$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3584/D1A129461D8511E2BB4FA4DC08B02CD2/HAF157M3En5uwlH0Og0qxhMRv04.mft File: HAF157M3En5uwlH0Og0qxhMRv04.mft (raw, json) Hash identifier: k5yyF8nSkggIZAMsDxFlGmbTqfWLiv2Aw4CpJ9/ETwo= Subject key identifier: 62:DD:5E:63:A1:C6:ED:6A:8F:86:21:E7:D9:E5:B5:47:EE:93:09:E6 Authority key identifier: 1C:01:75:E7:B3:37:12:7E:6E:C2:51:F4:3A:0D:2A:C6:13:11:BF:4E Certificate issuer: /CN=A91E3584/serialNumber=1C0175E7B337127E6EC251F43A0D2AC61311BF4E Certificate serial: 3474 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HAF157M3En5uwlH0Og0qxhMRv04.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3584/D1A129461D8511E2BB4FA4DC08B02CD2/HAF157M3En5uwlH0Og0qxhMRv04.mft Manifest number: 3471 Signing time: Sat 26 Apr 2025 14:25:38 +0000 Manifest this update: Sat 26 Apr 2025 14:25:37 +0000 Manifest next update: Sat 03 May 2025 14:25:37 +0000 Files and hashes: 1: HAF157M3En5uwlH0Og0qxhMRv04.crl (hash: 07/uqpFFI/xPtxAUXFxiQ1Zo3iGvIes5mUQbKT5Qw60=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3584/D1A129461D8511E2BB4FA4DC08B02CD2/HAF157M3En5uwlH0Og0qxhMRv04.crl rsync://rpki.apnic.net/member_repository/A91E3584/D1A129461D8511E2BB4FA4DC08B02CD2/HAF157M3En5uwlH0Og0qxhMRv04.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HAF157M3En5uwlH0Og0qxhMRv04.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 03 May 2025 14:25:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13428 (0x3474) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3584, serialNumber=1C0175E7B337127E6EC251F43A0D2AC61311BF4E Validity Not Before: Apr 26 14:25:37 2025 GMT Not After : May 3 14:25:37 2025 GMT Subject: CN=680cece2-6c05 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:57:fa:97:e2:dd:93:7f:83:bb:55:19:51:f7: f8:fd:05:24:86:b0:c7:bd:91:6c:52:31:a5:0d:37: 64:5f:a8:6e:14:1b:ba:2e:b4:cf:4f:1b:7c:71:2f: ae:4a:26:9a:a5:7b:54:b4:90:3c:4b:f8:eb:04:3c: bf:ff:d0:4b:b3:25:80:bc:9f:ec:ce:bf:1f:9c:cf: 98:5f:c7:2c:dc:ec:cb:a7:b7:cd:a8:d8:b7:59:f9: d0:8c:e1:c1:56:1d:e5:80:c9:a5:03:62:98:da:b3: 4e:e7:58:21:41:09:de:03:ad:1d:4d:51:a7:71:54: 52:1b:95:84:4e:df:39:5a:d9:99:7f:e0:1b:eb:35: 11:36:c2:99:d4:73:e5:b1:23:13:9a:54:96:79:3c: 92:49:c6:46:26:35:bf:8c:38:b6:4d:9d:21:f7:ef: 81:51:c1:6f:8a:e0:5b:17:5b:6b:70:d2:a2:4e:50: f4:5d:b3:d9:15:ba:2c:d7:e9:44:45:f4:93:39:be: c3:22:e3:ac:ae:08:86:6f:b1:2e:94:4e:48:32:d3: 85:02:6e:3f:90:69:8c:7c:2c:a4:a5:61:7e:7b:ce: 34:71:3b:4d:a9:cd:5a:6a:72:0d:15:78:b3:d7:ed: 32:3f:c2:a4:b0:6a:6d:06:51:ba:6a:73:97:5b:3f: 63:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:DD:5E:63:A1:C6:ED:6A:8F:86:21:E7:D9:E5:B5:47:EE:93:09:E6 X509v3 Authority Key Identifier: keyid:1C:01:75:E7:B3:37:12:7E:6E:C2:51:F4:3A:0D:2A:C6:13:11:BF:4E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3584/D1A129461D8511E2BB4FA4DC08B02CD2/HAF157M3En5uwlH0Og0qxhMRv04.