$ rpki-client -vvf rpki.apnic.net/member_repository/A914E950/CBF06F308DDC11ECA1400C69C4F9AE02/2HXmPHNQjdifas3MBgFEoIwIZtw.mft File: 2HXmPHNQjdifas3MBgFEoIwIZtw.mft (raw, json) Hash identifier: NSg22mIOYqqgehY9plU9c7KPTfrf45WxDvguslI8rLg= Subject key identifier: 35:91:04:4E:32:2D:E6:A9:AF:EB:B7:5C:4B:0F:86:35:A2:02:F1:A3 Authority key identifier: D8:75:E6:3C:73:50:8D:D8:9F:6A:CD:CC:06:01:44:A0:8C:08:66:DC Certificate issuer: /CN=A914E950/serialNumber=D875E63C73508DD89F6ACDCC060144A08C0866DC Certificate serial: 03C0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2HXmPHNQjdifas3MBgFEoIwIZtw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914E950/CBF06F308DDC11ECA1400C69C4F9AE02/2HXmPHNQjdifas3MBgFEoIwIZtw.mft Manifest number: 03BC Signing time: Sat 31 May 2025 00:51:11 +0000 Manifest this update: Sat 31 May 2025 00:51:10 +0000 Manifest next update: Sat 07 Jun 2025 00:51:10 +0000 Files and hashes: 1: 2HXmPHNQjdifas3MBgFEoIwIZtw.crl (hash: YNBhE57k7kCEkxN3b3E4lYqfRYMFfVkxH+flCHaKvXY=) 2: 6199B5668DE011ECB9F9C06EC4F9AE02.roa (hash: 2v76irvv8YBootZ9ixmNS7BdVolsdY5VCXkGVLqaKlA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914E950/CBF06F308DDC11ECA1400C69C4F9AE02/2HXmPHNQjdifas3MBgFEoIwIZtw.crl rsync://rpki.apnic.net/member_repository/A914E950/CBF06F308DDC11ECA1400C69C4F9AE02/2HXmPHNQjdifas3MBgFEoIwIZtw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2HXmPHNQjdifas3MBgFEoIwIZtw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 00:51:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 960 (0x3c0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914E950, serialNumber=D875E63C73508DD89F6ACDCC060144A08C0866DC Validity Not Before: May 31 00:51:10 2025 GMT Not After : Jun 7 00:51:10 2025 GMT Subject: CN=683a527e-693e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:56:ae:89:25:61:6f:47:5d:cb:3e:bf:fc:4b: 3b:36:00:b2:0b:de:ad:77:ab:5a:a2:d5:97:f1:26: 6c:dd:61:8e:eb:97:8b:21:18:be:e3:43:3d:be:ae: 75:dc:2b:e8:f3:af:67:c5:07:16:4c:44:ea:ba:3b: 52:6a:a7:48:50:ab:de:54:71:53:1b:7c:de:97:c1: 36:5f:52:13:03:49:25:1a:a4:43:7a:a1:4f:9d:07: bd:1a:9e:35:0b:0e:40:84:60:89:6d:aa:ff:3c:84: 5c:7f:f2:7f:cc:81:1d:68:36:bb:44:b7:70:0a:cf: a9:a4:c0:34:82:34:e8:d7:a5:0e:63:9e:31:3b:84: 7f:50:f4:6d:72:65:b4:36:a5:ff:f0:89:93:7a:8b: 3a:36:35:e8:69:f4:3c:18:3a:1d:57:ec:6e:de:bd: c4:68:a5:d5:77:1c:f3:a4:3e:bf:9e:02:6a:e2:8d: 07:69:d3:0c:f4:ac:5a:f2:1f:11:a8:af:b7:9c:bd: 49:2c:32:0b:b4:7f:f7:8d:70:8e:d7:20:82:71:e8: 3b:cc:ef:30:6d:18:28:c8:40:9b:8c:fa:e8:8d:2c: 3e:56:9e:b7:75:41:71:c9:ef:67:09:44:86:01:f7: 1a:e9:8c:cb:0e:73:e5:25:ba:29:0b:51:97:88:ac: f2:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:91:04:4E:32:2D:E6:A9:AF:EB:B7:5C:4B:0F:86:35:A2:02:F1:A3 X509v3 Authority Key Identifier: