$ rpki-client -vvf rpki.apnic.net/member_repository/A91C5319/F94D41C88C2C11EF8122EC11C4F9AE02/HdM6aLwLXJMQ__Uq1zlBINECpic.mft File: HdM6aLwLXJMQ__Uq1zlBINECpic.mft (raw, json) Hash identifier: U5G/CXrYlDwjeiy66bah+jYg1un5iz2Mz9S7ia2S/Rg= Subject key identifier: 85:8E:3A:E8:C7:73:C0:BA:30:63:E7:18:15:F7:FD:24:E8:DA:B5:47 Authority key identifier: 1D:D3:3A:68:BC:0B:5C:93:10:FF:F5:2A:D7:39:41:20:D1:02:A6:27 Certificate issuer: /CN=A91C5319/serialNumber=1DD33A68BC0B5C9310FFF52AD7394120D102A627 Certificate serial: 65 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HdM6aLwLXJMQ__Uq1zlBINECpic.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C5319/F94D41C88C2C11EF8122EC11C4F9AE02/HdM6aLwLXJMQ__Uq1zlBINECpic.mft Manifest number: 64 Signing time: Fri 25 Apr 2025 06:00:11 +0000 Manifest this update: Fri 25 Apr 2025 06:00:10 +0000 Manifest next update: Fri 02 May 2025 06:00:10 +0000 Files and hashes: 1: HdM6aLwLXJMQ__Uq1zlBINECpic.crl (hash: CNxM8DUL2z8CS8K9U1gRllL6ZWyhQm5s+SAlPelXVsM=) 2: C7500EC88C2F11EF82B2F55CC4F9AE02.roa (hash: KqwFgUGGWmZ6w/oc9lE/9i1V2X5VufgZVt2vhykEeNg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C5319/F94D41C88C2C11EF8122EC11C4F9AE02/HdM6aLwLXJMQ__Uq1zlBINECpic.crl rsync://rpki.apnic.net/member_repository/A91C5319/F94D41C88C2C11EF8122EC11C4F9AE02/HdM6aLwLXJMQ__Uq1zlBINECpic.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HdM6aLwLXJMQ__Uq1zlBINECpic.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:00:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C5319, serialNumber=1DD33A68BC0B5C9310FFF52AD7394120D102A627 Validity Not Before: Apr 25 06:00:10 2025 GMT Not After : May 2 06:00:10 2025 GMT Subject: CN=680b24eb-1e40 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:b7:5c:7c:35:05:30:6d:80:63:76:ba:06:75: 7a:82:79:ac:7e:96:c3:2d:b0:05:64:7f:36:94:00: fe:2f:9c:c3:d8:0f:89:3a:af:71:a8:f2:c3:b9:00: a6:13:cf:3c:6f:b3:12:79:25:1f:ea:b4:f3:dc:7e: 3c:b0:06:fa:fc:1f:9d:2d:ff:7d:0f:2e:d7:13:bd: 96:5b:8c:ca:39:e4:48:78:17:51:0a:36:aa:ab:8b: f7:6a:2e:c2:90:30:9c:4d:39:e5:ae:a5:08:75:9e: e5:c2:4f:4a:cb:2f:a5:93:69:ff:ab:d1:54:fc:33: 8f:20:84:a8:62:b2:82:4c:13:3a:28:61:14:78:73: 13:b9:87:46:57:f7:6a:5a:93:ec:c4:e0:69:18:f3: 6f:5e:ed:1a:b2:ae:fd:49:f7:c7:c4:4d:04:b1:21: 0f:33:f9:2c:9c:21:82:2c:a7:ce:14:76:98:ec:fb: d7:11:0b:9f:de:bf:46:89:82:42:21:53:17:25:57: ef:62:fe:40:c0:47:52:0f:3f:8f:4a:9e:79:ed:be: c1:d0:58:50:f1:83:c5:39:7b:7f:e9:01:0b:a7:01: 78:ca:c4:31:90:06:38:9e:67:2d:72:a6:f7:f1:13: f4:0f:08:34:5b:59:78:2c:4e:45:1a:a4:b8:5e:6c: de:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:8E:3A:E8:C7:73:C0:BA:30:63:E7:18:15:F7:FD:24:E8:DA:B5:47 X509v3 Authority Key Identifier: keyid:1D:D3:3A:68:BC:0B:5C:93:10:FF:F5:2A:D7:39:41:20:D1:02:A6:27 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C5319/F94D41C88C2C11EF8122EC11C4F9AE02/HdM6aLwLXJMQ__Uq1zlBINECpic.