$ rpki-client -vvf rpki.apnic.net/member_repository/A91B15DC/5823AF86CEED11EFBD655511C4F9AE02/HUXnKUVKJCRGewPPyZfX6xhK52Y.mft File: HUXnKUVKJCRGewPPyZfX6xhK52Y.mft (raw, json) Hash identifier: kxh6KY6Eqm0XAxpNnhgytBdkqyBt2jG8g8dl2vFqlEE= Subject key identifier: 2D:2C:53:9D:C3:D9:63:FC:BD:5F:28:1A:06:EC:63:56:6E:CA:5D:ED Authority key identifier: 1D:45:E7:29:45:4A:24:24:46:7B:03:CF:C9:97:D7:EB:18:4A:E7:66 Certificate issuer: /CN=A91B15DC/serialNumber=1D45E729454A2424467B03CFC997D7EB184AE766 Certificate serial: 2E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HUXnKUVKJCRGewPPyZfX6xhK52Y.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B15DC/5823AF86CEED11EFBD655511C4F9AE02/HUXnKUVKJCRGewPPyZfX6xhK52Y.mft Manifest number: 2D Signing time: Thu 03 Apr 2025 06:56:31 +0000 Manifest this update: Thu 03 Apr 2025 06:56:30 +0000 Manifest next update: Thu 10 Apr 2025 06:56:30 +0000 Files and hashes: 1: HUXnKUVKJCRGewPPyZfX6xhK52Y.crl (hash: ZtY0/hxDjgpx2QRvtDi4KeyHLzaPy1LyA2NrOYiUL5s=) 2: 14F7BC00CEEF11EFAF6F762FC4F9AE02.roa (hash: ky3VVMd3//RxqftA8fTaKeSx7YmcJGB1DWo9MLV8eHo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B15DC/5823AF86CEED11EFBD655511C4F9AE02/HUXnKUVKJCRGewPPyZfX6xhK52Y.crl rsync://rpki.apnic.net/member_repository/A91B15DC/5823AF86CEED11EFBD655511C4F9AE02/HUXnKUVKJCRGewPPyZfX6xhK52Y.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HUXnKUVKJCRGewPPyZfX6xhK52Y.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Apr 2025 06:56:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46 (0x2e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B15DC Validity Not Before: Apr 3 06:56:30 2025 GMT Not After : Apr 10 06:56:30 2025 GMT Subject: CN=67ee311e-83fc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:47:34:c3:79:cf:c7:99:57:6d:53:8e:79:57: b9:16:fd:69:55:fd:e3:2c:1f:ad:49:4e:3d:b7:b6: d9:86:38:f3:36:0c:a5:d0:bb:46:48:e8:94:4a:0a: 4c:02:a9:6c:96:6a:93:ce:6f:c5:ac:3a:76:65:f3: 14:e0:7d:2d:f0:de:d6:71:a1:4e:60:e4:14:26:ae: a3:c2:92:ef:87:04:16:41:0b:93:f6:0f:35:05:97: e7:e9:30:48:2d:a2:1c:59:1d:47:7c:4a:c7:4c:7c: 4a:7e:4f:78:0f:d6:b8:25:2d:b7:70:df:1a:8d:de: b4:c1:46:86:43:79:27:78:ec:e4:f5:62:f5:4e:42: be:b6:40:f3:96:00:59:a1:c9:87:7d:f3:24:ad:a1: cf:11:00:23:6a:d6:10:be:fa:4b:1c:f9:5f:c7:b6: a7:77:59:14:ba:c4:15:80:2b:6c:58:b4:cb:39:ab: 2a:2d:ff:38:28:5b:66:43:9e:e1:3f:c9:5f:30:cb: 70:9a:90:64:a7:33:7d:a5:24:a5:bd:e3:af:8a:9a: 85:c6:bf:b7:db:fe:6f:1a:d1:0f:05:88:71:61:70: 45:01:d6:79:33:4c:57:e5:0b:9f:cd:ce:bc:db:65: e8:59:45:c6:30:6b:83:d7:af:19:32:02:ca:48:ac: 48:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:2C:53:9D:C3:D9:63:FC:BD:5F:28:1A:06:EC:63:56:6E:CA:5D:ED X509v3 Authority Key Identifier: keyid:1D:45:E7:29:45:4A:24:24:46:7B:03:CF:C9:97:D7:EB:18:4A:E7:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B15DC/5823AF86CEED11EFBD655511C4F9AE02/HUXnKUVKJCRGewPPyZfX6xhK52Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HUXnKUVKJCRGewPPyZfX6xhK52Y.