$ rpki-client -vvf rpki.apnic.net/member_repository/A9191885/D5FEA3DEC9FD11EEA677793BC4F9AE02/hwGGtlfRGymKhLAkIO504fu1woI.mft File: hwGGtlfRGymKhLAkIO504fu1woI.mft (raw, json) Hash identifier: 4tHer7+DZ30VFkauZvDidn80acRYiHbE4SHTaZVelIY= Subject key identifier: 6E:F3:C6:78:85:01:AF:0D:43:1D:98:03:B5:44:51:DB:74:25:72:EF Authority key identifier: 87:01:86:B6:57:D1:1B:29:8A:84:B0:24:20:EE:74:E1:FB:B5:C2:82 Certificate issuer: /CN=A9191885/serialNumber=870186B657D11B298A84B02420EE74E1FBB5C282 Certificate serial: CC Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hwGGtlfRGymKhLAkIO504fu1woI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9191885/D5FEA3DEC9FD11EEA677793BC4F9AE02/hwGGtlfRGymKhLAkIO504fu1woI.mft Manifest number: CA Signing time: Thu 13 Mar 2025 03:52:00 +0000 Manifest this update: Thu 13 Mar 2025 03:51:59 +0000 Manifest next update: Thu 20 Mar 2025 03:51:59 +0000 Files and hashes: 1: hwGGtlfRGymKhLAkIO504fu1woI.crl (hash: diJ72uuDFWRPfTjx2ukiN7SoqltnzhYJyZVEs95XaYQ=) 2: 8E31656CC9FF11EEA53CA25CC4F9AE02.roa (hash: d+Z8hZJ1dcZIqJgs5jVt78VrRJybv8thQQWwCFca5j0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9191885/D5FEA3DEC9FD11EEA677793BC4F9AE02/hwGGtlfRGymKhLAkIO504fu1woI.crl rsync://rpki.apnic.net/member_repository/A9191885/D5FEA3DEC9FD11EEA677793BC4F9AE02/hwGGtlfRGymKhLAkIO504fu1woI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hwGGtlfRGymKhLAkIO504fu1woI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 20 Mar 2025 03:51:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 204 (0xcc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9191885 Validity Not Before: Mar 13 03:51:59 2025 GMT Not After : Mar 20 03:51:59 2025 GMT Subject: CN=67d25660-e6cf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:9c:9a:e5:08:64:ff:8b:85:70:0b:c2:32:10: be:f5:7e:ed:9e:75:e2:a2:59:16:bb:3b:f6:c6:b4: 48:ae:e1:bd:d3:a8:a0:8c:d3:32:8e:d7:c0:a7:7b: 72:78:06:5a:0e:2b:b6:56:2f:39:fb:69:70:6e:0b: 8b:3a:f3:82:b7:22:9d:51:af:75:23:05:51:31:86: 50:e6:b7:da:b4:cc:31:a4:26:be:a0:21:08:c3:df: fc:9b:91:f9:eb:14:b1:09:5d:d7:e2:d1:83:cd:06: a0:fb:63:61:b2:7d:b4:ae:4d:51:ab:52:ef:f2:31: 4c:58:6f:16:31:dc:d2:8d:24:0b:b8:58:1d:48:3b: bd:50:34:09:20:6c:d0:11:78:4e:4b:ea:5d:b0:73: b6:04:32:61:97:e8:32:6d:29:7d:ce:7e:1b:6f:6c: dd:09:9b:2e:7a:3d:aa:93:35:58:e1:c8:08:99:7d: 0b:15:08:b9:19:dd:90:99:00:29:93:5a:11:da:00: 2c:6a:48:d0:85:86:94:69:70:2f:e6:ea:15:00:65: af:07:07:79:9d:ac:3f:65:5b:d3:4d:2a:11:f2:56: 9b:b7:4d:4b:02:c4:ed:d0:2a:25:92:c7:9d:7c:42: be:9c:fb:e5:18:b6:c0:08:c6:ed:11:34:d4:76:f7: 28:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:F3:C6:78:85:01:AF:0D:43:1D:98:03:B5:44:51:DB:74:25:72:EF X509v3 Authority Key Identifier: keyid:87:01:86:B6:57:D1:1B:29:8A:84:B0:24:20:EE:74:E1:FB:B5:C2:82 