$ rpki-client -vvf rpki.apnic.net/member_repository/A91AC132/C4FA14F8B80C11EF84FA3E35C4F9AE02/hemZwivuAcMmTT0iZ1ghCS__0Cw.mft File: hemZwivuAcMmTT0iZ1ghCS__0Cw.mft (raw, json) Hash identifier: I5jYrloekCCHqsVtborENDK4bHgMYID9NxxrTzKN89s= Subject key identifier: B2:96:85:24:B9:4C:67:B1:2B:47:55:72:D2:1B:54:66:0B:BF:F6:D0 Authority key identifier: 85:E9:99:C2:2B:EE:01:C3:26:4D:3D:22:67:58:21:09:2F:FF:D0:2C Certificate issuer: /CN=A91AC132/serialNumber=85E999C22BEE01C3264D3D22675821092FFFD02C Certificate serial: 44 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hemZwivuAcMmTT0iZ1ghCS__0Cw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AC132/C4FA14F8B80C11EF84FA3E35C4F9AE02/hemZwivuAcMmTT0iZ1ghCS__0Cw.mft Manifest number: 43 Signing time: Tue 15 Apr 2025 06:13:51 +0000 Manifest this update: Tue 15 Apr 2025 06:13:50 +0000 Manifest next update: Tue 22 Apr 2025 06:13:50 +0000 Files and hashes: 1: hemZwivuAcMmTT0iZ1ghCS__0Cw.crl (hash: 11u8PyPsVOjtQkVwtgsq8h4VxF8JfBhTYhtJsq6+ta4=) 2: 8B91AD8CD6B811EF86FC5149C4F9AE02.roa (hash: nKrpei7NHXS/yvzIer9NaLALl/Q2sUCsHstVjHOpR2Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AC132/C4FA14F8B80C11EF84FA3E35C4F9AE02/hemZwivuAcMmTT0iZ1ghCS__0Cw.crl rsync://rpki.apnic.net/member_repository/A91AC132/C4FA14F8B80C11EF84FA3E35C4F9AE02/hemZwivuAcMmTT0iZ1ghCS__0Cw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hemZwivuAcMmTT0iZ1ghCS__0Cw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 22 Apr 2025 06:13:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68 (0x44) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AC132, serialNumber=85E999C22BEE01C3264D3D22675821092FFFD02C Validity Not Before: Apr 15 06:13:50 2025 GMT Not After : Apr 22 06:13:50 2025 GMT Subject: CN=67fdf91e-fd5b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:4c:a0:bd:47:87:12:38:b0:61:c4:94:59:f1: 5c:e3:1e:cb:40:51:6c:28:b0:d5:73:eb:ff:39:70: 15:fb:eb:15:5e:37:11:9a:bf:a1:56:2b:17:da:71: 6b:a7:9b:bd:42:58:df:d5:5d:43:93:71:df:5a:45: 59:a2:0f:e4:e3:5e:33:6c:09:7c:ed:c6:61:85:40: 2b:9e:b6:b1:6d:b3:ed:17:32:23:e2:17:99:6d:67: be:03:2a:d1:67:6a:51:86:f4:ee:9f:96:4a:81:d6: b7:6e:81:6e:89:cd:78:ca:dc:d5:46:28:e3:7e:37: e5:3a:ca:10:96:6f:27:f6:74:3b:82:43:d5:cc:e2: 89:1f:56:9c:c3:85:10:70:c1:a9:77:02:b8:b2:11: ec:41:6f:12:e6:76:aa:8b:1f:e0:6b:9d:2f:8c:a0: 8c:f6:ad:d3:ff:f9:19:95:74:12:39:7b:9e:92:1a: dd:ae:bd:91:d8:e0:63:34:e4:e3:cd:04:ce:b7:92: 23:4d:8c:43:d4:99:f6:4c:91:ab:94:bf:33:f2:a7: 65:3b:b2:bb:bb:b8:a8:fe:6c:19:c1:d9:95:76:55: d7:4a:a8:f5:94:98:b9:b1:af:3c:8a:bd:1b:d3:c8: 75:52:50:a5:0c:2c:f0:0e:23:44:34:cf:52:3d:b9: 0d:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:96:85:24:B9:4C:67:B1:2B:47:55:72:D2:1B:54:66:0B:BF:F6:D0 X509v3 Authority Key Identifier: keyid:85:E9:99:C2:2B:EE:01:C3:26:4D:3D:22:67:58:21:09:2F:FF:D0:2C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AC132/C4FA14F8B80C11EF84FA3E35C4F9AE02/hemZwivuAcMmTT0iZ1ghCS__0Cw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hemZwivuAcMmTT0iZ1ghCS__0Cw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AC132/C4FA14F8B80C11EF84FA3E35C4F9AE02/hemZwivuAcMmTT0iZ1ghCS__0Cw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 95:31:88:58:a4:26:bd:89:89:2d:3f:03:40:cf:c0:fb:d8:3d: c7:48:58:46:30:88:39:fe:5f:39:36:5b:3e:ea:e3:4c:af:07: 55:4f:1b:80:b7:ef:27:2b:58:22:7c:7b:aa:13:61:7c:26:e3: 27:03:f4:97:de:8a:88:61:2f:29:57:8a:fe:43:f6:fd:48:67: 82:f4:af:82:02:34:7c:a9:56:54:3a:f9:8e:f0:b7:71:8d:06: dc:5c:b6:df:b0:46:81:d8:2c:a6:d5:cf:e1:10:86:f6:05:a8: c0:78:7e:7f:a1:8b:30:16:cc:c2:5b:42:05:17:bf:0c:a8:8c: 6f:b9:19:a4:dd:a0:6d:e2:62:25:87:88:2d:c1:ed:9e:a7:5e: 0b:4e:ba:51:b5:3e:cb:92:a1:bb:54:0e:5a:64:9c:e5:18:ec: 76:97:8b:7b:71:6d:0b:78:86:7a:fe:8a:3e:75:9a:91:ac:8c: ad:11:3a:bf:ec:2b:56:dc:68:f8:fd:e9:c0:ef:ad:e4:16:e8: cd:2b:e7:43:20:ed:fb:85:c6:40:9d:f7:23:e5:29:e6:66:03: 6d:da:55:1e:1b:8e:37:e1:a1:ad:10:6e:96:27:92:dc:2d:cd: 6c:e8:c4:89:ad:4b:9f:e5:42:64:b9:c3:fa:e0:bf:12:67:24: 0c:ed:de:52 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBRDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB QzEzMjExMC8GA1UEBRMoODVFOTk5QzIyQkVFMDFDMzI2NEQzRDIyNjc1ODIxMDky RkZGRDAyQzAeFw0yNTA0MTUwNjEzNTBaFw0yNTA0MjIwNjEzNTBaMBgxFjAUBgNV BAMTDTY3ZmRmOTFlLWZkNWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDjTKC9R4cSOLBhxJRZ8VzjHstAUWwosNVz6/85cBX76xVeNxGav6FWKxfacWun m71CWN/VXUOTcd9aRVmiD+TjXjNsCXztxmGFQCuetrFts+0XMiPiF5ltZ74DKtFn alGG9O6flkqB1rdugW6JzXjK3NVGKON+N+U6yhCWbyf2dDuCQ9XM4okfVpzDhRBw wal3AriyEexBbxLmdqqLH+BrnS+MoIz2rdP/+RmVdBI5e56SGt2uvZHY4GM05OPN BM63kiNNjEPUmfZMkauUvzPyp2U7sru7uKj+bBnB2ZV2VddKqPWUmLmxrzyKvRvT yHVSUKUMLPAOI0Q0z1I9uQ3LAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUspaFJLlM Z7ErR1Vy0htUZgu/9tAwHwYDVR0jBBgwFoAUhemZwivuAcMmTT0iZ1ghCS//0Cww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFDMTMyL0M0RkExNEY4Qjgw QzExRUY4NEZBM0UzNUM0RjlBRTAyL2hlbVp3aXZ1QWNNbVRUMGlaMWdoQ1NfXzBD dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaGVtWndpdnVBY01tVFQwaVoxZ2hDU19fMEN3LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFD MTMyL0M0RkExNEY4QjgwQzExRUY4NEZBM0UzNUM0RjlBRTAyL2hlbVp3aXZ1QWNN bVRUMGlaMWdoQ1NfXzBDdy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAJUxiFikJr2JiS0/A0DPwPvYPcdIWEYwiDn+Xzk2Wz7q40yvB1VPG4C3 7ycrWCJ8e6oTYXwm4ycD9JfeiohhLylXiv5D9v1IZ4L0r4ICNHypVlQ6+Y7wt3GN Btxctt+wRoHYLKbVz+EQhvYFqMB4fn+hizAWzMJbQgUXvwyojG+5GaTdoG3iYiWH iC3B7Z6nXgtOulG1PsuSobtUDlpknOUY7HaXi3txbQt4hnr+ij51mpGsjK0ROr/s K1bcaPj96cDvreQW6M0r50Mg7fuFxkCd9yPlKeZmA23aVR4bjjfhoa0QbpYnktwt zWzoxImtS5/lQmS5w/rgvxJnJAzt3lI= -----END CERTIFICATE-----Generated at Tue Apr 15 10:17:17 2025 by rpki-client