$ rpki-client -vvf rpki.apnic.net/member_repository/A911CFCE/E0BE36AC023F11EF8E5C1E58C4F9AE02/hm540aRej9EmgIr_fOpPwI59kqg.mft File: hm540aRej9EmgIr_fOpPwI59kqg.mft (raw, json) Hash identifier: tvHmk/zR2ROD4phQo+6f0kWM7RURNwQZNlFqASvZo0I= Subject key identifier: 39:77:6E:46:1A:1A:6A:24:15:95:64:A2:FE:24:87:F8:AE:86:05:21 Authority key identifier: 86:6E:78:D1:A4:5E:8F:D1:26:80:8A:FF:7C:EA:4F:C0:8E:7D:92:A8 Certificate issuer: /CN=A911CFCE/serialNumber=866E78D1A45E8FD126808AFF7CEA4FC08E7D92A8 Certificate serial: D9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hm540aRej9EmgIr_fOpPwI59kqg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911CFCE/E0BE36AC023F11EF8E5C1E58C4F9AE02/hm540aRej9EmgIr_fOpPwI59kqg.mft Manifest number: D3 Signing time: Sat 31 May 2025 05:17:14 +0000 Manifest this update: Sat 31 May 2025 05:17:13 +0000 Manifest next update: Sat 07 Jun 2025 05:17:13 +0000 Files and hashes: 1: hm540aRej9EmgIr_fOpPwI59kqg.crl (hash: H+60yYCGlhNQlJZLCe9l2UqrT7g/1o4E41+LDi5FC9o=) 2: 894D6CDE1C3511EFA78E995CC4F9AE02.roa (hash: ZVnbf0eZss/W/BW/uaATqG881vi7quF65kC8w3J0+jw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911CFCE/E0BE36AC023F11EF8E5C1E58C4F9AE02/hm540aRej9EmgIr_fOpPwI59kqg.crl rsync://rpki.apnic.net/member_repository/A911CFCE/E0BE36AC023F11EF8E5C1E58C4F9AE02/hm540aRej9EmgIr_fOpPwI59kqg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hm540aRej9EmgIr_fOpPwI59kqg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 05:17:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 217 (0xd9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911CFCE, serialNumber=866E78D1A45E8FD126808AFF7CEA4FC08E7D92A8 Validity Not Before: May 31 05:17:13 2025 GMT Not After : Jun 7 05:17:13 2025 GMT Subject: CN=683a90d9-7b96 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:40:5b:af:b8:86:80:c2:3a:71:9d:8c:ed:43: c3:78:f1:20:2b:5f:11:eb:c8:12:59:fc:4e:da:e1: 21:fe:d1:50:4e:df:f5:f2:75:bb:60:ab:2e:00:1c: 32:b0:af:6d:a7:7c:01:6d:3e:8d:2e:44:3f:62:9b: a1:16:cf:e2:dc:43:52:32:eb:af:81:cf:19:87:6a: 14:52:42:7a:32:44:4a:ee:d4:78:c3:7c:b5:41:1a: e8:93:b9:fe:49:b9:db:e3:a2:d1:33:90:12:92:ef: ac:8c:17:70:e9:65:42:f0:19:b6:8c:eb:15:f4:39: a9:de:fc:4c:b1:e4:8c:d1:9f:96:37:34:93:98:09: 00:16:2f:43:56:84:aa:82:5a:e3:80:92:ca:cb:39: eb:29:40:2a:53:ee:9e:e4:19:cf:26:37:e2:23:64: 08:fd:3e:bd:0f:50:5b:5a:d6:38:b9:73:74:50:2f: be:a2:dd:a4:f9:2f:c6:a6:a9:8d:29:e5:8c:2b:b4: 25:4b:25:0c:94:a9:cd:93:32:a5:6f:95:5f:6e:77: 88:9f:41:3b:81:47:29:fd:02:9c:49:ac:67:86:f7: 12:48:70:2d:0c:f3:36:35:80:5e:91:c6:7c:71:2c: 04:bc:ce:dc:da:30:c5:44:83:04:b2:e8:07:94:39: 00:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:77:6E:46:1A:1A:6A:24:15:95:64:A2:FE:24:87:F8:AE:86:05:21 X509v3 Authority Key Identifier: