$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.mft File: HretI1L3xupKYveEzl-7EW3ybsI.mft (raw, json) Hash identifier: YsFvHSU2NCBMuNrSdnvoKqDd+Aepiw7T6zxb6WHsPLc= Subject key identifier: 63:EF:D3:6B:7B:21:8A:DF:6B:D5:AA:CC:EC:88:9D:E4:CA:82:D9:32 Authority key identifier: 1E:B7:AD:23:52:F7:C6:EA:4A:62:F7:84:CE:5F:BB:11:6D:F2:6E:C2 Certificate issuer: /CN=A91EF24F/serialNumber=1EB7AD2352F7C6EA4A62F784CE5FBB116DF26EC2 Certificate serial: 07D6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HretI1L3xupKYveEzl-7EW3ybsI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.mft Manifest number: 07BD Signing time: Thu 24 Apr 2025 21:06:44 +0000 Manifest this update: Thu 24 Apr 2025 21:06:43 +0000 Manifest next update: Thu 01 May 2025 21:06:43 +0000 Files and hashes: 1: HretI1L3xupKYveEzl-7EW3ybsI.crl (hash: Jp7VcLf59nljQEpKoyjhZ+Qo0oG0RZkZHFLpjwlMTok=) 2: 84B96CA6904111EF8D11A381C4F9AE02.roa (hash: apZe4MVRPNoFnu0VdCcMOgQQIHarERu0kJz1jLlb1yY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.crl rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HretI1L3xupKYveEzl-7EW3ybsI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 21:06:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2006 (0x7d6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EF24F, serialNumber=1EB7AD2352F7C6EA4A62F784CE5FBB116DF26EC2 Validity Not Before: Apr 24 21:06:43 2025 GMT Not After : May 1 21:06:43 2025 GMT Subject: CN=680aa7e4-8157 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:3f:6c:e6:1f:14:fe:e5:d3:87:6b:89:ba:62: 94:f7:db:38:39:6c:c5:22:27:fc:3f:ce:8d:d5:ed: ec:da:39:cc:22:4e:a3:8e:28:b4:6e:7c:98:02:a6: c5:35:8a:98:a9:e5:85:e7:ff:d4:3a:aa:79:56:03: c5:b2:70:30:e2:12:78:85:a8:04:ad:e8:60:f5:16: ef:a4:b3:67:13:b3:af:4d:52:ea:0a:d5:a2:b5:ef: 43:9b:91:85:85:a0:df:8e:71:dc:d6:97:3e:67:36: 5d:53:75:34:f1:41:0c:ed:dc:f1:42:fe:14:be:48: 73:6b:f2:76:d5:a1:6a:25:ab:66:4f:ab:f4:36:2a: b0:ff:5f:17:1b:55:af:e0:1f:c6:36:f8:2d:97:6e: 2d:c7:11:75:f5:54:4f:6d:4e:63:80:54:d1:44:f5: 55:02:f5:c6:34:a0:10:f6:d1:f0:6b:c1:92:ea:85: 15:1d:64:14:6d:d2:b4:57:32:fc:55:3f:de:f3:c7: 35:65:c6:b3:89:ac:51:bd:27:f7:c9:56:5a:5f:e9: 7e:36:ce:d7:1e:58:fe:ff:07:c7:c4:20:eb:f2:c2: 7d:97:ef:30:28:70:f6:e9:16:cf:07:e1:ed:a0:30: 96:60:79:c6:e2:5d:12:21:e2:ea:70:2d:33:84:0a: e8:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:EF:D3:6B:7B:21:8A:DF:6B:D5:AA:CC:EC:88:9D:E4:CA:82:D9:32 X509v3 Authority Key Identifier: keyid:1E:B7:AD:23:52:F7:C6:EA:4A:62:F7:84:CE:5F:BB:11:6D:F2:6E:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HretI1L3xupKYveEzl-7EW3ybsI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5d:16:2a:8b:b6:d9:ef:39:b5:a4:35:96:da:86:1b:80:94:02: 68:0d:bc:e8:20:f0:c1:87:a2:77:59:ea:1b:76:c8:f6:4b:bb: ee:c6:e8:24:d7:a3:e2:a3:4a:24:2a:86:36:a3:59:a5:93:22: eb:86:ad:7c:46:e5:fd:7d:2c:e8:82:80:f1:5a:8a:da:cb:ab: 21:9e:f6:95:26:f4:93:03:65:bc:cb:ea:40:c7:13:70:4c:d4: 19:2d:88:88:65:ae:8c:f5:4b:e5:1d:4b:70:7a:83:21:56:31: 70:e6:ab:04:60:88:35:8d:9f:cb:d6:f6:9f:aa:71:82:cf:21: da:04:62:54:ad:4b:93:16:f7:ee:cb:08:fe:80:92:a4:24:9b: 3d:5e:7f:6e:32:e5:5a:d4:8b:40:90:9f:6b:9d:78:2f:53:73: 07:a2:10:9f:35:b5:52:4d:f2:2e:9e:ef:8f:b4:79:dd:c7:28: 3a:e7:b2:92:d9:e2:d6:fe:47:73:81:0d:6c:82:20:e6:98:42: 5f:80:97:76:c2:c1:ce:fc:6c:68:ed:a7:aa:72:98:d3:aa:29: bb:16:2f:ff:b3:e6:55:6e:13:f6:d8:c9:ba:b2:53:b1:fd:1f: c1:50:fd:9d:1b:cf:5e:a7:48:67:df:b2:69:c2:56:57:c1:28: 86:90:6c:09 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB9YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUYyNEYxMTAvBgNVBAUTKDFFQjdBRDIzNTJGN0M2RUE0QTYyRjc4NENFNUZCQjEx NkRGMjZFQzIwHhcNMjUwNDI0MjEwNjQzWhcNMjUwNTAxMjEwNjQzWjAYMRYwFAYD VQQDEw02ODBhYTdlNC04MTU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5T9s5h8U/uXTh2uJumKU99s4OWzFIif8P86N1e3s2jnMIk6jjii0bnyYAqbF NYqYqeWF5//UOqp5VgPFsnAw4hJ4hagErehg9RbvpLNnE7OvTVLqCtWite9Dm5GF haDfjnHc1pc+ZzZdU3U08UEM7dzxQv4Uvkhza/J21aFqJatmT6v0Niqw/18XG1Wv 4B/GNvgtl24txxF19VRPbU5jgFTRRPVVAvXGNKAQ9tHwa8GS6oUVHWQUbdK0VzL8 VT/e88c1ZcaziaxRvSf3yVZaX+l+Ns7XHlj+/wfHxCDr8sJ9l+8wKHD26RbPB+Ht oDCWYHnG4l0SIeLqcC0zhAroiQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGPv02t7 IYrfa9WqzOyIneTKgtkyMB8GA1UdIwQYMBaAFB63rSNS98bqSmL3hM5fuxFt8m7C MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRjI0Ri82NURERkFCNDAy RkExMUVCQTNBMEEyMzFDNEY5QUUwMi9IcmV0STFMM3h1cEtZdmVFemwtN0VXM3li c0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hyZXRJMUwzeHVwS1l2ZUV6bC03RVczeWJzSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF RjI0Ri82NURERkFCNDAyRkExMUVCQTNBMEEyMzFDNEY5QUUwMi9IcmV0STFMM3h1 cEtZdmVFemwtN0VXM3lic0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBdFiqLttnvObWkNZbahhuAlAJoDbzoIPDBh6J3Weobdsj2S7vuxugk 16Pio0okKoY2o1mlkyLrhq18RuX9fSzogoDxWoray6shnvaVJvSTA2W8y+pAxxNw TNQZLYiIZa6M9UvlHUtweoMhVjFw5qsEYIg1jZ/L1vafqnGCzyHaBGJUrUuTFvfu ywj+gJKkJJs9Xn9uMuVa1ItAkJ9rnXgvU3MHohCfNbVSTfIunu+PtHndxyg657KS 2eLW/kdzgQ1sgiDmmEJfgJd2wsHO/Gxo7aeqcpjTqim7Fi//s+ZVbhP22Mm6slOx /R/BUP2dG89ep0hn37JpwlZXwSiGkGwJ -----END CERTIFICATE-----Generated at Sat Apr 26 15:07:57 2025 by rpki-client