$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA9C0/5AFB148E388211F08CCB1866C4F9AE02/HQ2sEe2C41wjsMvv--4AYmOwmVc.mft File: HQ2sEe2C41wjsMvv--4AYmOwmVc.mft (raw, json) Hash identifier: dSqG0KFWS+8ObF5KiKvBYH1yAhnTE/qF1MlIkKvfuPI= Subject key identifier: 04:CA:0F:1F:32:C2:0D:8C:F7:D0:4A:E7:1B:4F:43:BD:3F:97:05:A5 Authority key identifier: 1D:0D:AC:11:ED:82:E3:5C:23:B0:CB:EF:FB:EE:00:62:63:B0:99:57 Certificate issuer: /CN=A91EA9C0/serialNumber=1D0DAC11ED82E35C23B0CBEFFBEE006263B09957 Certificate serial: 05 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HQ2sEe2C41wjsMvv--4AYmOwmVc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA9C0/5AFB148E388211F08CCB1866C4F9AE02/HQ2sEe2C41wjsMvv--4AYmOwmVc.mft Manifest number: 05 Signing time: Sat 31 May 2025 07:45:17 +0000 Manifest this update: Sat 31 May 2025 07:45:16 +0000 Manifest next update: Sat 07 Jun 2025 07:45:16 +0000 Files and hashes: 1: HQ2sEe2C41wjsMvv--4AYmOwmVc.crl (hash: SEPTI5ZAE8iMsY2Povv12QhSQlJEqDkVxi6WYEJJcj4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA9C0/5AFB148E388211F08CCB1866C4F9AE02/HQ2sEe2C41wjsMvv--4AYmOwmVc.crl rsync://rpki.apnic.net/member_repository/A91EA9C0/5AFB148E388211F08CCB1866C4F9AE02/HQ2sEe2C41wjsMvv--4AYmOwmVc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HQ2sEe2C41wjsMvv--4AYmOwmVc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 07:45:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5 (0x5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA9C0, serialNumber=1D0DAC11ED82E35C23B0CBEFFBEE006263B09957 Validity Not Before: May 31 07:45:16 2025 GMT Not After : Jun 7 07:45:16 2025 GMT Subject: CN=683ab38c-ddde Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:b2:d1:ab:8f:d9:95:57:c4:5c:fa:e2:18:d3: e2:fe:43:7c:76:f2:5e:39:a0:99:28:a4:c5:e2:38: 13:c6:04:b0:b3:5f:c6:89:a9:09:d9:12:a6:ee:3c: a8:f3:be:74:9d:31:b5:cb:f7:df:f7:19:04:61:ca: 9e:a0:60:72:63:70:2f:04:90:e9:2c:49:dc:53:cc: 1c:d7:c1:d7:d4:38:dc:92:e5:bb:31:60:f8:0f:b1: 6c:df:52:5f:ee:b5:c3:36:46:2a:b8:96:7e:be:3c: ae:61:ae:1b:5d:23:88:0a:83:22:74:f8:03:29:12: f8:40:5f:b7:55:b4:4c:0a:92:a2:13:a6:22:83:2f: 86:00:6e:6a:53:4d:97:47:06:ca:5f:2c:56:0b:bb: 04:43:22:99:8c:66:a6:8e:be:a7:9c:9e:37:4a:4a: 08:1d:f4:b0:67:ec:4e:5d:4c:ef:84:e3:6d:78:2a: da:64:9f:ee:dd:66:e3:51:6c:be:7b:45:df:ac:e7: df:db:c3:a4:74:d4:00:48:2d:a9:1a:57:c1:fa:0b: c2:65:d4:40:e8:83:05:de:70:24:60:63:ed:53:88: 8d:d2:49:39:63:42:af:a8:50:ae:ca:f0:9a:6e:8f: 5d:ca:46:47:11:9b:a6:81:4b:87:15:1b:fc:1b:c7: b0:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:CA:0F:1F:32:C2:0D:8C:F7:D0:4A:E7:1B:4F:43:BD:3F:97:05:A5 X509v3 Authority Key Identifier: keyid:1D:0D:AC:11:ED:82:E3:5C:23:B0:CB:EF:FB:EE:00:62:63:B0:99:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA9C0/5AFB148E388211F08CCB1866C4F9AE02/HQ2sEe2C41wjsMvv--4AYmOwmVc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HQ2sEe2C41wjsMvv--4AYmOwmVc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA9C0/5AFB148E388211F08CCB1866C4F9AE02/HQ2sEe2C41wjsMvv--4AYmOwmVc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7c:91:92:dd:34:8f:5e:d2:6f:03:87:94:1d:3b:80:32:c8:6e: 80:06:90:c4:7b:2b:8b:ab:7e:6b:3f:5d:5c:7d:98:62:d7:13: 41:17:e6:97:91:46:97:d8:06:fb:89:88:61:54:39:53:c4:df: 4f:ba:36:92:36:8c:1a:55:73:4d:3b:f6:7f:dc:60:b8:99:3b: 22:77:ca:7c:77:78:16:cc:cd:cb:2a:b9:6c:0b:50:e7:93:4f: ad:80:08:11:5a:ee:39:2b:26:7f:85:e5:12:f9:4b:a7:79:ce: ff:88:7a:91:b5:c7:83:46:d6:97:b1:d2:05:cf:08:38:95:06: 9b:f2:66:4e:1e:ad:68:69:82:1b:65:f8:ba:e7:32:37:77:38: d2:e2:c2:56:d5:9a:17:a6:71:ad:24:cb:8f:ca:af:26:48:1e: a0:34:d4:e4:4e:97:6b:6c:e1:ac:97:64:0d:a0:ac:5d:83:f5: 06:02:60:e2:57:61:34:44:87:55:80:29:98:d1:27:1c:ab:51: 71:a0:ac:e1:de:9a:7d:37:f3:3e:93:fd:25:69:72:97:20:32: 79:96:16:31:a0:a4:43:02:3a:d9:e7:a2:cb:61:0f:3d:55:52: e3:aa:78:46:72:de:36:81:54:e1:24:18:cf:e2:48:fb:cd:1e: bc:22:9f:68 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF QTlDMDExMC8GA1UEBRMoMUQwREFDMTFFRDgyRTM1QzIzQjBDQkVGRkJFRTAwNjI2 M0IwOTk1NzAeFw0yNTA1MzEwNzQ1MTZaFw0yNTA2MDcwNzQ1MTZaMBgxFjAUBgNV BAMTDTY4M2FiMzhjLWRkZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDlstGrj9mVV8Rc+uIY0+L+Q3x28l45oJkopMXiOBPGBLCzX8aJqQnZEqbuPKjz vnSdMbXL99/3GQRhyp6gYHJjcC8EkOksSdxTzBzXwdfUONyS5bsxYPgPsWzfUl/u tcM2Riq4ln6+PK5hrhtdI4gKgyJ0+AMpEvhAX7dVtEwKkqITpiKDL4YAbmpTTZdH BspfLFYLuwRDIpmMZqaOvqecnjdKSggd9LBn7E5dTO+E4214Ktpkn+7dZuNRbL57 Rd+s59/bw6R01ABILakaV8H6C8Jl1EDogwXecCRgY+1TiI3SSTljQq+oUK7K8Jpu j13KRkcRm6aBS4cVG/wbx7DnAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUBMoPHzLC DYz30ErnG09DvT+XBaUwHwYDVR0jBBgwFoAUHQ2sEe2C41wjsMvv++4AYmOwmVcw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVBOUMwLzVBRkIxNDhFMzg4 MjExRjA4Q0NCMTg2NkM0RjlBRTAyL0hRMnNFZTJDNDF3anNNdnYtLTRBWW1Pd21W Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvSFEyc0VlMkM0MXdqc012di0tNEFZbU93bVZjLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVB OUMwLzVBRkIxNDhFMzg4MjExRjA4Q0NCMTg2NkM0RjlBRTAyL0hRMnNFZTJDNDF3 anNNdnYtLTRBWW1Pd21WYy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHyRkt00j17SbwOHlB07gDLIboAGkMR7K4urfms/XVx9mGLXE0EX5peR RpfYBvuJiGFUOVPE30+6NpI2jBpVc0079n/cYLiZOyJ3ynx3eBbMzcsquWwLUOeT T62ACBFa7jkrJn+F5RL5S6d5zv+IepG1x4NG1pex0gXPCDiVBpvyZk4erWhpghtl +LrnMjd3ONLiwlbVmhemca0ky4/KryZIHqA01OROl2ts4ayXZA2grF2D9QYCYOJX YTREh1WAKZjRJxyrUXGgrOHemn038z6T/SVpcpcgMnmWFjGgpEMCOtnnosthDz1V UuOqeEZy3jaBVOEkGM/iSPvNHrwin2g= -----END CERTIFICATE-----Generated at Sat May 31 17:01:14 2025 by rpki-client