$ rpki-client -vvf rpki.apnic.net/member_repository/A9117715/BC1C5F107CB811EAB0F6475DC4F9AE02/hhe5_iqn_uIl8uDS3IdkCYE33m0.mft File: hhe5_iqn_uIl8uDS3IdkCYE33m0.mft (raw, json) Hash identifier: w1R4Z2/eRGtA0zQSnP3vZm2PJkJwn32WRANqMpq7/qo= Subject key identifier: AE:F8:16:7A:81:37:F6:29:06:83:E9:D6:97:91:87:9D:28:D4:A1:76 Authority key identifier: 86:17:B9:FE:2A:A7:FE:E2:25:F2:E0:D2:DC:87:64:09:81:37:DE:6D Certificate issuer: /CN=A9117715/serialNumber=8617B9FE2AA7FEE225F2E0D2DC8764098137DE6D Certificate serial: 09CB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hhe5_iqn_uIl8uDS3IdkCYE33m0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9117715/BC1C5F107CB811EAB0F6475DC4F9AE02/hhe5_iqn_uIl8uDS3IdkCYE33m0.mft Manifest number: 09C4 Signing time: Sat 12 Apr 2025 19:45:08 +0000 Manifest this update: Sat 12 Apr 2025 19:45:08 +0000 Manifest next update: Sat 19 Apr 2025 19:45:08 +0000 Files and hashes: 1: hhe5_iqn_uIl8uDS3IdkCYE33m0.crl (hash: crfqhMKerliyAOtCCpFSzgM6pmJeDtbqeu17pMuQwLs=) 2: E118A9DA7CB911EABD07CE5EC4F9AE02.roa (hash: 3BzJCKxq6lxeVjXVlpYVRMXqU7zHik0ruN2Ba5iWxOQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9117715/BC1C5F107CB811EAB0F6475DC4F9AE02/hhe5_iqn_uIl8uDS3IdkCYE33m0.crl rsync://rpki.apnic.net/member_repository/A9117715/BC1C5F107CB811EAB0F6475DC4F9AE02/hhe5_iqn_uIl8uDS3IdkCYE33m0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hhe5_iqn_uIl8uDS3IdkCYE33m0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 19 Apr 2025 17:48:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2507 (0x9cb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9117715, serialNumber=8617B9FE2AA7FEE225F2E0D2DC8764098137DE6D Validity Not Before: Apr 12 19:45:08 2025 GMT Not After : Apr 19 19:45:08 2025 GMT Subject: CN=67fac2c4-203c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:f9:83:76:8d:07:dc:7d:d2:fd:fb:ce:b0:c2: e2:b8:27:30:5a:a5:c3:4e:da:c4:76:64:f1:a9:65: 70:f8:9e:13:e9:ec:81:de:82:ba:40:e4:f7:c3:55: df:63:97:35:49:91:0a:0f:c8:b2:ad:1f:ef:02:ff: 97:d7:c1:1a:aa:fe:d0:a8:c2:8a:3a:42:c6:93:15: 09:f1:a0:96:45:24:0d:86:2f:42:3e:81:78:14:42: 63:13:60:11:2f:a7:2d:93:c3:91:c4:2c:e5:4e:5d: 7c:2c:27:c5:c2:5e:91:85:53:5b:4f:87:28:70:29: 2a:15:82:58:eb:87:4b:84:c3:e9:0b:76:70:ad:e4: e4:e7:56:68:19:0d:0d:3b:7e:ce:13:47:e0:16:3f: 9d:79:e0:bb:a7:42:e5:d0:18:0f:23:cf:8f:25:2c: bc:26:d7:e0:bd:1c:38:2a:d6:f1:4b:b2:ed:19:63: 98:29:54:e2:21:22:9d:02:f3:7c:81:74:33:5a:ae: fd:77:15:7f:67:1b:64:4d:f2:35:0c:66:90:53:76: 56:31:f2:c1:d8:64:5b:23:78:98:eb:99:da:cc:f2: 04:01:57:94:2d:44:c4:4d:d2:ff:1f:f4:ba:f6:3f: 1c:2e:82:36:77:48:8c:7a:9a:c1:e6:c8:1f:06:43: ea:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:F8:16:7A:81:37:F6:29:06:83:E9:D6:97:91:87:9D:28:D4:A1:76 X509v3 Authority Key Identifier: keyid:86:17:B9:FE:2A:A7:FE:E2:25:F2:E0:D2:DC:87:64:09:81:37:DE:6D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9117715/BC1C5F107CB811EAB0F6475DC4F9AE02/hhe5_iqn_uIl8uDS3IdkCYE33m0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hhe5_iqn_uIl8uDS3IdkCYE33m0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9117715/BC1C5F107CB811EAB0F6475DC4F9AE02/hhe5_iqn_uIl8uDS3IdkCYE33m0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6b:f5:7a:a3:a0:be:93:9d:4d:4b:1f:4a:34:4f:1f:06:eb:e1: dc:29:7f:12:36:c0:be:b6:ac:48:30:a7:da:c7:18:60:d2:6b: 70:65:47:a4:d3:71:62:a8:de:86:fd:00:44:9d:c8:e0:84:8d: 4e:f8:8e:ba:90:c5:c6:c5:34:22:21:fd:cb:0f:0d:30:23:8a: 9a:5a:e9:79:3d:18:87:09:4e:b1:fc:8f:63:95:9e:8c:40:b7: 48:0f:e7:f5:fb:af:85:ec:bb:dc:a6:ef:40:40:e0:7f:33:44: 65:09:fd:5b:d7:d0:6e:bd:37:a6:65:9a:aa:54:66:53:78:7f: bb:34:c1:08:50:10:45:27:72:49:ef:f2:d7:c8:a6:b2:65:67: 47:8b:9a:2a:91:3a:27:ae:62:8c:4a:eb:31:8a:9b:cf:21:82: f1:a9:31:28:dd:92:c4:32:2e:4a:31:1c:95:cb:db:29:68:64: e5:9f:56:2b:69:64:66:5f:6e:c6:55:4d:b6:3b:90:13:c5:4b: f5:75:87:a7:f2:ae:b0:7f:6d:97:7e:04:0e:a6:e8:8c:0e:8d: f3:58:2d:24:50:e2:92:a3:f7:f1:00:f0:f4:1d:38:55:56:dd: bc:a6:76:86:49:ce:1a:cf:f9:6a:fb:36:40:5a:4d:f8:a0:04: 19:e1:d9:c6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCcswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTc3MTUxMTAvBgNVBAUTKDg2MTdCOUZFMkFBN0ZFRTIyNUYyRTBEMkRDODc2NDA5 ODEzN0RFNkQwHhcNMjUwNDEyMTk0NTA4WhcNMjUwNDE5MTk0NTA4WjAYMRYwFAYD VQQDEw02N2ZhYzJjNC0yMDNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsvmDdo0H3H3S/fvOsMLiuCcwWqXDTtrEdmTxqWVw+J4T6eyB3oK6QOT3w1Xf Y5c1SZEKD8iyrR/vAv+X18Eaqv7QqMKKOkLGkxUJ8aCWRSQNhi9CPoF4FEJjE2AR L6ctk8ORxCzlTl18LCfFwl6RhVNbT4cocCkqFYJY64dLhMPpC3ZwreTk51ZoGQ0N O37OE0fgFj+deeC7p0Ll0BgPI8+PJSy8JtfgvRw4KtbxS7LtGWOYKVTiISKdAvN8 gXQzWq79dxV/ZxtkTfI1DGaQU3ZWMfLB2GRbI3iY65nazPIEAVeULUTETdL/H/S6 9j8cLoI2d0iMeprB5sgfBkPqVwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFK74FnqB N/YpBoPp1peRh50o1KF2MB8GA1UdIwQYMBaAFIYXuf4qp/7iJfLg0tyHZAmBN95t MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNzcxNS9CQzFDNUYxMDdD QjgxMUVBQjBGNjQ3NURDNEY5QUUwMi9oaGU1X2lxbl91SWw4dURTM0lka0NZRTMz bTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hoZTVfaXFuX3VJbDh1RFMzSWRrQ1lFMzNtMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx NzcxNS9CQzFDNUYxMDdDQjgxMUVBQjBGNjQ3NURDNEY5QUUwMi9oaGU1X2lxbl91 SWw4dURTM0lka0NZRTMzbTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBr9XqjoL6TnU1LH0o0Tx8G6+HcKX8SNsC+tqxIMKfaxxhg0mtwZUek 03FiqN6G/QBEncjghI1O+I66kMXGxTQiIf3LDw0wI4qaWul5PRiHCU6x/I9jlZ6M QLdID+f1+6+F7Lvcpu9AQOB/M0RlCf1b19BuvTemZZqqVGZTeH+7NMEIUBBFJ3JJ 7/LXyKayZWdHi5oqkTonrmKMSusxipvPIYLxqTEo3ZLEMi5KMRyVy9spaGTln1Yr aWRmX27GVU22O5ATxUv1dYen8q6wf22XfgQOpuiMDo3zWC0kUOKSo/fxAPD0HThV Vt28pnaGSc4az/lq+zZAWk34oAQZ4dnG -----END CERTIFICATE-----Generated at Sat Apr 12 23:05:10 2025 by rpki-client