$ rpki-client -vvf rpki.apnic.net/member_repository/A911C9E8/FDF6730658FD11EE9D2D2376C4F9AE02/hSmfDbFMjwpT0kRu_bDMBZwVJL8.mft File: hSmfDbFMjwpT0kRu_bDMBZwVJL8.mft (raw, json) Hash identifier: RYXbBnfMhU4xb7TtKSyItXEW9iGiBExHRfAOtenfB28= Subject key identifier: 4A:8C:A7:E4:E9:91:08:96:2A:EC:9D:04:E0:57:A4:CB:01:0F:C3:2B Authority key identifier: 85:29:9F:0D:B1:4C:8F:0A:53:D2:44:6E:FD:B0:CC:05:9C:15:24:BF Certificate issuer: /CN=A911C9E8/serialNumber=85299F0DB14C8F0A53D2446EFDB0CC059C1524BF Certificate serial: 0137 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hSmfDbFMjwpT0kRu_bDMBZwVJL8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911C9E8/FDF6730658FD11EE9D2D2376C4F9AE02/hSmfDbFMjwpT0kRu_bDMBZwVJL8.mft Manifest number: 0134 Signing time: Fri 09 May 2025 03:36:04 +0000 Manifest this update: Fri 09 May 2025 03:36:03 +0000 Manifest next update: Fri 16 May 2025 03:36:03 +0000 Files and hashes: 1: hSmfDbFMjwpT0kRu_bDMBZwVJL8.crl (hash: bf8gOzP+Jx6wfAypb0gylhSDbbUD1LCZm647GmjDxA4=) 2: E39F4ED65C2411EEB54C4F43C4F9AE02.roa (hash: jSX8BBXcDhKRO02h61flDcL9PRKVJzf27mu274wCdhk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911C9E8/FDF6730658FD11EE9D2D2376C4F9AE02/hSmfDbFMjwpT0kRu_bDMBZwVJL8.crl rsync://rpki.apnic.net/member_repository/A911C9E8/FDF6730658FD11EE9D2D2376C4F9AE02/hSmfDbFMjwpT0kRu_bDMBZwVJL8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hSmfDbFMjwpT0kRu_bDMBZwVJL8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 16 May 2025 03:36:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 311 (0x137) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911C9E8, serialNumber=85299F0DB14C8F0A53D2446EFDB0CC059C1524BF Validity Not Before: May 9 03:36:03 2025 GMT Not After : May 16 03:36:03 2025 GMT Subject: CN=681d7824-2a09 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:a4:76:a2:27:7f:63:b9:50:a2:28:25:4a:0e: d7:d9:fe:cf:b5:d0:33:91:57:46:df:39:bd:73:2f: 3a:4a:58:c4:8d:51:01:cf:33:72:5f:30:ff:9e:5b: fd:ea:76:38:10:e3:7e:50:a7:be:ac:60:20:90:ef: f4:8f:f0:f9:4e:e4:31:74:70:2e:8e:74:3e:40:b3: 81:69:02:5a:d2:da:ea:bc:bc:78:dc:56:d1:ec:46: ec:c2:28:17:a6:93:b8:e4:3a:03:aa:7a:61:17:26: 12:9c:0f:30:98:85:a6:d4:f3:f4:44:c9:34:45:b2: cc:23:ed:dc:5c:f9:25:d4:4f:ea:04:87:61:8a:57: 22:3e:9a:3d:a4:1c:11:d2:bf:ad:9b:73:83:7a:c4: 5f:8b:aa:b1:a2:16:b4:16:a8:18:3c:c8:4a:c0:3f: c7:29:83:5a:36:af:05:c6:d0:65:84:22:9b:fc:1f: 52:cd:0f:b3:49:81:1f:b0:65:60:a0:ae:f4:0a:bc: f7:34:54:14:cb:43:38:f7:de:44:cf:ef:c8:4f:db: 18:9b:4f:10:ea:34:fb:a5:e9:ba:0d:e8:8f:af:b2: c8:e6:e3:69:c4:b3:27:5d:df:d2:65:76:8a:31:fe: b8:41:07:ea:e2:90:52:1b:95:96:e8:08:12:c9:4d: ea:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:8C:A7:E4:E9:91:08:96:2A:EC:9D:04:E0:57:A4:CB:01:0F:C3:2B X509v3 Authority Key Identifier: