$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft File: He4XpqM4DuSI7ztuISW4eOZAckg.mft (raw, json) Hash identifier: yC87PDyJoBkH6us8nLNt+R9Rvv3mZlpzlR+KWGnT6Bo= Subject key identifier: 0E:FA:31:EF:7F:7D:B5:3B:CE:51:D0:CB:C6:C6:46:A0:B1:5B:54:DC Authority key identifier: 1D:EE:17:A6:A3:38:0E:E4:88:EF:3B:6E:21:25:B8:78:E6:40:72:48 Certificate issuer: /CN=A91E8D22/serialNumber=1DEE17A6A3380EE488EF3B6E2125B878E6407248 Certificate serial: 017F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft Manifest number: 017A Signing time: Sat 31 May 2025 03:25:15 +0000 Manifest this update: Sat 31 May 2025 03:25:14 +0000 Manifest next update: Sat 07 Jun 2025 03:25:14 +0000 Files and hashes: 1: He4XpqM4DuSI7ztuISW4eOZAckg.crl (hash: j0kQSph4ttiNVFc+XFRuCgmc6tUWHgR/wCnYuP2hlmU=) 2: 805A2E74660311EF90397033C4F9AE02.roa (hash: kr3XK/LA3ME6CWbcxw7hFQfhU6QavtLWXc2+mP6aHgc=) 3: 8405155C69EB11EF933A993CC4F9AE02.roa (hash: Nc218pLJmDdsf2Z9Kv612BkBE9ixmiOBUD2+vg6KRQA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.crl rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 03:25:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 383 (0x17f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8D22, serialNumber=1DEE17A6A3380EE488EF3B6E2125B878E6407248 Validity Not Before: May 31 03:25:14 2025 GMT Not After : Jun 7 03:25:14 2025 GMT Subject: CN=683a769a-ba97 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:ce:a0:da:34:1a:ef:5b:ee:f7:07:80:ce:c1: e5:bf:ae:52:55:a0:6d:8b:33:ba:0e:5d:b5:99:28: b5:69:c0:9b:00:f9:ac:18:52:9a:ee:fc:4a:69:61: f2:f5:7a:a5:43:09:17:a2:e2:5a:ce:1f:8c:5a:b3: 01:bb:8b:1b:9a:d9:c1:c3:3e:2c:7c:95:c6:af:a8: 36:24:85:69:ce:96:91:ed:95:1f:b4:10:ac:43:b6: 0a:16:ac:bf:22:ca:89:00:a3:15:52:66:ca:a7:0f: 81:76:6b:83:cb:30:24:3d:c7:0e:ff:18:71:21:a3: 35:b2:2d:41:6a:67:79:3f:99:39:a1:7a:de:b0:a4: 8e:b9:05:35:19:6a:76:4b:bf:dd:f6:c8:69:da:32: 84:1f:3d:3c:72:b9:6d:11:11:16:f7:1f:16:ff:0d: 9e:ea:a9:23:4e:4c:92:67:d4:3c:f8:53:d4:d5:0f: 3c:f1:1d:3c:7e:6f:69:4d:43:00:61:75:e1:8b:99: 16:39:51:1c:61:80:65:52:b4:c6:2e:c9:0f:fc:69: a6:c1:4c:d0:38:e8:5e:bb:9e:b0:42:75:84:e3:18: c3:11:ae:de:df:c4:f6:f9:a5:a3:52:88:e3:26:11: a6:ca:17:c4:26:7f:96:10:c1:db:84:96:bb:b7:78: 10:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:FA:31:EF:7F:7D:B5:3B:CE:51:D0:CB:C6:C6:46:A0:B1:5B:54:DC X509v3 Authority Key Identifier: keyid:1D:EE:17:A6:A3:38:0E:E4:88:EF:3B:6E:21:25:B8:78:E6:40:72:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b4:18:12:84:87:5e:8e:5d:48:d4:91:44:38:d7:76:00:f4:e4: