$ rpki-client -vvf rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.mft File: He-yCnpR7hjdetBq2qxJEePi95Q.mft (raw, json) Hash identifier: PvvdQ+SLz6UXj2htGdICojpfWbi3Mbpks8eATpyJIMY= Subject key identifier: A7:63:F1:C1:27:32:91:75:7C:5B:17:33:CA:40:58:B1:6A:66:90:BF Authority key identifier: 1D:EF:B2:0A:7A:51:EE:18:DD:7A:D0:6A:DA:AC:49:11:E3:E2:F7:94 Certificate issuer: /CN=A91285E3/serialNumber=1DEFB20A7A51EE18DD7AD06ADAAC4911E3E2F794 Certificate serial: 01DE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He-yCnpR7hjdetBq2qxJEePi95Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.mft Manifest number: 01D8 Signing time: Sat 31 May 2025 02:32:53 +0000 Manifest this update: Sat 31 May 2025 02:32:52 +0000 Manifest next update: Sat 07 Jun 2025 02:32:52 +0000 Files and hashes: 1: He-yCnpR7hjdetBq2qxJEePi95Q.crl (hash: 96dCnWqgfbWEYUbPZ6Bgd7QXKkcpDJzEa1jrZmrDRl0=) 2: 54365208708411EDA8B14246C4F9AE02.roa (hash: mCCSZ+9WYvhaMFX9tC0Iaz2gMx4GH4ZGb0UPoAirqT8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.crl rsync://rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He-yCnpR7hjdetBq2qxJEePi95Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 02:32:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 478 (0x1de) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91285E3, serialNumber=1DEFB20A7A51EE18DD7AD06ADAAC4911E3E2F794 Validity Not Before: May 31 02:32:52 2025 GMT Not After : Jun 7 02:32:52 2025 GMT Subject: CN=683a6a55-faf8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:43:a4:07:01:29:5c:b3:f7:ff:e4:f5:d1:02: ab:12:21:18:86:08:34:b5:d9:33:ac:51:15:00:1d: 3f:c1:1e:38:1a:f7:a5:6c:5d:30:87:45:87:2c:60: 20:ac:4c:7f:7e:ce:f2:b3:71:b3:a1:b5:db:e6:f4: 25:6f:3d:7c:fe:1b:89:71:a3:92:18:01:7f:ee:c5: bf:c0:88:46:ad:d8:64:65:d7:f3:bb:49:d2:bd:f3: 05:4c:d0:d8:ae:0b:00:f0:79:fe:eb:bc:00:2e:15: 0d:53:b1:64:bf:70:99:19:2a:e3:be:4f:d1:a5:91: 56:b3:f2:d5:62:19:43:86:5c:4a:96:ae:e3:a5:6b: 12:64:6e:ba:25:68:ea:4f:c8:2d:71:46:65:83:27: b2:02:e8:08:4f:ed:e5:ab:e5:2a:00:e0:a1:1b:89: 4c:82:8f:75:26:16:88:8a:cb:13:bc:77:52:03:8f: ce:ab:1f:bd:30:7b:39:fb:b2:02:cf:d9:47:26:c2: d3:9a:0c:cd:4c:99:ad:5f:60:b3:98:73:3a:ce:35: a3:ac:16:2b:b8:1d:61:0f:d3:ad:94:35:b5:5f:f1: da:ca:fb:00:a7:a7:b9:2c:02:31:c5:d6:73:eb:18: c8:4b:ba:4f:f7:e5:e1:49:51:27:1b:03:d2:9e:cb: 63:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:63:F1:C1:27:32:91:75:7C:5B:17:33:CA:40:58:B1:6A:66:90:BF X509v3 Authority Key Identifier: keyid:1D:EF:B2:0A:7A:51:EE:18:DD:7A:D0:6A:DA:AC:49:11:E3:E2:F7:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He-yCnpR7hjdetBq2qxJEePi95Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 20:20:fa:a6:7b:59:49:f9:44:1b:d8:52:29:90:f9:f5:0c:4f: 0b:4c:44:40:12:04:47:59:29:20:e4:93:60:5f:af:95:d6:c4: 84:7f:ef:76:72:d4:94:4d:f6:cc:8d:cd:c2:0e:5d:2b:b4:00: 9d:80:5e:d3:d3:61:dc:67:69:94:c0:9b:9a:a3:75:61:84:12: db:29:79:83:d1:32:b5:90:1c:d1:0a:5f:44:83:fe:02:1d:15: ae:98:a0:22:32:a9:86:18:b1:81:3e:c8:e3:56:51:58:a0:73: 2b:e9:cf:81:61:57:51:05:a9:b1:56:9b:84:f6:d1:39:bb:20: 71:8e:80:a9:a3:7a:c8:5d:7e:ba:56:fa:24:d5:2b:5f:9b:cf: da:17:17:cb:6e:02:6b:38:b6:eb:cf:81:f3:4a:1f:9d:94:71: 50:08:b7:fb:9a:cf:11:f0:70:e2:21:56:d3:15:33:22:f8:84: f0:9c:d3:f5:89:72:bc:d9:67:f7:53:7b:d3:b0:f1:11:cf:53: ea:39:fb:33:66:4a:ed:84:bd:d4:60:84:7a:c8:3a:91:ca:2b: 88:e0:c2:b2:3f:26:ce:43:28:05:55:c9:07:2e:f4:20:81:51: df:c1:f4:73:62:0c:f8:09:8e:0f:c7:cc:c3:30:bc:e8:c6:15: b9:e6:07:db -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAd4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mjg1RTMxMTAvBgNVBAUTKDFERUZCMjBBN0E1MUVFMThERDdBRDA2QURBQUM0OTEx RTNFMkY3OTQwHhcNMjUwNTMxMDIzMjUyWhcNMjUwNjA3MDIzMjUyWjAYMRYwFAYD VQQDEw02ODNhNmE1NS1mYWY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs0OkBwEpXLP3/+T10QKrEiEYhgg0tdkzrFEVAB0/wR44GvelbF0wh0WHLGAg rEx/fs7ys3GzobXb5vQlbz18/huJcaOSGAF/7sW/wIhGrdhkZdfzu0nSvfMFTNDY rgsA8Hn+67wALhUNU7Fkv3CZGSrjvk/RpZFWs/LVYhlDhlxKlq7jpWsSZG66JWjq T8gtcUZlgyeyAugIT+3lq+UqAOChG4lMgo91JhaIissTvHdSA4/Oqx+9MHs5+7IC z9lHJsLTmgzNTJmtX2CzmHM6zjWjrBYruB1hD9OtlDW1X/HayvsAp6e5LAIxxdZz 6xjIS7pP9+XhSVEnGwPSnstjtwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKdj8cEn MpF1fFsXM8pAWLFqZpC/MB8GA1UdIwQYMBaAFB3vsgp6Ue4Y3XrQatqsSRHj4veU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyODVFMy8xQjEyQTgyNDcw NzkxMUVEQkFBN0NEMjZDNEY5QUUwMi9IZS15Q25wUjdoamRldEJxMnF4SkVlUGk5 NVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hlLXlDbnBSN2hqZGV0QnEycXhKRWVQaTk1US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy ODVFMy8xQjEyQTgyNDcwNzkxMUVEQkFBN0NEMjZDNEY5QUUwMi9IZS15Q25wUjdo amRldEJxMnF4SkVlUGk5NVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAgIPqme1lJ+UQb2FIpkPn1DE8LTERAEgRHWSkg5JNgX6+V1sSEf+92 ctSUTfbMjc3CDl0rtACdgF7T02HcZ2mUwJuao3VhhBLbKXmD0TK1kBzRCl9Eg/4C HRWumKAiMqmGGLGBPsjjVlFYoHMr6c+BYVdRBamxVpuE9tE5uyBxjoCpo3rIXX66 Vvok1Stfm8/aFxfLbgJrOLbrz4HzSh+dlHFQCLf7ms8R8HDiIVbTFTMi+ITwnNP1 iXK82Wf3U3vTsPERz1PqOfszZkrthL3UYIR6yDqRyiuI4MKyPybOQygFVckHLvQg gVHfwfRzYgz4CY4Px8zDMLzoxhW55gfb -----END CERTIFICATE-----Generated at Sat May 31 16:39:53 2025 by rpki-client