$ rpki-client -vvf rpki.apnic.net/member_repository/A911C9E8/FDF6730658FD11EE9D2D2376C4F9AE02/hSmfDbFMjwpT0kRu_bDMBZwVJL8.mft File: hSmfDbFMjwpT0kRu_bDMBZwVJL8.mft (raw, json) Hash identifier: Iorlhfm0BmuX2DEywll8dWpl4iZR5meZYamIBT7unE4= Subject key identifier: 49:56:DA:5C:A4:D8:8F:5C:F9:11:E5:F1:5C:99:2C:D3:5C:1A:2E:D8 Authority key identifier: 85:29:9F:0D:B1:4C:8F:0A:53:D2:44:6E:FD:B0:CC:05:9C:15:24:BF Certificate issuer: /CN=A911C9E8/serialNumber=85299F0DB14C8F0A53D2446EFDB0CC059C1524BF Certificate serial: 0122 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hSmfDbFMjwpT0kRu_bDMBZwVJL8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911C9E8/FDF6730658FD11EE9D2D2376C4F9AE02/hSmfDbFMjwpT0kRu_bDMBZwVJL8.mft Manifest number: 011F Signing time: Sat 29 Mar 2025 04:10:16 +0000 Manifest this update: Sat 29 Mar 2025 04:10:15 +0000 Manifest next update: Sat 05 Apr 2025 04:10:15 +0000 Files and hashes: 1: hSmfDbFMjwpT0kRu_bDMBZwVJL8.crl (hash: yyTjDpxD8CibRDneYe/9/+1FQ8SK3AIeritGNxhNHSw=) 2: E39F4ED65C2411EEB54C4F43C4F9AE02.roa (hash: jSX8BBXcDhKRO02h61flDcL9PRKVJzf27mu274wCdhk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911C9E8/FDF6730658FD11EE9D2D2376C4F9AE02/hSmfDbFMjwpT0kRu_bDMBZwVJL8.crl rsync://rpki.apnic.net/member_repository/A911C9E8/FDF6730658FD11EE9D2D2376C4F9AE02/hSmfDbFMjwpT0kRu_bDMBZwVJL8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hSmfDbFMjwpT0kRu_bDMBZwVJL8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 04:10:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 290 (0x122) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911C9E8 Validity Not Before: Mar 29 04:10:15 2025 GMT Not After : Apr 5 04:10:15 2025 GMT Subject: CN=67e772a7-b056 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:7b:06:96:6c:4c:25:5d:35:a2:8b:2b:32:c0: d5:9c:15:88:84:57:15:14:3c:9c:2d:0a:42:05:d6: 25:ae:2a:e5:fd:70:d0:22:89:55:cc:3b:4f:c1:43: bf:0d:16:38:a1:81:d9:89:26:23:2c:b5:2c:6c:f9: 82:85:51:e4:bb:be:03:25:04:9c:e0:c3:7d:a0:2b: df:01:78:d8:9d:5c:8d:64:df:b4:fb:ed:60:67:d3: 3e:8d:7e:7a:50:ed:93:eb:e6:12:86:0e:74:14:3a: bc:dd:90:37:e9:50:75:41:04:d9:f2:1f:90:94:18: 26:e7:bc:80:29:3e:0b:c0:24:11:4c:19:fd:47:54: 0b:19:f6:f0:3c:29:62:3b:8d:91:57:0b:aa:02:37: d3:37:3e:fd:53:5f:d7:ea:38:9d:d0:2c:ed:22:03: cf:b7:89:42:2f:f4:f6:fc:aa:c9:d4:da:56:80:7d: e5:aa:7c:7e:3e:5f:9c:0e:45:2d:cc:3d:08:44:5b: f2:18:2b:ec:8b:df:7c:6d:6d:71:c7:20:12:02:9c: c1:11:28:8e:4d:a6:a0:d0:f3:4d:93:f0:5f:69:49: 1c:9a:1f:1a:30:79:bf:f2:cc:70:37:75:7a:0f:a0: d1:5c:26:f7:c1:52:8d:f3:78:f7:2e:6e:48:8e:09: a5:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:56:DA:5C:A4:D8:8F:5C:F9:11:E5:F1:5C:99:2C:D3:5C:1A:2E:D8 X509v3 Authority Key Identifier: keyid:85:29:9F:0D:B1:4C:8F:0A:53:D2:44:6E:FD:B0:CC:05:9C:15:24:BF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911C9E8/FDF6730658FD11EE9D2D2376C4F9AE02/hSmfDbFMjwpT0kRu_bDMBZwVJL8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hSmfDbFMjwpT0kRu_bDMBZwVJL8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C9E8/FDF6730658FD11EE9D2D2376C4F9AE02/hSmfDbFMjwpT0kRu_bDMBZwVJL8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 75:51:4c:f7:92:ac:12:cd:ec:b7:97:17:cf:7c:9b:5d:92:d9: b4:10:ea:ca:18:dd:ec:46:aa:5f:b0:5a:9a:32:ed:dd:2e:f6: 89:5e:bf:e3:8a:f7:26:c6:b0:95:e0:d4:7a:3a:11:20:8a:3c: 5a:a9:20:fc:2d:61:c7:33:90:55:d9:a1:8d:c9:82:dc:00:69: fc:8f:35:5e:46:e4:f1:76:ff:23:df:09:68:9c:52:95:f4:2f: 37:cb:e7:e9:44:a3:76:3c:b5:44:78:9f:03:43:fb:c9:e9:da: f6:d2:e7:79:d4:cd:ba:96:b7:62:03:3d:ba:ba:24:cd:a9:5e: 9e:c0:8f:dd:07:fc:9b:97:7d:68:f4:c3:b4:56:79:04:45:bd: 6f:63:c2:26:f9:c7:2f:a6:3d:c1:59:ea:66:f2:1a:07:09:9d: 85:09:b9:5c:82:e2:29:e0:c1:75:19:64:07:05:e0:96:30:93: 44:39:12:67:eb:1f:82:14:fb:db:82:68:9d:7f:d6:d0:27:e2: 73:15:7f:e5:40:38:e1:10:02:01:20:0f:c5:3c:91:b1:cd:aa: 06:d9:89:f6:1d:0f:6f:1e:2a:66:c0:f1:6a:cd:d4:6f:37:51: 1b:eb:7e:66:84:16:e4:1b:c9:38:85:28:f4:14:a5:49:f8:fd: 45:3e:7d:30 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUM5RTgxMTAvBgNVBAUTKDg1Mjk5RjBEQjE0QzhGMEE1M0QyNDQ2RUZEQjBDQzA1 OUMxNTI0QkYwHhcNMjUwMzI5MDQxMDE1WhcNMjUwNDA1MDQxMDE1WjAYMRYwFAYD VQQDEw02N2U3NzJhNy1iMDU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4XsGlmxMJV01oosrMsDVnBWIhFcVFDycLQpCBdYlrirl/XDQIolVzDtPwUO/ DRY4oYHZiSYjLLUsbPmChVHku74DJQSc4MN9oCvfAXjYnVyNZN+0++1gZ9M+jX56 UO2T6+YShg50FDq83ZA36VB1QQTZ8h+QlBgm57yAKT4LwCQRTBn9R1QLGfbwPCli O42RVwuqAjfTNz79U1/X6jid0CztIgPPt4lCL/T2/KrJ1NpWgH3lqnx+Pl+cDkUt zD0IRFvyGCvsi998bW1xxyASApzBESiOTaag0PNNk/BfaUkcmh8aMHm/8sxwN3V6 D6DRXCb3wVKN83j3Lm5IjgmlGQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFElW2lyk 2I9c+RHl8VyZLNNcGi7YMB8GA1UdIwQYMBaAFIUpnw2xTI8KU9JEbv2wzAWcFSS/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzlFOC9GREY2NzMwNjU4 RkQxMUVFOUQyRDIzNzZDNEY5QUUwMi9oU21mRGJGTWp3cFQwa1J1X2JETUJad1ZK TDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hTbWZEYkZNandwVDBrUnVfYkRNQlp3VkpMOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx QzlFOC9GREY2NzMwNjU4RkQxMUVFOUQyRDIzNzZDNEY5QUUwMi9oU21mRGJGTWp3 cFQwa1J1X2JETUJad1ZKTDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB1UUz3kqwSzey3lxfPfJtdktm0EOrKGN3sRqpfsFqaMu3dLvaJXr/j ivcmxrCV4NR6OhEgijxaqSD8LWHHM5BV2aGNyYLcAGn8jzVeRuTxdv8j3wlonFKV 9C83y+fpRKN2PLVEeJ8DQ/vJ6dr20ud51M26lrdiAz26uiTNqV6ewI/dB/ybl31o 9MO0VnkERb1vY8Im+ccvpj3BWepm8hoHCZ2FCblcguIp4MF1GWQHBeCWMJNEORJn 6x+CFPvbgmidf9bQJ+JzFX/lQDjhEAIBIA/FPJGxzaoG2Yn2HQ9vHipmwPFqzdRv N1Eb635mhBbkG8k4hSj0FKVJ+P1FPn0w -----END CERTIFICATE-----Generated at Fri Apr 4 21:21:41 2025 by rpki-client