$ rpki-client -vvf rpki.apnic.net/member_repository/A91CF9F5/8B926D2A5B9E11EF8BF9175BC4F9AE02/h7HuPp7irRoRPyeipU4sC41a-zQ.mft File: h7HuPp7irRoRPyeipU4sC41a-zQ.mft (raw, json) Hash identifier: VR4pYj8dxOCapzcjINbvh4lQrUo6zL2XBOjSt99nvKk= Subject key identifier: 4D:94:D6:81:40:EE:8B:BF:1B:15:F8:3D:03:B3:D2:9E:9D:2C:28:5A Authority key identifier: 87:B1:EE:3E:9E:E2:AD:1A:11:3F:27:A2:A5:4E:2C:0B:8D:5A:FB:34 Certificate issuer: /CN=A91CF9F5/serialNumber=87B1EE3E9EE2AD1A113F27A2A54E2C0B8D5AFB34 Certificate serial: 87 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7HuPp7irRoRPyeipU4sC41a-zQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CF9F5/8B926D2A5B9E11EF8BF9175BC4F9AE02/h7HuPp7irRoRPyeipU4sC41a-zQ.mft Manifest number: 85 Signing time: Fri 25 Apr 2025 05:35:43 +0000 Manifest this update: Fri 25 Apr 2025 05:35:42 +0000 Manifest next update: Fri 02 May 2025 05:35:42 +0000 Files and hashes: 1: h7HuPp7irRoRPyeipU4sC41a-zQ.crl (hash: oxk9PXvojjDq99A/aCIS/xZoual0y8TDQ3dCyN+Q2cs=) 2: D4FC5DAE5B9E11EF9205B45BC4F9AE02.roa (hash: 01FcOCzumKzY/vQ8wHIJFFKXgIpVBxtq1T3eDI1dtgs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CF9F5/8B926D2A5B9E11EF8BF9175BC4F9AE02/h7HuPp7irRoRPyeipU4sC41a-zQ.crl rsync://rpki.apnic.net/member_repository/A91CF9F5/8B926D2A5B9E11EF8BF9175BC4F9AE02/h7HuPp7irRoRPyeipU4sC41a-zQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7HuPp7irRoRPyeipU4sC41a-zQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 05:35:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 135 (0x87) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CF9F5, serialNumber=87B1EE3E9EE2AD1A113F27A2A54E2C0B8D5AFB34 Validity Not Before: Apr 25 05:35:42 2025 GMT Not After : May 2 05:35:42 2025 GMT Subject: CN=680b1f2e-77f6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:8f:7b:88:0f:47:dc:35:2a:d2:30:a9:47:e5: be:20:25:f0:29:4f:dc:8e:b2:ac:58:70:44:de:35: 5a:79:c0:7a:b4:d2:37:35:da:4f:77:d8:a7:c0:ae: 43:16:0d:0b:39:8c:42:f9:bf:70:a6:de:e0:7f:ea: 7b:b8:78:9d:e6:83:f9:ae:49:52:08:ad:19:d1:96: cd:7f:79:1b:7d:bb:53:28:16:d5:1b:67:73:94:ec: ee:f3:4b:f3:c7:95:29:4b:18:ce:0d:10:af:73:c1: c3:0c:84:48:d1:8b:c5:b8:6d:03:d7:b4:eb:e4:de: 06:d6:41:d0:d5:3b:26:46:db:e3:20:ac:b3:8b:9d: d6:2a:e2:60:5f:6b:1d:64:a3:79:92:dc:57:6e:b3: da:e3:56:2a:26:99:81:8f:c9:00:61:c0:f3:bf:3e: ee:c2:20:e2:0e:96:94:b4:32:44:ef:5b:cb:3b:fb: 1f:19:e6:4d:bb:db:0c:15:02:1f:74:da:d6:ea:ec: b6:ef:2a:62:a0:c0:b3:a0:e4:d2:4c:1a:3a:41:26: 59:49:69:f5:36:61:b5:28:f4:2a:dc:38:bf:65:f9: 6f:57:bb:0e:60:df:1d:fe:64:64:02:12:b9:f6:d7: 25:7d:14:b9:6d:41:dc:af:78:d2:3f:9b:ce:e5:a8: 84:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:94:D6:81:40:EE:8B:BF:1B:15:F8:3D:03:B3:D2:9E:9D:2C:28:5A X509v3 Authority Key Identifier: keyid:87:B1:EE:3E:9E:E2:AD:1A:11:3F:27:A2:A5:4E:2C:0B:8D:5A:FB:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CF9F5/8B926D2A5B9E11EF8BF9175BC4F9AE02/h7HuPp7irRoRPyeipU4sC41a-zQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7HuPp7irRoRPyeipU4sC41a-zQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CF9F5/8B926D2A5B9E11EF8BF9175BC4F9AE02/h7HuPp7irRoRPyeipU4sC41a-zQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 55:93:ed:e0:4b:f5:09:58:4f:02:ed:ea:87:98:f0:66:14:e4: a9:0c:60:26:13:40:aa:46:24:c9:d5:68:31:99:58:bb:0e:8a: a0:0c:ac:ed:8a:25:67:c3:ea:7d:2f:7a:57:f7:6f:74:a1:f2: de:7e:a5:56:1b:50:4a:ef:57:54:b8:86:b4:95:57:0a:ba:21: 93:db:86:50:8c:cd:43:11:64:da:7a:ce:91:59:19:ec:46:c8: 0a:45:65:c1:97:11:62:88:0e:9d:00:3a:85:5f:33:c6:f7:97: 55:27:a7:c4:b8:a4:5c:2f:88:5f:7b:da:b2:7d:a2:36:44:79: 46:7d:d6:e3:c1:b5:4f:9e:5f:cf:d5:44:da:4f:b7:11:5f:22: 49:42:c7:f3:f7:a1:d8:3f:e6:67:63:51:25:64:b5:e9:ec:10: 71:34:2a:01:ff:e1:bf:c6:f0:dc:16:e0:79:33:45:3f:8a:19: 31:3f:90:2f:db:1f:7b:d1:4d:f3:9b:fa:35:0a:55:61:71:55: 91:55:39:63:f4:59:31:4a:7d:8f:41:5f:49:8b:7e:12:ce:12: dc:d0:9c:a9:b8:fb:b0:29:d5:0f:58:90:8c:7e:5c:38:f7:2f: 78:20:b8:48:be:3a:17:13:a4:a8:4a:e7:9b:b2:a3:bf:10:6a: c9:bb:25:16 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0Y5RjUxMTAvBgNVBAUTKDg3QjFFRTNFOUVFMkFEMUExMTNGMjdBMkE1NEUyQzBC OEQ1QUZCMzQwHhcNMjUwNDI1MDUzNTQyWhcNMjUwNTAyMDUzNTQyWjAYMRYwFAYD VQQDEw02ODBiMWYyZS03N2Y2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApo97iA9H3DUq0jCpR+W+ICXwKU/cjrKsWHBE3jVaecB6tNI3NdpPd9inwK5D Fg0LOYxC+b9wpt7gf+p7uHid5oP5rklSCK0Z0ZbNf3kbfbtTKBbVG2dzlOzu80vz x5UpSxjODRCvc8HDDIRI0YvFuG0D17Tr5N4G1kHQ1TsmRtvjIKyzi53WKuJgX2sd ZKN5ktxXbrPa41YqJpmBj8kAYcDzvz7uwiDiDpaUtDJE71vLO/sfGeZNu9sMFQIf dNrW6uy27ypioMCzoOTSTBo6QSZZSWn1NmG1KPQq3Di/ZflvV7sOYN8d/mRkAhK5 9tclfRS5bUHcr3jSP5vO5aiEAQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE2U1oFA 7ou/GxX4PQOz0p6dLChaMB8GA1UdIwQYMBaAFIex7j6e4q0aET8noqVOLAuNWvs0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRjlGNS84QjkyNkQyQTVC OUUxMUVGOEJGOTE3NUJDNEY5QUUwMi9oN0h1UHA3aXJSb1JQeWVpcFU0c0M0MWEt elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2g3SHVQcDdpclJvUlB5ZWlwVTRzQzQxYS16US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RjlGNS84QjkyNkQyQTVCOUUxMUVGOEJGOTE3NUJDNEY5QUUwMi9oN0h1UHA3aXJS b1JQeWVpcFU0c0M0MWEtelEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBVk+3gS/UJWE8C7eqHmPBmFOSpDGAmE0CqRiTJ1WgxmVi7DoqgDKzt iiVnw+p9L3pX9290ofLefqVWG1BK71dUuIa0lVcKuiGT24ZQjM1DEWTaes6RWRns RsgKRWXBlxFiiA6dADqFXzPG95dVJ6fEuKRcL4hfe9qyfaI2RHlGfdbjwbVPnl/P 1UTaT7cRXyJJQsfz96HYP+ZnY1ElZLXp7BBxNCoB/+G/xvDcFuB5M0U/ihkxP5Av 2x970U3zm/o1ClVhcVWRVTlj9FkxSn2PQV9Ji34SzhLc0JypuPuwKdUPWJCMflw4 9y94ILhIvjoXE6SoSuebsqO/EGrJuyUW -----END CERTIFICATE-----Generated at Sat Apr 26 17:15:50 2025 by rpki-client