$ rpki-client -vvf rpki.apnic.net/member_repository/A9178C1E/C286032EC64711EE9D68EB7FC4F9AE02/HfnAzvmnfc0Vu1H5P9NCmZvhFlg.mft File: HfnAzvmnfc0Vu1H5P9NCmZvhFlg.mft (raw, json) Hash identifier: X0qERvPMGTmLpRA+GjwhxPzE42FOC3Agj4NLQ3SlyJg= Subject key identifier: AF:FD:F4:FF:07:10:AB:36:90:FC:7A:B7:1D:F6:9D:C6:64:1B:A1:9F Authority key identifier: 1D:F9:C0:CE:F9:A7:7D:CD:15:BB:51:F9:3F:D3:42:99:9B:E1:16:58 Certificate issuer: /CN=A9178C1E/serialNumber=1DF9C0CEF9A77DCD15BB51F93FD342999BE11658 Certificate serial: FD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HfnAzvmnfc0Vu1H5P9NCmZvhFlg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9178C1E/C286032EC64711EE9D68EB7FC4F9AE02/HfnAzvmnfc0Vu1H5P9NCmZvhFlg.mft Manifest number: FA Signing time: Sat 31 May 2025 04:51:47 +0000 Manifest this update: Sat 31 May 2025 04:51:46 +0000 Manifest next update: Sat 07 Jun 2025 04:51:46 +0000 Files and hashes: 1: HfnAzvmnfc0Vu1H5P9NCmZvhFlg.crl (hash: XkdrnC4J8RxfArQyungL+eAiFCrUkH0UZfXseqc6ALk=) 2: 4AFD4994CDD011EEA5534481C4F9AE02.roa (hash: 5W+7nQ6sUflibilCBlXCdge8iT2G6A6aLqY201MPVEY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9178C1E/C286032EC64711EE9D68EB7FC4F9AE02/HfnAzvmnfc0Vu1H5P9NCmZvhFlg.crl rsync://rpki.apnic.net/member_repository/A9178C1E/C286032EC64711EE9D68EB7FC4F9AE02/HfnAzvmnfc0Vu1H5P9NCmZvhFlg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HfnAzvmnfc0Vu1H5P9NCmZvhFlg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 04:51:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 253 (0xfd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9178C1E, serialNumber=1DF9C0CEF9A77DCD15BB51F93FD342999BE11658 Validity Not Before: May 31 04:51:46 2025 GMT Not After : Jun 7 04:51:46 2025 GMT Subject: CN=683a8ae3-3981 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:ac:66:af:94:38:39:bf:4a:1b:5e:9a:aa:e6: 75:d1:6a:d4:b7:14:e9:d3:d4:f4:2c:98:fa:1f:c1: da:73:cd:8e:aa:09:cc:fe:fd:ba:79:28:07:04:a0: 2b:50:82:26:80:80:5b:dd:e6:48:2a:94:3a:5d:d6: 70:af:d0:33:4a:e1:9e:0a:9f:1e:2c:a5:3e:84:de: a5:2b:5c:7e:22:d3:3a:97:72:42:3e:16:26:e7:51: 0d:f4:1c:e2:6d:c6:25:21:bc:b9:96:52:ab:71:c2: da:a1:1e:d5:10:53:dd:46:d5:57:c5:da:35:39:1c: 72:02:0d:b5:0f:9c:40:3a:99:4f:22:06:fc:c7:3d: c2:0c:12:24:d9:3e:0a:dc:57:c4:88:79:a8:40:cf: e2:32:49:45:10:f3:07:07:21:01:13:31:1a:72:19: 63:41:3c:37:91:74:3d:bc:f4:37:db:24:5c:27:91: 33:47:97:c0:2a:6f:17:1a:09:a7:9a:a0:a0:24:cf: af:ae:1d:55:50:05:75:eb:c1:5f:5e:9c:00:63:46: 8a:f4:b8:69:c7:02:ba:a0:42:41:97:0e:4a:a6:3e: 3d:8d:ad:07:73:a5:1a:61:16:c1:0b:82:88:ed:b0: c2:98:6b:5d:4c:31:23:6e:10:9e:d8:ed:3f:d8:23: f0:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:FD:F4:FF:07:10:AB:36:90:FC:7A:B7:1D:F6:9D:C6:64:1B:A1:9F X509v3 Authority Key Identifier: keyid:1D:F9:C0:CE:F9:A7:7D:CD:15:BB:51:F9:3F:D3:42:99:9B:E1:16:58 