$ rpki-client -vvf rpki.apnic.net/member_repository/A91AC132/C4FA14F8B80C11EF84FA3E35C4F9AE02/hemZwivuAcMmTT0iZ1ghCS__0Cw.mft File: hemZwivuAcMmTT0iZ1ghCS__0Cw.mft (raw, json) Hash identifier: +FVo5nnvu5a0DlyB1Cp6bH3qIvZDLmN+wLqaWRHYgcA= Subject key identifier: 56:CC:D3:4D:1C:17:A7:37:E3:07:75:E6:50:D2:1D:49:0E:2E:EA:25 Authority key identifier: 85:E9:99:C2:2B:EE:01:C3:26:4D:3D:22:67:58:21:09:2F:FF:D0:2C Certificate issuer: /CN=A91AC132/serialNumber=85E999C22BEE01C3264D3D22675821092FFFD02C Certificate serial: 29 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hemZwivuAcMmTT0iZ1ghCS__0Cw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AC132/C4FA14F8B80C11EF84FA3E35C4F9AE02/hemZwivuAcMmTT0iZ1ghCS__0Cw.mft Manifest number: 28 Signing time: Fri 21 Feb 2025 09:07:05 +0000 Manifest this update: Fri 21 Feb 2025 09:07:04 +0000 Manifest next update: Fri 28 Feb 2025 09:07:04 +0000 Files and hashes: 1: hemZwivuAcMmTT0iZ1ghCS__0Cw.crl (hash: G91mmOcCQlC0/kljn6aeJwgilExfKn+voWnbkHtjXNk=) 2: 8B91AD8CD6B811EF86FC5149C4F9AE02.roa (hash: nKrpei7NHXS/yvzIer9NaLALl/Q2sUCsHstVjHOpR2Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AC132/C4FA14F8B80C11EF84FA3E35C4F9AE02/hemZwivuAcMmTT0iZ1ghCS__0Cw.crl rsync://rpki.apnic.net/member_repository/A91AC132/C4FA14F8B80C11EF84FA3E35C4F9AE02/hemZwivuAcMmTT0iZ1ghCS__0Cw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hemZwivuAcMmTT0iZ1ghCS__0Cw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 28 Feb 2025 09:07:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41 (0x29) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AC132 Validity Not Before: Feb 21 09:07:04 2025 GMT Not After : Feb 28 09:07:04 2025 GMT Subject: CN=67b84238-a427 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:9a:3d:50:fd:f5:fd:59:ab:da:a1:a5:26:b5: 5b:46:b6:03:84:c8:be:15:bf:64:a6:11:85:ba:7c: 9d:98:fa:3d:ad:98:66:71:3d:c1:27:6c:a0:cc:d0: db:09:d3:76:11:a4:55:64:46:29:72:72:3b:4d:18: 58:80:dd:96:98:c0:ca:19:65:bf:e3:e6:e6:d1:5f: d5:41:7f:08:4d:5c:98:4b:59:58:b4:24:e7:e3:c9: 62:00:e9:1b:4a:cc:4b:db:b6:38:94:b8:fd:ec:5e: b0:09:09:e7:24:48:95:48:15:58:cb:f9:14:9f:75: e5:c5:3c:89:13:95:88:26:05:99:80:9d:1b:e8:f0: 49:61:1d:03:36:60:96:64:d4:e4:b2:ba:d8:23:b3: cc:fa:c5:35:70:91:c9:3c:8c:56:0e:d2:dd:70:9e: 95:24:75:ea:b9:b6:23:58:64:2d:99:6a:a7:2f:78: c3:33:02:16:23:c3:42:8a:15:c1:f2:24:3b:38:51: c0:62:9f:6e:c8:49:16:33:c7:53:cf:f2:e7:4a:eb: 8d:df:78:01:c7:01:3c:97:b9:65:64:8c:04:54:1c: c7:d9:51:33:b5:bf:b8:95:d4:b4:06:28:da:35:c8: ca:8f:80:6f:39:e3:6c:86:1b:38:8d:d6:96:b1:45: f9:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:CC:D3:4D:1C:17:A7:37:E3:07:75:E6:50:D2:1D:49:0E:2E:EA:25 X509v3 Authority Key Identifier: