$ rpki-client -vvf rpki.apnic.net/member_repository/A91D0B6B/7EC0076CFE3F11EF8FA27752C4F9AE02/hXm-LYNFaC8nrucGK71O92ZOVxs.mft File: hXm-LYNFaC8nrucGK71O92ZOVxs.mft (raw, json) Hash identifier: RnWZJyWE2XUsiNDrvTRprcud5ct59o5FFHQKrt4MT+c= Subject key identifier: 7E:04:C7:EA:73:70:A3:F1:EC:37:54:20:13:74:E4:33:5A:27:2E:55 Authority key identifier: 85:79:BE:2D:83:45:68:2F:27:AE:E7:06:2B:BD:4E:F7:66:4E:57:1B Certificate issuer: /CN=A91D0B6B/serialNumber=8579BE2D8345682F27AEE7062BBD4EF7664E571B Certificate serial: 19 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hXm-LYNFaC8nrucGK71O92ZOVxs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D0B6B/7EC0076CFE3F11EF8FA27752C4F9AE02/hXm-LYNFaC8nrucGK71O92ZOVxs.mft Manifest number: 19 Signing time: Fri 25 Apr 2025 06:56:38 +0000 Manifest this update: Fri 25 Apr 2025 06:56:37 +0000 Manifest next update: Fri 02 May 2025 06:56:37 +0000 Files and hashes: 1: hXm-LYNFaC8nrucGK71O92ZOVxs.crl (hash: 1TRBhC0CmF7VdS6RuOdbO8atVDny+WzuboEWw7WxYn0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D0B6B/7EC0076CFE3F11EF8FA27752C4F9AE02/hXm-LYNFaC8nrucGK71O92ZOVxs.crl rsync://rpki.apnic.net/member_repository/A91D0B6B/7EC0076CFE3F11EF8FA27752C4F9AE02/hXm-LYNFaC8nrucGK71O92ZOVxs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hXm-LYNFaC8nrucGK71O92ZOVxs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:56:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25 (0x19) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D0B6B, serialNumber=8579BE2D8345682F27AEE7062BBD4EF7664E571B Validity Not Before: Apr 25 06:56:37 2025 GMT Not After : May 2 06:56:37 2025 GMT Subject: CN=680b3225-6087 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:92:d6:9f:a6:21:3c:57:53:f6:fb:87:85:77: 30:3d:15:91:99:9f:9e:74:a3:b7:fa:19:3f:d9:0e: 53:a1:85:b9:ed:84:be:6d:f3:ed:b4:f4:24:9f:de: 3d:8e:00:6b:b1:b2:6a:33:bf:8a:de:03:0f:8b:71: f3:77:d6:07:a3:80:b9:de:f9:b2:00:14:07:a7:b4: a5:01:0f:e7:06:ea:3c:81:70:b7:61:da:b3:fc:d8: da:d8:07:89:ea:75:84:75:40:4e:04:43:fc:a2:2d: 89:b8:9b:9e:9c:3b:5d:15:96:18:41:f2:18:9a:60: e8:0f:35:49:02:30:de:2f:56:0e:56:a1:11:41:50: 88:b8:43:85:ba:0d:57:33:38:0d:08:ce:24:d9:9c: ea:51:b3:7a:bc:11:a3:24:99:61:7c:f0:c6:e1:d8: 3c:e0:b1:5a:f9:ec:75:92:83:7a:45:44:42:88:2f: d5:25:0a:28:c8:12:51:8d:f9:35:21:db:cb:0f:08: 3f:1d:5b:64:af:64:d1:49:9f:a4:e2:7e:37:fb:6a: 0a:09:1b:bc:01:47:13:fe:1b:16:4a:5d:a7:53:b9: b2:6d:93:1d:8c:c0:de:7c:f0:c0:2a:bd:8d:2e:48: 1a:76:bc:16:ee:11:a4:87:47:1e:79:05:99:a2:6e: a3:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:04:C7:EA:73:70:A3:F1:EC:37:54:20:13:74:E4:33:5A:27:2E:55 X509v3 Authority Key Identifier: keyid:85:79:BE:2D:83:45:68:2F:27:AE:E7:06:2B:BD:4E:F7:66:4E:57:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D0B6B/7EC0076CFE3F11EF8FA27752C4F9AE02/hXm-LYNFaC8nrucGK71O92ZOVxs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hXm-LYNFaC8nrucGK71O92ZOVxs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D0B6B/7EC0076CFE3F11EF8FA27752C4F9AE02/hXm-LYNFaC8nrucGK71O92ZOVxs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 50:da:3c:28:26:ad:31:5d:32:3f:b4:6c:26:44:8f:f8:d9:2f: 33:ea:d4:21:6f:c5:e8:11:8b:a5:a0:36:e8:d7:f6:d4:57:df: a8:1f:33:6a:d1:06:6d:8f:b7:11:6b:62:cf:bc:a6:07:88:a1: 76:e3:9a:19:a7:30:2b:53:4a:54:ef:6b:94:a6:0d:1f:a1:94: df:25:23:e2:dc:38:7e:f5:88:9f:4b:bc:1b:c4:26:65:da:89: 99:f0:28:fe:78:27:53:d1:dc:ab:1f:d1:4b:1a:73:86:d3:46: 8a:b8:f2:4a:3c:98:97:e6:fe:bb:ab:bf:5c:e3:6e:37:b3:d6: f6:e2:3c:7f:e0:58:24:ef:43:82:97:4f:d9:74:3b:9b:24:f0: 84:66:77:a6:84:83:28:fc:5e:12:bb:02:91:5d:ad:ff:44:92: 77:d0:ab:fe:b5:17:81:b5:39:95:b3:ae:7a:80:c6:d9:9a:66: 58:00:6c:3f:3e:2d:42:1b:db:ce:7c:06:65:6c:53:dd:5b:62: 5a:59:03:6a:e9:79:b2:18:f4:6a:10:c1:a4:7b:5e:4f:98:cd: a6:48:05:8a:94:d1:5a:f5:5d:12:1c:ac:e9:42:68:92:dc:e8: 22:ff:cd:4e:55:a5:ed:39:d9:8f:40:22:31:23:0a:e1:c9:ef: b3:60:49:40 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBGTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE MEI2QjExMC8GA1UEBRMoODU3OUJFMkQ4MzQ1NjgyRjI3QUVFNzA2MkJCRDRFRjc2 NjRFNTcxQjAeFw0yNTA0MjUwNjU2MzdaFw0yNTA1MDIwNjU2MzdaMBgxFjAUBgNV BAMTDTY4MGIzMjI1LTYwODcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDHktafpiE8V1P2+4eFdzA9FZGZn550o7f6GT/ZDlOhhbnthL5t8+209CSf3j2O AGuxsmozv4reAw+LcfN31gejgLne+bIAFAentKUBD+cG6jyBcLdh2rP82NrYB4nq dYR1QE4EQ/yiLYm4m56cO10VlhhB8hiaYOgPNUkCMN4vVg5WoRFBUIi4Q4W6DVcz OA0IziTZnOpRs3q8EaMkmWF88Mbh2DzgsVr57HWSg3pFREKIL9UlCijIElGN+TUh 28sPCD8dW2SvZNFJn6Tifjf7agoJG7wBRxP+GxZKXadTubJtkx2MwN588MAqvY0u SBp2vBbuEaSHRx55BZmibqMrAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUfgTH6nNw o/HsN1QgE3TkM1onLlUwHwYDVR0jBBgwFoAUhXm+LYNFaC8nrucGK71O92ZOVxsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQwQjZCLzdFQzAwNzZDRkUz RjExRUY4RkEyNzc1MkM0RjlBRTAyL2hYbS1MWU5GYUM4bnJ1Y0dLNzFPOTJaT1Z4 cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaFhtLUxZTkZhQzhucnVjR0s3MU85MlpPVnhzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQw QjZCLzdFQzAwNzZDRkUzRjExRUY4RkEyNzc1MkM0RjlBRTAyL2hYbS1MWU5GYUM4 bnJ1Y0dLNzFPOTJaT1Z4cy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAFDaPCgmrTFdMj+0bCZEj/jZLzPq1CFvxegRi6WgNujX9tRX36gfM2rR Bm2PtxFrYs+8pgeIoXbjmhmnMCtTSlTva5SmDR+hlN8lI+LcOH71iJ9LvBvEJmXa iZnwKP54J1PR3Ksf0Usac4bTRoq48ko8mJfm/rurv1zjbjez1vbiPH/gWCTvQ4KX T9l0O5sk8IRmd6aEgyj8XhK7ApFdrf9EknfQq/61F4G1OZWzrnqAxtmaZlgAbD8+ LUIb2858BmVsU91bYlpZA2rpebIY9GoQwaR7Xk+YzaZIBYqU0Vr1XRIcrOlCaJLc 6CL/zU5Vpe052Y9AIjEjCuHJ77NgSUA= -----END CERTIFICATE-----Generated at Sat Apr 26 12:36:54 2025 by rpki-client