$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2CA8/870322581D9A11E2AA86C28708B02CD2/HnUsPRYEjD8_YyPSuRBwvyR9aGY.mft File: HnUsPRYEjD8_YyPSuRBwvyR9aGY.mft (raw, json) Hash identifier: krmAHMd1sGpcOXqa96socmwvlbPz4aoNjiLupFRH3v8= Subject key identifier: 3D:13:1E:6A:4E:B1:BC:9C:BF:CA:38:9F:7F:01:62:22:8C:02:21:AB Authority key identifier: 1E:75:2C:3D:16:04:8C:3F:3F:63:23:D2:B9:10:70:BF:24:7D:68:66 Certificate issuer: /CN=A91F2CA8/serialNumber=1E752C3D16048C3F3F6323D2B91070BF247D6866 Certificate serial: 348E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HnUsPRYEjD8_YyPSuRBwvyR9aGY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F2CA8/870322581D9A11E2AA86C28708B02CD2/HnUsPRYEjD8_YyPSuRBwvyR9aGY.mft Manifest number: 3483 Signing time: Thu 24 Apr 2025 14:55:57 +0000 Manifest this update: Thu 24 Apr 2025 14:55:57 +0000 Manifest next update: Thu 01 May 2025 14:55:57 +0000 Files and hashes: 1: HnUsPRYEjD8_YyPSuRBwvyR9aGY.crl (hash: HwDQ0U2mE+CvN6JjjC5fV6liObsY8lUiUlHiU2aJaEc=) 2: 08FA1EC60C0911EDBDF8C44FC4F9AE02.roa (hash: alhBAf8jvRhFefsbDXOa8VjrZGUtci5WGYLgfA9nSPA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F2CA8/870322581D9A11E2AA86C28708B02CD2/HnUsPRYEjD8_YyPSuRBwvyR9aGY.crl rsync://rpki.apnic.net/member_repository/A91F2CA8/870322581D9A11E2AA86C28708B02CD2/HnUsPRYEjD8_YyPSuRBwvyR9aGY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HnUsPRYEjD8_YyPSuRBwvyR9aGY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 14:55:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13454 (0x348e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F2CA8, serialNumber=1E752C3D16048C3F3F6323D2B91070BF247D6866 Validity Not Before: Apr 24 14:55:57 2025 GMT Not After : May 1 14:55:57 2025 GMT Subject: CN=680a50fd-3126 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:a0:9e:1b:f0:f8:26:49:97:95:dd:07:7e:e7: 88:96:78:3f:b0:7a:d8:ef:8c:12:10:1b:0a:94:6e: b3:05:c6:09:4a:c8:8f:a2:68:2d:13:ca:44:88:33: 84:b0:9f:ea:26:8f:54:34:58:06:4a:df:51:34:e1: 19:22:23:8d:af:02:94:5b:cb:71:91:80:fc:55:b4: a1:59:6b:b5:8b:f6:dc:5a:fd:b2:da:2a:d8:c3:89: ba:a6:82:57:68:8d:4d:1d:76:50:97:9c:49:84:c8: eb:66:60:f6:39:85:80:65:4d:31:c8:99:81:4f:b7: d3:1f:01:24:15:61:e4:99:14:b8:d8:c8:af:e9:78: e6:1d:d0:c2:43:c1:db:d4:26:87:f6:4a:5e:41:43: 0a:93:b4:78:57:a1:f2:5c:72:b3:49:4a:dd:59:ab: 1e:99:fe:97:ed:e4:3e:ef:d3:47:54:fd:79:56:d9: a9:23:e7:54:35:2c:82:0e:19:79:be:22:64:38:3c: 59:b3:ad:da:72:89:53:6d:bc:7e:03:9a:2a:9b:12: e1:2d:2c:8b:a9:2f:e3:06:58:01:7e:d4:45:e0:9f: 9c:18:fc:4e:21:00:d1:1e:05:f8:2f:b6:36:b5:c5: 31:63:9a:34:5b:b8:3c:fc:5b:74:33:99:8b:14:b8: 80:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:13:1E:6A:4E:B1:BC:9C:BF:CA:38:9F:7F:01:62:22:8C:02:21:AB X509v3 Authority Key Identifier: keyid:1E:75:2C:3D:16:04:8C:3F:3F:63:23:D2:B9:10:70:BF:24:7D:68:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F2CA8/870322581D9A11E2AA86C28708B02CD2/HnUsPRYEjD8_YyPSuRBwvyR9aGY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HnUsPRYEjD8_YyPSuRBwvyR9aGY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2CA8/870322581D9A11E2AA86C28708B02CD2/HnUsPRYEjD8_YyPSuRBwvyR9aGY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ae:cd:ee:c0:95:b4:57:af:bc:ef:07:57:74:87:40:cb:75:23: 85:95:ec:04:3a:a8:c8:04:c7:e0:a0:d4:67:ce:32:79:1e:43: a6:43:36:73:6a:fe:9d:7d:9a:76:32:4b:b0:20:cf:e3:2e:49: 01:6b:09:b4:06:de:c5:97:8a:7d:b9:f1:53:2d:bb:87:aa:fc: 24:71:87:28:b9:dc:90:1b:4c:db:b3:40:d4:fa:bf:33:82:cc: ac:bf:22:dc:a8:9c:75:80:54:ca:a0:a0:c1:67:16:9f:fc:d1: 14:dc:35:06:1a:d8:3f:d1:52:a2:d5:67:89:fd:d8:f6:13:c3: 70:da:1b:5e:2d:c7:39:9b:b9:12:82:38:9d:c7:c1:78:61:b8: 9d:ab:c1:7d:93:79:4a:b7:1c:6a:ed:b2:ef:a9:2a:73:da:ba: 5b:aa:12:19:91:4a:99:72:e5:50:75:01:96:75:16:14:55:ba: db:58:bb:8e:fe:d3:7e:10:f0:67:67:a2:bf:14:d8:a9:60:06: 3d:cc:e8:61:94:b3:81:79:ea:d5:74:c9:cf:3b:9e:8f:f3:76: 8b:e3:b2:a3:01:0b:e9:da:9c:9e:d4:39:59:89:b8:df:0e:0d: c5:af:c0:11:18:77:4c:38:e9:77:f2:1b:3e:74:44:a3:45:17: 44:6e:f8:98 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNI4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjJDQTgxMTAvBgNVBAUTKDFFNzUyQzNEMTYwNDhDM0YzRjYzMjNEMkI5MTA3MEJG MjQ3RDY4NjYwHhcNMjUwNDI0MTQ1NTU3WhcNMjUwNTAxMTQ1NTU3WjAYMRYwFAYD VQQDEw02ODBhNTBmZC0zMTI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA+KCeG/D4JkmXld0HfueIlng/sHrY74wSEBsKlG6zBcYJSsiPomgtE8pEiDOE sJ/qJo9UNFgGSt9RNOEZIiONrwKUW8txkYD8VbShWWu1i/bcWv2y2irYw4m6poJX aI1NHXZQl5xJhMjrZmD2OYWAZU0xyJmBT7fTHwEkFWHkmRS42Miv6XjmHdDCQ8Hb 1CaH9kpeQUMKk7R4V6HyXHKzSUrdWasemf6X7eQ+79NHVP15VtmpI+dUNSyCDhl5 viJkODxZs63acolTbbx+A5oqmxLhLSyLqS/jBlgBftRF4J+cGPxOIQDRHgX4L7Y2 tcUxY5o0W7g8/Ft0M5mLFLiAtwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD0THmpO sbycv8o4n38BYiKMAiGrMB8GA1UdIwQYMBaAFB51LD0WBIw/P2Mj0rkQcL8kfWhm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMkNBOC84NzAzMjI1ODFE OUExMUUyQUE4NkMyODcwOEIwMkNEMi9IblVzUFJZRWpEOF9ZeVBTdVJCd3Z5Ujlh R1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0huVXNQUllFakQ4X1l5UFN1UkJ3dnlSOWFHWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MkNBOC84NzAzMjI1ODFEOUExMUUyQUE4NkMyODcwOEIwMkNEMi9IblVzUFJZRWpE OF9ZeVBTdVJCd3Z5UjlhR1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCuze7AlbRXr7zvB1d0h0DLdSOFlewEOqjIBMfgoNRnzjJ5HkOmQzZz av6dfZp2MkuwIM/jLkkBawm0Bt7Fl4p9ufFTLbuHqvwkcYcoudyQG0zbs0DU+r8z gsysvyLcqJx1gFTKoKDBZxaf/NEU3DUGGtg/0VKi1WeJ/dj2E8Nw2hteLcc5m7kS gjidx8F4Ybidq8F9k3lKtxxq7bLvqSpz2rpbqhIZkUqZcuVQdQGWdRYUVbrbWLuO /tN+EPBnZ6K/FNipYAY9zOhhlLOBeerVdMnPO56P83aL47KjAQvp2pye1DlZibjf Dg3Fr8ARGHdMOOl38hs+dESjRRdEbviY -----END CERTIFICATE-----Generated at Sat Apr 26 12:57:26 2025 by rpki-client