keyid:85:E9:99:C2:2B:EE:01:C3:26:4D:3D:22:67:58:21:09:2F:FF:D0:2C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AC132/C4FA14F8B80C11EF84FA3E35C4F9AE02/hemZwivuAcMmTT0iZ1ghCS__0Cw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hemZwivuAcMmTT0iZ1ghCS__0Cw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AC132/C4FA14F8B80C11EF84FA3E35C4F9AE02/hemZwivuAcMmTT0iZ1ghCS__0Cw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3e:3f:f2:89:ff:0b:61:55:9d:79:4f:53:20:f4:5f:35:04:2c: 74:35:47:47:46:29:a9:ac:26:4d:4a:e1:17:52:80:e0:25:b3: fa:b5:eb:9c:43:d2:b2:82:b3:19:01:9c:a1:09:85:c8:05:52: 4c:58:88:66:aa:46:22:46:7c:5f:fb:f3:a6:d3:be:9a:39:c3: 0f:d3:18:a8:21:ac:08:84:1d:47:d9:2a:8c:45:91:2e:76:57: b2:c2:92:9d:ab:2e:db:4b:24:8a:3d:60:18:b4:be:98:41:c2: 01:c7:f2:f7:94:04:1b:5f:c4:93:f8:ce:0c:14:97:f0:7d:93: 48:52:06:44:14:c4:ba:59:60:8d:dc:5f:d5:62:79:ce:16:49: e9:15:5a:86:b5:11:bd:b9:a4:71:4f:6d:b9:c9:bf:93:40:d8: 0f:19:a7:d8:e4:3c:d2:a9:be:53:68:f7:27:fd:5c:15:e2:46: 8e:e0:6c:6c:1f:9f:ce:54:f7:17:2a:46:13:40:ae:1f:1f:06: be:97:3c:b2:fa:b3:70:93:fa:88:ce:59:9f:0c:df:2b:60:66: c2:2d:37:26:6f:e5:c5:17:07:76:e0:0c:a3:5e:a0:8b:d0:dd: a2:2f:0b:b0:61:d3:13:25:53:ca:42:b1:05:a0:7d:15:ca:e5: 63:51:d1:2f -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBKTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB QzEzMjExMC8GA1UEBRMoODVFOTk5QzIyQkVFMDFDMzI2NEQzRDIyNjc1ODIxMDky RkZGRDAyQzAeFw0yNTAyMjEwOTA3MDRaFw0yNTAyMjgwOTA3MDRaMBgxFjAUBgNV BAMTDTY3Yjg0MjM4LWE0MjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDDmj1Q/fX9WavaoaUmtVtGtgOEyL4Vv2SmEYW6fJ2Y+j2tmGZxPcEnbKDM0NsJ 03YRpFVkRilycjtNGFiA3ZaYwMoZZb/j5ubRX9VBfwhNXJhLWVi0JOfjyWIA6RtK zEvbtjiUuP3sXrAJCeckSJVIFVjL+RSfdeXFPIkTlYgmBZmAnRvo8ElhHQM2YJZk 1OSyutgjs8z6xTVwkck8jFYO0t1wnpUkdeq5tiNYZC2ZaqcveMMzAhYjw0KKFcHy JDs4UcBin27ISRYzx1PP8udK643feAHHATyXuWVkjARUHMfZUTO1v7iV1LQGKNo1 yMqPgG8542yGGziN1paxRfnPAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUVszTTRwX pzfjB3XmUNIdSQ4u6iUwHwYDVR0jBBgwFoAUhemZwivuAcMmTT0iZ1ghCS//0Cww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFDMTMyL0M0RkExNEY4Qjgw QzExRUY4NEZBM0UzNUM0RjlBRTAyL2hlbVp3aXZ1QWNNbVRUMGlaMWdoQ1NfXzBD dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaGVtWndpdnVBY01tVFQwaVoxZ2hDU19fMEN3LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFD MTMyL0M0RkExNEY4QjgwQzExRUY4NEZBM0UzNUM0RjlBRTAyL2hlbVp3aXZ1QWNN bVRUMGlaMWdoQ1NfXzBDdy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAD4/8on/C2FVnXlPUyD0XzUELHQ1R0dGKamsJk1K4RdSgOAls/q165xD 0rKCsxkBnKEJhcgFUkxYiGaqRiJGfF/786bTvpo5ww/TGKghrAiEHUfZKoxFkS52 V7LCkp2rLttLJIo9YBi0vphBwgHH8veUBBtfxJP4zgwUl/B9k0hSBkQUxLpZYI3c X9Viec4WSekVWoa1Eb25pHFPbbnJv5NA2A8Zp9jkPNKpvlNo9yf9XBXiRo7gbGwf n85U9xcqRhNArh8fBr6XPLL6s3CT+ojOWZ8M3ytgZsItNyZv5cUXB3bgDKNeoIvQ 3aIvC7Bh0xMlU8pCsQWgfRXK5WNR0S8= -----END CERTIFICATE-----Generated at Fri Feb 21 11:15:58 2025 by rpki-client