$ rpki-client -vvf rpki.apnic.net/member_repository/A9176BDB/657E0F34D64B11ECAB20E36BC4F9AE02/HWGssMZyy01A7T6U08CbIMdFJa4.mft File: HWGssMZyy01A7T6U08CbIMdFJa4.mft (raw, json) Hash identifier: N+cfL9eM2jSKntvQcjFFHfqdq8y+5fXBjHQ4RlwAskk= Subject key identifier: 31:2D:00:70:C1:F2:2B:2F:8B:E9:B9:A3:33:5D:1A:5E:EB:AE:59:19 Authority key identifier: 1D:61:AC:B0:C6:72:CB:4D:40:ED:3E:94:D3:C0:9B:20:C7:45:25:AE Certificate issuer: /CN=A9176BDB/serialNumber=1D61ACB0C672CB4D40ED3E94D3C09B20C74525AE Certificate serial: 030B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HWGssMZyy01A7T6U08CbIMdFJa4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9176BDB/657E0F34D64B11ECAB20E36BC4F9AE02/HWGssMZyy01A7T6U08CbIMdFJa4.mft Manifest number: 0307 Signing time: Sun 01 Jun 2025 01:28:51 +0000 Manifest this update: Sun 01 Jun 2025 01:28:51 +0000 Manifest next update: Sun 08 Jun 2025 01:28:51 +0000 Files and hashes: 1: HWGssMZyy01A7T6U08CbIMdFJa4.crl (hash: mUib50JmyTTeRtOmce91hT5bAFfhRm+Cyh5NmE/uco0=) 2: 7704C7B0D65111EC8F5E2576C4F9AE02.roa (hash: tyU81tqa4w/chmwWDtJ/kbfsyW9fGaL62+VlH2ZbK30=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9176BDB/657E0F34D64B11ECAB20E36BC4F9AE02/HWGssMZyy01A7T6U08CbIMdFJa4.crl rsync://rpki.apnic.net/member_repository/A9176BDB/657E0F34D64B11ECAB20E36BC4F9AE02/HWGssMZyy01A7T6U08CbIMdFJa4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HWGssMZyy01A7T6U08CbIMdFJa4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Jun 2025 01:28:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 779 (0x30b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9176BDB, serialNumber=1D61ACB0C672CB4D40ED3E94D3C09B20C74525AE Validity Not Before: Jun 1 01:28:51 2025 GMT Not After : Jun 8 01:28:51 2025 GMT Subject: CN=683bacd3-1097 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:6d:26:9f:86:c0:e2:0f:55:4c:15:c7:50:91: 95:a6:2b:ea:83:50:2d:54:e0:f9:eb:cb:d7:e2:d9: 62:03:92:c4:b7:02:95:4b:31:ab:3a:f3:13:42:20: bf:a0:96:b0:e2:f3:6b:5f:be:48:4d:3a:7a:a2:bb: d9:cb:87:c1:b8:7b:f4:ca:06:89:7d:4f:b0:b7:3d: 41:0f:16:8e:09:76:30:5f:23:a6:3c:55:f1:b0:17: 81:f9:22:2b:40:e3:4f:45:91:54:e4:1d:67:64:67: 2d:e6:12:a6:e0:b0:54:5a:3d:6f:c2:a1:14:c9:a0: 80:2d:d4:89:bb:9a:7b:f7:08:75:a8:a2:8d:4f:86: 7b:10:d5:f0:e8:97:37:78:90:17:b2:b8:bd:80:b5: 90:14:cb:92:9f:ee:ea:53:be:fd:37:46:a4:69:d7: 8c:75:66:bd:50:f5:35:1b:15:05:65:2d:6f:80:64: 5f:5c:a5:a4:d3:d2:a4:52:eb:42:62:18:0a:a1:bd: b1:93:b2:e1:a2:fd:0f:37:31:90:15:77:81:0d:e7: 6c:68:50:92:f5:49:23:e7:35:55:8d:7e:94:d1:97: 64:34:04:d1:17:6a:0b:a5:95:dd:f0:30:f1:49:ae: e4:01:d3:e0:61:4a:c1:52:3d:b4:59:f8:54:7f:72: e8:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:2D:00:70:C1:F2:2B:2F:8B:E9:B9:A3:33:5D:1A:5E:EB:AE:59:19 X509v3 Authority Key Identifier: keyid:1D:61:AC:B0:C6:72:CB:4D:40:ED:3E:94:D3:C0:9B:20:C7:45:25:AE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9176BDB/657E0F34D64B11ECAB20E36BC4F9AE02/HWGssMZyy01A7T6U08CbIMdFJa4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HWGssMZyy01A7T6U08CbIMdFJa4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9176BDB/657E0F34D64B11ECAB20E36BC4F9AE02/HWGssMZyy01A7T6U08CbIMdFJa4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 73:04:0f:bd:64:25:81:d2:a4:7e:12:5a:1b:23:e9:b1:e2:58: ea:4a:0e:62:d1:f7:4d:7b:21:3d:4e:59:da:b5:00:a0:0f:fe: 2e:57:fa:6c:b2:1c:1e:37:5a:8a:59:f4:8c:48:ef:a7:86:13: 61:00:34:c2:f2:40:77:6d:97:c8:b1:8a:98:21:36:cf:d4:00: d6:1a:89:f2:8a:cd:0f:30:ff:5c:aa:e4:e6:b6:6e:4e:03:23: d2:3b:92:58:c4:ca:03:d9:03:f2:4b:cd:53:1e:fd:25:0c:fe: da:5f:e0:ff:d3:db:db:cd:c4:2a:13:67:03:42:d3:0d:60:c0: 05:20:ca:df:e7:0f:ef:c2:51:62:0c:8a:73:e8:ed:3d:aa:9d: f1:d9:c4:57:4f:6d:91:b1:c6:8c:15:eb:c6:7e:1c:78:ea:a4: 3d:d4:c9:d6:98:72:06:0e:e1:7b:21:83:a1:3d:cf:d8:0c:0f: 18:81:20:26:ab:57:6e:ff:8b:78:36:cd:57:c7:0a:e6:7d:e5: 73:ee:79:b9:e2:61:79:0b:01:11:5a:5e:6a:2a:f9:16:48:23: dc:87:a4:fa:3b:ec:01:9f:31:82:18:3c:79:e0:1a:97:8b:e4: ca:ab:d5:ce:8c:31:7a:c4:99:57:01:81:2f:88:ce:8a:d8:d5: d7:f6:dc:00 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAwswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzZCREIxMTAvBgNVBAUTKDFENjFBQ0IwQzY3MkNCNEQ0MEVEM0U5NEQzQzA5QjIw Qzc0NTI1QUUwHhcNMjUwNjAxMDEyODUxWhcNMjUwNjA4MDEyODUxWjAYMRYwFAYD VQQDEw02ODNiYWNkMy0xMDk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3W0mn4bA4g9VTBXHUJGVpivqg1AtVOD568vX4tliA5LEtwKVSzGrOvMTQiC/ oJaw4vNrX75ITTp6orvZy4fBuHv0ygaJfU+wtz1BDxaOCXYwXyOmPFXxsBeB+SIr QONPRZFU5B1nZGct5hKm4LBUWj1vwqEUyaCALdSJu5p79wh1qKKNT4Z7ENXw6Jc3 eJAXsri9gLWQFMuSn+7qU779N0akadeMdWa9UPU1GxUFZS1vgGRfXKWk09KkUutC YhgKob2xk7Lhov0PNzGQFXeBDedsaFCS9Ukj5zVVjX6U0ZdkNATRF2oLpZXd8DDx Sa7kAdPgYUrBUj20WfhUf3LodQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDEtAHDB 8isvi+m5ozNdGl7rrlkZMB8GA1UdIwQYMBaAFB1hrLDGcstNQO0+lNPAmyDHRSWu MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NkJEQi82NTdFMEYzNEQ2 NEIxMUVDQUIyMEUzNkJDNEY5QUUwMi9IV0dzc01aeXkwMUE3VDZVMDhDYklNZEZK YTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0hXR3NzTVp5eTAxQTdUNlUwOENiSU1kRkphNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 NkJEQi82NTdFMEYzNEQ2NEIxMUVDQUIyMEUzNkJDNEY5QUUwMi9IV0dzc01aeXkw MUE3VDZVMDhDYklNZEZKYTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBzBA+9ZCWB0qR+ElobI+mx4ljqSg5i0fdNeyE9TlnatQCgD/4uV/ps shweN1qKWfSMSO+nhhNhADTC8kB3bZfIsYqYITbP1ADWGonyis0PMP9cquTmtm5O AyPSO5JYxMoD2QPyS81THv0lDP7aX+D/09vbzcQqE2cDQtMNYMAFIMrf5w/vwlFi DIpz6O09qp3x2cRXT22RscaMFevGfhx46qQ91MnWmHIGDuF7IYOhPc/YDA8YgSAm q1du/4t4Ns1XxwrmfeVz7nm54mF5CwERWl5qKvkWSCPch6T6O+wBnzGCGDx54BqX i+TKq9XOjDF6xJlXAYEviM6K2NXX9twA -----END CERTIFICATE-----Generated at Mon Jun 2 18:51:35 2025 by rpki-client