$ rpki-client -vvf rpki.apnic.net/member_repository/A9175165/90F0FFAE0F0811E98680E85CC4F9AE02/he6Mb5WNbzwfFdLBq8T-m75s7tc.mft File: he6Mb5WNbzwfFdLBq8T-m75s7tc.mft (raw, json) Hash identifier: aJmGFAVgO2We7GBb1UpJX2XT7VdSwkw9GpLLr5rBSZY= Subject key identifier: 04:F0:20:01:FB:F9:09:0A:1D:C9:F4:A2:50:4B:0D:6E:9C:B2:E7:A7 Authority key identifier: 85:EE:8C:6F:95:8D:6F:3C:1F:15:D2:C1:AB:C4:FE:9B:BE:6C:EE:D7 Certificate issuer: /CN=A9175165/serialNumber=85EE8C6F958D6F3C1F15D2C1ABC4FE9BBE6CEED7 Certificate serial: 1111 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/he6Mb5WNbzwfFdLBq8T-m75s7tc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9175165/90F0FFAE0F0811E98680E85CC4F9AE02/he6Mb5WNbzwfFdLBq8T-m75s7tc.mft Manifest number: 1109 Signing time: Sun 06 Apr 2025 17:11:47 +0000 Manifest this update: Sun 06 Apr 2025 17:11:47 +0000 Manifest next update: Sun 13 Apr 2025 17:11:47 +0000 Files and hashes: 1: he6Mb5WNbzwfFdLBq8T-m75s7tc.crl (hash: 2oWJ3sl/ZXhl+zakejMm2sqsHae3ijoknfBoLgbvNTk=) 2: 8B8DEE220F0911E9A8CC815EC4F9AE02.roa (hash: gteMkfVnVg4ffsJGo4gzYRn2LBvsScWGIppneQ2BQXI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9175165/90F0FFAE0F0811E98680E85CC4F9AE02/he6Mb5WNbzwfFdLBq8T-m75s7tc.crl rsync://rpki.apnic.net/member_repository/A9175165/90F0FFAE0F0811E98680E85CC4F9AE02/he6Mb5WNbzwfFdLBq8T-m75s7tc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/he6Mb5WNbzwfFdLBq8T-m75s7tc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 13 Apr 2025 17:11:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4369 (0x1111) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9175165 Validity Not Before: Apr 6 17:11:47 2025 GMT Not After : Apr 13 17:11:47 2025 GMT Subject: CN=67f2b5d3-502e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:df:89:cd:c7:a3:d2:ed:ab:d7:ae:42:ef:aa: bd:a1:73:36:6c:03:6b:cf:53:2c:7b:8c:05:ff:e8: c5:3d:95:2c:46:f6:24:fe:b7:1f:39:04:d3:4f:dc: d1:51:ba:08:93:1b:1d:72:79:3a:bd:22:cb:19:9b: 0c:23:77:6a:54:8a:a9:7c:7c:29:ab:e8:4f:03:59: 0d:cc:19:c2:bb:c5:31:b4:16:9b:a5:49:07:39:2f: 54:78:05:01:2c:60:03:5c:29:0d:7a:64:62:0a:f4: 8c:aa:de:ab:31:55:f7:e6:7c:68:0b:00:c3:71:f5: bd:38:d3:ab:1a:da:5a:fe:5e:0d:69:d3:f1:6b:d2: cd:46:33:ce:35:91:14:78:7c:fe:34:5c:bb:28:cf: 66:35:c4:2c:81:ab:12:bb:81:a4:24:7e:25:94:47: 86:53:f5:73:ec:2a:1b:40:fd:59:00:ea:8f:af:30: 3c:6b:d6:53:5f:a9:5c:7c:4e:2c:6b:8c:93:6d:7f: 27:b5:4e:80:34:c5:b9:85:3d:ed:68:38:82:14:6a: bb:fa:93:fb:af:9c:6b:5a:93:78:fe:5d:55:bb:2e: 20:55:83:78:f1:4b:d3:c8:fd:f7:3c:79:b6:f3:33: 55:80:f9:0e:c8:f1:07:67:fb:30:8a:81:ea:fc:a7: 10:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:F0:20:01:FB:F9:09:0A:1D:C9:F4:A2:50:4B:0D:6E:9C:B2:E7:A7 X509v3 Authority Key Identifier: keyid:85:EE:8C:6F:95:8D:6F:3C:1F:15:D2:C1:AB:C4:FE:9B:BE:6C:EE:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9175165/90F0FFAE0F0811E98680E85CC4F9AE02/he6Mb5WNbzwfFdLBq8T-m75s7tc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/he6Mb5WNbzwfFdLBq8T-m75s7tc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9175165/90F0FFAE0F0811E98680E85CC4F9AE02/he6Mb5WNbzwfFdLBq8T-m75s7tc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 15:79:1d:bf:c1:82:bc:42:87:d4:4f:84:78:62:45:e6:1b:d6: 7a:77:1c:a1:71:2d:7a:66:cd:f9:a0:14:70:e7:38:c0:fa:36: ea:14:0d:25:40:37:d0:78:79:17:51:39:b8:ae:57:fa:35:54: cd:35:9c:fc:e9:9d:aa:b2:c0:0f:8c:76:56:87:92:8a:44:05: 43:d5:96:39:5b:3b:ac:69:79:6e:a6:8d:28:88:4d:88:a8:91: de:4d:0c:0e:b1:e4:da:92:15:2e:84:2f:4c:a9:dd:d2:1b:0a: 80:d7:f8:9a:03:f6:be:26:c9:60:01:97:3a:94:00:bf:01:86: 9d:78:16:d5:63:91:53:9c:22:1f:4a:b4:bd:11:c0:89:62:e8: 9f:d6:c5:91:e8:e9:5c:4b:71:4c:71:96:9f:07:fb:17:05:4f: 0b:5a:31:f8:be:99:e8:43:67:48:59:e3:8c:72:01:43:e4:44: 31:3a:18:89:e3:5b:ec:8f:55:27:21:66:01:4f:7b:a0:b2:23: 21:cb:0c:c8:f5:db:3e:c6:91:0e:a3:b9:d1:77:9c:04:92:f7: 4d:5b:f5:0c:89:6d:b2:86:9e:40:a4:9d:55:dc:2b:83:8d:3c: 92:3f:ee:0f:fe:99:3d:5e:44:0b:71:95:e3:8a:2a:1e:44:d5: 9e:4a:28:7d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEREwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzUxNjUxMTAvBgNVBAUTKDg1RUU4QzZGOTU4RDZGM0MxRjE1RDJDMUFCQzRGRTlC QkU2Q0VFRDcwHhcNMjUwNDA2MTcxMTQ3WhcNMjUwNDEzMTcxMTQ3WjAYMRYwFAYD VQQDEw02N2YyYjVkMy01MDJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0t+Jzcej0u2r165C76q9oXM2bANrz1Mse4wF/+jFPZUsRvYk/rcfOQTTT9zR UboIkxsdcnk6vSLLGZsMI3dqVIqpfHwpq+hPA1kNzBnCu8UxtBabpUkHOS9UeAUB LGADXCkNemRiCvSMqt6rMVX35nxoCwDDcfW9ONOrGtpa/l4NadPxa9LNRjPONZEU eHz+NFy7KM9mNcQsgasSu4GkJH4llEeGU/Vz7CobQP1ZAOqPrzA8a9ZTX6lcfE4s a4yTbX8ntU6ANMW5hT3taDiCFGq7+pP7r5xrWpN4/l1Vuy4gVYN48UvTyP33PHm2 8zNVgPkOyPEHZ/swioHq/KcQIwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFATwIAH7 +QkKHcn0olBLDW6csuenMB8GA1UdIwQYMBaAFIXujG+VjW88HxXSwavE/pu+bO7X MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NTE2NS85MEYwRkZBRTBG MDgxMUU5ODY4MEU4NUNDNEY5QUUwMi9oZTZNYjVXTmJ6d2ZGZExCcThULW03NXM3 dGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hlNk1iNVdOYnp3ZkZkTEJxOFQtbTc1czd0Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 NTE2NS85MEYwRkZBRTBGMDgxMUU5ODY4MEU4NUNDNEY5QUUwMi9oZTZNYjVXTmJ6 d2ZGZExCcThULW03NXM3dGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAVeR2/wYK8QofUT4R4YkXmG9Z6dxyhcS16Zs35oBRw5zjA+jbqFA0l QDfQeHkXUTm4rlf6NVTNNZz86Z2qssAPjHZWh5KKRAVD1ZY5WzusaXlupo0oiE2I qJHeTQwOseTakhUuhC9Mqd3SGwqA1/iaA/a+JslgAZc6lAC/AYadeBbVY5FTnCIf SrS9EcCJYuif1sWR6OlcS3FMcZafB/sXBU8LWjH4vpnoQ2dIWeOMcgFD5EQxOhiJ 41vsj1UnIWYBT3ugsiMhywzI9ds+xpEOo7nRd5wEkvdNW/UMiW2yhp5ApJ1V3CuD jTySP+4P/pk9XkQLcZXjiioeRNWeSih9 -----END CERTIFICATE-----Generated at Tue Apr 8 15:30:35 2025 by rpki-client