$ rpki-client -vvf rpki.apnic.net/member_repository/A9138D0E/8E714984A35E11E8B41A5878C4F9AE02/hnHJZ--Azj0S3OowSRuUb9cGh8A.mft File: hnHJZ--Azj0S3OowSRuUb9cGh8A.mft (raw, json) Hash identifier: TDfstP/PoeCVRYv+obDIg6AbAmB4l3a3M9snY+VzZDk= Subject key identifier: 74:9E:5C:D1:01:83:E4:23:0D:33:21:44:1E:4B:38:EE:E5:F4:EA:1A Authority key identifier: 86:71:C9:67:EF:80:CE:3D:12:DC:EA:30:49:1B:94:6F:D7:06:87:C0 Certificate issuer: /CN=A9138D0E/serialNumber=8671C967EF80CE3D12DCEA30491B946FD70687C0 Certificate serial: 13B2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hnHJZ--Azj0S3OowSRuUb9cGh8A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9138D0E/8E714984A35E11E8B41A5878C4F9AE02/hnHJZ--Azj0S3OowSRuUb9cGh8A.mft Manifest number: 1382 Signing time: Fri 30 May 2025 17:11:05 +0000 Manifest this update: Fri 30 May 2025 17:11:04 +0000 Manifest next update: Fri 06 Jun 2025 17:11:04 +0000 Files and hashes: 1: hnHJZ--Azj0S3OowSRuUb9cGh8A.crl (hash: Go5xLG/poU+VzhdSxSItSsmD9wtvxUf86UM1nohYvQQ=) 2: F046E896E9B411EFADF57822C4F9AE02.roa (hash: GMfaRkgZtU0bibSF5X1yqmKnNBnQN18neJaY0c9lA5Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9138D0E/8E714984A35E11E8B41A5878C4F9AE02/hnHJZ--Azj0S3OowSRuUb9cGh8A.crl rsync://rpki.apnic.net/member_repository/A9138D0E/8E714984A35E11E8B41A5878C4F9AE02/hnHJZ--Azj0S3OowSRuUb9cGh8A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hnHJZ--Azj0S3OowSRuUb9cGh8A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 17:11:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5042 (0x13b2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9138D0E, serialNumber=8671C967EF80CE3D12DCEA30491B946FD70687C0 Validity Not Before: May 30 17:11:04 2025 GMT Not After : Jun 6 17:11:04 2025 GMT Subject: CN=6839e6a9-183e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:f6:49:7f:b6:85:03:2c:8e:1e:77:29:36:a3: 0e:c2:0f:15:66:b6:84:fe:d9:20:de:62:5c:9c:67: 6d:ac:63:6a:9b:a4:be:d6:b2:4d:6d:29:b5:5d:2f: 57:3e:ea:0b:fd:25:98:34:3e:f3:45:38:2c:e2:99: d1:88:69:b3:84:bc:e3:e1:c9:f7:d5:45:06:19:c7: 3e:91:50:40:dd:e8:82:1e:27:6a:64:e3:b5:2a:47: 73:5e:f9:e2:1f:46:6c:43:28:f2:35:25:52:88:c1: e1:e8:3e:46:82:e4:10:f0:92:89:77:42:e1:49:cd: 05:47:03:16:c3:ed:3f:43:74:3b:00:f7:55:48:71: b3:87:4e:c0:45:c4:db:74:79:7f:7d:c2:41:8d:d6: dc:e5:a9:23:1f:0d:49:c7:ab:69:de:c4:dc:83:95: de:21:2b:76:d9:99:a1:01:f2:9c:5e:af:ba:ea:31: a3:9b:34:d6:e0:cf:a1:6a:de:d6:e2:b3:7c:6e:9f: 19:09:e7:1d:b0:2d:af:46:22:61:99:60:ee:0d:4c: 94:73:93:d9:c0:87:bc:97:14:df:46:14:70:47:06: 93:ab:19:2b:3d:eb:15:87:d7:ad:67:d5:7c:b5:da: 25:fa:71:bd:d5:ff:08:d1:e9:6d:d7:6e:90:6f:0d: 50:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:9E:5C:D1:01:83:E4:23:0D:33:21:44:1E:4B:38:EE:E5:F4:EA:1A X509v3 Authority Key Identifier: keyid:86:71:C9:67:EF:80:CE:3D:12:DC:EA:30:49:1B:94:6F:D7:06:87:C0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9138D0E/8E714984A35E11E8B41A5878C4F9AE02/hnHJZ--Azj0S3OowSRuUb9cGh8A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hnHJZ--Azj0S3OowSRuUb9cGh8A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9138D0E/8E714984A35E11E8B41A5878C4F9AE02/hnHJZ--Azj0S3OowSRuUb9cGh8A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0c:3c:df:2b:6b:22:78:d3:33:3e:ad:9d:bd:d9:9a:3e:06:73: 9b:92:4f:9d:ab:54:23:09:0c:75:a6:51:ce:85:16:5e:c6:e8: 7e:ad:f6:b3:2d:ae:18:d0:49:64:fc:e0:5e:3a:9d:53:58:3a: 57:e1:67:ae:99:12:df:87:4c:f1:fd:03:9a:1b:5b:a3:24:7e: 83:e0:bc:19:11:7f:3e:0f:ac:26:74:6b:de:df:24:48:18:3c: aa:2c:ba:4e:c6:cf:2f:b0:9e:7b:82:fa:eb:3f:25:95:c4:b1: 7e:86:07:06:3e:3c:3e:86:0c:98:63:96:57:37:9b:af:77:25: 78:05:c7:9b:22:0b:bc:7f:9f:b6:29:60:54:bd:7a:7e:3b:82: 7e:f3:af:4d:23:d0:19:ff:b3:d4:24:fe:ac:c0:15:1f:74:fc: 50:59:50:1d:bc:68:98:07:82:d3:43:b8:df:8e:b9:19:ec:99: 5e:c3:6f:60:af:09:ab:6a:77:d6:cf:fe:ab:c9:b9:b4:84:88: 9a:54:b7:ac:83:54:0d:a7:a0:be:44:74:60:bb:95:c3:0b:ca: 62:b9:ec:5d:b5:99:93:44:1b:5d:66:38:37:00:15:59:ce:da: d1:17:79:67:02:60:53:8f:84:74:79:2c:df:da:a3:91:49:1d: 4e:85:4b:84 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICE7IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzhEMEUxMTAvBgNVBAUTKDg2NzFDOTY3RUY4MENFM0QxMkRDRUEzMDQ5MUI5NDZG RDcwNjg3QzAwHhcNMjUwNTMwMTcxMTA0WhcNMjUwNjA2MTcxMTA0WjAYMRYwFAYD VQQDEw02ODM5ZTZhOS0xODNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs/ZJf7aFAyyOHncpNqMOwg8VZraE/tkg3mJcnGdtrGNqm6S+1rJNbSm1XS9X PuoL/SWYND7zRTgs4pnRiGmzhLzj4cn31UUGGcc+kVBA3eiCHidqZOO1KkdzXvni H0ZsQyjyNSVSiMHh6D5GguQQ8JKJd0LhSc0FRwMWw+0/Q3Q7APdVSHGzh07ARcTb dHl/fcJBjdbc5akjHw1Jx6tp3sTcg5XeISt22ZmhAfKcXq+66jGjmzTW4M+hat7W 4rN8bp8ZCecdsC2vRiJhmWDuDUyUc5PZwIe8lxTfRhRwRwaTqxkrPesVh9etZ9V8 tdol+nG91f8I0elt126Qbw1QBwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHSeXNEB g+QjDTMhRB5LOO7l9OoaMB8GA1UdIwQYMBaAFIZxyWfvgM49EtzqMEkblG/XBofA MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOEQwRS84RTcxNDk4NEEz NUUxMUU4QjQxQTU4NzhDNEY5QUUwMi9obkhKWi0tQXpqMFMzT293U1J1VWI5Y0do OEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2huSEpaLS1BemowUzNPb3dTUnVVYjljR2g4QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz OEQwRS84RTcxNDk4NEEzNUUxMUU4QjQxQTU4NzhDNEY5QUUwMi9obkhKWi0tQXpq MFMzT293U1J1VWI5Y0doOEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAMPN8rayJ40zM+rZ292Zo+BnObkk+dq1QjCQx1plHOhRZexuh+rfaz La4Y0Elk/OBeOp1TWDpX4WeumRLfh0zx/QOaG1ujJH6D4LwZEX8+D6wmdGve3yRI GDyqLLpOxs8vsJ57gvrrPyWVxLF+hgcGPjw+hgyYY5ZXN5uvdyV4BcebIgu8f5+2 KWBUvXp+O4J+869NI9AZ/7PUJP6swBUfdPxQWVAdvGiYB4LTQ7jfjrkZ7Jlew29g rwmranfWz/6rybm0hIiaVLesg1QNp6C+RHRgu5XDC8piuexdtZmTRBtdZjg3ABVZ ztrRF3lnAmBTj4R0eSzf2qORSR1OhUuE -----END CERTIFICATE-----Generated at Sat May 31 17:06:21 2025 by rpki-client