$ rpki-client -vvf rpki.apnic.net/member_repository/A91948F2/E5F2C7DACD0A11ECAE0A0C2EC4F9AE02/hnTXe0A3MAGG04EEg47spLgYMsI.mft File: hnTXe0A3MAGG04EEg47spLgYMsI.mft (raw, json) Hash identifier: TynEr9swxhIj68NZ7562xHhe/5SQjMdUfnKKCOi/m/s= Subject key identifier: 04:68:67:F2:67:40:F0:DB:5A:53:97:28:E8:04:53:D6:CA:D1:09:73 Authority key identifier: 86:74:D7:7B:40:37:30:01:86:D3:81:04:83:8E:EC:A4:B8:18:32:C2 Certificate issuer: /CN=A91948F2/serialNumber=8674D77B4037300186D38104838EECA4B81832C2 Certificate serial: 0309 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hnTXe0A3MAGG04EEg47spLgYMsI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91948F2/E5F2C7DACD0A11ECAE0A0C2EC4F9AE02/hnTXe0A3MAGG04EEg47spLgYMsI.mft Manifest number: 0304 Signing time: Tue 15 Apr 2025 00:55:52 +0000 Manifest this update: Tue 15 Apr 2025 00:55:51 +0000 Manifest next update: Tue 22 Apr 2025 00:55:51 +0000 Files and hashes: 1: hnTXe0A3MAGG04EEg47spLgYMsI.crl (hash: sQcIMpCl3Di7bT/OIIgqOjlOHndURvJ06ISOFeKacf4=) 2: E5708A82CD0E11EC8038C333C4F9AE02.roa (hash: tZvXWmFmcU/1hd7PZK+BYRJdAPFndnrfZlPRuWQgPQA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91948F2/E5F2C7DACD0A11ECAE0A0C2EC4F9AE02/hnTXe0A3MAGG04EEg47spLgYMsI.crl rsync://rpki.apnic.net/member_repository/A91948F2/E5F2C7DACD0A11ECAE0A0C2EC4F9AE02/hnTXe0A3MAGG04EEg47spLgYMsI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hnTXe0A3MAGG04EEg47spLgYMsI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 22 Apr 2025 00:55:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 777 (0x309) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91948F2, serialNumber=8674D77B4037300186D38104838EECA4B81832C2 Validity Not Before: Apr 15 00:55:51 2025 GMT Not After : Apr 22 00:55:51 2025 GMT Subject: CN=67fdae98-1c61 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:84:50:b5:45:b3:fc:c8:12:9b:d9:12:f2:26: 03:b2:b4:69:18:f6:32:dd:9f:28:52:6e:67:ff:64: 5d:6d:22:7f:38:1b:9f:fb:f9:d3:0a:3c:ac:71:7d: 43:ff:7d:25:e8:2d:0b:37:f9:1f:a8:b5:ae:33:73: 7b:56:e4:15:a6:2f:ba:f2:c5:cb:b3:49:de:9e:12: d6:36:6f:7b:9d:9f:8d:99:af:c4:cc:3c:ff:52:25: d3:cd:e5:11:7a:b8:90:2a:24:f1:f4:58:af:d9:ef: c3:d8:e6:f7:db:54:d3:aa:fd:3d:3d:40:f3:ce:61: cc:63:20:53:af:71:34:05:5a:0f:f2:ed:6e:2c:ad: a0:f1:b9:18:34:47:22:34:7f:c8:4a:e6:80:84:91: d2:cf:eb:20:a5:15:c6:95:28:49:f8:0d:b0:1b:ad: b3:47:c3:12:4f:41:75:8c:ae:1b:d8:fb:c6:d4:eb: 9f:4c:d9:64:67:0f:b8:a3:cd:ec:65:f7:3c:7d:f4: cc:65:6b:3f:ae:f1:37:78:f0:bc:0b:23:28:74:78: b5:1c:79:d1:d9:f2:29:80:82:0b:a3:a6:9a:14:a6: b9:d7:19:43:49:57:1e:de:b5:76:38:73:c2:4b:77: 22:bb:25:ad:e7:08:78:06:49:a5:e8:a9:c4:39:7d: 95:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:68:67:F2:67:40:F0:DB:5A:53:97:28:E8:04:53:D6:CA:D1:09:73 X509v3 Authority Key Identifier: