:92:3f:dd:eb:ad:2d:6d: f8:3d:8a:cd:8d:cf:bf:60:32:55:41:46:4e:93:5a: bb:26:00:b4:f8:e6:bc:c1:f3:99:52:35:e4:4d:00: 59:4e:21:1b:65:98:9c:c0:39:05:01:fc:65:16:e7: a0:a1:d9:e2:19:e5:3a:62:79:e0:d9:70:e5:90:1e: 5a:13:1f:91:f2:83:ad:b9:9b:8d:6b:74:37:da:b4: d6:ab:70:f5:7b:eb:de:2c:ba:94:84:21:f9:58:58: 20:87:07:18:9a:20:dc:83:8c:49:bc:a0:b1:dc:15: 4b:fd:ec:67:41:c1:06:58:73:76:b2:e6:fa:82:bf: 5c:a1:5e:c5:3c:a7:41:36:b3:7f:ef:b0:09:19:1d: f7:9a:e6:71:b2:da:ce:64:ce:2b:81:b0:6d:eb:db: 06:9a:3b:0d:26:83:3f:71:b1:dc:ca:76:db:31:e4: 11:55:f7:cd:89:03:13:03:29:0f:a3:d2:07:b1:b9: ec:73:c4:77:53:80:74:b0:54:2c:e6:7e:1a:22:02: 69:f4:5f:0d:59:b4:2b:57:f3:88:57:7b:1a:3b:40: 07:9b:36:05:a2:88:4e:04:fb:51:8b:78:de:02:a0: f4:b7:f4:5f:6f:61:42:e0:3c:d8:1d:1f:0b:8d:9f: f6:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:44:4E:C9:9F:15:38:FB:05:3D:95:56:A0:3D:5C:9F:D1:94:09:E4 X509v3 Authority Key Identifier: keyid:1C:4E:9F:3F:80:05:05:A4:0B:A1:65:B6:C0:20:40:5A:22:C6:4B:3B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B1FA8/E861FD3AAFD911E8B2ED4C7FC4F9AE02/HE6fP4AFBaQLoWW2wCBAWiLGSzs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HE6fP4AFBaQLoWW2wCBAWiLGSzs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1FA8/E861FD3AAFD911E8B2ED4C7FC4F9AE02/HE6fP4AFBaQLoWW2wCBAWiLGSzs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b6:68:42:96:d3:9c:fa:ca:b0:8a:e2:c4:b5:7f:cf:d2:f6:cb: 84:08:44:ee:70:b4:7b:4a:0a:cb:43:ab:c1:d1:ff:54:5d:89: 92:1a:2f:f5:ae:91:d7:a7:2d:13:96:91:ca:99:cb:68:75:92: 33:23:24:58:24:f2:12:c6:9a:21:72:f9:54:86:79:f6:2a:45: 19:14:5d:52:16:2d:1e:41:d1:7d:e2:f3:a5:29:9f:aa:08:22: 81:e7:a2:1d:f1:5f:ae:a5:fb:bc:f4:75:4f:d0:71:5b:b6:46: 6b:c4:cb:72:91:fd:28:0c:03:02:43:a0:10:8f:ce:e1:b5:39: ba:ed:94:d6:3e:46:a9:01:c2:31:23:56:c7:ee:3f:ca:62:e0: 37:f8:69:8a:3f:cc:46:d7:07:d8:9a:36:cf:55:5b:1f:41:f1: 4b:ca:0f:e2:a2:d6:35:b0:8c:2e:55:38:c6:78:17:cb:ac:f6: 40:9b:5a:85:32:0e:95:06:f5:75:a0:3b:d1:50:29:6f:70:08: 7b:9e:f9:6b:19:7d:bc:6a:7a:c6:f5:91:77:29:82:b2:9d:29: 19:d9:e9:27:39:32:37:51:2d:2f:00:70:ac:ae:49:76:fe:2e: a9:bc:38:c2:65:1d:99:03:b2:89:4d:c8:41:ec:b4:54:83:49: c0:00:ca:ba -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICE1swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjFGQTgxMTAvBgNVBAUTKDFDNEU5RjNGODAwNTA1QTQwQkExNjVCNkMwMjA0MDVB MjJDNjRCM0IwHhcNMjUwNDI0MTcwMzQ3WhcNMjUwNTAxMTcwMzQ3WjAYMRYwFAYD VQQDEw02ODBhNmVmNC03YzdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuS5qJFe+PZI/3eutLW34PYrNjc+/YDJVQUZOk1q7JgC0+Oa8wfOZUjXkTQBZ TiEbZZicwDkFAfxlFuegodniGeU6Ynng2XDlkB5aEx+R8oOtuZuNa3Q32rTWq3D1 e+veLLqUhCH5WFgghwcYmiDcg4xJvKCx3BVL/exnQcEGWHN2sub6gr9coV7FPKdB NrN/77AJGR33muZxstrOZM4rgbBt69sGmjsNJoM/cbHcynbbMeQRVffNiQMTAykP o9IHsbnsc8R3U4B0sFQs5n4aIgJp9F8NWbQrV/OIV3saO0AHmzYFoohOBPtRi3je AqD0t/Rfb2FC4DzYHR8LjZ/2wQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL5ETsmf FTj7BT2VVqA9XJ/RlAnkMB8GA1UdIwQYMBaAFBxOnz+ABQWkC6FltsAgQFoixks7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMUZBOC9FODYxRkQzQUFG RDkxMUU4QjJFRDRDN0ZDNEY5QUUwMi9IRTZmUDRBRkJhUUxvV1cyd0NCQVdpTEdT enMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hFNmZQNEFGQmFRTG9XVzJ3Q0JBV2lMR1N6cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MUZBOC9FODYxRkQzQUFGRDkxMUU4QjJFRDRDN0ZDNEY5QUUwMi9IRTZmUDRBRkJh UUxvV1cyd0NCQVdpTEdTenMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC2aEKW05z6yrCK4sS1f8/S9suECETucLR7SgrLQ6vB0f9UXYmSGi/1 rpHXpy0TlpHKmctodZIzIyRYJPISxpohcvlUhnn2KkUZFF1SFi0eQdF94vOlKZ+q CCKB56Id8V+upfu89HVP0HFbtkZrxMtykf0oDAMCQ6AQj87htTm67ZTWPkapAcIx I1bH7j/KYuA3+GmKP8xG1wfYmjbPVVsfQfFLyg/iotY1sIwuVTjGeBfLrPZAm1qF Mg6VBvV1oDvRUClvcAh7nvlrGX28anrG9ZF3KYKynSkZ2eknOTI3US0vAHCsrkl2 /i6pvDjCZR2ZA7KJTchB7LRUg0nAAMq6 -----END CERTIFICATE-----Generated at Sat Apr 26 04:19:00 2025 by rpki-client