$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.mft File: HretI1L3xupKYveEzl-7EW3ybsI.mft (raw, json) Hash identifier: jzktu9bsCzn35Crg2zh5LNckr+j0fgb4wvdqIFC3ZXo= Subject key identifier: 37:76:88:27:DE:B3:D2:4B:A1:80:00:98:9B:74:79:97:92:72:F0:BD Authority key identifier: 1E:B7:AD:23:52:F7:C6:EA:4A:62:F7:84:CE:5F:BB:11:6D:F2:6E:C2 Certificate issuer: /CN=A91EF24F/serialNumber=1EB7AD2352F7C6EA4A62F784CE5FBB116DF26EC2 Certificate serial: 07E7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HretI1L3xupKYveEzl-7EW3ybsI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.mft Manifest number: 07CE Signing time: Fri 30 May 2025 21:28:11 +0000 Manifest this update: Fri 30 May 2025 21:28:10 +0000 Manifest next update: Fri 06 Jun 2025 21:28:10 +0000 Files and hashes: 1: HretI1L3xupKYveEzl-7EW3ybsI.crl (hash: HsIVA1gWYgA2ZT14kX3muJpKDIP0S26Cku4OPQKTRgE=) 2: 84B96CA6904111EF8D11A381C4F9AE02.roa (hash: apZe4MVRPNoFnu0VdCcMOgQQIHarERu0kJz1jLlb1yY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.crl rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HretI1L3xupKYveEzl-7EW3ybsI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 21:28:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2023 (0x7e7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EF24F, serialNumber=1EB7AD2352F7C6EA4A62F784CE5FBB116DF26EC2 Validity Not Before: May 30 21:28:10 2025 GMT Not After : Jun 6 21:28:10 2025 GMT Subject: CN=683a22eb-b8c2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:82:9f:ea:af:68:7d:09:f8:b9:40:ce:29:0b: 2a:f0:9c:04:45:fb:77:17:96:de:4a:be:33:8e:20: 8d:2a:b7:07:8e:13:9a:0d:70:d7:1e:58:ec:3a:54: 68:7a:d7:2a:88:16:d1:ac:61:95:ab:ac:8b:aa:f0: 2e:22:36:1d:57:35:31:07:21:b1:b3:99:de:58:c6: 92:3f:3f:6e:c0:b9:9c:ec:fa:28:9b:2d:4f:f1:1b: 0f:2d:a3:6b:9b:85:b3:45:9b:64:a2:da:71:1c:31: 2e:df:f2:d9:a3:c5:68:9a:8d:08:8e:e6:4c:91:cb: 67:a7:28:fb:2a:d0:34:5e:02:b8:8a:4c:92:9a:cb: 51:6e:ca:05:a8:05:49:5e:99:d2:6a:1c:a6:ca:76: 28:6f:ca:c5:76:29:22:ec:38:21:22:5a:f3:75:a5: 85:83:0e:3a:0d:88:f9:1d:9d:aa:76:31:ec:69:94: 80:23:be:c5:32:ee:32:04:d8:03:f2:7b:46:de:37: 64:a6:b0:fd:58:c7:23:5c:cc:f0:43:97:04:6d:c4: f8:6c:12:4b:80:e4:e1:2a:00:ee:d5:aa:52:30:b1: 03:d8:67:44:32:09:65:29:c7:1f:d2:a3:c7:73:ce: bb:36:3f:1a:0d:58:ef:99:73:a0:cc:3f:4e:eb:92: bd:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:76:88:27:DE:B3:D2:4B:A1:80:00:98:9B:74:79:97:92:72:F0:BD X509v3 Authority Key Identifier: keyid:1E:B7:AD:23:52:F7:C6:EA:4A:62:F7:84:CE:5F:BB:11:6D:F2:6E:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HretI1L3xupKYveEzl-7EW3ybsI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 26:6b:80:f5:60:93:c3:d3:f0:92:d8:4e:ae:35:1a:73:71:3e: a1:09:03:7b:30:fc:48:45:77:55:24:45:b2:75:18:12:55:01: 69:c4:f7:0d:5a:13:4a:9f:44:b6:a9:22:40:90:ad:aa:24:74: d2:80:bb:96:23:b4:7d:92:af:a6:42:a9:9a:f7:ac:0c:43:2a: 74:1d:03:b9:58:a7:4e:20:1f:a0:a3:c0:c0:69:5e:88:f6:96: 4d:7c:a6:73:cf:23:7d:19:17:40:86:f6:4d:e8:5f:da:19:59: c7:eb:a8:aa:c2:d9:91:13:63:4e:59:02:7d:e0:24:0e:03:a8: f5:ee:e2:d8:eb:a9:d9:12:25:56:67:f6:f5:3e:aa:76:b1:63: 47:21:e7:a7:77:48:75:f9:4f:e4:32:3d:5a:e1:38:24:8e:78: f7:96:88:3b:d9:8f:df:1b:f6:a8:70:71:08:f1:e2:12:83:d6: ce:d7:a0:bc:a7:f7:05:80:39:db:a9:e6:72:61:01:94:ea:05: 1f:68:e5:d2:c7:f7:bb:ef:70:e4:34:79:e4:dd:cd:32:b0:c2: 0b:e5:db:16:e0:63:83:62:5a:3a:b6:23:ea:8f:30:47:c4:2f: 2b:73:c0:90:dd:8e:e2:82:66:68:4b:5c:5f:35:56:02:1b:8b: f3:a2:b1:c2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB+cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUYyNEYxMTAvBgNVBAUTKDFFQjdBRDIzNTJGN0M2RUE0QTYyRjc4NENFNUZCQjEx NkRGMjZFQzIwHhcNMjUwNTMwMjEyODEwWhcNMjUwNjA2MjEyODEwWjAYMRYwFAYD VQQDEw02ODNhMjJlYi1iOGMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2IKf6q9ofQn4uUDOKQsq8JwERft3F5beSr4zjiCNKrcHjhOaDXDXHljsOlRo etcqiBbRrGGVq6yLqvAuIjYdVzUxByGxs5neWMaSPz9uwLmc7Poomy1P8RsPLaNr m4WzRZtkotpxHDEu3/LZo8Vomo0IjuZMkctnpyj7KtA0XgK4ikySmstRbsoFqAVJ XpnSahymynYob8rFdiki7DghIlrzdaWFgw46DYj5HZ2qdjHsaZSAI77FMu4yBNgD 8ntG3jdkprD9WMcjXMzwQ5cEbcT4bBJLgOThKgDu1apSMLED2GdEMgllKccf0qPH c867Nj8aDVjvmXOgzD9O65K9pwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDd2iCfe s9JLoYAAmJt0eZeScvC9MB8GA1UdIwQYMBaAFB63rSNS98bqSmL3hM5fuxFt8m7C MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRjI0Ri82NURERkFCNDAy RkExMUVCQTNBMEEyMzFDNEY5QUUwMi9IcmV0STFMM3h1cEtZdmVFemwtN0VXM3li c0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hyZXRJMUwzeHVwS1l2ZUV6bC03RVczeWJzSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF RjI0Ri82NURERkFCNDAyRkExMUVCQTNBMEEyMzFDNEY5QUUwMi9IcmV0STFMM3h1 cEtZdmVFemwtN0VXM3lic0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAma4D1YJPD0/CS2E6uNRpzcT6hCQN7MPxIRXdVJEWydRgSVQFpxPcN WhNKn0S2qSJAkK2qJHTSgLuWI7R9kq+mQqma96wMQyp0HQO5WKdOIB+go8DAaV6I 9pZNfKZzzyN9GRdAhvZN6F/aGVnH66iqwtmRE2NOWQJ94CQOA6j17uLY66nZEiVW Z/b1Pqp2sWNHIeend0h1+U/kMj1a4Tgkjnj3log72Y/fG/aocHEI8eISg9bO16C8 p/cFgDnbqeZyYQGU6gUfaOXSx/e773DkNHnk3c0ysMIL5dsW4GODYlo6tiPqjzBH xC8rc8CQ3Y7igmZoS1xfNVYCG4vzorHC -----END CERTIFICATE-----Generated at Sat May 31 17:34:23 2025 by rpki-client