$ rpki-client -vvf rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.mft File: He-yCnpR7hjdetBq2qxJEePi95Q.mft (raw, json) Hash identifier: 6D7kLztSe8o9NBM0utqpD3ywLiFK1/tDZcybFVlkHxw= Subject key identifier: BF:E5:70:84:B0:7A:8C:C1:8B:B8:B5:E0:BB:A2:A8:FF:16:19:97:E0 Authority key identifier: 1D:EF:B2:0A:7A:51:EE:18:DD:7A:D0:6A:DA:AC:49:11:E3:E2:F7:94 Certificate issuer: /CN=A91285E3/serialNumber=1DEFB20A7A51EE18DD7AD06ADAAC4911E3E2F794 Certificate serial: 01EE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He-yCnpR7hjdetBq2qxJEePi95Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.mft Manifest number: 01E8 Signing time: Tue 01 Jul 2025 03:02:13 +0000 Manifest this update: Tue 01 Jul 2025 03:02:12 +0000 Manifest next update: Tue 08 Jul 2025 03:02:12 +0000 Files and hashes: 1: He-yCnpR7hjdetBq2qxJEePi95Q.crl (hash: v5j/bBt84vPE55MRCLkZVfpnFbDCP63UacdK87CSvfA=) 2: 54365208708411EDA8B14246C4F9AE02.roa (hash: mCCSZ+9WYvhaMFX9tC0Iaz2gMx4GH4ZGb0UPoAirqT8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.crl rsync://rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He-yCnpR7hjdetBq2qxJEePi95Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 03:02:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 494 (0x1ee) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91285E3, serialNumber=1DEFB20A7A51EE18DD7AD06ADAAC4911E3E2F794 Validity Not Before: Jul 1 03:02:12 2025 GMT Not After : Jul 8 03:02:12 2025 GMT Subject: CN=68634fb5-7a74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:26:19:42:02:12:22:12:80:59:8b:71:f9:26: af:7f:c3:98:cb:69:34:cd:0e:e3:f3:e3:e6:14:89: 75:06:03:79:f7:f9:56:7b:60:e3:2d:fa:cd:e8:a8: 8a:a0:0e:84:21:77:ed:d3:d1:73:a0:6c:6d:50:df: 9d:16:dd:7f:b0:b8:a6:c1:24:fa:62:77:9e:3b:ff: 96:98:45:a0:bc:9f:7f:09:e7:1b:07:37:bc:dc:ad: 52:7f:99:9d:98:f5:71:15:41:2b:ee:aa:36:90:78: 84:8b:08:36:97:c8:57:08:46:09:db:24:23:73:31: 1e:3e:4f:12:a0:85:bf:5e:1c:3d:0c:a5:9f:b4:6a: d0:b5:6c:58:86:f6:cf:cf:69:a2:76:fa:43:8a:a4: 72:fb:d1:2f:d0:53:59:95:96:96:d1:57:2d:30:a4: 1c:3b:0f:6b:39:32:33:6d:60:8b:24:54:cc:f6:c5: 0b:b1:cb:f3:0c:89:25:90:b2:42:b3:76:4c:a9:d2: b1:4a:3d:f3:ad:09:5c:db:43:d3:ed:56:3c:cb:09: 55:c9:3c:c3:ab:6f:a7:12:76:47:5b:63:58:26:33: 35:b1:e6:25:3b:22:39:61:c3:f5:8a:25:5f:e9:93: 4d:70:23:f7:19:b2:ad:84:9d:c7:fb:8e:74:f4:00: 5d:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:E5:70:84:B0:7A:8C:C1:8B:B8:B5:E0:BB:A2:A8:FF:16:19:97:E0 X509v3 Authority Key Identifier: keyid:1D:EF:B2:0A:7A:51:EE:18:DD:7A:D0:6A:DA:AC:49:11:E3:E2:F7:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He-yCnpR7hjdetBq2qxJEePi95Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0a:61:83:4b:e3:90:b0:4e:b4:c8:80:29:34:32:b0:80:b9:16: a3:e9:ea:4f:63:e8:68:a3:43:07:32:02:ea:d4:d7:3e:73:84: ce:50:c4:f6:cb:62:a8:5e:25:2c:4a:4b:59:2a:3c:6e:2f:6b: cf:fa:15:f7:a5:99:8c:d2:cb:0a:83:2f:26:f3:21:24:47:61: c6:33:42:e9:6e:8e:7f:b9:e0:76:c7:3d:e5:e7:74:ad:81:93: a1:56:cd:e8:e7:e5:84:7a:35:4e:1a:95:01:e6:c7:a5:46:6d: e1:1e:13:da:8a:43:ec:5d:fd:65:aa:fa:f9:d2:84:80:5a:76: 1a:cc:54:51:c6:6f:b7:76:8d:7f:be:70:36:dd:a5:bd:3d:1c: cf:23:01:fe:e9:7c:6f:f9:f5:86:a2:a0:50:a5:fa:4c:cf:a0: 8d:c4:c9:da:49:4c:01:7a:5a:d7:e0:6d:a1:1b:d9:98:a8:42: 5b:2b:8c:8d:7b:14:79:4d:1b:c1:3d:34:c8:2e:1c:f2:11:48: 93:ad:a4:b4:bc:5a:ac:3c:e0:12:f6:e8:19:dc:11:28:1d:a6: 12:a3:2d:6e:e1:fc:b8:19:40:48:42:61:36:51:39:b1:f2:25: ca:9b:f4:44:e6:d6:24:a4:80:38:a1:69:48:45:2e:67:cb:b4: 44:c5:c2:26 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAe4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mjg1RTMxMTAvBgNVBAUTKDFERUZCMjBBN0E1MUVFMThERDdBRDA2QURBQUM0OTEx RTNFMkY3OTQwHhcNMjUwNzAxMDMwMjEyWhcNMjUwNzA4MDMwMjEyWjAYMRYwFAYD VQQDEw02ODYzNGZiNS03YTc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxiYZQgISIhKAWYtx+Savf8OYy2k0zQ7j8+PmFIl1BgN59/lWe2DjLfrN6KiK oA6EIXft09FzoGxtUN+dFt1/sLimwST6YneeO/+WmEWgvJ9/CecbBze83K1Sf5md mPVxFUEr7qo2kHiEiwg2l8hXCEYJ2yQjczEePk8SoIW/Xhw9DKWftGrQtWxYhvbP z2midvpDiqRy+9Ev0FNZlZaW0VctMKQcOw9rOTIzbWCLJFTM9sULscvzDIklkLJC s3ZMqdKxSj3zrQlc20PT7VY8ywlVyTzDq2+nEnZHW2NYJjM1seYlOyI5YcP1iiVf 6ZNNcCP3GbKthJ3H+4509ABd5QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL/lcISw eozBi7i14LuiqP8WGZfgMB8GA1UdIwQYMBaAFB3vsgp6Ue4Y3XrQatqsSRHj4veU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyODVFMy8xQjEyQTgyNDcw NzkxMUVEQkFBN0NEMjZDNEY5QUUwMi9IZS15Q25wUjdoamRldEJxMnF4SkVlUGk5 NVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hlLXlDbnBSN2hqZGV0QnEycXhKRWVQaTk1US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy ODVFMy8xQjEyQTgyNDcwNzkxMUVEQkFBN0NEMjZDNEY5QUUwMi9IZS15Q25wUjdo amRldEJxMnF4SkVlUGk5NVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAKYYNL45CwTrTIgCk0MrCAuRaj6epPY+hoo0MHMgLq1Nc+c4TOUMT2 y2KoXiUsSktZKjxuL2vP+hX3pZmM0ssKgy8m8yEkR2HGM0Lpbo5/ueB2xz3l53St gZOhVs3o5+WEejVOGpUB5selRm3hHhPaikPsXf1lqvr50oSAWnYazFRRxm+3do1/ vnA23aW9PRzPIwH+6Xxv+fWGoqBQpfpMz6CNxMnaSUwBelrX4G2hG9mYqEJbK4yN exR5TRvBPTTILhzyEUiTraS0vFqsPOAS9ugZ3BEoHaYSoy1u4fy4GUBIQmE2UTmx 8iXKm/RE5tYkpIA4oWlIRS5ny7RExcIm -----END CERTIFICATE-----Generated at Tue Jul 1 20:50:38 2025 by rpki-client