$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3C9A/A1D61D3ACA8D11EABE5BB656C4F9AE02/Hn4NiUa8SNB1SwPphyrTiAxU5L4.mft File: Hn4NiUa8SNB1SwPphyrTiAxU5L4.mft (raw, json) Hash identifier: MzkfY47ioF2Nffah6bmYN8K1+nb1+jY0ojDLQkktkw0= Subject key identifier: 57:EF:94:37:57:27:28:1E:7C:28:46:23:98:0A:A9:4C:40:64:60:D8 Authority key identifier: 1E:7E:0D:89:46:BC:48:D0:75:4B:03:E9:87:2A:D3:88:0C:54:E4:BE Certificate issuer: /CN=A91E3C9A/serialNumber=1E7E0D8946BC48D0754B03E9872AD3880C54E4BE Certificate serial: 083E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hn4NiUa8SNB1SwPphyrTiAxU5L4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3C9A/A1D61D3ACA8D11EABE5BB656C4F9AE02/Hn4NiUa8SNB1SwPphyrTiAxU5L4.mft Manifest number: 0839 Signing time: Thu 24 Apr 2025 20:37:29 +0000 Manifest this update: Thu 24 Apr 2025 20:37:28 +0000 Manifest next update: Thu 01 May 2025 20:37:28 +0000 Files and hashes: 1: Hn4NiUa8SNB1SwPphyrTiAxU5L4.crl (hash: rceP7tgyuOcvsS+7nu3BVqk3KE26EzBj/OiW8w0lI/M=) 2: 3A5B01A0CA8F11EAA35BF958C4F9AE02.roa (hash: rarNamT8etGmrzl2oBorgmdNrF9oOnpcrAlb12sZ65o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3C9A/A1D61D3ACA8D11EABE5BB656C4F9AE02/Hn4NiUa8SNB1SwPphyrTiAxU5L4.crl rsync://rpki.apnic.net/member_repository/A91E3C9A/A1D61D3ACA8D11EABE5BB656C4F9AE02/Hn4NiUa8SNB1SwPphyrTiAxU5L4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hn4NiUa8SNB1SwPphyrTiAxU5L4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:37:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2110 (0x83e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3C9A, serialNumber=1E7E0D8946BC48D0754B03E9872AD3880C54E4BE Validity Not Before: Apr 24 20:37:28 2025 GMT Not After : May 1 20:37:28 2025 GMT Subject: CN=680aa109-b124 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:18:6c:e6:1b:62:dd:57:ba:32:b5:d9:49:07: b1:ca:8b:c2:f9:40:70:c8:ac:a7:99:37:4f:a0:3c: 3a:85:ac:81:f8:d9:c9:03:28:7f:ab:7e:db:03:16: 88:51:6e:1c:65:4f:6d:b6:4d:e4:f7:7f:ba:91:ad: cd:fb:bf:00:15:e0:65:9a:a7:78:13:e3:74:68:a2: 49:4d:72:ad:ec:fb:f3:b2:0b:45:f7:07:c3:ad:42: d0:61:28:78:b6:9b:45:7a:e9:14:5f:7d:43:48:56: af:03:c6:0a:06:b7:e2:f1:00:3d:3c:bd:89:3a:40: e5:9b:f3:a1:d9:78:fb:68:a0:e9:ab:cd:e4:aa:a0: 80:34:0d:47:ab:c2:55:08:3f:88:88:ea:7c:5d:85: 45:b5:a3:80:96:50:ec:f6:53:4f:c0:d9:5d:3b:11: 79:6b:bf:1d:bb:07:90:d3:d9:a5:fa:90:fa:35:22: 0a:33:7e:1f:49:e1:c0:75:6d:7a:b7:68:03:33:28: 65:11:0d:b1:ca:6f:0b:88:c1:9b:eb:c8:d8:fa:f0: a0:1b:e6:7c:3e:53:d7:69:ad:66:78:66:7c:fb:6f: 09:25:05:f5:0f:8c:4d:07:c6:cb:46:d3:9e:1d:7b: ed:6a:45:33:c2:cf:5c:dd:2a:9e:7c:e5:a6:05:c1: 9e:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:EF:94:37:57:27:28:1E:7C:28:46:23:98:0A:A9:4C:40:64:60:D8 X509v3 Authority Key Identifier: keyid:1E:7E:0D:89:46:BC:48:D0:75:4B:03:E9:87:2A:D3:88:0C:54:E4:BE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3C9A/A1D61D3ACA8D11EABE5BB656C4F9AE02/Hn4NiUa8SNB1SwPphyrTiAxU5L4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hn4NiUa8SNB1SwPphyrTiAxU5L4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3C9A/A1D61D3ACA8D11EABE5BB656C4F9AE02/Hn4NiUa8SNB1SwPphyrTiAxU5L4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a0:5b:4c:1b:8e:cf:73:99:28:77:2d:ef:4a:39:7b:88:c2:06: cd:bd:18:9f:d5:0b:18:25:9b:ea:41:a9:71:54:19:21:30:f8: eb:e6:40:eb:15:b3:11:a1:8b:67:5a:61:b8:29:e1:a6:77:ae: ad:d1:fa:85:0d:fe:98:17:b2:e1:75:f2:07:5b:c0:1e:23:0a: 48:2a:2f:7e:f1:31:d2:3b:8b:b2:76:69:86:58:07:18:70:59: 4a:9c:ae:a8:7d:a5:2b:10:dc:fd:68:6a:c6:fc:fb:fa:00:7e: d6:f3:c0:9c:57:86:06:1e:94:5a:f8:15:d9:3f:a6:04:c5:4e: 7d:02:5e:4b:b3:df:32:ef:a1:71:41:2c:c6:f6:72:0c:02:02: c1:1d:92:d3:a6:21:0a:82:c8:9b:5a:54:ac:69:cf:8d:56:f5: 71:7d:f2:49:51:57:27:6e:83:77:98:14:60:d4:e8:22:ce:29: 66:e1:41:e2:01:b0:e0:bb:c2:33:94:d9:15:2d:32:40:6a:b9: 81:41:31:b5:a2:c5:6a:8f:09:b5:77:b8:1a:93:7c:67:c6:ef: ec:0e:17:d3:a1:88:2e:6e:9e:bd:d4:c9:f8:1d:b4:dd:3b:e9: 71:cc:0a:b4:bc:cf:eb:16:61:a5:0f:dc:7c:71:07:e1:8e:21: f8:04:27:c4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCD4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNDOUExMTAvBgNVBAUTKDFFN0UwRDg5NDZCQzQ4RDA3NTRCMDNFOTg3MkFEMzg4 MEM1NEU0QkUwHhcNMjUwNDI0MjAzNzI4WhcNMjUwNTAxMjAzNzI4WjAYMRYwFAYD VQQDEw02ODBhYTEwOS1iMTI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuhhs5hti3Ve6MrXZSQexyovC+UBwyKynmTdPoDw6hayB+NnJAyh/q37bAxaI UW4cZU9ttk3k93+6ka3N+78AFeBlmqd4E+N0aKJJTXKt7PvzsgtF9wfDrULQYSh4 tptFeukUX31DSFavA8YKBrfi8QA9PL2JOkDlm/Oh2Xj7aKDpq83kqqCANA1Hq8JV CD+IiOp8XYVFtaOAllDs9lNPwNldOxF5a78duweQ09ml+pD6NSIKM34fSeHAdW16 t2gDMyhlEQ2xym8LiMGb68jY+vCgG+Z8PlPXaa1meGZ8+28JJQX1D4xNB8bLRtOe HXvtakUzws9c3SqefOWmBcGeDQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFfvlDdX JygefChGI5gKqUxAZGDYMB8GA1UdIwQYMBaAFB5+DYlGvEjQdUsD6Ycq04gMVOS+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0M5QS9BMUQ2MUQzQUNB OEQxMUVBQkU1QkI2NTZDNEY5QUUwMi9IbjROaVVhOFNOQjFTd1BwaHlyVGlBeFU1 TDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0huNE5pVWE4U05CMVN3UHBoeXJUaUF4VTVMNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF M0M5QS9BMUQ2MUQzQUNBOEQxMUVBQkU1QkI2NTZDNEY5QUUwMi9IbjROaVVhOFNO QjFTd1BwaHlyVGlBeFU1TDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCgW0wbjs9zmSh3Le9KOXuIwgbNvRif1QsYJZvqQalxVBkhMPjr5kDr FbMRoYtnWmG4KeGmd66t0fqFDf6YF7LhdfIHW8AeIwpIKi9+8THSO4uydmmGWAcY cFlKnK6ofaUrENz9aGrG/Pv6AH7W88CcV4YGHpRa+BXZP6YExU59Al5Ls98y76Fx QSzG9nIMAgLBHZLTpiEKgsibWlSsac+NVvVxffJJUVcnboN3mBRg1Ogizilm4UHi AbDgu8IzlNkVLTJAarmBQTG1osVqjwm1d7gak3xnxu/sDhfToYgubp691Mn4HbTd O+lxzAq0vM/rFmGlD9x8cQfhjiH4BCfE -----END CERTIFICATE-----Generated at Sat Apr 26 04:18:27 2025 by rpki-client