$ rpki-client -vvf rpki.apnic.net/member_repository/A9163609/23F9E8BA8FDE11EDAE369A53C4F9AE02/HEIrsfyW_mDUsv9fbBJFDsye6Ww.mft File: HEIrsfyW_mDUsv9fbBJFDsye6Ww.mft (raw, json) Hash identifier: Mbjk6TumfDsfS9HQOsmxlYF7oVSbgFgKJR5ItH/PQT0= Subject key identifier: 66:0D:A0:F3:1E:44:85:F1:89:60:4F:F7:04:C9:5E:67:BF:0D:78:D7 Authority key identifier: 1C:42:2B:B1:FC:96:FE:60:D4:B2:FF:5F:6C:12:45:0E:CC:9E:E9:6C Certificate issuer: /CN=A9163609/serialNumber=1C422BB1FC96FE60D4B2FF5F6C12450ECC9EE96C Certificate serial: 01AD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HEIrsfyW_mDUsv9fbBJFDsye6Ww.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9163609/23F9E8BA8FDE11EDAE369A53C4F9AE02/HEIrsfyW_mDUsv9fbBJFDsye6Ww.mft Manifest number: 01A9 Signing time: Tue 15 Apr 2025 02:17:08 +0000 Manifest this update: Tue 15 Apr 2025 02:17:08 +0000 Manifest next update: Tue 22 Apr 2025 02:17:08 +0000 Files and hashes: 1: HEIrsfyW_mDUsv9fbBJFDsye6Ww.crl (hash: AWVTI1UI5Ze4Inar/V6GsPF3ONwtByE2nPeTNlL2Tsg=) 2: F2AB2F288FE011EDA9919C57C4F9AE02.roa (hash: Rf57xWILJOvL68EEABL6r6dfZw+gyCnJxd924tHN+AU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9163609/23F9E8BA8FDE11EDAE369A53C4F9AE02/HEIrsfyW_mDUsv9fbBJFDsye6Ww.crl rsync://rpki.apnic.net/member_repository/A9163609/23F9E8BA8FDE11EDAE369A53C4F9AE02/HEIrsfyW_mDUsv9fbBJFDsye6Ww.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HEIrsfyW_mDUsv9fbBJFDsye6Ww.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 22 Apr 2025 02:17:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 429 (0x1ad) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9163609, serialNumber=1C422BB1FC96FE60D4B2FF5F6C12450ECC9EE96C Validity Not Before: Apr 15 02:17:08 2025 GMT Not After : Apr 22 02:17:08 2025 GMT Subject: CN=67fdc1a4-c9c8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:ce:a3:cb:89:1d:94:cd:52:e5:59:f1:d0:a6: 72:20:d2:a6:e1:69:98:3f:23:cb:4a:a9:3e:69:80: 4a:4d:c9:81:ee:9a:c1:c6:f9:de:b7:9a:3d:02:78: a4:2d:bf:22:0b:e7:cb:c5:13:63:6f:a4:3c:43:7c: 5b:a2:70:cb:f5:8c:0e:dc:7b:a3:7a:3e:12:d0:0d: df:05:19:3d:d5:21:1f:ee:d1:d4:a6:fa:30:c3:a9: 7a:9a:58:a8:e7:64:e3:ef:d4:ee:59:73:ac:7f:ee: 17:1b:9c:53:b6:0f:e6:b6:0f:f7:74:f5:01:3e:67: c9:a7:d6:7a:0f:f7:25:9a:8e:bc:50:59:5d:51:09: 1f:2a:d6:97:78:8d:9f:ce:a7:7c:d1:ee:ef:e3:2b: 19:c8:3e:29:9e:d6:73:69:65:5a:1b:43:55:2b:f4: 3a:8c:3e:22:8a:79:9a:b5:fb:f7:07:85:d2:e3:87: e5:aa:ef:51:9b:7f:d5:59:ad:32:f7:e2:39:00:42: bd:f2:27:5e:d7:a6:ff:cd:0d:30:2a:ba:c6:2c:f7: aa:b7:77:ae:f0:4c:a5:c8:1a:ed:81:03:ce:66:8c: 8b:51:c8:b4:e9:1d:9e:79:c3:63:4a:30:e2:50:08: 29:52:da:c2:84:2d:6e:f9:ab:6f:ee:38:2c:06:c4: 27:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:0D:A0:F3:1E:44:85:F1:89:60:4F:F7:04:C9:5E:67:BF:0D:78:D7 X509v3 Authority Key Identifier: keyid:1C:42:2B:B1:FC:96:FE:60:D4:B2:FF:5F:6C:12:45:0E:CC:9E:E9:6C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9163609/23F9E8BA8FDE11EDAE369A53C4F9AE02/HEIrsfyW_mDUsv9fbBJFDsye6Ww.