$ rpki-client -vvf rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/HdG4aHiGkkxGExFgUO6Q6dSUJp4.mft File: HdG4aHiGkkxGExFgUO6Q6dSUJp4.mft (raw, json) Hash identifier: kpXT+MvpOg35z7Xy0+yDihRlJqh/0eji0IM9m/8d2eI= Subject key identifier: 0C:68:B3:87:21:AD:77:B9:18:B6:9C:F0:54:AF:DD:FE:65:92:9C:51 Authority key identifier: 1D:D1:B8:68:78:86:92:4C:46:13:11:60:50:EE:90:E9:D4:94:26:9E Certificate issuer: /CN=A911D848/serialNumber=1DD1B8687886924C4613116050EE90E9D494269E Certificate serial: 5F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdG4aHiGkkxGExFgUO6Q6dSUJp4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/HdG4aHiGkkxGExFgUO6Q6dSUJp4.mft Manifest number: 5A Signing time: Fri 11 Apr 2025 06:24:56 +0000 Manifest this update: Fri 11 Apr 2025 06:24:56 +0000 Manifest next update: Fri 18 Apr 2025 06:24:56 +0000 Files and hashes: 1: HdG4aHiGkkxGExFgUO6Q6dSUJp4.crl (hash: wSx3YpIf36hKv7hM2NQu19VeCxdk3u+v28XQ4cmSfPQ=) 2: F0C8DB1CA54E11EF8592FD66C4F9AE02.roa (hash: jKfefe498JUViLthlsH3WQDRzc9fBkLXEf9WqoDEonw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/HdG4aHiGkkxGExFgUO6Q6dSUJp4.crl rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/HdG4aHiGkkxGExFgUO6Q6dSUJp4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdG4aHiGkkxGExFgUO6Q6dSUJp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 18 Apr 2025 06:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 95 (0x5f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911D848, serialNumber=1DD1B8687886924C4613116050EE90E9D494269E Validity Not Before: Apr 11 06:24:56 2025 GMT Not After : Apr 18 06:24:56 2025 GMT Subject: CN=67f8b5b8-0375 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:9b:ea:eb:ae:e7:bc:ee:63:c3:d8:4a:0d:86: 50:d1:2d:de:0b:89:de:46:f9:ae:9e:e9:cf:32:fe: d7:e4:d2:7a:d8:52:5d:d3:35:bd:91:0e:05:7a:18: 4d:61:de:a7:2e:1e:ad:e2:b5:7c:32:9b:30:ab:a8: 0c:ff:5f:0e:4a:ad:eb:b4:72:dc:54:03:f9:95:7f: ce:e2:da:9b:7e:8a:a0:35:76:ba:05:9b:e0:66:51: c3:e7:b8:c0:e1:60:0f:33:69:a7:80:87:59:c2:fa: 98:62:b5:8f:01:83:97:44:a1:53:9b:f3:43:87:1f: bd:64:b8:56:a7:f9:ba:06:61:4c:8e:cf:a1:fa:46: f9:d7:51:a4:74:93:41:23:27:fb:d3:f8:b7:82:a1: 9b:1c:5c:3f:95:0a:96:0d:11:c5:8e:73:de:e0:b3: d1:15:8f:01:4a:b2:b6:9e:b9:ea:59:e9:6f:2f:6f: df:3c:ff:55:78:a4:38:75:a0:7c:0a:08:4d:d8:e8: f5:92:b3:26:f9:c0:8d:80:af:2f:ec:b9:17:13:79: 9f:8a:c5:fd:bf:97:58:34:b3:1d:d8:54:20:d2:f1: 53:dd:5f:11:99:60:55:f4:8a:fc:d2:fd:a1:55:17: 5d:fe:27:fa:0d:50:a9:a7:07:ec:12:a0:a6:76:c4: 2d:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:68:B3:87:21:AD:77:B9:18:B6:9C:F0:54:AF:DD:FE:65:92:9C:51 X509v3 Authority Key Identifier: keyid:1D:D1:B8:68:78:86:92:4C:46:13:11:60:50:EE:90:E9:D4:94:26:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/HdG4aHiGkkxGExFgUO6Q6dSUJp4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdG4aHiGkkxGExFgUO6Q6dSUJp4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/HdG4aHiGkkxGExFgUO6Q6dSUJp4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 32:38:0a:79:9b:41:b7:78:ad:76:cb:a7:a0:01:04:82:4c:46: 35:3d:20:54:c8:8a:21:29:75:64:16:2f:9c:1d:f8:84:24:65: 3b:12:c7:22:7e:3e:18:4b:28:33:c2:4a:86:2b:b4:44:34:3d: 8c:c9:eb:ec:34:8e:09:55:10:2f:97:e1:cc:b5:eb:75:e4:e2: 27:35:3a:f4:ee:89:4a:9b:9c:cf:f3:29:b5:0d:0a:dd:4e:52: 0e:19:f1:aa:5c:c5:da:f9:7c:6f:77:ef:a1:a5:9a:ca:98:36: c2:cc:2a:33:47:23:64:bf:e8:cc:ca:bb:b4:3f:a7:59:0a:2c: d8:f2:7f:6c:e9:86:ea:c5:ce:8d:e0:5b:0b:46:85:64:30:43: 33:1d:0c:a9:dd:d8:44:ac:77:b3:a2:bf:e8:78:3e:e3:4a:09: 98:15:7c:a6:a5:bf:4f:c7:f9:6e:ea:14:57:66:88:3a:3e:d7: 7a:8d:86:d9:86:98:69:d7:87:10:51:eb:95:d1:f4:08:1b:d8: 64:f5:b7:51:cd:cd:22:45:67:5d:3b:f5:6c:95:fd:e5:30:88: 73:d0:9e:42:33:1d:a2:24:95:1b:c2:f6:c9:ef:5c:85:45:ec: 68:b7:6f:89:de:38:fa:e2:2d:66:33:94:d5:61:67:29:1c:76: a3:c3:5b:21 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBXzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx RDg0ODExMC8GA1UEBRMoMUREMUI4Njg3ODg2OTI0QzQ2MTMxMTYwNTBFRTkwRTlE NDk0MjY5RTAeFw0yNTA0MTEwNjI0NTZaFw0yNTA0MTgwNjI0NTZaMBgxFjAUBgNV BAMTDTY3ZjhiNWI4LTAzNzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDOm+rrrue87mPD2EoNhlDRLd4Lid5G+a6e6c8y/tfk0nrYUl3TNb2RDgV6GE1h 3qcuHq3itXwymzCrqAz/Xw5Kreu0ctxUA/mVf87i2pt+iqA1droFm+BmUcPnuMDh YA8zaaeAh1nC+phitY8Bg5dEoVOb80OHH71kuFan+boGYUyOz6H6RvnXUaR0k0Ej J/vT+LeCoZscXD+VCpYNEcWOc97gs9EVjwFKsraeuepZ6W8vb988/1V4pDh1oHwK CE3Y6PWSsyb5wI2Ary/suRcTeZ+Kxf2/l1g0sx3YVCDS8VPdXxGZYFX0ivzS/aFV F13+J/oNUKmnB+wSoKZ2xC0BAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUDGizhyGt d7kYtpzwVK/d/mWSnFEwHwYDVR0jBBgwFoAUHdG4aHiGkkxGExFgUO6Q6dSUJp4w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFEODQ4L0MyNTFCNUIyOUIx MDExRUZBNzJCQTAyMEM0RjlBRTAyL0hkRzRhSGlHa2t4R0V4RmdVTzZRNmRTVUpw NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvSGRHNGFIaUdra3hHRXhGZ1VPNlE2ZFNVSnA0LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFE ODQ4L0MyNTFCNUIyOUIxMDExRUZBNzJCQTAyMEM0RjlBRTAyL0hkRzRhSGlHa2t4 R0V4RmdVTzZRNmRTVUpwNC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBADI4CnmbQbd4rXbLp6ABBIJMRjU9IFTIiiEpdWQWL5wd+IQkZTsSxyJ+ PhhLKDPCSoYrtEQ0PYzJ6+w0jglVEC+X4cy163Xk4ic1OvTuiUqbnM/zKbUNCt1O Ug4Z8apcxdr5fG9376GlmsqYNsLMKjNHI2S/6MzKu7Q/p1kKLNjyf2zphurFzo3g WwtGhWQwQzMdDKnd2ESsd7Oiv+h4PuNKCZgVfKalv0/H+W7qFFdmiDo+13qNhtmG mGnXhxBR65XR9Agb2GT1t1HNzSJFZ1079WyV/eUwiHPQnkIzHaIklRvC9snvXIVF 7Gi3b4neOPriLWYzlNVhZykcdqPDWyE= -----END CERTIFICATE-----Generated at Sun Apr 13 01:31:47 2025 by rpki-client