$ rpki-client -vvf rpki.apnic.net/member_repository/A91D45A2/A3D2DCAA800711EC908AA967C4F9AE02/HAQwdyQVc864WNlR8CsiBXujluc.mft File: HAQwdyQVc864WNlR8CsiBXujluc.mft (raw, json) Hash identifier: LMvbDJeOOrKZEAIuKLNTfRvMgoyHNxkdtYJsjuXQG2U= Subject key identifier: 52:8B:72:05:DC:E8:87:0C:BD:25:6C:AA:58:6E:64:EE:3C:80:AC:6E Authority key identifier: 1C:04:30:77:24:15:73:CE:B8:58:D9:51:F0:2B:22:05:7B:A3:96:E7 Certificate issuer: /CN=A91D45A2/serialNumber=1C043077241573CEB858D951F02B22057BA396E7 Certificate serial: 03CB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HAQwdyQVc864WNlR8CsiBXujluc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D45A2/A3D2DCAA800711EC908AA967C4F9AE02/HAQwdyQVc864WNlR8CsiBXujluc.mft Manifest number: 03C5 Signing time: Sat 29 Mar 2025 00:53:41 +0000 Manifest this update: Sat 29 Mar 2025 00:53:40 +0000 Manifest next update: Sat 05 Apr 2025 00:53:40 +0000 Files and hashes: 1: HAQwdyQVc864WNlR8CsiBXujluc.crl (hash: xl6jvzjNRsRS3tlD4g8X0UG6XXm4GlkkCxd+x5B8osM=) 2: 4AB730E0800B11EC84B3FA3BC4F9AE02.roa (hash: /pdJUaEubJCV2S3p1KppNWpdc/sERLFGpbX3qSnYD48=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D45A2/A3D2DCAA800711EC908AA967C4F9AE02/HAQwdyQVc864WNlR8CsiBXujluc.crl rsync://rpki.apnic.net/member_repository/A91D45A2/A3D2DCAA800711EC908AA967C4F9AE02/HAQwdyQVc864WNlR8CsiBXujluc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HAQwdyQVc864WNlR8CsiBXujluc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 00:53:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 971 (0x3cb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D45A2 Validity Not Before: Mar 29 00:53:40 2025 GMT Not After : Apr 5 00:53:40 2025 GMT Subject: CN=67e74494-580d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:b2:39:90:94:4f:e8:6b:db:12:19:30:4f:53: b5:a1:2c:95:1b:60:e8:79:47:6b:6b:77:49:3a:3d: 90:0c:68:4b:db:73:02:b4:67:2b:f9:54:56:5d:87: f1:93:a9:4b:20:6d:28:35:b2:dc:8b:69:16:20:bd: bd:59:e4:fa:49:a1:55:fe:d1:aa:c4:17:54:18:dd: 04:16:cd:24:18:5e:b5:2c:5f:fe:28:b1:46:e7:94: 93:0f:c4:5b:09:f8:77:d7:d6:47:b9:f0:ea:58:db: 32:bc:d6:36:cd:14:55:e7:12:1c:7d:71:b3:a9:19: 30:d2:48:7b:2c:7a:b5:ca:b3:aa:b6:e1:e4:e7:3f: 8d:e1:cb:71:79:ae:df:29:17:99:0e:26:22:dd:ca: a0:b9:47:60:88:15:77:5b:2c:f1:47:06:42:ab:33: f3:94:13:b4:bf:a4:a2:9a:8b:e7:ac:e0:f6:1e:a8: b9:1c:58:2c:33:46:5a:b6:02:5b:0f:e1:ab:39:5b: 64:33:20:a0:11:ef:ff:0d:b6:b6:20:f6:7c:4a:a7: 54:b5:c9:13:10:cb:6a:19:78:01:f4:c8:43:fc:ce: 5e:b6:55:49:95:aa:61:ed:86:23:28:08:57:32:b2: 56:22:bc:a9:79:95:9c:b2:09:1d:77:56:e0:5e:1d: fc:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:8B:72:05:DC:E8:87:0C:BD:25:6C:AA:58:6E:64:EE:3C:80:AC:6E X509v3 Authority Key Identifier: keyid:1C:04:30:77:24:15:73:CE:B8:58:D9:51:F0:2B:22:05:7B:A3:96:E7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D45A2/A3D2DCAA800711EC908AA967C4F9AE02/HAQwdyQVc864WNlR8CsiBXujluc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HAQwdyQVc864WNlR8CsiBXujluc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D45A2/A3D2DCAA800711EC908AA967C4F9AE02/HAQwdyQVc864WNlR8CsiBXujluc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a7:b3:88:7d:a5:d3:41:31:92:54:09:2e:cd:23:94:85:3e:de: 80:1f:06:33:a0:7d:1c:d2:8d:7e:4d:d4:1c:33:77:3b:a0:ef: 34:cf:2b:a6:41:d4:d5:c8:4b:82:b0:0b:9a:ec:60:eb:67:b4: ae:a2:79:d4:34:94:52:2e:fa:16:b6:10:e3:62:a3:1f:b2:ca: 8b:5c:c4:3b:dd:36:5d:2a:c6:21:d5:41:ab:54:d1:b1:cd:6e: c4:de:36:90:6f:7a:1c:40:a1:c1:aa:ab:6d:69:bb:cf:fb:ad: f8:5f:a0:2e:cc:e5:2c:98:17:07:6c:8c:aa:c4:7b:8f:49:a9: f0:88:f7:3b:99:23:68:1d:9f:09:c0:bb:16:58:41:4b:d0:c2: 07:7c:3b:67:ab:e0:a0:a8:6b:23:f2:d9:7b:8f:58:4c:54:a5: 2a:52:40:ee:19:94:d2:91:8b:84:3c:05:72:89:3e:e6:a8:57: 68:b9:60:0d:f5:28:08:c2:32:85:57:f7:93:8d:40:69:74:93: f9:d8:14:47:9c:0e:83:46:8e:5c:8f:ec:f8:50:73:6d:95:47: a2:6e:6d:a7:51:15:24:b6:47:bb:54:a1:be:91:ee:2d:99:ef: d4:17:e5:d8:06:60:d8:a3:fd:5d:84:c7:ed:d7:37:3f:61:05: 13:13:25:6c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA8swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDQ1QTIxMTAvBgNVBAUTKDFDMDQzMDc3MjQxNTczQ0VCODU4RDk1MUYwMkIyMjA1 N0JBMzk2RTcwHhcNMjUwMzI5MDA1MzQwWhcNMjUwNDA1MDA1MzQwWjAYMRYwFAYD VQQDEw02N2U3NDQ5NC01ODBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAurI5kJRP6GvbEhkwT1O1oSyVG2DoeUdra3dJOj2QDGhL23MCtGcr+VRWXYfx k6lLIG0oNbLci2kWIL29WeT6SaFV/tGqxBdUGN0EFs0kGF61LF/+KLFG55STD8Rb Cfh319ZHufDqWNsyvNY2zRRV5xIcfXGzqRkw0kh7LHq1yrOqtuHk5z+N4ctxea7f KReZDiYi3cqguUdgiBV3WyzxRwZCqzPzlBO0v6SimovnrOD2Hqi5HFgsM0ZatgJb D+GrOVtkMyCgEe//Dba2IPZ8SqdUtckTEMtqGXgB9MhD/M5etlVJlaph7YYjKAhX MrJWIrypeZWcsgkdd1bgXh38+wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFKLcgXc 6IcMvSVsqlhuZO48gKxuMB8GA1UdIwQYMBaAFBwEMHckFXPOuFjZUfArIgV7o5bn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDVBMi9BM0QyRENBQTgw MDcxMUVDOTA4QUE5NjdDNEY5QUUwMi9IQVF3ZHlRVmM4NjRXTmxSOENzaUJYdWps dWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hBUXdkeVFWYzg2NFdObFI4Q3NpQlh1amx1Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NDVBMi9BM0QyRENBQTgwMDcxMUVDOTA4QUE5NjdDNEY5QUUwMi9IQVF3ZHlRVmM4 NjRXTmxSOENzaUJYdWpsdWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCns4h9pdNBMZJUCS7NI5SFPt6AHwYzoH0c0o1+TdQcM3c7oO80zyum QdTVyEuCsAua7GDrZ7SuonnUNJRSLvoWthDjYqMfssqLXMQ73TZdKsYh1UGrVNGx zW7E3jaQb3ocQKHBqqttabvP+634X6AuzOUsmBcHbIyqxHuPSanwiPc7mSNoHZ8J wLsWWEFL0MIHfDtnq+CgqGsj8tl7j1hMVKUqUkDuGZTSkYuEPAVyiT7mqFdouWAN 9SgIwjKFV/eTjUBpdJP52BRHnA6DRo5cj+z4UHNtlUeibm2nURUktke7VKG+ke4t me/UF+XYBmDYo/1dhMft1zc/YQUTEyVs -----END CERTIFICATE-----Generated at Fri Apr 4 22:06:49 2025 by rpki-client