cd:64:83:bd:b9:20:aa:cf:14:a8:61:a4:e6:17:63:d5:9a:f8: 06:6b:20:32:f6:0e:7e:7c:ad:48:c1:e1:8c:ef:ac:d6:e8:e6: 69:83:9d:99:e5:1b:cd:03:00:05:26:40:f6:6b:ab:78:5f:ec: e9:83:29:dc:87:21:26:2b:fe:f2:8d:0f:57:a6:a9:4b:4e:b3: f5:f9:63:6c:d5:42:1e:e2:df:8f:80:09:c7:45:fc:d0:08:b2: 00:3d:23:49:01:56:3a:c3:93:c0:db:46:3a:dc:ed:f6:59:33: 5d:7e:1e:af:88:2a:24:47:19:f3:72:a7:a4:98:ef:02:31:b8: 15:55:0b:a2:25:fc:5c:3f:97:bc:09:92:37:67:82:fe:3b:57: 60:a8:32:f2:fd:51:7f:ff:d3:6e:af:36:91:25:23:05:7c:51: 28:e6:ce:ed:31:7a:80:b1:d9:0a:a6:57:36:7e:c4:54:95:22: 06:b3:43:9e:ad:7b:59:d0:c9:db:2c:c5:ff:19:0a:c9:a9:db: 56:ae:4f:62:5d:28:31:cd:c9:f0:3b:ad:6f:82:66:dd:25:f8: 17:61:cb:79:f8:93:6b:61:7c:7c:ed:ab:60:4d:0d:6b:9d:f9: a2:6f:c6:ce -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAX8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RThEMjIxMTAvBgNVBAUTKDFERUUxN0E2QTMzODBFRTQ4OEVGM0I2RTIxMjVCODc4 RTY0MDcyNDgwHhcNMjUwNTMxMDMyNTE0WhcNMjUwNjA3MDMyNTE0WjAYMRYwFAYD VQQDEw02ODNhNzY5YS1iYTk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0M6g2jQa71vu9weAzsHlv65SVaBtizO6Dl21mSi1acCbAPmsGFKa7vxKaWHy 9XqlQwkXouJazh+MWrMBu4sbmtnBwz4sfJXGr6g2JIVpzpaR7ZUftBCsQ7YKFqy/ IsqJAKMVUmbKpw+BdmuDyzAkPccO/xhxIaM1si1Bamd5P5k5oXresKSOuQU1GWp2 S7/d9shp2jKEHz08crltEREW9x8W/w2e6qkjTkySZ9Q8+FPU1Q888R08fm9pTUMA YXXhi5kWOVEcYYBlUrTGLskP/GmmwUzQOOheu56wQnWE4xjDEa7e38T2+aWjUojj JhGmyhfEJn+WEMHbhJa7t3gQZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA76Me9/ fbU7zlHQy8bGRqCxW1TcMB8GA1UdIwQYMBaAFB3uF6ajOA7kiO87biEluHjmQHJI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEQyMi8zRjdENjhBOEZE RTUxMUVEODc4NDE3NzBDNEY5QUUwMi9IZTRYcHFNNER1U0k3enR1SVNXNGVPWkFj a2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hlNFhwcU00RHVTSTd6dHVJU1c0ZU9aQWNrZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OEQyMi8zRjdENjhBOEZERTUxMUVEODc4NDE3NzBDNEY5QUUwMi9IZTRYcHFNNER1 U0k3enR1SVNXNGVPWkFja2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC0GBKEh16OXUjUkUQ413YA9OTNZIO9uSCqzxSoYaTmF2PVmvgGayAy 9g5+fK1IweGM76zW6OZpg52Z5RvNAwAFJkD2a6t4X+zpgynchyEmK/7yjQ9XpqlL TrP1+WNs1UIe4t+PgAnHRfzQCLIAPSNJAVY6w5PA20Y63O32WTNdfh6viCokRxnz cqekmO8CMbgVVQuiJfxcP5e8CZI3Z4L+O1dgqDLy/VF//9NurzaRJSMFfFEo5s7t MXqAsdkKplc2fsRUlSIGs0OerXtZ0MnbLMX/GQrJqdtWrk9iXSgxzcnwO61vgmbd JfgXYct5+JNrYXx87atgTQ1rnfmib8bO -----END CERTIFICATE-----Generated at Sat May 31 16:34:02 2025 by rpki-client