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HdM6aLwLXJMQ__Uq1zlBINECpic.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C5319/F94D41C88C2C11EF8122EC11C4F9AE02/HdM6aLwLXJMQ__Uq1zlBINECpic.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 93:ca:36:53:f3:97:f2:eb:4c:6c:b4:40:e4:89:71:4e:92:4c: bc:01:9e:c5:d0:ff:a9:e7:72:4c:10:c5:66:14:be:f2:18:35: 78:b2:b7:6b:e9:d9:c5:92:47:1e:a2:7e:9c:8f:a5:22:a8:75: 5c:29:fc:65:cd:df:98:d6:e0:59:e0:a8:29:e0:90:ed:a2:8d: c3:4f:4b:c7:4e:a2:48:a9:2e:0a:b3:66:87:93:ee:63:e5:f8: 2d:9d:a2:9b:bf:ba:25:fe:2c:91:b1:8c:e1:7d:58:97:ed:9f: 3f:da:73:dd:04:93:e6:b5:d6:47:2c:7f:9e:54:85:ae:59:da: f0:80:dd:67:6a:5c:c1:da:9c:2f:9f:2c:b3:2e:d6:31:5a:93: 29:59:53:6d:f9:86:67:b8:30:a2:9a:44:30:87:e8:33:b8:02: 42:8f:d0:28:4c:cf:23:e4:47:7c:1f:da:af:be:90:15:9f:36: 69:80:24:7e:61:03:7c:59:66:7f:06:40:d9:50:9b:f7:8a:76: 07:dd:86:e5:5f:4a:5a:dd:4c:10:ee:6a:c1:95:a6:6c:c4:1e: f5:0d:f8:5c:17:b7:c3:8c:1d:0d:24:f5:be:20:09:7e:e7:ad: 66:f3:dd:ee:ac:c7:00:95:66:8f:f7:3d:b2:83:98:75:19:a7: 5f:cb:cd:98 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBZTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD NTMxOTExMC8GA1UEBRMoMUREMzNBNjhCQzBCNUM5MzEwRkZGNTJBRDczOTQxMjBE MTAyQTYyNzAeFw0yNTA0MjUwNjAwMTBaFw0yNTA1MDIwNjAwMTBaMBgxFjAUBgNV BAMTDTY4MGIyNGViLTFlNDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCxt1x8NQUwbYBjdroGdXqCeax+lsMtsAVkfzaUAP4vnMPYD4k6r3Go8sO5AKYT zzxvsxJ5JR/qtPPcfjywBvr8H50t/30PLtcTvZZbjMo55Eh4F1EKNqqri/dqLsKQ MJxNOeWupQh1nuXCT0rLL6WTaf+r0VT8M48ghKhisoJMEzooYRR4cxO5h0ZX92pa k+zE4GkY829e7Rqyrv1J98fETQSxIQ8z+SycIYIsp84Udpjs+9cRC5/ev0aJgkIh UxclV+9i/kDAR1IPP49KnnntvsHQWFDxg8U5e3/pAQunAXjKxDGQBjieZy1ypvfx E/QPCDRbWXgsTkUapLhebN6RAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUhY466Mdz wLowY+cYFff9JOjatUcwHwYDVR0jBBgwFoAUHdM6aLwLXJMQ//Uq1zlBINECpicw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM1MzE5L0Y5NEQ0MUM4OEMy QzExRUY4MTIyRUMxMUM0RjlBRTAyL0hkTTZhTHdMWEpNUV9fVXExemxCSU5FQ3Bp Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvSGRNNmFMd0xYSk1RX19VcTF6bEJJTkVDcGljLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM1 MzE5L0Y5NEQ0MUM4OEMyQzExRUY4MTIyRUMxMUM0RjlBRTAyL0hkTTZhTHdMWEpN UV9fVXExemxCSU5FQ3BpYy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAJPKNlPzl/LrTGy0QOSJcU6STLwBnsXQ/6nnckwQxWYUvvIYNXiyt2vp 2cWSRx6ifpyPpSKodVwp/GXN35jW4FngqCngkO2ijcNPS8dOokipLgqzZoeT7mPl +C2dopu/uiX+LJGxjOF9WJftnz/ac90Ek+a11kcsf55Uha5Z2vCA3WdqXMHanC+f LLMu1jFakylZU235hme4MKKaRDCH6DO4AkKP0ChMzyPkR3wf2q++kBWfNmmAJH5h A3xZZn8GQNlQm/eKdgfdhuVfSlrdTBDuasGVpmzEHvUN+FwXt8OMHQ0k9b4gCX7n rWbz3e6sxwCVZo/3PbKDmHUZp1/LzZg= -----END CERTIFICATE-----Generated at Sat Apr 26 14:10:49 2025 by rpki-client