$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6825/1AA90FB69ABC11EB900A164CC4F9AE02/hxSXyIUOQWJXlcT42UXHs9BBbB8.mft File: hxSXyIUOQWJXlcT42UXHs9BBbB8.mft (raw, json) Hash identifier: 6JwKOjFXoNP7aFKGYs7QhA9ONK+nzgrN41Dg0LwRIhI= Subject key identifier: A0:BA:C7:0F:3F:B4:BC:48:60:A7:B4:83:9D:14:45:41:FB:FC:25:2B Authority key identifier: 87:14:97:C8:85:0E:41:62:57:95:C4:F8:D9:45:C7:B3:D0:41:6C:1F Certificate issuer: /CN=A91C6825/serialNumber=871497C8850E41625795C4F8D945C7B3D0416C1F Certificate serial: 0617 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hxSXyIUOQWJXlcT42UXHs9BBbB8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C6825/1AA90FB69ABC11EB900A164CC4F9AE02/hxSXyIUOQWJXlcT42UXHs9BBbB8.mft Manifest number: 0612 Signing time: Thu 24 Apr 2025 22:35:56 +0000 Manifest this update: Thu 24 Apr 2025 22:35:55 +0000 Manifest next update: Thu 01 May 2025 22:35:55 +0000 Files and hashes: 1: hxSXyIUOQWJXlcT42UXHs9BBbB8.crl (hash: pIUc7/SQcmKjUwNrr4Rd1YsTgOEAojAaKIFp/eNPHvg=) 2: 925B815E9ABE11EBA445A74FC4F9AE02.roa (hash: qG6STwlDbN6NW6ARno6ilKFIOOqEukZRWb32de5Epio=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C6825/1AA90FB69ABC11EB900A164CC4F9AE02/hxSXyIUOQWJXlcT42UXHs9BBbB8.crl rsync://rpki.apnic.net/member_repository/A91C6825/1AA90FB69ABC11EB900A164CC4F9AE02/hxSXyIUOQWJXlcT42UXHs9BBbB8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hxSXyIUOQWJXlcT42UXHs9BBbB8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 22:35:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1559 (0x617) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C6825, serialNumber=871497C8850E41625795C4F8D945C7B3D0416C1F Validity Not Before: Apr 24 22:35:55 2025 GMT Not After : May 1 22:35:55 2025 GMT Subject: CN=680abccc-1b74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:c5:55:ee:ee:eb:f9:d0:5e:46:f5:f4:6e:43: 89:43:3d:56:5c:b6:9c:64:bd:5a:eb:83:56:b0:c8: f1:67:8d:cf:c5:1e:28:62:14:21:7a:b4:7a:50:79: 5b:7f:d8:8d:26:36:2b:36:8d:5d:40:75:1b:9c:74: 8d:7f:06:10:3d:3c:da:3d:53:46:0e:a9:a1:92:b2: 93:79:4d:e9:55:a6:11:6a:ac:7e:8c:f2:92:a4:d8: 9f:d5:2b:43:4e:e0:67:4c:87:7e:e4:8b:98:e0:61: fd:b5:81:d2:6d:75:79:d2:e2:c8:60:cb:62:90:61: be:77:6a:68:79:37:3f:ed:26:80:eb:85:4a:52:59: ca:9d:7d:06:0b:fe:91:73:c9:4d:ec:48:be:5b:dd: 30:e0:82:0e:5b:ec:8c:41:9c:c1:6e:4d:97:de:97: 4e:af:ef:5b:f1:83:d4:6a:e9:55:bf:7c:28:29:43: 92:cb:77:6e:24:84:dd:1e:7d:ff:4e:bd:bf:d4:e1: 54:7a:b8:fe:8c:d3:69:bc:12:24:ba:a3:92:64:e8: 63:ce:db:32:4c:a1:59:b9:19:f6:76:08:8a:f5:66: 30:07:fd:15:29:71:27:c1:ea:ce:0d:62:4f:71:39: f6:12:54:3c:24:3a:d2:61:17:03:13:0f:06:55:bb: 9c:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:BA:C7:0F:3F:B4:BC:48:60:A7:B4:83:9D:14:45:41:FB:FC:25:2B X509v3 Authority Key Identifier: keyid:87:14:97:C8:85:0E:41:62:57:95:C4:F8:D9:45:C7:B3:D0:41:6C:1F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C6825/1AA90FB69ABC11EB900A164CC4F9AE02/hxSXyIUOQWJXlcT42UXHs9BBbB8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hxSXyIUOQWJXlcT42UXHs9BBbB8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6825/1AA90FB69ABC11EB900A164CC4F9AE02/hxSXyIUOQWJXlcT42UXHs9BBbB8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2a:5f:eb:cf:f5:36:23:45:6d:ac:6b:ab:9a:a1:e0:41:cc:44: 2a:70:c7:92:9a:a0:92:68:e3:01:1c:ae:f1:2a:5b:d6:18:df: fd:93:69:0b:57:d5:57:ac:7f:21:db:06:2c:2a:74:86:6f:5c: eb:ed:c8:55:8d:7a:4d:42:ae:1e:35:e8:47:72:09:8f:2f:71: 83:70:60:0e:1d:3a:6e:fb:a7:60:8d:a8:85:02:2e:2b:24:6b: 8b:9a:03:53:a5:08:04:22:e1:68:82:69:4e:64:81:57:db:6f: d1:ef:4a:a7:df:d6:82:f3:ca:b9:4e:e8:04:1e:61:fe:ad:f3: 4c:1e:4e:35:07:c2:46:11:3b:18:05:a5:fa:ac:76:f4:c9:bb: bf:cb:a5:e1:cc:a2:cf:77:7e:d3:ad:c3:67:d7:e6:05:2c:e9: 9c:1f:2f:0a:5d:69:dc:3c:b7:0b:44:bf:05:94:46:9a:20:6f: 31:94:17:89:e3:39:9b:35:d1:1d:8b:b9:fb:49:ef:c7:b8:e8: bf:11:ff:d8:7a:00:9d:f7:36:20:bf:46:3e:54:8f:32:19:51: 90:f8:8d:cf:ba:d2:aa:39:78:4c:a2:b8:eb:9d:68:e8:eb:b8: ef:51:8f:cf:fb:1c:4e:64:9c:98:f0:92:19:39:df:fb:24:6c: 14:4d:8c:1e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBhcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzY4MjUxMTAvBgNVBAUTKDg3MTQ5N0M4ODUwRTQxNjI1Nzk1QzRGOEQ5NDVDN0Iz RDA0MTZDMUYwHhcNMjUwNDI0MjIzNTU1WhcNMjUwNTAxMjIzNTU1WjAYMRYwFAYD VQQDEw02ODBhYmNjYy0xYjc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA08VV7u7r+dBeRvX0bkOJQz1WXLacZL1a64NWsMjxZ43PxR4oYhQherR6UHlb f9iNJjYrNo1dQHUbnHSNfwYQPTzaPVNGDqmhkrKTeU3pVaYRaqx+jPKSpNif1StD TuBnTId+5IuY4GH9tYHSbXV50uLIYMtikGG+d2poeTc/7SaA64VKUlnKnX0GC/6R c8lN7Ei+W90w4IIOW+yMQZzBbk2X3pdOr+9b8YPUaulVv3woKUOSy3duJITdHn3/ Tr2/1OFUerj+jNNpvBIkuqOSZOhjztsyTKFZuRn2dgiK9WYwB/0VKXEnwerODWJP cTn2ElQ8JDrSYRcDEw8GVbucrQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKC6xw8/ tLxIYKe0g50URUH7/CUrMB8GA1UdIwQYMBaAFIcUl8iFDkFiV5XE+NlFx7PQQWwf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNjgyNS8xQUE5MEZCNjlB QkMxMUVCOTAwQTE2NENDNEY5QUUwMi9oeFNYeUlVT1FXSlhsY1Q0MlVYSHM5QkJi QjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2h4U1h5SVVPUVdKWGxjVDQyVVhIczlCQmJCOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NjgyNS8xQUE5MEZCNjlBQkMxMUVCOTAwQTE2NENDNEY5QUUwMi9oeFNYeUlVT1FX SlhsY1Q0MlVYSHM5QkJiQjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAqX+vP9TYjRW2sa6uaoeBBzEQqcMeSmqCSaOMBHK7xKlvWGN/9k2kL V9VXrH8h2wYsKnSGb1zr7chVjXpNQq4eNehHcgmPL3GDcGAOHTpu+6dgjaiFAi4r JGuLmgNTpQgEIuFogmlOZIFX22/R70qn39aC88q5TugEHmH+rfNMHk41B8JGETsY BaX6rHb0ybu/y6XhzKLPd37TrcNn1+YFLOmcHy8KXWncPLcLRL8FlEaaIG8xlBeJ 4zmbNdEdi7n7Se/HuOi/Ef/YegCd9zYgv0Y+VI8yGVGQ+I3PutKqOXhMorjrnWjo 67jvUY/P+xxOZJyY8JIZOd/7JGwUTYwe -----END CERTIFICATE-----Generated at Sat Apr 26 04:31:42 2025 by rpki-client