$ rpki-client -vvf rpki.apnic.net/member_repository/A91177D4/2CEEFE34D1A811EA8C58373BC4F9AE02/hlMymlHbxnnxvxfXkdg-x2ib564.mft File: hlMymlHbxnnxvxfXkdg-x2ib564.mft (raw, json) Hash identifier: rJEZ1OU4JqMqlDkcVeeavb6f6EuA0OvjRZvbsluJ4xQ= Subject key identifier: BE:02:8D:EC:BE:3A:1D:8A:7F:E1:B8:B5:B4:56:59:EE:03:69:8D:51 Authority key identifier: 86:53:32:9A:51:DB:C6:79:F1:BF:17:D7:91:D8:3E:C7:68:9B:E7:AE Certificate issuer: /CN=A91177D4/serialNumber=8653329A51DBC679F1BF17D791D83EC7689BE7AE Certificate serial: 082B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hlMymlHbxnnxvxfXkdg-x2ib564.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91177D4/2CEEFE34D1A811EA8C58373BC4F9AE02/hlMymlHbxnnxvxfXkdg-x2ib564.mft Manifest number: 0826 Signing time: Fri 30 May 2025 21:02:50 +0000 Manifest this update: Fri 30 May 2025 21:02:49 +0000 Manifest next update: Fri 06 Jun 2025 21:02:49 +0000 Files and hashes: 1: hlMymlHbxnnxvxfXkdg-x2ib564.crl (hash: UR6Y+2aKT4KRgxxCOd37WxpOfoTe7HoDuGDgvv16uHk=) 2: 2611C806D1AA11EA82C4313FC4F9AE02.roa (hash: BTpWw7F/XbdMRveGgpGDkDR4BmkxDYTL8O9GDvpyiEg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91177D4/2CEEFE34D1A811EA8C58373BC4F9AE02/hlMymlHbxnnxvxfXkdg-x2ib564.crl rsync://rpki.apnic.net/member_repository/A91177D4/2CEEFE34D1A811EA8C58373BC4F9AE02/hlMymlHbxnnxvxfXkdg-x2ib564.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hlMymlHbxnnxvxfXkdg-x2ib564.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 21:02:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2091 (0x82b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91177D4, serialNumber=8653329A51DBC679F1BF17D791D83EC7689BE7AE Validity Not Before: May 30 21:02:49 2025 GMT Not After : Jun 6 21:02:49 2025 GMT Subject: CN=683a1cf9-df2c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:85:db:62:4b:56:cb:0d:de:0c:8d:61:13:c3: c8:05:25:f0:25:4c:f1:ec:ed:de:e5:1f:67:9c:5f: e5:6e:44:77:c3:b4:26:39:8c:5d:f1:b3:4e:59:49: ff:20:3b:e1:ec:14:f9:1f:6a:96:2d:b3:3d:6d:c6: ad:9e:0c:de:72:da:2b:58:9a:9d:ab:40:b4:20:15: e1:23:ca:eb:d3:12:32:e5:c9:25:a4:fe:1f:f1:bf: 5f:99:64:8c:40:6a:d7:14:c2:91:50:17:77:85:23: bb:c9:03:3a:19:e6:6d:33:d0:69:d8:46:f0:67:43: 6a:3a:55:16:2c:82:64:ea:42:4d:da:44:c8:49:4f: 53:8b:cd:e7:cf:6d:1c:ec:ea:06:60:1b:0f:e4:9d: e1:24:4a:29:7e:ed:ca:82:3d:c6:0c:55:4e:5d:75: bf:78:d1:b9:5e:5f:df:93:bd:c8:c0:70:d6:45:3d: 23:17:66:0d:bd:f8:61:e8:e7:21:be:c5:8c:33:43: c4:90:1b:d0:32:90:70:5c:b5:2b:8d:91:a8:75:fe: 31:d5:7f:95:45:f5:61:d3:b0:62:f4:af:a8:49:2a: 8e:c1:80:f7:e1:85:c2:0c:73:42:55:40:61:03:28: ce:83:63:8d:28:39:f9:36:dd:b8:d4:2c:19:50:4c: b5:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:02:8D:EC:BE:3A:1D:8A:7F:E1:B8:B5:B4:56:59:EE:03:69:8D:51 X509v3 Authority Key Identifier: keyid:86:53:32:9A:51:DB:C6:79:F1:BF:17:D7:91:D8:3E:C7:68:9B:E7:AE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91177D4/2CEEFE34D1A811EA8C58373BC4F9AE02/hlMymlHbxnnxvxfXkdg-x2ib564.