$ rpki-client -vvf rpki.apnic.net/member_repository/A91C8BB4/D954BABE69B711EA88E72E59C4F9AE02/HRIX74_oS1glUWcbyjXmhEhpJJc.mft File: HRIX74_oS1glUWcbyjXmhEhpJJc.mft (raw, json) Hash identifier: U3uKZ0jrKvt52QKiSLFaosQZTAhkgUwPlatdYEW9RN8= Subject key identifier: 9E:F8:9C:F2:56:65:C8:73:B1:09:05:EB:6D:76:92:7F:A6:44:AA:3B Authority key identifier: 1D:12:17:EF:8F:E8:4B:58:25:51:67:1B:CA:35:E6:84:48:69:24:97 Certificate issuer: /CN=A91C8BB4/serialNumber=1D1217EF8FE84B582551671BCA35E68448692497 Certificate serial: 0A4A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HRIX74_oS1glUWcbyjXmhEhpJJc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C8BB4/D954BABE69B711EA88E72E59C4F9AE02/HRIX74_oS1glUWcbyjXmhEhpJJc.mft Manifest number: 0A42 Signing time: Fri 30 May 2025 19:55:33 +0000 Manifest this update: Fri 30 May 2025 19:55:32 +0000 Manifest next update: Fri 06 Jun 2025 19:55:32 +0000 Files and hashes: 1: HRIX74_oS1glUWcbyjXmhEhpJJc.crl (hash: f3bWr8J/7ag9d6v/Hx9UtVCCJdsciOq0Pf0TRs3cXc0=) 2: 9261E554464611EE84B7C534C4F9AE02.roa (hash: lLxl/sSYgP6ZriIWkj+AWN6PJcQcpVbRmAe2Y2lbT3s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C8BB4/D954BABE69B711EA88E72E59C4F9AE02/HRIX74_oS1glUWcbyjXmhEhpJJc.crl rsync://rpki.apnic.net/member_repository/A91C8BB4/D954BABE69B711EA88E72E59C4F9AE02/HRIX74_oS1glUWcbyjXmhEhpJJc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HRIX74_oS1glUWcbyjXmhEhpJJc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 19:55:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2634 (0xa4a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C8BB4, serialNumber=1D1217EF8FE84B582551671BCA35E68448692497 Validity Not Before: May 30 19:55:32 2025 GMT Not After : Jun 6 19:55:32 2025 GMT Subject: CN=683a0d35-aace Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:85:27:5e:1b:1f:e5:a9:3f:b1:9e:91:44:7d: f8:ac:7c:05:1d:8a:2d:66:d2:67:f0:46:26:db:6e: 7a:f0:a3:c7:f5:55:6f:1f:7a:3d:92:1e:86:a3:1f: fc:73:cd:fa:87:08:df:46:81:db:73:45:80:ef:8f: 98:1b:c2:53:30:f2:a7:20:60:39:58:09:f9:f0:8c: 7f:c1:f8:8a:9a:20:ab:21:1d:a5:65:10:e0:b5:38: f0:eb:91:03:4a:6f:29:a1:79:31:10:ef:b5:4e:c4: f0:33:31:e2:aa:c0:5e:36:8a:b5:f4:75:92:f8:d6: 3f:1d:33:bf:24:ad:07:27:60:d0:03:d0:aa:f0:b3: 1b:66:43:dd:02:48:76:27:40:53:21:fd:df:6c:5f: b3:c1:05:d4:70:ab:3e:30:14:fd:99:b7:db:7e:58: 87:55:de:66:8e:d4:85:19:7f:46:f9:13:96:97:4e: 5e:ba:09:39:9f:45:9a:af:e1:cc:f7:af:49:f0:fc: bc:7f:52:32:2d:17:6c:30:f6:7e:d5:0f:c1:1d:c4: 50:d5:96:b0:ca:60:e9:14:de:5c:bd:20:04:53:70: bc:52:7e:70:a0:18:1f:ad:61:37:23:58:77:c6:bc: e6:f2:ef:74:09:a6:2b:78:88:77:25:f7:13:e4:89: 65:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:F8:9C:F2:56:65:C8:73:B1:09:05:EB:6D:76:92:7F:A6:44:AA:3B X509v3 Authority Key Identifier: keyid:1D:12:17:EF:8F:E8:4B:58:25:51:67:1B:CA:35:E6:84:48:69:24:97 