$ rpki-client -vvf rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.mft File: 4hHNheByVQ4z5MyGpj-8360dNTI.mft (raw, json) Hash identifier: MP6OcYz1saujHp3NHnetVmTQYvi58Zi8HHPT46JT19I= Subject key identifier: 73:AD:57:1B:F7:74:A4:C7:54:C9:B7:1A:D4:D4:27:1C:6F:0B:54:D1 Authority key identifier: E2:11:CD:85:E0:72:55:0E:33:E4:CC:86:A6:3F:BC:DF:AD:1D:35:32 Certificate issuer: /CN=A91F85CD/serialNumber=E211CD85E072550E33E4CC86A63FBCDFAD1D3532 Certificate serial: 07FD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4hHNheByVQ4z5MyGpj-8360dNTI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.mft Manifest number: 07F5 Signing time: Thu 24 Apr 2025 20:46:29 +0000 Manifest this update: Thu 24 Apr 2025 20:46:29 +0000 Manifest next update: Thu 01 May 2025 20:46:29 +0000 Files and hashes: 1: 4hHNheByVQ4z5MyGpj-8360dNTI.crl (hash: bVCGKtV1VT54F+AxMUIyYQ8GcAA2wQqdQ6/CqrCUpaE=) 2: 624086E2E99611EA930A5B74C4F9AE02.roa (hash: ZdmpHgIkxt7GWbnQ6LOR1kcULfHlPHaLzEsc6YKJVc0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.crl rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4hHNheByVQ4z5MyGpj-8360dNTI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:46:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2045 (0x7fd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F85CD, serialNumber=E211CD85E072550E33E4CC86A63FBCDFAD1D3532 Validity Not Before: Apr 24 20:46:29 2025 GMT Not After : May 1 20:46:29 2025 GMT Subject: CN=680aa325-c16d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:88:2d:08:b0:be:6c:b7:8c:67:28:ac:6f:38: 7d:d8:ec:31:35:28:c1:54:e2:4e:80:13:01:c9:d2: 09:75:20:0f:8b:cb:f4:c6:ac:9e:40:d0:f2:2c:31: 7e:1c:23:d9:f3:12:d9:08:58:9d:e0:5e:aa:f3:17: 5d:c8:d7:f1:ce:fb:60:34:43:5b:8b:fc:dc:98:88: e6:fb:26:8f:35:43:86:73:73:6f:43:28:5b:3d:29: 70:e9:d8:26:1a:a9:6d:d2:a3:d6:6d:2f:27:61:fc: c5:04:d4:d2:74:c2:88:fb:48:b2:05:2f:ee:7b:08: a9:98:a7:71:4b:8d:c7:7b:ac:47:e6:89:a8:51:97: 68:6f:03:cc:e0:3b:ef:2a:21:6e:f8:8b:22:42:94: cd:8b:26:a4:1d:0e:75:46:83:ac:15:14:1b:23:88: 51:ee:0d:70:11:3f:fa:45:68:31:50:2f:e7:4c:6f: 51:94:51:66:23:45:79:95:da:90:e9:2f:dd:90:67: 2a:a4:d8:0e:95:3f:3c:76:75:1f:75:ec:a8:d6:a3: 66:70:b2:ca:23:79:23:77:3b:34:f4:bb:32:b8:cb: 53:a2:7d:33:cc:c8:53:68:e7:02:55:0d:9b:67:3c: 0c:7c:eb:6e:f3:dd:f0:9f:0e:17:4f:5a:d8:ed:1b: 26:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:AD:57:1B:F7:74:A4:C7:54:C9:B7:1A:D4:D4:27:1C:6F:0B:54:D1 X509v3 Authority Key Identifier: keyid:E2:11:CD:85:E0:72:55:0E:33:E4:CC:86:A6:3F:BC:DF:AD:1D:35:32 