keyid:D8:75:E6:3C:73:50:8D:D8:9F:6A:CD:CC:06:01:44:A0:8C:08:66:DC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914E950/CBF06F308DDC11ECA1400C69C4F9AE02/2HXmPHNQjdifas3MBgFEoIwIZtw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2HXmPHNQjdifas3MBgFEoIwIZtw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914E950/CBF06F308DDC11ECA1400C69C4F9AE02/2HXmPHNQjdifas3MBgFEoIwIZtw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2c:21:00:4b:2f:71:ff:44:fc:06:e2:bf:a4:53:ac:91:32:dd: 25:f4:3c:c4:dd:a3:bb:b1:82:f5:8c:89:cd:35:87:fe:8e:d2: 25:9d:9b:77:ca:36:9e:89:6c:8f:d3:80:35:e2:2b:5f:68:10: 0d:07:98:61:9d:94:ea:70:49:66:c6:be:41:72:28:a2:f1:b6: 98:59:30:0d:5c:40:41:f6:96:bb:93:a6:bf:05:84:ce:d4:4a: f3:69:22:c5:67:a8:b9:aa:b6:48:97:de:ed:a4:d1:0a:a6:12: f8:e1:d5:fb:b4:12:08:4b:ce:f5:74:28:40:70:4a:9e:38:61: 2c:18:50:74:c7:04:30:ef:54:f1:57:02:08:e7:81:7d:be:6c: a4:01:d6:ed:6f:2e:f2:fc:74:8c:98:b9:ab:1c:e2:56:e4:d0: fd:51:dc:d5:63:ce:77:ea:1b:26:c6:0b:f5:5c:c0:0c:07:dd: f0:75:cc:a2:eb:d9:6e:18:dc:e9:0d:ae:71:b5:34:1e:09:00: 47:7a:73:cf:e0:67:4a:01:7a:15:a4:b4:1a:83:73:67:3e:f8: 51:28:01:3f:60:c4:c9:7d:42:32:c3:28:c0:c5:26:7e:e0:72: c8:8a:f9:e0:16:f9:77:3f:54:08:01:91:e4:0c:38:ac:4f:6c: 7f:bd:25:e1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA8AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEU5NTAxMTAvBgNVBAUTKEQ4NzVFNjNDNzM1MDhERDg5RjZBQ0RDQzA2MDE0NEEw OEMwODY2REMwHhcNMjUwNTMxMDA1MTEwWhcNMjUwNjA3MDA1MTEwWjAYMRYwFAYD VQQDEw02ODNhNTI3ZS02OTNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAplauiSVhb0ddyz6//Es7NgCyC96td6taotWX8SZs3WGO65eLIRi+40M9vq51 3Cvo869nxQcWTETqujtSaqdIUKveVHFTG3zel8E2X1ITA0klGqRDeqFPnQe9Gp41 Cw5AhGCJbar/PIRcf/J/zIEdaDa7RLdwCs+ppMA0gjTo16UOY54xO4R/UPRtcmW0 NqX/8ImTeos6NjXoafQ8GDodV+xu3r3EaKXVdxzzpD6/ngJq4o0HadMM9Kxa8h8R qK+3nL1JLDILtH/3jXCO1yCCceg7zO8wbRgoyECbjProjSw+Vp63dUFxye9nCUSG Afca6YzLDnPlJbopC1GXiKzyCQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDWRBE4y Leapr+u3XEsPhjWiAvGjMB8GA1UdIwQYMBaAFNh15jxzUI3Yn2rNzAYBRKCMCGbc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RTk1MC9DQkYwNkYzMDhE REMxMUVDQTE0MDBDNjlDNEY5QUUwMi8ySFhtUEhOUWpkaWZhczNNQmdGRW9Jd0la dHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJIWG1QSE5RamRpZmFzM01CZ0ZFb0l3SVp0dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RTk1MC9DQkYwNkYzMDhEREMxMUVDQTE0MDBDNjlDNEY5QUUwMi8ySFhtUEhOUWpk aWZhczNNQmdGRW9Jd0ladHcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAsIQBLL3H/RPwG4r+kU6yRMt0l9DzE3aO7sYL1jInNNYf+jtIlnZt3 yjaeiWyP04A14itfaBANB5hhnZTqcElmxr5Bciii8baYWTANXEBB9pa7k6a/BYTO 1ErzaSLFZ6i5qrZIl97tpNEKphL44dX7tBIIS871dChAcEqeOGEsGFB0xwQw71Tx VwII54F9vmykAdbtby7y/HSMmLmrHOJW5ND9UdzVY8536hsmxgv1XMAMB93wdcyi 69luGNzpDa5xtTQeCQBHenPP4GdKAXoVpLQag3NnPvhRKAE/YMTJfUIywyjAxSZ+ 4HLIivngFvl3P1QIAZHkDDisT2x/vSXh -----END CERTIFICATE-----Generated at Sat May 31 17:07:43 2025 by rpki-client