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C8BB4/D954BABE69B711EA88E72E59C4F9AE02/HRIX74_oS1glUWcbyjXmhEhpJJc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HRIX74_oS1glUWcbyjXmhEhpJJc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C8BB4/D954BABE69B711EA88E72E59C4F9AE02/HRIX74_oS1glUWcbyjXmhEhpJJc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 82:81:c0:39:f9:87:e1:97:b0:60:68:8d:b1:76:90:86:64:ca: 3b:50:4e:ee:01:35:58:3d:79:3f:73:fc:26:fb:40:65:d2:ef: 48:51:00:0b:af:0c:b4:54:e5:b5:54:a9:2a:99:83:75:9e:97: 10:17:70:48:13:c0:0d:60:5b:0a:54:b5:4c:d0:2e:41:4e:14: 08:2c:af:40:15:8c:be:f8:3c:d0:99:87:b0:a6:23:45:67:75: 49:3f:2f:ca:ea:7b:fe:c9:c9:41:a6:88:42:a5:44:39:cf:61: f7:7e:1e:a0:6e:32:93:a7:4b:2a:30:bb:7f:12:b2:47:24:1f: 92:a3:69:28:19:71:4a:dc:d0:af:af:7d:5c:65:a2:f1:b1:4d: dc:5d:ec:dc:aa:5d:f0:1f:5f:ef:1e:8b:59:d6:1e:1e:6c:27: e6:be:bf:d1:c7:c7:7b:0c:6e:7d:ae:10:a4:cd:97:ac:22:10: a7:a8:00:a5:03:4a:41:87:26:cd:88:25:e8:6b:b3:61:9f:a9: 92:e3:41:61:bb:76:34:71:69:da:e6:20:35:d4:54:86:94:ab: 71:c2:af:53:7a:5b:bb:8b:07:3b:80:c5:77:04:52:fd:f4:a2: f4:b4:2a:b0:96:63:46:8c:82:f7:9e:5a:b3:5e:89:b8:10:ca: 20:54:64:20 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCkowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzhCQjQxMTAvBgNVBAUTKDFEMTIxN0VGOEZFODRCNTgyNTUxNjcxQkNBMzVFNjg0 NDg2OTI0OTcwHhcNMjUwNTMwMTk1NTMyWhcNMjUwNjA2MTk1NTMyWjAYMRYwFAYD VQQDEw02ODNhMGQzNS1hYWNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0YUnXhsf5ak/sZ6RRH34rHwFHYotZtJn8EYm22568KPH9VVvH3o9kh6Gox/8 c836hwjfRoHbc0WA74+YG8JTMPKnIGA5WAn58Ix/wfiKmiCrIR2lZRDgtTjw65ED Sm8poXkxEO+1TsTwMzHiqsBeNoq19HWS+NY/HTO/JK0HJ2DQA9Cq8LMbZkPdAkh2 J0BTIf3fbF+zwQXUcKs+MBT9mbfbfliHVd5mjtSFGX9G+ROWl05eugk5n0War+HM 969J8Py8f1IyLRdsMPZ+1Q/BHcRQ1ZawymDpFN5cvSAEU3C8Un5woBgfrWE3I1h3 xrzm8u90CaYreIh3JfcT5IlliwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ74nPJW ZchzsQkF6212kn+mRKo7MB8GA1UdIwQYMBaAFB0SF++P6EtYJVFnG8o15oRIaSSX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOEJCNC9EOTU0QkFCRTY5 QjcxMUVBODhFNzJFNTlDNEY5QUUwMi9IUklYNzRfb1MxZ2xVV2NieWpYbWhFaHBK SmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hSSVg3NF9vUzFnbFVXY2J5alhtaEVocEpKYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD OEJCNC9EOTU0QkFCRTY5QjcxMUVBODhFNzJFNTlDNEY5QUUwMi9IUklYNzRfb1Mx Z2xVV2NieWpYbWhFaHBKSmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCCgcA5+Yfhl7BgaI2xdpCGZMo7UE7uATVYPXk/c/wm+0Bl0u9IUQAL rwy0VOW1VKkqmYN1npcQF3BIE8ANYFsKVLVM0C5BThQILK9AFYy++DzQmYewpiNF Z3VJPy/K6nv+yclBpohCpUQ5z2H3fh6gbjKTp0sqMLt/ErJHJB+So2koGXFK3NCv r31cZaLxsU3cXezcql3wH1/vHotZ1h4ebCfmvr/Rx8d7DG59rhCkzZesIhCnqACl A0pBhybNiCXoa7Nhn6mS40Fhu3Y0cWna5iA11FSGlKtxwq9Telu7iwc7gMV3BFL9 9KL0tCqwlmNGjIL3nlqzXom4EMogVGQg -----END CERTIFICATE-----Generated at Sat May 31 17:08:49 2025 by rpki-client