$ rpki-client -vvf rpki.apnic.net/member_repository/A91BC2E3/9B4A489089A011ED83759346C4F9AE02/xHENSLTk8rc1vksbXJDtuI0mmyw.mft File: xHENSLTk8rc1vksbXJDtuI0mmyw.mft (raw, json) Hash identifier: lPDrpkSJpq3lTClJltb4iL5Jpzwk7ZkT4XgX81zvQbs= Subject key identifier: 35:65:7B:C5:C9:9B:DB:C8:82:E0:B6:AC:D4:40:C4:05:42:5E:BA:7D Authority key identifier: C4:71:0D:48:B4:E4:F2:B7:35:BE:4B:1B:5C:90:ED:B8:8D:26:9B:2C Certificate issuer: /CN=A91BC2E3/serialNumber=C4710D48B4E4F2B735BE4B1B5C90EDB88D269B2C Certificate serial: 01AE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xHENSLTk8rc1vksbXJDtuI0mmyw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BC2E3/9B4A489089A011ED83759346C4F9AE02/xHENSLTk8rc1vksbXJDtuI0mmyw.mft Manifest number: 01AA Signing time: Fri 11 Apr 2025 02:33:22 +0000 Manifest this update: Fri 11 Apr 2025 02:33:22 +0000 Manifest next update: Fri 18 Apr 2025 02:33:22 +0000 Files and hashes: 1: xHENSLTk8rc1vksbXJDtuI0mmyw.crl (hash: WktbBh4hijB7i76iHYYsbLoPgVQTdb4Dd10VeexDTk0=) 2: 0DC2D3EC8D7A11EDBFA7C381C4F9AE02.roa (hash: fk3GNutu1Xl8jf9hzH4EWHosYGuy+JY1n5pgsTabR1E=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BC2E3/9B4A489089A011ED83759346C4F9AE02/xHENSLTk8rc1vksbXJDtuI0mmyw.crl rsync://rpki.apnic.net/member_repository/A91BC2E3/9B4A489089A011ED83759346C4F9AE02/xHENSLTk8rc1vksbXJDtuI0mmyw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xHENSLTk8rc1vksbXJDtuI0mmyw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 18 Apr 2025 02:33:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 430 (0x1ae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BC2E3, serialNumber=C4710D48B4E4F2B735BE4B1B5C90EDB88D269B2C Validity Not Before: Apr 11 02:33:22 2025 GMT Not After : Apr 18 02:33:22 2025 GMT Subject: CN=67f87f72-5040 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:b7:c3:cf:f0:7b:39:a2:9d:43:18:f7:cc:15: 83:bb:85:09:46:82:4f:d0:b5:d0:9d:1d:f5:fb:c7: 92:9d:96:5f:fa:88:8a:9c:4d:ba:f2:eb:df:14:18: 52:8d:0e:ee:90:76:dc:23:73:0f:f1:12:2c:78:7c: 94:66:06:d2:c2:49:df:fa:a5:96:c3:ab:8f:46:c4: 6a:ec:ab:08:d7:c3:81:e4:b1:5a:66:c1:66:6e:60: 97:c5:23:be:a0:b9:22:a5:6c:79:51:5c:09:8a:83: 30:54:bf:5a:1a:0c:f0:d9:87:39:33:b4:77:99:68: c6:ed:dd:29:c0:c4:ef:34:e6:35:ee:75:95:e2:6a: 8a:7e:83:80:5d:2d:40:27:85:81:fd:da:3d:2c:ad: 30:4f:e7:41:de:7b:63:f7:1a:02:04:60:8c:5a:fb: 48:45:c1:48:34:6a:7d:d5:29:cb:2b:e3:e8:b4:da: 6a:ba:5f:11:97:36:ec:aa:ff:79:94:f1:d4:a0:46: da:70:69:99:be:b9:8e:7d:ae:ca:74:8e:8c:8a:9f: e4:8e:5a:22:1d:43:36:32:6b:9f:45:0c:a0:fe:3e: 4e:a7:c9:3a:3d:25:49:35:4a:07:d0:8d:35:55:95: 2f:81:2a:1a:c4:eb:b0:51:0f:02:05:c1:bc:43:41: aa:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:65:7B:C5:C9:9B:DB:C8:82:E0:B6:AC:D4:40:C4:05:42:5E:BA:7D X509v3 Authority Key Identifier: keyid:C4:71:0D:48:B4:E4:F2:B7:35:BE:4B:1B:5C:90:ED:B8:8D:26:9B:2C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BC2E3/9B4A489089A011ED83759346C4F9AE02/xHENSLTk8rc1vksbXJDtuI0mmyw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xHENSLTk8rc1vksbXJDtuI0mmyw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BC2E3/9B4A489089A011ED83759346C4F9AE02/xHENSLTk8rc1vksbXJDtuI0mmyw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 48:e6:bd:3e:ba:19:c1:1d:ef:a5:42:46:cc:46:26:42:a4:2b: 72:5e:47:3e:e1:a0:d3:6b:75:61:e6:c8:69:0d:c2:86:44:98: 8a:f1:9b:3c:40:17:72:bf:4b:c2:2c:e7:03:5b:5a:58:c5:20: 53:b3:bb:25:c3:52:12:69:8c:ee:bf:18:12:8d:f8:08:e4:8a: f9:aa:40:a5:39:92:9d:bf:f2:42:96:aa:97:fb:19:52:58:6a: b0:0b:f5:a1:16:33:92:32:67:a0:c8:2a:dc:1a:9f:42:9a:30: 8e:f5:da:65:5c:fc:e9:76:ab:11:2c:7b:39:d3:22:ee:b6:89: da:ca:a1:35:a3:4a:d1:ea:41:a1:1c:54:76:9d:2c:22:cb:42: e6:20:12:d7:a2:b5:b8:fb:c3:62:72:84:0a:97:60:59:dd:71: 76:fe:51:03:3f:be:4e:ae:02:34:b6:0e:00:9d:f5:1a:3b:9e: ae:b9:df:23:e9:59:68:3b:0d:20:ee:66:b0:8e:8f:d0:b6:3b: 68:61:2b:ae:99:13:e6:b5:c9:c0:17:59:72:d5:8a:98:9a:ca: 07:f1:25:52:4b:51:85:ff:6d:16:2a:03:21:e5:a4:36:b4:e4: 27:97:fa:c2:78:8a:ed:45:a7:6c:d5:8a:82:6c:e9:1c:ac:ee: 1b:06:15:a0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAa4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkMyRTMxMTAvBgNVBAUTKEM0NzEwRDQ4QjRFNEYyQjczNUJFNEIxQjVDOTBFREI4 OEQyNjlCMkMwHhcNMjUwNDExMDIzMzIyWhcNMjUwNDE4MDIzMzIyWjAYMRYwFAYD VQQDEw02N2Y4N2Y3Mi01MDQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw7fDz/B7OaKdQxj3zBWDu4UJRoJP0LXQnR31+8eSnZZf+oiKnE268uvfFBhS jQ7ukHbcI3MP8RIseHyUZgbSwknf+qWWw6uPRsRq7KsI18OB5LFaZsFmbmCXxSO+ oLkipWx5UVwJioMwVL9aGgzw2Yc5M7R3mWjG7d0pwMTvNOY17nWV4mqKfoOAXS1A J4WB/do9LK0wT+dB3ntj9xoCBGCMWvtIRcFINGp91SnLK+PotNpqul8Rlzbsqv95 lPHUoEbacGmZvrmOfa7KdI6Mip/kjloiHUM2MmufRQyg/j5Op8k6PSVJNUoH0I01 VZUvgSoaxOuwUQ8CBcG8Q0Gq7QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDVle8XJ m9vIguC2rNRAxAVCXrp9MB8GA1UdIwQYMBaAFMRxDUi05PK3Nb5LG1yQ7biNJpss MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQzJFMy85QjRBNDg5MDg5 QTAxMUVEODM3NTkzNDZDNEY5QUUwMi94SEVOU0xUazhyYzF2a3NiWEpEdHVJMG1t eXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hIRU5TTFRrOHJjMXZrc2JYSkR0dUkwbW15dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QzJFMy85QjRBNDg5MDg5QTAxMUVEODM3NTkzNDZDNEY5QUUwMi94SEVOU0xUazhy YzF2a3NiWEpEdHVJMG1teXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBI5r0+uhnBHe+lQkbMRiZCpCtyXkc+4aDTa3Vh5shpDcKGRJiK8Zs8 QBdyv0vCLOcDW1pYxSBTs7slw1ISaYzuvxgSjfgI5Ir5qkClOZKdv/JClqqX+xlS WGqwC/WhFjOSMmegyCrcGp9CmjCO9dplXPzpdqsRLHs50yLutonayqE1o0rR6kGh HFR2nSwiy0LmIBLXorW4+8NicoQKl2BZ3XF2/lEDP75OrgI0tg4AnfUaO56uud8j 6VloOw0g7mawjo/QtjtoYSuumRPmtcnAF1ly1YqYmsoH8SVSS1GF/20WKgMh5aQ2 tOQnl/rCeIrtRads1YqCbOkcrO4bBhWg -----END CERTIFICATE-----Generated at Sat Apr 12 17:47:56 2025 by rpki-client