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9191885/D5FEA3DEC9FD11EEA677793BC4F9AE02/hwGGtlfRGymKhLAkIO504fu1woI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hwGGtlfRGymKhLAkIO504fu1woI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9191885/D5FEA3DEC9FD11EEA677793BC4F9AE02/hwGGtlfRGymKhLAkIO504fu1woI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ac:8c:2c:d1:e3:df:83:4b:66:b2:b6:4e:19:a2:51:53:d0:1c: 17:44:4e:1b:15:d6:1b:c4:a9:40:3e:af:2c:3e:c3:8a:a3:ce: 82:eb:27:bb:c0:25:9c:aa:5e:bd:57:91:78:06:76:47:5d:3f: e0:cd:2d:03:c5:a5:e3:7a:ca:74:29:82:e5:3e:1e:43:38:2d: 3a:82:49:68:e7:04:7a:c3:04:ea:fa:6a:58:23:d2:d2:f9:ac: 75:88:c0:61:c6:3d:93:a2:0f:8d:fc:ba:c7:f6:46:97:19:46: 5a:6a:14:16:18:fb:57:ad:38:80:b0:8e:16:1f:14:8a:c9:eb: eb:74:6a:3b:90:db:35:f5:e0:59:46:a3:5a:a7:cd:67:9e:aa: 95:6f:db:5f:cf:f4:a0:c5:41:00:fb:cc:5e:e0:7e:58:29:20: c7:ae:f9:68:7e:a9:54:88:9c:09:40:cf:4e:cd:b5:37:a9:f7: 9f:58:85:69:6d:46:66:d4:89:a1:65:8b:8c:b6:34:4c:c1:f7: 29:29:29:f8:8f:25:a3:44:db:69:9c:b4:9e:63:52:9f:da:e7: db:69:ec:3c:15:c1:38:07:6e:1c:ef:d1:d2:75:3d:a0:d8:77: 95:3a:bb:92:e7:ae:6f:d7:83:5f:74:87:a8:e1:fd:4a:04:42: 98:d9:fe:c6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAMwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTE4ODUxMTAvBgNVBAUTKDg3MDE4NkI2NTdEMTFCMjk4QTg0QjAyNDIwRUU3NEUx RkJCNUMyODIwHhcNMjUwMzEzMDM1MTU5WhcNMjUwMzIwMDM1MTU5WjAYMRYwFAYD VQQDEw02N2QyNTY2MC1lNmNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA45ya5Qhk/4uFcAvCMhC+9X7tnnXiolkWuzv2xrRIruG906igjNMyjtfAp3ty eAZaDiu2Vi85+2lwbguLOvOCtyKdUa91IwVRMYZQ5rfatMwxpCa+oCEIw9/8m5H5 6xSxCV3X4tGDzQag+2Nhsn20rk1Rq1Lv8jFMWG8WMdzSjSQLuFgdSDu9UDQJIGzQ EXhOS+pdsHO2BDJhl+gybSl9zn4bb2zdCZsuej2qkzVY4cgImX0LFQi5Gd2QmQAp k1oR2gAsakjQhYaUaXAv5uoVAGWvBwd5naw/ZVvTTSoR8labt01LAsTt0Colksed fEK+nPvlGLbACMbtETTUdvcovQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFG7zxniF Aa8NQx2YA7VEUdt0JXLvMB8GA1UdIwQYMBaAFIcBhrZX0RspioSwJCDudOH7tcKC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTg4NS9ENUZFQTNERUM5 RkQxMUVFQTY3Nzc5M0JDNEY5QUUwMi9od0dHdGxmUkd5bUtoTEFrSU81MDRmdTF3 b0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2h3R0d0bGZSR3ltS2hMQWtJTzUwNGZ1MXdvSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 MTg4NS9ENUZFQTNERUM5RkQxMUVFQTY3Nzc5M0JDNEY5QUUwMi9od0dHdGxmUkd5 bUtoTEFrSU81MDRmdTF3b0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCsjCzR49+DS2aytk4ZolFT0BwXRE4bFdYbxKlAPq8sPsOKo86C6ye7 wCWcql69V5F4BnZHXT/gzS0DxaXjesp0KYLlPh5DOC06gklo5wR6wwTq+mpYI9LS +ax1iMBhxj2Tog+N/LrH9kaXGUZaahQWGPtXrTiAsI4WHxSKyevrdGo7kNs19eBZ RqNap81nnqqVb9tfz/SgxUEA+8xe4H5YKSDHrvlofqlUiJwJQM9OzbU3qfefWIVp bUZm1ImhZYuMtjRMwfcpKSn4jyWjRNtpnLSeY1Kf2ufbaew8FcE4B24c79HSdT2g 2HeVOruS565v14NfdIeo4f1KBEKY2f7G -----END CERTIFICATE-----Generated at Thu Mar 13 21:31:45 2025 by rpki-client