$ rpki-client -vvf rpki.apnic.net/member_repository/A91C8BB4/D954BABE69B711EA88E72E59C4F9AE02/HRIX74_oS1glUWcbyjXmhEhpJJc.mft File: HRIX74_oS1glUWcbyjXmhEhpJJc.mft (raw, json) Hash identifier: hmklTkZPlZgWyhZSUOMq/jw4ejzks4xQseL1sd+R/rI= Subject key identifier: EC:0C:5C:8B:B5:0F:06:FB:74:1A:9A:60:AD:56:5F:CB:92:F0:CD:D4 Authority key identifier: 1D:12:17:EF:8F:E8:4B:58:25:51:67:1B:CA:35:E6:84:48:69:24:97 Certificate issuer: /CN=A91C8BB4/serialNumber=1D1217EF8FE84B582551671BCA35E68448692497 Certificate serial: 0A33 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HRIX74_oS1glUWcbyjXmhEhpJJc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C8BB4/D954BABE69B711EA88E72E59C4F9AE02/HRIX74_oS1glUWcbyjXmhEhpJJc.mft Manifest number: 0A2B Signing time: Sat 12 Apr 2025 19:34:21 +0000 Manifest this update: Sat 12 Apr 2025 19:34:20 +0000 Manifest next update: Sat 19 Apr 2025 19:34:20 +0000 Files and hashes: 1: HRIX74_oS1glUWcbyjXmhEhpJJc.crl (hash: Theb91rwDxepMh25gebkXGuMIN1Du4dRoJBhr1fRKRY=) 2: 9261E554464611EE84B7C534C4F9AE02.roa (hash: lLxl/sSYgP6ZriIWkj+AWN6PJcQcpVbRmAe2Y2lbT3s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C8BB4/D954BABE69B711EA88E72E59C4F9AE02/HRIX74_oS1glUWcbyjXmhEhpJJc.crl rsync://rpki.apnic.net/member_repository/A91C8BB4/D954BABE69B711EA88E72E59C4F9AE02/HRIX74_oS1glUWcbyjXmhEhpJJc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HRIX74_oS1glUWcbyjXmhEhpJJc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 19 Apr 2025 17:48:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2611 (0xa33) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C8BB4, serialNumber=1D1217EF8FE84B582551671BCA35E68448692497 Validity Not Before: Apr 12 19:34:20 2025 GMT Not After : Apr 19 19:34:20 2025 GMT Subject: CN=67fac03d-c397 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:28:6e:7b:c0:9c:b9:58:7d:db:35:f1:ef:12: 0d:8c:d7:bb:da:16:a7:16:73:75:24:d5:9a:e4:c7: 79:66:9e:d6:c8:52:55:a3:e3:73:e3:4f:5b:5b:9d: fc:cb:de:77:c2:ea:01:39:e6:fa:11:a4:64:9c:52: df:51:76:3e:d8:2c:c1:39:5f:cb:e8:0e:7b:2d:1a: 8b:67:21:d8:25:2c:f0:23:21:f4:d1:09:26:45:ac: 17:4c:c2:75:e0:5f:f7:a9:27:57:f0:8c:3a:0e:6b: d3:a8:5f:30:58:83:d3:a1:84:dc:fb:f0:78:10:d2: 0c:66:36:05:7f:a7:7f:9e:38:df:7f:47:ac:57:82: 77:4c:89:25:d5:5a:f6:14:dd:5b:26:26:4c:cd:57: 41:20:84:a1:c2:0c:e2:76:65:9f:ba:26:6c:6c:44: 46:10:9f:61:08:95:52:6b:ae:e5:44:ec:18:2c:48: 64:78:56:43:f2:1f:34:51:04:bd:85:2c:bb:56:f6: 2d:fd:8f:6f:df:0d:42:89:39:4a:22:10:f1:b0:6c: 8a:b8:3d:94:f2:e2:df:41:04:28:54:f4:6e:ef:6f: 48:7b:30:5e:a9:8e:42:73:a7:4b:58:11:27:37:8e: d8:30:7b:e5:65:7c:43:5a:cf:95:74:e5:fd:8d:a4: f0:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:0C:5C:8B:B5:0F:06:FB:74:1A:9A:60:AD:56:5F:CB:92:F0:CD:D4 X509v3 Authority Key Identifier: keyid:1D:12:17:EF:8F:E8:4B:58:25:51:67:1B:CA:35:E6:84:48:69:24:97 