keyid:86:6E:78:D1:A4:5E:8F:D1:26:80:8A:FF:7C:EA:4F:C0:8E:7D:92:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911CFCE/E0BE36AC023F11EF8E5C1E58C4F9AE02/hm540aRej9EmgIr_fOpPwI59kqg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hm540aRej9EmgIr_fOpPwI59kqg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CFCE/E0BE36AC023F11EF8E5C1E58C4F9AE02/hm540aRej9EmgIr_fOpPwI59kqg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 53:28:38:7e:18:d4:c9:f2:3c:75:39:c5:7f:a9:11:dd:4c:4a: 8a:db:44:19:f8:c2:e5:2e:8c:4d:0a:13:bc:b3:d9:c0:1f:c3: 42:26:81:41:48:43:23:87:98:fb:ca:0a:8d:b6:f1:b0:37:ee: bf:5e:d8:ce:bc:1f:6c:dd:4f:cc:15:8c:b1:53:e0:ec:19:b6: 75:56:6f:67:9a:1d:a8:b5:36:95:b1:55:50:62:32:42:6f:c4: b3:74:a3:52:fa:e1:4f:5f:26:dd:38:01:22:6f:ab:87:1f:1e: b5:0c:69:74:46:30:24:5c:4c:7e:21:0d:ab:db:cb:00:e1:01: 37:fe:23:ee:11:61:d0:50:3d:4a:92:30:1b:63:e2:ab:0d:a9: 10:67:df:85:45:d4:3a:89:ff:8b:a7:96:26:3c:60:9c:c3:62: 44:98:19:37:0a:16:b0:60:69:d0:29:0e:eb:62:49:f2:98:dc: f7:44:8c:a7:6e:70:1b:1b:74:9a:19:80:b7:58:4e:8d:a5:25: 1c:1f:30:a0:75:72:7d:9b:09:e0:98:e0:ca:a5:5d:34:6e:13: 31:e7:de:3e:6b:54:c0:5b:0d:e5:22:e6:fd:57:b4:2d:e2:4b: 4d:2a:1b:9b:b9:49:28:64:d4:fd:ee:25:f4:94:d8:af:da:03: 8e:75:80:b5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUNGQ0UxMTAvBgNVBAUTKDg2NkU3OEQxQTQ1RThGRDEyNjgwOEFGRjdDRUE0RkMw OEU3RDkyQTgwHhcNMjUwNTMxMDUxNzEzWhcNMjUwNjA3MDUxNzEzWjAYMRYwFAYD VQQDEw02ODNhOTBkOS03Yjk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwEBbr7iGgMI6cZ2M7UPDePEgK18R68gSWfxO2uEh/tFQTt/18nW7YKsuABwy sK9tp3wBbT6NLkQ/YpuhFs/i3ENSMuuvgc8Zh2oUUkJ6MkRK7tR4w3y1QRrok7n+ Sbnb46LRM5ASku+sjBdw6WVC8Bm2jOsV9Dmp3vxMseSM0Z+WNzSTmAkAFi9DVoSq glrjgJLKyznrKUAqU+6e5BnPJjfiI2QI/T69D1BbWtY4uXN0UC++ot2k+S/GpqmN KeWMK7QlSyUMlKnNkzKlb5VfbneIn0E7gUcp/QKcSaxnhvcSSHAtDPM2NYBekcZ8 cSwEvM7c2jDFRIMEsugHlDkAQwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDl3bkYa GmokFZVkov4kh/iuhgUhMB8GA1UdIwQYMBaAFIZueNGkXo/RJoCK/3zqT8COfZKo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQ0ZDRS9FMEJFMzZBQzAy M0YxMUVGOEU1QzFFNThDNEY5QUUwMi9obTU0MGFSZWo5RW1nSXJfZk9wUHdJNTlr cWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2htNTQwYVJlajlFbWdJcl9mT3BQd0k1OWtxZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx Q0ZDRS9FMEJFMzZBQzAyM0YxMUVGOEU1QzFFNThDNEY5QUUwMi9obTU0MGFSZWo5 RW1nSXJfZk9wUHdJNTlrcWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBTKDh+GNTJ8jx1OcV/qRHdTEqK20QZ+MLlLoxNChO8s9nAH8NCJoFB SEMjh5j7ygqNtvGwN+6/XtjOvB9s3U/MFYyxU+DsGbZ1Vm9nmh2otTaVsVVQYjJC b8SzdKNS+uFPXybdOAEib6uHHx61DGl0RjAkXEx+IQ2r28sA4QE3/iPuEWHQUD1K kjAbY+KrDakQZ9+FRdQ6if+Lp5YmPGCcw2JEmBk3ChawYGnQKQ7rYknymNz3RIyn bnAbG3SaGYC3WE6NpSUcHzCgdXJ9mwngmODKpV00bhMx594+a1TAWw3lIub9V7Qt 4ktNKhubuUkoZNT97iX0lNiv2gOOdYC1 -----END CERTIFICATE-----Generated at Sat May 31 17:45:07 2025 by rpki-client