keyid:85:29:9F:0D:B1:4C:8F:0A:53:D2:44:6E:FD:B0:CC:05:9C:15:24:BF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911C9E8/FDF6730658FD11EE9D2D2376C4F9AE02/hSmfDbFMjwpT0kRu_bDMBZwVJL8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hSmfDbFMjwpT0kRu_bDMBZwVJL8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C9E8/FDF6730658FD11EE9D2D2376C4F9AE02/hSmfDbFMjwpT0kRu_bDMBZwVJL8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 45:06:20:a3:7f:7b:68:7e:dd:6e:27:dc:4f:56:4d:d0:e0:2c: 02:b6:8c:72:f8:23:52:c6:f3:41:60:73:49:7f:e3:ee:61:68: 40:e6:db:b1:4f:3e:5e:1b:1b:91:08:98:32:6c:1b:be:bf:20: 02:3e:5e:af:bf:57:c4:58:af:49:6b:83:86:e1:61:25:83:18: 9a:98:1e:36:36:ad:ab:c1:e3:ff:69:5d:b0:9a:cb:07:64:ca: d8:91:1a:dc:ee:35:25:b5:68:1c:c9:5e:bf:29:89:e7:25:ce: b3:18:e6:97:b9:b5:9d:b2:50:2f:96:26:44:93:15:06:18:5c: 48:42:08:a1:e3:ea:8f:f3:23:6c:4b:68:92:a1:4e:24:af:f6: f6:1b:14:fe:52:0b:bc:42:11:a4:88:8a:30:b9:cf:49:68:44: ae:d3:d6:03:b4:49:43:52:41:da:64:6d:fb:0c:af:d3:f2:4f: 34:62:0b:c8:99:4c:9c:df:2f:d6:26:b3:ff:0c:59:30:1c:52: 27:7d:94:b5:a8:04:81:f0:e1:b2:54:49:79:61:ec:63:04:0c: a9:16:9c:05:52:42:00:34:53:ff:98:0b:02:e9:98:b3:22:c7: a1:0c:bf:86:26:13:ec:f3:cf:8a:1f:b9:37:05:47:6f:2e:07: e7:2f:43:a5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICATcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUM5RTgxMTAvBgNVBAUTKDg1Mjk5RjBEQjE0QzhGMEE1M0QyNDQ2RUZEQjBDQzA1 OUMxNTI0QkYwHhcNMjUwNTA5MDMzNjAzWhcNMjUwNTE2MDMzNjAzWjAYMRYwFAYD VQQDEw02ODFkNzgyNC0yYTA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA16R2oid/Y7lQoiglSg7X2f7PtdAzkVdG3zm9cy86SljEjVEBzzNyXzD/nlv9 6nY4EON+UKe+rGAgkO/0j/D5TuQxdHAujnQ+QLOBaQJa0trqvLx43FbR7EbswigX ppO45DoDqnphFyYSnA8wmIWm1PP0RMk0RbLMI+3cXPkl1E/qBIdhilciPpo9pBwR 0r+tm3ODesRfi6qxoha0FqgYPMhKwD/HKYNaNq8FxtBlhCKb/B9SzQ+zSYEfsGVg oK70Crz3NFQUy0M4995Ez+/IT9sYm08Q6jT7pem6DeiPr7LI5uNpxLMnXd/SZXaK Mf64QQfq4pBSG5WW6AgSyU3q7wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEqMp+Tp kQiWKuydBOBXpMsBD8MrMB8GA1UdIwQYMBaAFIUpnw2xTI8KU9JEbv2wzAWcFSS/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzlFOC9GREY2NzMwNjU4 RkQxMUVFOUQyRDIzNzZDNEY5QUUwMi9oU21mRGJGTWp3cFQwa1J1X2JETUJad1ZK TDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hTbWZEYkZNandwVDBrUnVfYkRNQlp3VkpMOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx QzlFOC9GREY2NzMwNjU4RkQxMUVFOUQyRDIzNzZDNEY5QUUwMi9oU21mRGJGTWp3 cFQwa1J1X2JETUJad1ZKTDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBFBiCjf3toft1uJ9xPVk3Q4CwCtoxy+CNSxvNBYHNJf+PuYWhA5tux Tz5eGxuRCJgybBu+vyACPl6vv1fEWK9Ja4OG4WElgxiamB42Nq2rweP/aV2wmssH ZMrYkRrc7jUltWgcyV6/KYnnJc6zGOaXubWdslAvliZEkxUGGFxIQgih4+qP8yNs S2iSoU4kr/b2GxT+Ugu8QhGkiIowuc9JaESu09YDtElDUkHaZG37DK/T8k80YgvI mUyc3y/WJrP/DFkwHFInfZS1qASB8OGyVEl5YexjBAypFpwFUkIANFP/mAsC6Ziz IsehDL+GJhPs88+KH7k3BUdvLgfnL0Ol -----END CERTIFICATE-----Generated at Sun May 11 04:28:00 2025 by rpki-client