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4hHNheByVQ4z5MyGpj-8360dNTI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 49:5d:27:77:62:40:f1:76:28:cc:fc:ed:ea:2c:c2:50:a7:9e: a8:e0:ea:8c:1c:5c:a0:c3:ae:77:e1:12:28:f7:d9:a2:1d:f4: af:0f:3b:3c:d1:68:6c:07:a0:72:7e:65:16:a3:fe:76:36:8e: 36:d3:d5:41:d3:1a:91:4c:d8:63:17:dc:76:74:38:31:83:97: de:0e:68:05:c3:94:8f:93:94:69:f1:b7:45:4b:2d:ff:4d:71: 61:9d:40:d1:59:3f:66:fb:a6:44:87:d3:c7:34:37:44:95:87: d1:47:1f:38:3b:11:63:7a:9a:be:04:48:f8:6b:b2:00:80:5f: 23:00:b4:d5:ee:37:b6:6a:1d:35:f3:94:76:b3:68:de:58:4d: 1b:d3:d1:44:14:e0:e2:54:fe:de:08:04:48:d2:f6:42:44:06: ed:40:35:81:d1:7f:ba:df:6c:3e:e8:db:45:ac:41:ec:17:5a: 94:37:55:2e:62:9b:e8:13:76:e6:f1:c1:d8:cf:55:85:e8:9f: 1e:cd:36:0f:5b:64:ea:ed:05:c1:e3:1c:1e:c7:44:ba:b9:0c: 7f:2a:01:56:7c:13:05:53:19:aa:71:94:08:ea:a2:a5:ca:f0: 3f:e5:b4:7c:8a:76:9d:ba:2f:bc:f8:41:e5:74:39:3d:a2:30: d7:f4:fb:0c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB/0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Rjg1Q0QxMTAvBgNVBAUTKEUyMTFDRDg1RTA3MjU1MEUzM0U0Q0M4NkE2M0ZCQ0RG QUQxRDM1MzIwHhcNMjUwNDI0MjA0NjI5WhcNMjUwNTAxMjA0NjI5WjAYMRYwFAYD VQQDEw02ODBhYTMyNS1jMTZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvogtCLC+bLeMZyisbzh92OwxNSjBVOJOgBMBydIJdSAPi8v0xqyeQNDyLDF+ HCPZ8xLZCFid4F6q8xddyNfxzvtgNENbi/zcmIjm+yaPNUOGc3NvQyhbPSlw6dgm Gqlt0qPWbS8nYfzFBNTSdMKI+0iyBS/uewipmKdxS43He6xH5omoUZdobwPM4Dvv KiFu+IsiQpTNiyakHQ51RoOsFRQbI4hR7g1wET/6RWgxUC/nTG9RlFFmI0V5ldqQ 6S/dkGcqpNgOlT88dnUfdeyo1qNmcLLKI3kjdzs09LsyuMtTon0zzMhTaOcCVQ2b ZzwMfOtu893wnw4XT1rY7RsmDwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHOtVxv3 dKTHVMm3GtTUJxxvC1TRMB8GA1UdIwQYMBaAFOIRzYXgclUOM+TMhqY/vN+tHTUy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGODVDRC84QTUwNTU4OERE MTkxMUVBOTREMjYwMTFDNEY5QUUwMi80aEhOaGVCeVZRNHo1TXlHcGotODM2MGRO VEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRoSE5oZUJ5VlE0ejVNeUdwai04MzYwZE5USS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG ODVDRC84QTUwNTU4OEREMTkxMUVBOTREMjYwMTFDNEY5QUUwMi80aEhOaGVCeVZR NHo1TXlHcGotODM2MGROVEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBJXSd3YkDxdijM/O3qLMJQp56o4OqMHFygw6534RIo99miHfSvDzs8 0WhsB6ByfmUWo/52No4209VB0xqRTNhjF9x2dDgxg5feDmgFw5SPk5Rp8bdFSy3/ TXFhnUDRWT9m+6ZEh9PHNDdElYfRRx84OxFjepq+BEj4a7IAgF8jALTV7je2ah01 85R2s2jeWE0b09FEFODiVP7eCARI0vZCRAbtQDWB0X+632w+6NtFrEHsF1qUN1Uu YpvoE3bm8cHYz1WF6J8ezTYPW2Tq7QXB4xwex0S6uQx/KgFWfBMFUxmqcZQI6qKl yvA/5bR8inadui+8+EHldDk9ojDX9PsM -----END CERTIFICATE-----Generated at Sat Apr 26 13:41:16 2025 by rpki-client