$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8282/2F253C1AFBFE11EFB5520A12C4F9AE02/H03ONDmx9ANf_4xxzjWeXSDmmiQ.mft File: H03ONDmx9ANf_4xxzjWeXSDmmiQ.mft (raw, json) Hash identifier: m8Oa6v3WKUdDu/9wwWM5eob+YNkR4Go+aKSF7MKwqsE= Subject key identifier: 4D:F7:EB:A1:06:A3:DE:53:73:D1:37:29:38:C4:B0:0C:AE:C6:07:30 Authority key identifier: 1F:4D:CE:34:39:B1:F4:03:5F:FF:8C:71:CE:35:9E:5D:20:E6:9A:24 Certificate issuer: /CN=A91F8282/serialNumber=1F4DCE3439B1F4035FFF8C71CE359E5D20E69A24 Certificate serial: 1D Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/H03ONDmx9ANf_4xxzjWeXSDmmiQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F8282/2F253C1AFBFE11EFB5520A12C4F9AE02/H03ONDmx9ANf_4xxzjWeXSDmmiQ.mft Manifest number: 1C Signing time: Fri 25 Apr 2025 06:55:44 +0000 Manifest this update: Fri 25 Apr 2025 06:55:44 +0000 Manifest next update: Fri 02 May 2025 06:55:44 +0000 Files and hashes: 1: H03ONDmx9ANf_4xxzjWeXSDmmiQ.crl (hash: HZwutfL1KCp1tu5NNWUvgU+CSboUVn5K4t5eOv7LQNk=) 2: 0664C974FEF811EFB0C52572C4F9AE02.roa (hash: LMQmjwLQrmdrjw5ITfcjjvXTHrCvldYng4+Bqh2xDu8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F8282/2F253C1AFBFE11EFB5520A12C4F9AE02/H03ONDmx9ANf_4xxzjWeXSDmmiQ.crl rsync://rpki.apnic.net/member_repository/A91F8282/2F253C1AFBFE11EFB5520A12C4F9AE02/H03ONDmx9ANf_4xxzjWeXSDmmiQ.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/H03ONDmx9ANf_4xxzjWeXSDmmiQ.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:55:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29 (0x1d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F8282, serialNumber=1F4DCE3439B1F4035FFF8C71CE359E5D20E69A24 Validity Not Before: Apr 25 06:55:44 2025 GMT Not After : May 2 06:55:44 2025 GMT Subject: CN=680b31f0-3da0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:b7:84:17:5e:f9:d2:7c:ab:09:d8:f3:a5:26: 53:8f:f1:36:bf:f6:b7:fa:30:30:5c:a2:3a:c8:40: 4e:7b:a6:72:e8:ff:50:74:63:f5:50:ad:57:eb:0c: c1:81:ba:93:77:c4:b3:3a:a2:4c:61:36:93:e6:c9: 22:95:2a:a2:38:34:5a:66:95:18:ec:b9:dd:1b:6c: e0:61:83:99:8b:f9:e0:0e:c4:30:76:51:0a:53:f6: 0b:25:c4:9a:35:8d:af:c9:d4:a2:62:1b:65:67:d9: be:d7:48:04:2e:62:86:b4:fe:e2:fc:8c:e7:66:a1: 8a:8c:1a:9e:0d:63:d2:24:dd:af:2e:dc:40:af:92: 6f:5a:38:a2:10:a1:65:bd:07:b5:f7:e6:26:e8:92: 45:c2:d5:58:1d:df:5b:fd:0f:e7:65:cc:88:5f:97: 7f:dd:bd:96:7e:04:0a:c0:83:54:8a:f2:bb:74:86: 51:73:3e:23:eb:7a:4f:aa:a9:24:46:af:39:37:a4: 17:68:7b:8d:c0:c0:7b:a4:3a:18:d1:f1:40:f1:ec: 56:39:43:de:d4:9b:55:36:6d:51:ff:95:f4:50:09: 82:b8:9c:4e:cb:c1:67:76:26:3d:32:e5:73:77:a2: 77:7a:43:62:5d:38:64:d1:35:f1:02:e3:dc:2b:c2: 3f:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:F7:EB:A1:06:A3:DE:53:73:D1:37:29:38:C4:B0:0C:AE:C6:07:30 X509v3 Authority Key Identifier: keyid:1F:4D:CE:34:39:B1:F4:03:5F:FF:8C:71:CE:35:9E:5D:20:E6:9A:24 