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B15DC/5823AF86CEED11EFBD655511C4F9AE02/HUXnKUVKJCRGewPPyZfX6xhK52Y.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 15:5c:8d:c1:7f:31:07:72:b9:ef:3b:a6:e2:01:5c:27:fd:0a: 9f:b9:72:4c:9e:2a:3d:26:db:d3:c0:ca:05:52:71:5a:3c:7d: 0a:74:58:e1:c6:75:41:52:45:7f:f3:fb:4c:a8:75:ce:00:bc: 4c:2a:f5:cf:c7:ab:5e:87:76:ea:4c:d2:a4:3b:3e:a2:43:34: 82:ed:95:53:f7:d1:7b:ba:ed:fb:66:e1:29:96:75:ed:17:9d: 1b:f8:f8:24:d2:4f:01:44:be:d9:5d:b8:96:52:a2:ef:9c:1c: 7f:34:1d:b2:a9:51:5d:c1:f2:29:b1:06:b8:89:1d:00:7e:f8: b3:bb:9d:46:e3:74:96:82:7e:3a:e1:ea:a8:bf:ec:81:ee:a6: df:20:0c:e0:78:c3:b1:80:89:23:41:10:d6:cb:83:6c:8b:23: 21:fa:cb:32:e8:bb:d2:0e:11:b6:a1:66:6d:a6:5b:b5:e0:a0: e5:b6:26:0a:6c:9e:cf:6f:5c:a1:ea:85:46:3e:3f:c3:1e:42: a4:e9:ea:3b:6e:29:64:27:f6:28:35:31:70:3d:9b:c3:f8:70: 59:63:14:bc:70:a7:18:e7:b3:3d:45:ce:54:d6:6f:a9:49:fb: e1:a3:76:95:fa:36:40:32:bf:af:7a:e7:56:5a:ca:7f:8d:c1: e3:e2:07:37 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBLjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC MTVEQzExMC8GA1UEBRMoMUQ0NUU3Mjk0NTRBMjQyNDQ2N0IwM0NGQzk5N0Q3RUIx ODRBRTc2NjAeFw0yNTA0MDMwNjU2MzBaFw0yNTA0MTAwNjU2MzBaMBgxFjAUBgNV BAMTDTY3ZWUzMTFlLTgzZmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDHRzTDec/HmVdtU455V7kW/WlV/eMsH61JTj23ttmGOPM2DKXQu0ZI6JRKCkwC qWyWapPOb8WsOnZl8xTgfS3w3tZxoU5g5BQmrqPCku+HBBZBC5P2DzUFl+fpMEgt ohxZHUd8SsdMfEp+T3gP1rglLbdw3xqN3rTBRoZDeSd47OT1YvVOQr62QPOWAFmh yYd98yStoc8RACNq1hC++ksc+V/Htqd3WRS6xBWAK2xYtMs5qyot/zgoW2ZDnuE/ yV8wy3CakGSnM32lJKW946+KmoXGv7fb/m8a0Q8FiHFhcEUB1nkzTFflC5/Nzrzb ZehZRcYwa4PXrxkyAspIrEijAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQULSxTncPZ Y/y9XygaBuxjVm7KXe0wHwYDVR0jBBgwFoAUHUXnKUVKJCRGewPPyZfX6xhK52Yw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUIxNURDLzU4MjNBRjg2Q0VF RDExRUZCRDY1NTUxMUM0RjlBRTAyL0hVWG5LVVZLSkNSR2V3UFB5WmZYNnhoSzUy WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvSFVYbktVVktKQ1JHZXdQUHlaZlg2eGhLNTJZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUIx NURDLzU4MjNBRjg2Q0VFRDExRUZCRDY1NTUxMUM0RjlBRTAyL0hVWG5LVVZLSkNS R2V3UFB5WmZYNnhoSzUyWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABVcjcF/MQdyue87puIBXCf9Cp+5ckyeKj0m29PAygVScVo8fQp0WOHG dUFSRX/z+0yodc4AvEwq9c/Hq16HdupM0qQ7PqJDNILtlVP30Xu67ftm4SmWde0X nRv4+CTSTwFEvtlduJZSou+cHH80HbKpUV3B8imxBriJHQB++LO7nUbjdJaCfjrh 6qi/7IHupt8gDOB4w7GAiSNBENbLg2yLIyH6yzLou9IOEbahZm2mW7XgoOW2Jgps ns9vXKHqhUY+P8MeQqTp6jtuKWQn9ig1MXA9m8P4cFljFLxwpxjnsz1FzlTWb6lJ ++GjdpX6NkAyv69651Zayn+NwePiBzc= -----END CERTIFICATE-----Generated at Fri Apr 4 22:34:40 2025 by rpki-client