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C8BB4/D954BABE69B711EA88E72E59C4F9AE02/HRIX74_oS1glUWcbyjXmhEhpJJc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HRIX74_oS1glUWcbyjXmhEhpJJc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C8BB4/D954BABE69B711EA88E72E59C4F9AE02/HRIX74_oS1glUWcbyjXmhEhpJJc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7a:53:96:1f:55:2d:52:29:3b:f3:38:0a:cf:eb:75:d4:0a:df: 25:27:07:37:11:1c:5e:a8:f0:4f:7e:0c:29:39:1e:41:99:85: d6:26:93:55:e5:e9:1a:f8:cd:84:9b:36:0e:3d:de:ef:7f:5b: ec:aa:dd:c3:73:f3:ab:94:09:7c:f4:b7:36:6b:d0:a4:17:32: a2:fb:2c:55:7e:7e:62:ab:d6:cc:bb:ab:e7:48:b7:bc:87:fe: 53:f4:83:23:40:6a:40:33:19:d2:0a:4d:18:4f:cc:41:21:c7: e4:20:41:2c:01:8a:c9:a2:04:77:9a:ac:a5:3e:18:89:7f:bd: 09:11:e2:a3:5f:0d:c2:11:b9:16:4b:0c:34:bd:78:ca:62:97: a2:91:b2:72:e0:f6:8e:b0:42:96:e0:a7:c2:90:04:5a:bb:bf: 0d:4a:09:81:32:c2:10:ac:00:9f:28:82:9e:b6:98:3d:f9:a7: 18:35:73:0a:9a:63:97:4a:9e:71:d2:74:a5:35:c1:cc:03:18: c2:af:3d:5c:1d:ab:38:a8:e2:99:93:f6:02:61:ee:84:83:9d: 4f:d6:5d:95:cd:ca:7e:8c:20:32:2e:8c:97:3d:dd:43:66:86: 53:32:7c:f6:37:2f:7b:57:e7:fd:c3:05:92:43:54:07:7b:e9: f3:ae:99:f8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCjMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzhCQjQxMTAvBgNVBAUTKDFEMTIxN0VGOEZFODRCNTgyNTUxNjcxQkNBMzVFNjg0 NDg2OTI0OTcwHhcNMjUwNDEyMTkzNDIwWhcNMjUwNDE5MTkzNDIwWjAYMRYwFAYD VQQDEw02N2ZhYzAzZC1jMzk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsyhue8CcuVh92zXx7xINjNe72hanFnN1JNWa5Md5Zp7WyFJVo+Nz409bW538 y953wuoBOeb6EaRknFLfUXY+2CzBOV/L6A57LRqLZyHYJSzwIyH00QkmRawXTMJ1 4F/3qSdX8Iw6DmvTqF8wWIPToYTc+/B4ENIMZjYFf6d/njjff0esV4J3TIkl1Vr2 FN1bJiZMzVdBIIShwgzidmWfuiZsbERGEJ9hCJVSa67lROwYLEhkeFZD8h80UQS9 hSy7VvYt/Y9v3w1CiTlKIhDxsGyKuD2U8uLfQQQoVPRu729IezBeqY5Cc6dLWBEn N47YMHvlZXxDWs+VdOX9jaTwIQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOwMXIu1 Dwb7dBqaYK1WX8uS8M3UMB8GA1UdIwQYMBaAFB0SF++P6EtYJVFnG8o15oRIaSSX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOEJCNC9EOTU0QkFCRTY5 QjcxMUVBODhFNzJFNTlDNEY5QUUwMi9IUklYNzRfb1MxZ2xVV2NieWpYbWhFaHBK SmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hSSVg3NF9vUzFnbFVXY2J5alhtaEVocEpKYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD OEJCNC9EOTU0QkFCRTY5QjcxMUVBODhFNzJFNTlDNEY5QUUwMi9IUklYNzRfb1Mx Z2xVV2NieWpYbWhFaHBKSmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB6U5YfVS1SKTvzOArP63XUCt8lJwc3ERxeqPBPfgwpOR5BmYXWJpNV 5eka+M2EmzYOPd7vf1vsqt3Dc/OrlAl89Lc2a9CkFzKi+yxVfn5iq9bMu6vnSLe8 h/5T9IMjQGpAMxnSCk0YT8xBIcfkIEEsAYrJogR3mqylPhiJf70JEeKjXw3CEbkW Sww0vXjKYpeikbJy4PaOsEKW4KfCkARau78NSgmBMsIQrACfKIKetpg9+acYNXMK mmOXSp5x0nSlNcHMAxjCrz1cHas4qOKZk/YCYe6Eg51P1l2Vzcp+jCAyLoyXPd1D ZoZTMnz2Ny97V+f9wwWSQ1QHe+nzrpn4 -----END CERTIFICATE-----Generated at Sat Apr 12 22:48:11 2025 by rpki-client