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HAF157M3En5uwlH0Og0qxhMRv04.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3584/D1A129461D8511E2BB4FA4DC08B02CD2/HAF157M3En5uwlH0Og0qxhMRv04.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 77:72:7d:a9:99:c9:4d:d5:4d:09:88:ea:a5:87:18:4f:ba:d7: d3:70:99:ea:75:1a:f3:61:e8:8e:2c:1e:e1:65:10:1f:7f:f2: 26:78:33:3d:95:a5:a1:40:61:5e:da:7b:2c:25:d2:83:ee:b1: 1a:13:fc:aa:f8:3f:d7:a1:35:5f:0e:ca:86:d6:ce:e5:59:6e: 09:2a:5b:44:5f:d1:73:8c:44:e5:8a:31:59:f1:11:4b:6b:fc: 9a:fd:ce:9f:fe:d2:9c:a7:a0:1c:db:1d:db:99:d0:37:d0:04: c6:66:12:f9:5b:46:f7:c6:49:80:e1:4d:a4:73:d8:f8:c8:a3: 4d:1a:4f:d1:5a:08:e0:8f:00:96:e8:82:a5:9d:34:a9:1f:21: 94:cb:ef:62:56:a3:14:f2:10:00:b5:86:08:ae:d1:f0:78:b6: 5f:07:fb:08:4e:2c:3a:71:db:8f:2b:f7:ea:d6:91:c0:53:2e: 50:9c:8f:c6:26:4b:1e:43:e6:37:39:88:2c:0d:fd:c3:64:c4: 8c:23:db:bb:51:8f:71:f1:dd:0f:b6:35:45:93:1c:03:69:e9: e7:40:82:7d:64:8c:b9:43:b6:ae:5c:18:32:d2:5a:30:93:23: 66:84:b0:0e:ed:8b:51:e0:55:07:d3:11:fe:38:6a:76:af:24: 15:c2:f9:7b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNHQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTM1ODQxMTAvBgNVBAUTKDFDMDE3NUU3QjMzNzEyN0U2RUMyNTFGNDNBMEQyQUM2 MTMxMUJGNEUwHhcNMjUwNDI2MTQyNTM3WhcNMjUwNTAzMTQyNTM3WjAYMRYwFAYD VQQDEw02ODBjZWNlMi02YzA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2Ff6l+Ldk3+Du1UZUff4/QUkhrDHvZFsUjGlDTdkX6huFBu6LrTPTxt8cS+u SiaapXtUtJA8S/jrBDy//9BLsyWAvJ/szr8fnM+YX8cs3OzLp7fNqNi3WfnQjOHB Vh3lgMmlA2KY2rNO51ghQQneA60dTVGncVRSG5WETt85WtmZf+Ab6zURNsKZ1HPl sSMTmlSWeTySScZGJjW/jDi2TZ0h9++BUcFviuBbF1trcNKiTlD0XbPZFbos1+lE RfSTOb7DIuOsrgiGb7EulE5IMtOFAm4/kGmMfCykpWF+e840cTtNqc1aanINFXiz 1+0yP8KksGptBlG6anOXWz9j+wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGLdXmOh xu1qj4Yh59nltUfukwnmMB8GA1UdIwQYMBaAFBwBdeezNxJ+bsJR9DoNKsYTEb9O MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMzU4NC9EMUExMjk0NjFE ODUxMUUyQkI0RkE0REMwOEIwMkNEMi9IQUYxNTdNM0VuNXV3bEgwT2cwcXhoTVJ2 MDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hBRjE1N00zRW41dXdsSDBPZzBxeGhNUnYwNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MzU4NC9EMUExMjk0NjFEODUxMUUyQkI0RkE0REMwOEIwMkNEMi9IQUYxNTdNM0Vu NXV3bEgwT2cwcXhoTVJ2MDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB3cn2pmclN1U0JiOqlhxhPutfTcJnqdRrzYeiOLB7hZRAff/ImeDM9 laWhQGFe2nssJdKD7rEaE/yq+D/XoTVfDsqG1s7lWW4JKltEX9FzjETlijFZ8RFL a/ya/c6f/tKcp6Ac2x3bmdA30ATGZhL5W0b3xkmA4U2kc9j4yKNNGk/RWgjgjwCW 6IKlnTSpHyGUy+9iVqMU8hAAtYYIrtHweLZfB/sITiw6cduPK/fq1pHAUy5QnI/G JkseQ+Y3OYgsDf3DZMSMI9u7UY9x8d0PtjVFkxwDaennQIJ9ZIy5Q7auXBgy0low kyNmhLAO7YtR4FUH0xH+OGp2ryQVwvl7 -----END CERTIFICATE-----Generated at Sat Apr 26 18:02:02 2025 by rpki-client