$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC9C4/1A70DC864E9311EDA730ED32C4F9AE02/hIP9VFfRHgUTVSER9bovNxLphfc.mft File: hIP9VFfRHgUTVSER9bovNxLphfc.mft (raw, json) Hash identifier: UiJW0EvclHVQtlXmUgfyLrCCiL0NLSfCkyAv0SRRh68= Subject key identifier: 0E:32:0A:C9:55:0A:CD:37:D1:DF:44:3B:67:3F:97:88:2D:4D:1D:50 Authority key identifier: 84:83:FD:54:57:D1:1E:05:13:55:21:11:F5:BA:2F:37:12:E9:85:F7 Certificate issuer: /CN=A91DC9C4/serialNumber=8483FD5457D11E0513552111F5BA2F3712E985F7 Certificate serial: 01E5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIP9VFfRHgUTVSER9bovNxLphfc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC9C4/1A70DC864E9311EDA730ED32C4F9AE02/hIP9VFfRHgUTVSER9bovNxLphfc.mft Manifest number: 01DD Signing time: Fri 25 Apr 2025 01:56:55 +0000 Manifest this update: Fri 25 Apr 2025 01:56:55 +0000 Manifest next update: Fri 02 May 2025 01:56:55 +0000 Files and hashes: 1: hIP9VFfRHgUTVSER9bovNxLphfc.crl (hash: wX5L9RnESmvJFI9WrxjbKOohJb4hYXGEj9VxKUfPdKU=) 2: 153EBE3ADEF711EF84C57421C4F9AE02.roa (hash: f6YvpcInK7aMZI/gTlnIjzNzS2LMqoG/bSzJ7lAf9V4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC9C4/1A70DC864E9311EDA730ED32C4F9AE02/hIP9VFfRHgUTVSER9bovNxLphfc.crl rsync://rpki.apnic.net/member_repository/A91DC9C4/1A70DC864E9311EDA730ED32C4F9AE02/hIP9VFfRHgUTVSER9bovNxLphfc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIP9VFfRHgUTVSER9bovNxLphfc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 01:56:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 485 (0x1e5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC9C4, serialNumber=8483FD5457D11E0513552111F5BA2F3712E985F7 Validity Not Before: Apr 25 01:56:55 2025 GMT Not After : May 2 01:56:55 2025 GMT Subject: CN=680aebe7-10bc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:f2:49:a1:b4:4d:99:20:c3:35:25:5c:9a:37: a7:d8:7d:7f:8a:da:7f:6e:e1:8d:38:28:cb:70:43: 51:00:4a:e1:21:18:e3:23:ad:37:fc:70:36:62:d0: c2:6c:1b:e7:80:f4:92:3d:c5:9e:2a:eb:ea:59:88: 85:39:ec:44:26:90:63:64:0d:79:2b:92:4f:86:b8: fc:c8:a2:32:61:da:5a:fa:14:26:29:16:54:46:9b: 5d:2d:2f:8f:ce:e4:d5:ca:bf:ee:f0:3a:da:b4:0a: e6:67:b8:3e:7f:89:bc:ef:f4:af:e8:74:59:7d:e6: 05:c8:80:58:61:55:54:52:a0:c2:aa:ec:9a:c7:7e: 0a:38:1a:2c:9f:03:92:ff:db:13:e4:e0:a3:18:08: 3a:5f:97:14:e8:1f:31:6b:c2:b2:52:3b:65:1f:66: 07:2e:6d:de:bb:29:80:b4:2f:03:d3:77:97:1a:7f: 69:1f:99:cf:d3:ab:25:41:ef:58:e6:9a:e1:56:38: 6e:47:8a:bb:f9:ee:e6:75:5b:1e:40:32:6e:bc:8a: 37:7c:eb:06:59:48:2d:60:cc:ab:70:d5:12:c5:04: 90:d2:cc:85:94:60:71:da:fd:e3:0d:2f:10:5f:6e: ec:a3:d0:43:9d:aa:49:11:67:2a:bc:b3:8e:26:81: f1:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:32:0A:C9:55:0A:CD:37:D1:DF:44:3B:67:3F:97:88:2D:4D:1D:50 X509v3 Authority Key Identifier: keyid:84:83:FD:54:57:D1:1E:05:13:55:21:11:F5:BA:2F:37:12:E9:85:F7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC9C4/1A70DC864E9311EDA730ED32C4F9AE02/hIP9VFfRHgUTVSER9bovNxLphfc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIP9VFfRHgUTVSER9bovNxLphfc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC9C4/1A70DC864E9311EDA730ED32C4F9AE02/hIP9VFfRHgUTVSER9bovNxLphfc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b5:7b:09:fb:fe:b7:31:f0:97:a1:eb:1d:70:ab:2d:69:62:b1: 8b:8f:90:80:3f:84:b0:71:90:90:6c:a7:ff:15:1d:cf:bf:78: cb:f7:9d:0d:13:26:94:e2:f0:f0:02:54:96:71:f9:80:81:42: 04:d8:fd:fa:59:13:d7:b4:de:ec:81:fa:c4:06:e4:9d:30:e8: 45:56:41:36:d8:9e:00:22:91:da:2a:31:db:ef:55:51:9d:e4: 44:70:da:68:f1:28:a9:67:00:08:dd:13:48:e6:b0:12:cb:fd: 86:2c:47:57:12:08:da:90:a5:51:1f:92:b9:9a:02:a0:b4:84: 5e:85:e2:08:3e:41:7e:a7:ed:e2:8f:6a:14:7b:7d:ed:27:67: 87:04:57:99:4d:c0:51:2c:43:16:a2:12:de:39:4f:5d:7d:e7: f2:a7:5d:a7:1b:6a:9b:b6:fd:ee:7e:8b:9f:47:03:1a:d3:60: de:54:02:5f:2e:18:3b:14:8c:fe:02:b5:cc:7c:8a:30:0e:fd: 14:e0:09:c1:db:3f:1c:8f:48:d7:4e:29:ac:d4:f0:3c:4e:92: f4:16:8f:b5:b9:2a:a8:15:d9:f5:42:d4:69:de:6e:bd:67:d9: 7e:f4:cd:a7:cb:b1:db:a0:d3:d8:76:3e:fc:39:17:a4:a8:e6: b5:49:14:04 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAeUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REM5QzQxMTAvBgNVBAUTKDg0ODNGRDU0NTdEMTFFMDUxMzU1MjExMUY1QkEyRjM3 MTJFOTg1RjcwHhcNMjUwNDI1MDE1NjU1WhcNMjUwNTAyMDE1NjU1WjAYMRYwFAYD VQQDEw02ODBhZWJlNy0xMGJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2vJJobRNmSDDNSVcmjen2H1/itp/buGNOCjLcENRAErhIRjjI603/HA2YtDC bBvngPSSPcWeKuvqWYiFOexEJpBjZA15K5JPhrj8yKIyYdpa+hQmKRZURptdLS+P zuTVyr/u8DratArmZ7g+f4m87/Sv6HRZfeYFyIBYYVVUUqDCquyax34KOBosnwOS /9sT5OCjGAg6X5cU6B8xa8KyUjtlH2YHLm3euymAtC8D03eXGn9pH5nP06slQe9Y 5prhVjhuR4q7+e7mdVseQDJuvIo3fOsGWUgtYMyrcNUSxQSQ0syFlGBx2v3jDS8Q X27so9BDnapJEWcqvLOOJoHxbQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA4yCslV Cs030d9EO2c/l4gtTR1QMB8GA1UdIwQYMBaAFISD/VRX0R4FE1UhEfW6LzcS6YX3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzlDNC8xQTcwREM4NjRF OTMxMUVEQTczMEVEMzJDNEY5QUUwMi9oSVA5VkZmUkhnVVRWU0VSOWJvdk54THBo ZmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hJUDlWRmZSSGdVVFZTRVI5Ym92TnhMcGhmYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QzlDNC8xQTcwREM4NjRFOTMxMUVEQTczMEVEMzJDNEY5QUUwMi9oSVA5VkZmUkhn VVRWU0VSOWJvdk54THBoZmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC1ewn7/rcx8Jeh6x1wqy1pYrGLj5CAP4SwcZCQbKf/FR3Pv3jL950N EyaU4vDwAlSWcfmAgUIE2P36WRPXtN7sgfrEBuSdMOhFVkE22J4AIpHaKjHb71VR neREcNpo8SipZwAI3RNI5rASy/2GLEdXEgjakKVRH5K5mgKgtIReheIIPkF+p+3i j2oUe33tJ2eHBFeZTcBRLEMWohLeOU9dfefyp12nG2qbtv3ufoufRwMa02DeVAJf Lhg7FIz+ArXMfIowDv0U4AnB2z8cj0jXTims1PA8TpL0Fo+1uSqoFdn1QtRp3m69 Z9l+9M2ny7HboNPYdj78ORekqOa1SRQE -----END CERTIFICATE-----Generated at Sat Apr 26 03:39:36 2025 by rpki-client