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hlMymlHbxnnxvxfXkdg-x2ib564.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91177D4/2CEEFE34D1A811EA8C58373BC4F9AE02/hlMymlHbxnnxvxfXkdg-x2ib564.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1a:58:6a:4e:e7:22:8a:2b:ff:fd:13:0b:f3:af:f7:ca:9b:d2: 4c:11:57:d0:fc:f8:05:37:9d:e3:1d:6a:56:8e:06:4d:79:96: bd:37:9f:e1:59:61:8d:e8:9e:a9:8e:9c:db:a8:10:e5:ad:2f: 0c:f3:a8:4a:f3:f5:d9:16:69:71:c4:33:ce:07:e2:0e:17:be: 28:f8:31:3e:7b:ae:bd:53:3f:2a:99:1c:ff:c2:2d:41:bd:cf: f2:6e:fa:9c:ab:cd:d2:16:19:57:2e:79:47:8a:9d:63:94:78: a3:fc:18:83:b8:15:97:a6:51:ad:0e:d2:cd:ad:d2:7e:f1:6f: 29:d9:9f:fa:c5:70:ba:86:45:a6:ea:61:a3:de:93:e9:d1:f5: 81:4e:79:a3:7d:90:21:6f:35:a3:32:c2:d0:1f:b4:d6:a3:60: e2:6b:c8:05:b1:8f:83:eb:98:3e:fd:ae:dd:eb:8b:41:42:65: 52:73:01:e1:41:9e:1d:52:fc:25:8b:7a:13:81:dd:23:94:68: 9d:a8:2d:9f:e2:0f:2c:7b:7e:a1:e0:e3:a7:71:e3:e3:89:32: 85:8f:a4:50:1b:a1:94:86:d2:20:37:72:28:13:ad:1d:5c:50: 0a:5a:4b:f2:b7:99:c1:6f:53:c4:4e:9d:76:9e:c1:ad:e6:a4: ff:24:ca:4f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCCswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTc3RDQxMTAvBgNVBAUTKDg2NTMzMjlBNTFEQkM2NzlGMUJGMTdENzkxRDgzRUM3 Njg5QkU3QUUwHhcNMjUwNTMwMjEwMjQ5WhcNMjUwNjA2MjEwMjQ5WjAYMRYwFAYD VQQDEw02ODNhMWNmOS1kZjJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3YXbYktWyw3eDI1hE8PIBSXwJUzx7O3e5R9nnF/lbkR3w7QmOYxd8bNOWUn/ IDvh7BT5H2qWLbM9bcatngzectorWJqdq0C0IBXhI8rr0xIy5cklpP4f8b9fmWSM QGrXFMKRUBd3hSO7yQM6GeZtM9Bp2EbwZ0NqOlUWLIJk6kJN2kTISU9Ti83nz20c 7OoGYBsP5J3hJEopfu3Kgj3GDFVOXXW/eNG5Xl/fk73IwHDWRT0jF2YNvfhh6Och vsWMM0PEkBvQMpBwXLUrjZGodf4x1X+VRfVh07Bi9K+oSSqOwYD34YXCDHNCVUBh AyjOg2ONKDn5Nt241CwZUEy1SQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL4Cjey+ Oh2Kf+G4tbRWWe4DaY1RMB8GA1UdIwQYMBaAFIZTMppR28Z58b8X15HYPsdom+eu MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNzdENC8yQ0VFRkUzNEQx QTgxMUVBOEM1ODM3M0JDNEY5QUUwMi9obE15bWxIYnhubnh2eGZYa2RnLXgyaWI1 NjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hsTXltbEhieG5ueHZ4ZlhrZGcteDJpYjU2NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx NzdENC8yQ0VFRkUzNEQxQTgxMUVBOEM1ODM3M0JDNEY5QUUwMi9obE15bWxIYnhu bnh2eGZYa2RnLXgyaWI1NjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAaWGpO5yKKK//9Ewvzr/fKm9JMEVfQ/PgFN53jHWpWjgZNeZa9N5/h WWGN6J6pjpzbqBDlrS8M86hK8/XZFmlxxDPOB+IOF74o+DE+e669Uz8qmRz/wi1B vc/ybvqcq83SFhlXLnlHip1jlHij/BiDuBWXplGtDtLNrdJ+8W8p2Z/6xXC6hkWm 6mGj3pPp0fWBTnmjfZAhbzWjMsLQH7TWo2Dia8gFsY+D65g+/a7d64tBQmVScwHh QZ4dUvwli3oTgd0jlGidqC2f4g8se36h4OOncePjiTKFj6RQG6GUhtIgN3IoE60d XFAKWkvyt5nBb1PETp12nsGt5qT/JMpP -----END CERTIFICATE-----Generated at Sat May 31 16:38:05 2025 by rpki-client