$ rpki-client -vvf rpki.apnic.net/member_repository/A91BF28F/7DDC5A2E554711EDB47B332BC4F9AE02/hs2LQhipuaG84vrF7m3HhbAKkx0.mft File: hs2LQhipuaG84vrF7m3HhbAKkx0.mft (raw, json) Hash identifier: jj8yZh7HfKqYyx1G23hWtkO/rMuxHktAXwh+thRRLiw= Subject key identifier: 20:88:70:1D:08:BF:CA:70:3A:0B:2B:E6:52:72:36:94:9C:36:31:9D Authority key identifier: 86:CD:8B:42:18:A9:B9:A1:BC:E2:FA:C5:EE:6D:C7:85:B0:0A:93:1D Certificate issuer: /CN=A91BF28F/serialNumber=86CD8B4218A9B9A1BCE2FAC5EE6DC785B00A931D Certificate serial: 0232 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hs2LQhipuaG84vrF7m3HhbAKkx0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BF28F/7DDC5A2E554711EDB47B332BC4F9AE02/hs2LQhipuaG84vrF7m3HhbAKkx0.mft Manifest number: 0210 Signing time: Sat 31 May 2025 02:21:40 +0000 Manifest this update: Sat 31 May 2025 02:21:40 +0000 Manifest next update: Sat 07 Jun 2025 02:21:40 +0000 Files and hashes: 1: hs2LQhipuaG84vrF7m3HhbAKkx0.crl (hash: W/Kpoas7eSdOpDYq5V0j6DswTkAcM8lBjoehBkh6j6U=) 2: FB9DB0B8778011EFA197A558C4F9AE02.roa (hash: bOpqrbhh4Bh4AWp/OZ52rop88bWyVMsrGceDfsrfghM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BF28F/7DDC5A2E554711EDB47B332BC4F9AE02/hs2LQhipuaG84vrF7m3HhbAKkx0.crl rsync://rpki.apnic.net/member_repository/A91BF28F/7DDC5A2E554711EDB47B332BC4F9AE02/hs2LQhipuaG84vrF7m3HhbAKkx0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hs2LQhipuaG84vrF7m3HhbAKkx0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 02:21:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 562 (0x232) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BF28F, serialNumber=86CD8B4218A9B9A1BCE2FAC5EE6DC785B00A931D Validity Not Before: May 31 02:21:40 2025 GMT Not After : Jun 7 02:21:40 2025 GMT Subject: CN=683a67b4-0cc8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:f9:86:fb:ee:73:8d:7b:90:89:c9:2a:db:73: d1:ff:74:f5:3e:f5:d2:33:fe:4f:d9:06:b8:31:e5: c0:9f:15:5f:ef:1e:0a:08:4a:4e:21:f7:0c:54:a1: 6f:c1:7c:b5:8c:ec:9c:d1:88:a7:ed:da:4e:f5:3d: 93:ab:79:71:4d:f3:b3:e8:1b:69:c3:56:9e:28:aa: 72:ee:4f:54:17:87:22:d0:cf:31:49:52:79:cb:c9: 3e:b8:68:73:c7:a9:47:f4:e8:70:46:de:7a:4c:cd: 84:25:87:ca:9d:cc:2c:81:58:23:7a:50:27:72:51: f7:e5:4b:9e:9a:fe:35:ef:9c:a5:e8:ef:0b:7d:8e: e4:1b:06:da:3f:98:04:ce:e0:b5:87:45:b4:c9:4b: a5:16:36:3b:63:88:ad:67:a2:60:6e:3c:75:f7:cf: 57:cb:7a:15:a9:13:34:c1:ec:ea:8f:b5:32:da:16: b8:ed:ba:6c:b1:a7:13:fb:de:34:ce:bd:d9:5f:c3: 0a:df:d7:fc:ff:70:25:69:b2:81:8a:60:03:4a:c3: ea:f1:9b:0d:c5:77:ad:22:21:06:08:b1:d9:ba:6e: 1a:54:2c:0f:42:1d:8d:95:2d:e7:9a:d8:cf:ad:08: 1d:df:8a:bb:42:8c:3a:47:88:30:b5:ca:6b:b3:8f: 2a:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:88:70:1D:08:BF:CA:70:3A:0B:2B:E6:52:72:36:94:9C:36:31:9D X509v3 Authority Key Identifier: keyid:86:CD:8B:42:18:A9:B9:A1:BC:E2:FA:C5:EE:6D:C7:85:B0:0A:93:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BF28F/7DDC5A2E554711EDB47B332BC4F9AE02/hs2LQhipuaG84vrF7m3HhbAKkx0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hs2LQhipuaG84vrF7m3HhbAKkx0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BF28F/7DDC5A2E554711EDB47B332BC4F9AE02/hs2LQhipuaG84vrF7m3HhbAKkx0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1b:db:c5:8d:2a:c3:ba:58:81:93:db:6b:f1:57:54:44:73:e2: dc:15:22:82:43:2a:34:3d:14:8d:e0:30:c1:36:78:ff:e2:18: 6a:e3:1b:25:7e:be:b5:81:7f:7d:4f:c5:ef:e6:58:d2:ee:01: 2c:b0:19:10:8b:47:0d:4c:ae:88:d9:20:b5:d3:07:5a:70:d5: ee:ed:09:90:b2:32:85:0a:1f:3c:7f:3c:d4:34:59:4b:42:f6: d7:bb:44:52:e1:b8:74:6c:50:a5:db:fb:e8:69:56:e7:16:31: 9d:3b:db:98:87:c7:47:14:f0:9e:2e:fc:5e:35:5e:6e:40:d4: 90:da:9c:db:94:f1:75:e8:12:56:13:b8:a2:84:03:e1:3c:64: f3:9c:a7:0e:28:56:74:31:be:9b:fb:98:ae:83:1f:b5:29:4a: e7:f2:5a:0e:ad:c6:21:35:66:9c:8a:ef:75:1f:93:fe:50:58: 61:63:75:d2:bc:8d:d1:d8:03:b4:c5:a4:fc:ba:b0:bf:34:ca: f9:fd:f4:ef:7e:9b:cb:e2:78:f7:58:20:c7:bc:44:81:b4:da: 9e:92:d6:50:34:c3:b1:a3:60:8e:f8:8a:db:b4:c1:5e:7d:4a: 68:2b:71:5a:ba:89:ce:e8:2d:52:ce:c9:75:1d:36:f7:96:a0: db:03:43:82 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAjIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkYyOEYxMTAvBgNVBAUTKDg2Q0Q4QjQyMThBOUI5QTFCQ0UyRkFDNUVFNkRDNzg1 QjAwQTkzMUQwHhcNMjUwNTMxMDIyMTQwWhcNMjUwNjA3MDIyMTQwWjAYMRYwFAYD VQQDEw02ODNhNjdiNC0wY2M4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1/mG++5zjXuQickq23PR/3T1PvXSM/5P2Qa4MeXAnxVf7x4KCEpOIfcMVKFv wXy1jOyc0Yin7dpO9T2Tq3lxTfOz6Btpw1aeKKpy7k9UF4ci0M8xSVJ5y8k+uGhz x6lH9OhwRt56TM2EJYfKncwsgVgjelAnclH35Uuemv4175yl6O8LfY7kGwbaP5gE zuC1h0W0yUulFjY7Y4itZ6Jgbjx1989Xy3oVqRM0wezqj7Uy2ha47bpssacT+940 zr3ZX8MK39f8/3AlabKBimADSsPq8ZsNxXetIiEGCLHZum4aVCwPQh2NlS3nmtjP rQgd34q7Qow6R4gwtcprs48qgwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCCIcB0I v8pwOgsr5lJyNpScNjGdMB8GA1UdIwQYMBaAFIbNi0IYqbmhvOL6xe5tx4WwCpMd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRjI4Ri83RERDNUEyRTU1 NDcxMUVEQjQ3QjMzMkJDNEY5QUUwMi9oczJMUWhpcHVhRzg0dnJGN20zSGhiQUtr eDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hzMkxRaGlwdWFHODR2ckY3bTNIaGJBS2t4MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC RjI4Ri83RERDNUEyRTU1NDcxMUVEQjQ3QjMzMkJDNEY5QUUwMi9oczJMUWhpcHVh Rzg0dnJGN20zSGhiQUtreDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAb28WNKsO6WIGT22vxV1REc+LcFSKCQyo0PRSN4DDBNnj/4hhq4xsl fr61gX99T8Xv5ljS7gEssBkQi0cNTK6I2SC10wdacNXu7QmQsjKFCh88fzzUNFlL QvbXu0RS4bh0bFCl2/voaVbnFjGdO9uYh8dHFPCeLvxeNV5uQNSQ2pzblPF16BJW E7iihAPhPGTznKcOKFZ0Mb6b+5iugx+1KUrn8loOrcYhNWaciu91H5P+UFhhY3XS vI3R2AO0xaT8urC/NMr5/fTvfpvL4nj3WCDHvESBtNqektZQNMOxo2CO+IrbtMFe fUpoK3FauonO6C1Szsl1HTb3lqDbA0OC -----END CERTIFICATE-----Generated at Sat May 31 17:16:15 2025 by rpki-client