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9178C1E/C286032EC64711EE9D68EB7FC4F9AE02/HfnAzvmnfc0Vu1H5P9NCmZvhFlg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HfnAzvmnfc0Vu1H5P9NCmZvhFlg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9178C1E/C286032EC64711EE9D68EB7FC4F9AE02/HfnAzvmnfc0Vu1H5P9NCmZvhFlg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8e:bd:1f:05:63:37:a0:39:16:10:6d:f3:81:74:eb:cb:3b:45: 6b:31:d4:7b:4a:e7:3b:04:a0:b7:09:c8:64:93:2e:83:9b:12: 06:e9:69:ea:fb:99:4b:1c:2c:31:fb:97:6b:39:ed:9d:47:51: cf:ae:3d:b9:89:c1:38:43:96:21:cb:43:72:cf:43:1e:b1:2a: cd:f6:dd:3c:43:bd:92:5c:dc:c6:d7:e8:f7:35:a5:56:df:57: e0:f1:a8:85:0d:7f:be:18:dc:ef:ea:5a:ae:de:e8:c6:0a:02: eb:dc:e4:1d:9b:7b:d2:d2:71:c5:e6:7c:b1:fc:19:77:c8:e7: 5d:64:14:44:bb:42:4c:c6:71:4f:8f:70:24:1e:41:97:15:14: 98:e2:e3:27:48:3b:6b:a6:1e:a1:7d:3e:22:41:34:d7:c3:25: 2e:d2:64:53:76:2b:60:7f:92:29:26:2a:8c:d0:5a:f5:a4:02: df:6f:db:63:a2:25:c0:ba:f8:6d:64:e2:f8:cd:47:f4:e2:96: b6:c3:b0:e7:0e:f4:c4:d5:f6:a4:6b:9c:d3:09:60:ba:0e:87: f9:ae:bf:35:4f:40:be:02:a2:fd:e8:0a:2d:6b:d6:82:2a:cf: 08:ad:d5:4e:df:58:c4:13:bf:67:bc:8b:cc:c1:c5:ad:46:ae: 6a:1d:03:f5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAP0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzhDMUUxMTAvBgNVBAUTKDFERjlDMENFRjlBNzdEQ0QxNUJCNTFGOTNGRDM0Mjk5 OUJFMTE2NTgwHhcNMjUwNTMxMDQ1MTQ2WhcNMjUwNjA3MDQ1MTQ2WjAYMRYwFAYD VQQDEw02ODNhOGFlMy0zOTgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtaxmr5Q4Ob9KG16aquZ10WrUtxTp09T0LJj6H8Hac82OqgnM/v26eSgHBKAr UIImgIBb3eZIKpQ6XdZwr9AzSuGeCp8eLKU+hN6lK1x+ItM6l3JCPhYm51EN9Bzi bcYlIby5llKrccLaoR7VEFPdRtVXxdo1ORxyAg21D5xAOplPIgb8xz3CDBIk2T4K 3FfEiHmoQM/iMklFEPMHByEBEzEachljQTw3kXQ9vPQ32yRcJ5EzR5fAKm8XGgmn mqCgJM+vrh1VUAV168FfXpwAY0aK9LhpxwK6oEJBlw5Kpj49ja0Hc6UaYRbBC4KI 7bDCmGtdTDEjbhCe2O0/2CPw3QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFK/99P8H EKs2kPx6tx32ncZkG6GfMB8GA1UdIwQYMBaAFB35wM75p33NFbtR+T/TQpmb4RZY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OEMxRS9DMjg2MDMyRUM2 NDcxMUVFOUQ2OEVCN0ZDNEY5QUUwMi9IZm5BenZtbmZjMFZ1MUg1UDlOQ21admhG bGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hmbkF6dm1uZmMwVnUxSDVQOU5DbVp2aEZsZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 OEMxRS9DMjg2MDMyRUM2NDcxMUVFOUQ2OEVCN0ZDNEY5QUUwMi9IZm5BenZtbmZj MFZ1MUg1UDlOQ21admhGbGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCOvR8FYzegORYQbfOBdOvLO0VrMdR7Suc7BKC3Cchkky6DmxIG6Wnq +5lLHCwx+5drOe2dR1HPrj25icE4Q5Yhy0Nyz0MesSrN9t08Q72SXNzG1+j3NaVW 31fg8aiFDX++GNzv6lqu3ujGCgLr3OQdm3vS0nHF5nyx/Bl3yOddZBREu0JMxnFP j3AkHkGXFRSY4uMnSDtrph6hfT4iQTTXwyUu0mRTditgf5IpJiqM0Fr1pALfb9tj oiXAuvhtZOL4zUf04pa2w7DnDvTE1faka5zTCWC6Dof5rr81T0C+AqL96Aota9aC Ks8IrdVO31jEE79nvIvMwcWtRq5qHQP1 -----END CERTIFICATE-----Generated at Sat May 31 16:35:51 2025 by rpki-client