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F8282/2F253C1AFBFE11EFB5520A12C4F9AE02/H03ONDmx9ANf_4xxzjWeXSDmmiQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/H03ONDmx9ANf_4xxzjWeXSDmmiQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8282/2F253C1AFBFE11EFB5520A12C4F9AE02/H03ONDmx9ANf_4xxzjWeXSDmmiQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 82:6f:60:1d:e4:e4:8d:39:ac:d7:7f:49:60:30:af:b2:d9:c0: f5:ba:f1:53:00:f8:78:a5:b3:16:c6:c9:81:4a:bf:ab:d2:cd: 97:8a:6f:9a:35:ca:b4:59:3d:7f:f6:3f:d0:4b:2c:25:47:ee: 6e:60:83:b3:e0:c3:e9:41:08:7d:3f:f3:f7:37:fb:b2:7c:c5: c8:17:1f:15:ed:a1:b9:43:20:d8:57:b8:b5:44:00:79:49:fe: 78:93:db:a3:44:06:30:d6:9c:6c:0f:d8:0d:e9:52:73:f8:3c: d6:f2:d7:0c:c7:c0:4a:e0:0f:8e:15:1d:26:e5:ad:11:d8:d9: 3b:91:32:11:de:a7:4b:72:41:87:b4:8c:c8:76:72:e9:89:9b: 8f:6f:c0:05:ee:13:40:99:9a:47:3c:16:b8:1f:f2:0e:0c:15: 12:d3:59:3e:7d:5e:a5:a6:22:52:d4:72:96:fb:3a:76:03:98: 06:e3:4c:1e:ce:13:d4:68:28:32:73:a1:c1:79:32:e7:62:a7: d3:6e:80:2f:92:d3:38:cc:82:86:d9:a2:f3:f2:d9:48:b2:da: 2d:94:05:d5:47:c2:4c:d9:2f:a5:59:37:10:8f:70:7a:4b:98: e8:9d:17:f4:70:15:dd:d3:f2:4b:77:f8:9a:1e:1f:e8:30:24: f2:a1:97:1a -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBHTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG ODI4MjExMC8GA1UEBRMoMUY0RENFMzQzOUIxRjQwMzVGRkY4QzcxQ0UzNTlFNUQy MEU2OUEyNDAeFw0yNTA0MjUwNjU1NDRaFw0yNTA1MDIwNjU1NDRaMBgxFjAUBgNV BAMTDTY4MGIzMWYwLTNkYTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQClt4QXXvnSfKsJ2POlJlOP8Ta/9rf6MDBcojrIQE57pnLo/1B0Y/VQrVfrDMGB upN3xLM6okxhNpPmySKVKqI4NFpmlRjsud0bbOBhg5mL+eAOxDB2UQpT9gslxJo1 ja/J1KJiG2Vn2b7XSAQuYoa0/uL8jOdmoYqMGp4NY9Ik3a8u3ECvkm9aOKIQoWW9 B7X35ibokkXC1Vgd31v9D+dlzIhfl3/dvZZ+BArAg1SK8rt0hlFzPiPrek+qqSRG rzk3pBdoe43AwHukOhjR8UDx7FY5Q97Um1U2bVH/lfRQCYK4nE7LwWd2Jj0y5XN3 ond6Q2JdOGTRNfEC49wrwj/tAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUTffroQaj 3lNz0TcpOMSwDK7GBzAwHwYDVR0jBBgwFoAUH03ONDmx9ANf/4xxzjWeXSDmmiQw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY4MjgyLzJGMjUzQzFBRkJG RTExRUZCNTUyMEExMkM0RjlBRTAyL0gwM09ORG14OUFOZl80eHh6aldlWFNEbW1p US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjMyMkE1RjQxRDY2MTFFMkEzRjI3RjdDNzJG RDFGRjIvSDAzT05EbXg5QU5mXzR4eHpqV2VYU0RtbWlRLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY4 MjgyLzJGMjUzQzFBRkJGRTExRUZCNTUyMEExMkM0RjlBRTAyL0gwM09ORG14OUFO Zl80eHh6aldlWFNEbW1pUS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAIJvYB3k5I05rNd/SWAwr7LZwPW68VMA+HilsxbGyYFKv6vSzZeKb5o1 yrRZPX/2P9BLLCVH7m5gg7Pgw+lBCH0/8/c3+7J8xcgXHxXtoblDINhXuLVEAHlJ /niT26NEBjDWnGwP2A3pUnP4PNby1wzHwErgD44VHSblrRHY2TuRMhHep0tyQYe0 jMh2cumJm49vwAXuE0CZmkc8Frgf8g4MFRLTWT59XqWmIlLUcpb7OnYDmAbjTB7O E9RoKDJzocF5Mudip9NugC+S0zjMgobZovPy2Uiy2i2UBdVHwkzZL6VZNxCPcHpL mOidF/RwFd3T8kt3+JoeH+gwJPKhlxo= -----END CERTIFICATE-----Generated at Sat Apr 26 17:11:53 2025 by rpki-client