keyid:86:74:D7:7B:40:37:30:01:86:D3:81:04:83:8E:EC:A4:B8:18:32:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91948F2/E5F2C7DACD0A11ECAE0A0C2EC4F9AE02/hnTXe0A3MAGG04EEg47spLgYMsI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hnTXe0A3MAGG04EEg47spLgYMsI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91948F2/E5F2C7DACD0A11ECAE0A0C2EC4F9AE02/hnTXe0A3MAGG04EEg47spLgYMsI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 79:8d:c6:cb:37:27:ff:41:d1:b3:0d:bb:61:15:28:e2:d2:7d: 9e:2f:53:89:8d:6c:96:00:96:19:0a:43:f7:4c:37:82:cc:a0: e3:ff:9a:03:cb:15:8e:f9:3e:a7:64:ec:11:24:6a:b6:33:69: 7e:07:56:51:02:1e:93:ed:b1:c1:f2:71:62:43:69:20:a6:6c: 84:d3:d3:00:c5:55:7b:17:7d:f0:e8:15:bc:59:66:23:74:ab: 13:0a:fa:72:cf:5c:d3:8d:fa:de:ce:7e:42:48:29:d7:bb:1b: bb:5e:a3:b4:8e:47:6d:38:8f:c0:75:ea:bd:52:82:f8:df:ee: fb:dd:a4:b0:94:f2:b2:3d:db:8c:4d:b0:0d:bc:bd:1c:68:97: a5:4e:6a:51:92:ed:65:fa:c6:b0:41:c0:9f:dc:4e:44:a4:b6: 80:d1:4d:a1:31:de:2d:f3:0a:4a:7d:be:fe:f3:c6:e6:be:40: bc:d9:a1:2f:1b:c7:28:8d:dd:5a:78:cb:06:a9:d9:d8:88:6b: 06:ac:3d:4b:47:1b:c6:f9:fe:06:c3:1c:c2:41:76:f2:51:10: e2:9a:54:af:a3:3b:6b:56:da:e3:42:8d:28:16:29:85:34:6b: 25:19:58:5f:1d:16:e5:24:24:ba:50:82:5e:29:c7:6c:21:e6: 7a:2a:3d:88 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAwkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTQ4RjIxMTAvBgNVBAUTKDg2NzRENzdCNDAzNzMwMDE4NkQzODEwNDgzOEVFQ0E0 QjgxODMyQzIwHhcNMjUwNDE1MDA1NTUxWhcNMjUwNDIyMDA1NTUxWjAYMRYwFAYD VQQDEw02N2ZkYWU5OC0xYzYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA44RQtUWz/MgSm9kS8iYDsrRpGPYy3Z8oUm5n/2RdbSJ/OBuf+/nTCjyscX1D /30l6C0LN/kfqLWuM3N7VuQVpi+68sXLs0nenhLWNm97nZ+Nma/EzDz/UiXTzeUR eriQKiTx9Fiv2e/D2Ob321TTqv09PUDzzmHMYyBTr3E0BVoP8u1uLK2g8bkYNEci NH/ISuaAhJHSz+sgpRXGlShJ+A2wG62zR8MST0F1jK4b2PvG1OufTNlkZw+4o83s Zfc8ffTMZWs/rvE3ePC8CyModHi1HHnR2fIpgIILo6aaFKa51xlDSVce3rV2OHPC S3ciuyWt5wh4Bkml6KnEOX2VGQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFARoZ/Jn QPDbWlOXKOgEU9bK0QlzMB8GA1UdIwQYMBaAFIZ013tANzABhtOBBIOO7KS4GDLC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NDhGMi9FNUYyQzdEQUNE MEExMUVDQUUwQTBDMkVDNEY5QUUwMi9oblRYZTBBM01BR0cwNEVFZzQ3c3BMZ1lN c0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2huVFhlMEEzTUFHRzA0RUVnNDdzcExnWU1zSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NDhGMi9FNUYyQzdEQUNEMEExMUVDQUUwQTBDMkVDNEY5QUUwMi9oblRYZTBBM01B R0cwNEVFZzQ3c3BMZ1lNc0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB5jcbLNyf/QdGzDbthFSji0n2eL1OJjWyWAJYZCkP3TDeCzKDj/5oD yxWO+T6nZOwRJGq2M2l+B1ZRAh6T7bHB8nFiQ2kgpmyE09MAxVV7F33w6BW8WWYj dKsTCvpyz1zTjfrezn5CSCnXuxu7XqO0jkdtOI/Adeq9UoL43+773aSwlPKyPduM TbANvL0caJelTmpRku1l+sawQcCf3E5EpLaA0U2hMd4t8wpKfb7+88bmvkC82aEv G8cojd1aeMsGqdnYiGsGrD1LRxvG+f4GwxzCQXbyURDimlSvoztrVtrjQo0oFimF NGslGVhfHRblJCS6UIJeKcdsIeZ6Kj2I -----END CERTIFICATE-----Generated at Tue Apr 15 15:15:18 2025 by rpki-client