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HEIrsfyW_mDUsv9fbBJFDsye6Ww.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9163609/23F9E8BA8FDE11EDAE369A53C4F9AE02/HEIrsfyW_mDUsv9fbBJFDsye6Ww.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 26:34:65:8b:b7:d6:63:b9:d5:65:f1:a1:56:af:0d:88:1f:cf: 26:3b:4f:88:fb:00:60:d7:0b:b0:90:c1:3a:97:eb:af:d1:e9: 7b:51:8c:43:8d:aa:49:ed:69:7c:65:ce:06:97:6c:37:e3:c1: 12:02:e7:41:aa:0a:23:2d:a4:40:46:4c:f9:e1:88:79:c8:2f: e2:b0:bb:5d:6e:52:b3:c6:3c:27:74:af:33:7e:33:5c:c6:58: b3:39:ec:1f:6d:1e:38:01:15:b4:cc:34:85:4d:18:6a:07:6e: 2c:8b:1d:cb:9a:60:72:2c:1a:d0:47:55:bd:36:24:9e:80:4f: 8e:ea:37:6a:10:aa:0a:10:8b:5b:15:fc:69:a2:1d:63:e4:83: 94:c2:fc:82:26:3c:42:84:36:6e:cc:68:a1:4b:3e:fa:96:ee: de:b8:15:73:8b:55:56:ef:5e:c8:41:06:90:29:27:a8:3d:20: 50:2d:f1:82:88:5b:8e:8c:2e:67:d6:20:5a:ba:e2:a8:e0:f3: c1:c2:3d:5e:8f:18:af:b8:a6:cf:49:5b:d6:e8:3f:96:0d:df: ee:ca:e9:89:2d:90:53:b6:7a:70:3e:a9:be:60:63:36:4a:7f: ad:f7:ae:86:1e:97:7e:cb:60:52:8c:f1:15:9d:6d:0d:78:de: 9a:2c:d9:63 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAa0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjM2MDkxMTAvBgNVBAUTKDFDNDIyQkIxRkM5NkZFNjBENEIyRkY1RjZDMTI0NTBF Q0M5RUU5NkMwHhcNMjUwNDE1MDIxNzA4WhcNMjUwNDIyMDIxNzA4WjAYMRYwFAYD VQQDEw02N2ZkYzFhNC1jOWM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6M6jy4kdlM1S5Vnx0KZyINKm4WmYPyPLSqk+aYBKTcmB7prBxvnet5o9Anik Lb8iC+fLxRNjb6Q8Q3xbonDL9YwO3Hujej4S0A3fBRk91SEf7tHUpvoww6l6mlio 52Tj79TuWXOsf+4XG5xTtg/mtg/3dPUBPmfJp9Z6D/clmo68UFldUQkfKtaXeI2f zqd80e7v4ysZyD4pntZzaWVaG0NVK/Q6jD4iinmatfv3B4XS44flqu9Rm3/VWa0y 9+I5AEK98ide16b/zQ0wKrrGLPeqt3eu8EylyBrtgQPOZoyLUci06R2eecNjSjDi UAgpUtrChC1u+atv7jgsBsQn2QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGYNoPMe RIXxiWBP9wTJXme/DXjXMB8GA1UdIwQYMBaAFBxCK7H8lv5g1LL/X2wSRQ7Mnuls MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MzYwOS8yM0Y5RThCQThG REUxMUVEQUUzNjlBNTNDNEY5QUUwMi9IRUlyc2Z5V19tRFVzdjlmYkJKRkRzeWU2 V3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hFSXJzZnlXX21EVXN2OWZiQkpGRHN5ZTZXdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 MzYwOS8yM0Y5RThCQThGREUxMUVEQUUzNjlBNTNDNEY5QUUwMi9IRUlyc2Z5V19t RFVzdjlmYkJKRkRzeWU2V3cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAmNGWLt9ZjudVl8aFWrw2IH88mO0+I+wBg1wuwkME6l+uv0el7UYxD japJ7Wl8Zc4Gl2w348ESAudBqgojLaRARkz54Yh5yC/isLtdblKzxjwndK8zfjNc xlizOewfbR44ARW0zDSFTRhqB24six3LmmByLBrQR1W9NiSegE+O6jdqEKoKEItb Ffxpoh1j5IOUwvyCJjxChDZuzGihSz76lu7euBVzi1VW717IQQaQKSeoPSBQLfGC iFuOjC5n1iBauuKo4PPBwj1ejxivuKbPSVvW6D+WDd/uyumJLZBTtnpwPqm+YGM2 Sn+t966GHpd+y2BSjPEVnW0NeN6aLNlj -----END CERTIFICATE-----Generated at Wed Apr 16 17:18:06 2025 by rpki-client