$ rpki-client -vvf rpki.apnic.net/member_repository/A911C61C/2A7090FAB58611ECAE81ED22C4F9AE02/hEIqhfpOTNTW7plGMaPQ8OboLTo.mft File: hEIqhfpOTNTW7plGMaPQ8OboLTo.mft (raw, json) Hash identifier: WZlPKlGUEx1OLe1egvJ4hJ22qkcqR/cpdZcBT5/Cas4= Subject key identifier: BC:93:2F:DC:2A:28:5B:28:C7:A4:E6:45:3A:AD:B1:9C:63:49:F5:FB Authority key identifier: 84:42:2A:85:FA:4E:4C:D4:D6:EE:99:46:31:A3:D0:F0:E6:E8:2D:3A Certificate issuer: /CN=A911C61C/serialNumber=84422A85FA4E4CD4D6EE994631A3D0F0E6E82D3A Certificate serial: 035E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hEIqhfpOTNTW7plGMaPQ8OboLTo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911C61C/2A7090FAB58611ECAE81ED22C4F9AE02/hEIqhfpOTNTW7plGMaPQ8OboLTo.mft Manifest number: 0359 Signing time: Sat 31 May 2025 01:10:18 +0000 Manifest this update: Sat 31 May 2025 01:10:17 +0000 Manifest next update: Sat 07 Jun 2025 01:10:17 +0000 Files and hashes: 1: hEIqhfpOTNTW7plGMaPQ8OboLTo.crl (hash: aTEUf8IK1kjtqaLyU1zH0o8dDJNAiV/jUB4l+sBOpcA=) 2: 214E0454B58A11ECAF32FE29C4F9AE02.roa (hash: m/bIsnc72f+GKlsPAyrWqEs82wNRpWBNpwKZDStdnM8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911C61C/2A7090FAB58611ECAE81ED22C4F9AE02/hEIqhfpOTNTW7plGMaPQ8OboLTo.crl rsync://rpki.apnic.net/member_repository/A911C61C/2A7090FAB58611ECAE81ED22C4F9AE02/hEIqhfpOTNTW7plGMaPQ8OboLTo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hEIqhfpOTNTW7plGMaPQ8OboLTo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 01:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 862 (0x35e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911C61C, serialNumber=84422A85FA4E4CD4D6EE994631A3D0F0E6E82D3A Validity Not Before: May 31 01:10:17 2025 GMT Not After : Jun 7 01:10:17 2025 GMT Subject: CN=683a56f9-6fff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:fb:bd:a6:b8:1b:c4:03:4f:a3:7d:ee:be:43: 04:e6:13:2c:5c:33:7e:cc:a7:e6:ca:06:df:49:e4: 05:4d:d4:3c:9d:73:cd:ed:2c:de:06:bf:df:1f:11: a1:96:f5:2e:03:5c:85:ce:91:07:4e:d4:c3:29:1f: 24:1b:2f:36:53:3e:33:69:a0:29:a2:ed:e9:0a:eb: 13:83:c4:ed:8b:1a:69:e5:6c:f6:92:5e:97:3b:7a: 00:eb:d9:1c:dd:72:13:47:d3:18:13:d3:7b:f8:99: 70:fa:dd:66:8e:68:0b:c6:d1:9f:9c:d6:19:dc:7b: b3:13:1b:f3:60:9c:3e:e5:c8:5e:99:11:e7:d0:c7: fc:73:da:e5:98:22:6a:31:44:f0:f9:95:3a:49:35: 22:4a:31:22:2f:b7:63:d3:95:b9:33:97:c6:58:93: 2f:da:ef:94:50:2e:a6:0b:df:a3:47:f3:1e:49:da: b0:24:e9:09:62:d4:78:d4:69:79:fd:ba:6d:31:9d: e3:e7:0d:a5:13:33:72:56:43:45:66:5d:a4:aa:10: 4a:ff:36:f3:c4:44:e9:75:fa:d4:77:9b:a2:06:e6: d9:ee:f0:86:b7:91:07:be:41:bd:92:59:f5:ba:82: 2b:8e:14:e7:a7:2a:1e:30:51:c7:f1:d7:f5:a6:57: b9:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:93:2F:DC:2A:28:5B:28:C7:A4:E6:45:3A:AD:B1:9C:63:49:F5:FB X509v3 Authority Key Identifier: keyid:84:42:2A:85:FA:4E:4C:D4:D6:EE:99:46:31:A3:D0:F0:E6:E8:2D:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911C61C/2A7090FAB58611ECAE81ED22C4F9AE02/hEIqhfpOTNTW7plGMaPQ8OboLTo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hEIqhfpOTNTW7plGMaPQ8OboLTo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C61C/2A7090FAB58611ECAE81ED22C4F9AE02/hEIqhfpOTNTW7plGMaPQ8OboLTo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 09:41:4e:45:6f:c5:f9:34:b5:1d:01:0b:52:d9:1b:92:5a:d8: b0:f8:3e:65:92:4d:8a:57:6c:04:54:62:35:9d:67:a9:75:51: d8:6a:2a:5f:70:f0:56:d3:79:d1:54:71:fc:3b:01:cd:11:8b: fd:14:ad:e3:47:06:71:9f:28:7e:95:54:08:59:26:f8:43:b0: e2:25:62:66:75:70:38:72:77:54:8a:be:ca:78:bb:60:d6:61: 60:fb:50:e3:58:cf:96:b0:a1:6f:fc:12:50:f1:cb:d5:1b:7d: 7a:cd:24:a1:0d:5e:8b:d0:f5:18:c5:59:f7:01:51:b7:bc:9a: b7:33:46:ad:5a:5f:8f:6e:70:4b:06:40:37:1b:a8:7e:9d:36: ad:17:13:f6:44:ea:dc:be:08:92:05:d7:cf:a2:48:e1:ff:8c: a2:4c:39:3e:2d:f9:3b:ff:60:c5:8e:e8:9b:e4:4f:2f:08:01: d1:6a:7e:33:04:1f:f4:48:7b:c6:ea:22:94:2b:02:90:ef:61: cf:2c:37:29:90:b3:2d:7b:e7:0b:0e:d2:62:20:64:b3:ed:1d: 55:95:06:b7:90:7b:b5:3e:7c:44:a5:25:4d:dc:90:6f:30:12: 85:f6:5d:d8:41:6e:a8:2c:ec:05:de:17:ba:11:6f:a9:35:bf: ca:34:2f:82 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA14wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUM2MUMxMTAvBgNVBAUTKDg0NDIyQTg1RkE0RTRDRDRENkVFOTk0NjMxQTNEMEYw RTZFODJEM0EwHhcNMjUwNTMxMDExMDE3WhcNMjUwNjA3MDExMDE3WjAYMRYwFAYD VQQDEw02ODNhNTZmOS02ZmZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3Pu9prgbxANPo33uvkME5hMsXDN+zKfmygbfSeQFTdQ8nXPN7SzeBr/fHxGh lvUuA1yFzpEHTtTDKR8kGy82Uz4zaaApou3pCusTg8Ttixpp5Wz2kl6XO3oA69kc 3XITR9MYE9N7+Jlw+t1mjmgLxtGfnNYZ3HuzExvzYJw+5chemRHn0Mf8c9rlmCJq MUTw+ZU6STUiSjEiL7dj05W5M5fGWJMv2u+UUC6mC9+jR/MeSdqwJOkJYtR41Gl5 /bptMZ3j5w2lEzNyVkNFZl2kqhBK/zbzxETpdfrUd5uiBubZ7vCGt5EHvkG9kln1 uoIrjhTnpyoeMFHH8df1ple5UQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLyTL9wq KFsox6TmRTqtsZxjSfX7MB8GA1UdIwQYMBaAFIRCKoX6TkzU1u6ZRjGj0PDm6C06 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzYxQy8yQTcwOTBGQUI1 ODYxMUVDQUU4MUVEMjJDNEY5QUUwMi9oRUlxaGZwT1ROVFc3cGxHTWFQUThPYm9M VG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hFSXFoZnBPVE5UVzdwbEdNYVBROE9ib0xUby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx QzYxQy8yQTcwOTBGQUI1ODYxMUVDQUU4MUVEMjJDNEY5QUUwMi9oRUlxaGZwT1RO VFc3cGxHTWFQUThPYm9MVG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAJQU5Fb8X5NLUdAQtS2RuSWtiw+D5lkk2KV2wEVGI1nWepdVHYaipf cPBW03nRVHH8OwHNEYv9FK3jRwZxnyh+lVQIWSb4Q7DiJWJmdXA4cndUir7KeLtg 1mFg+1DjWM+WsKFv/BJQ8cvVG316zSShDV6L0PUYxVn3AVG3vJq3M0atWl+PbnBL BkA3G6h+nTatFxP2ROrcvgiSBdfPokjh/4yiTDk+Lfk7/2DFjuib5E8vCAHRan4z BB/0SHvG6iKUKwKQ72HPLDcpkLMte+cLDtJiIGSz7R1VlQa3kHu1PnxEpSVN3JBv MBKF9l3YQW6oLOwF3he6EW+pNb/KNC+C -----END CERTIFICATE-----Generated at Sat May 31 16:52:11 2025 by rpki-client