$ rpki-client -vvf rpki.apnic.net/member_repository/A9131A2D/DA46609AF7C311EA9B2EF785C4F9AE02/HQSsXQPY72rEMd4aeq57aHaBtjY.mft File: HQSsXQPY72rEMd4aeq57aHaBtjY.mft (raw, json) Hash identifier: CVcEVLYEYY5eI3Tag7CnPzoqVgvejlcgzlTmNjnFpSc= Subject key identifier: 11:3E:72:9B:99:C2:6C:93:83:F9:78:46:0C:B4:2C:2F:A7:58:81:74 Authority key identifier: 1D:04:AC:5D:03:D8:EF:6A:C4:31:DE:1A:7A:AE:7B:68:76:81:B6:36 Certificate issuer: /CN=A9131A2D/serialNumber=1D04AC5D03D8EF6AC431DE1A7AAE7B687681B636 Certificate serial: 07D9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HQSsXQPY72rEMd4aeq57aHaBtjY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9131A2D/DA46609AF7C311EA9B2EF785C4F9AE02/HQSsXQPY72rEMd4aeq57aHaBtjY.mft Manifest number: 07C6 Signing time: Wed 14 May 2025 21:14:29 +0000 Manifest this update: Wed 14 May 2025 21:14:28 +0000 Manifest next update: Wed 21 May 2025 21:14:28 +0000 Files and hashes: 1: HQSsXQPY72rEMd4aeq57aHaBtjY.crl (hash: dPqlX76TqNjzixYk2vFmPa3hAQ0E8a4381MDqJ1BjJY=) 2: 66EE9D94152511ECAD055780C4F9AE02.roa (hash: xYIcgS1Zp8wD+PJFBZBjfV7mWptLx74W20qrbaZleiE=) 3: 111E53B6152811ECB2C0B70BC4F9AE02.roa (hash: vzmf8XnwJutTzSkLhDDX6poVkZL6XtaY1a0fPCQC+dY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9131A2D/DA46609AF7C311EA9B2EF785C4F9AE02/HQSsXQPY72rEMd4aeq57aHaBtjY.crl rsync://rpki.apnic.net/member_repository/A9131A2D/DA46609AF7C311EA9B2EF785C4F9AE02/HQSsXQPY72rEMd4aeq57aHaBtjY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HQSsXQPY72rEMd4aeq57aHaBtjY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 21 May 2025 21:14:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2009 (0x7d9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9131A2D, serialNumber=1D04AC5D03D8EF6AC431DE1A7AAE7B687681B636 Validity Not Before: May 14 21:14:28 2025 GMT Not After : May 21 21:14:28 2025 GMT Subject: CN=682507b4-a777 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:67:6d:1c:34:b7:10:db:10:69:3c:cb:2e:32: df:83:a6:79:0c:38:44:64:59:f1:2d:be:be:3a:4f: 20:ba:d0:ee:e2:97:e7:61:1f:aa:1e:bd:d1:47:0a: 8c:84:13:14:c7:bb:dd:96:80:2a:e0:fb:bb:e6:51: 06:ca:c9:bb:c3:dd:64:5f:ba:f4:59:46:47:e3:f4: ad:26:01:c1:62:dd:2f:f9:0b:1e:f1:53:f9:38:3c: f8:bc:d3:a9:41:37:9f:39:ff:28:61:d5:96:2e:0c: 8e:0f:ad:d9:5f:d0:6d:40:e0:ee:33:e6:44:24:f1: 91:c4:67:b3:22:b4:46:ba:7f:43:77:17:4e:64:bf: b0:72:5e:72:c3:6d:08:39:f9:be:09:61:f8:d8:3c: 99:f3:1a:c7:a0:6f:29:06:81:a5:cd:a8:1a:35:c4: ec:26:8c:77:e6:d7:80:3a:51:80:e1:28:fd:2d:62: c6:db:63:df:04:9d:7d:6a:64:17:38:36:17:00:8d: c6:0a:21:af:e3:a9:3a:c0:d9:d3:7d:3f:a7:57:a7: 50:d6:e9:0d:e7:17:c9:a9:8f:bf:7f:59:40:6b:4e: c6:d6:56:58:05:5b:e7:fc:f1:be:cb:9b:50:25:0a: cf:72:7a:f1:a5:3d:2d:96:f1:09:db:0e:22:c8:0b: 4c:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:3E:72:9B:99:C2:6C:93:83:F9:78:46:0C:B4:2C:2F:A7:58:81:74 X509v3 Authority Key Identifier: keyid:1D:04:AC:5D:03:D8:EF:6A:C4:31:DE:1A:7A:AE:7B:68:76:81:B6:36 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9131A2D/DA46609AF7C311EA9B2EF785C4F9AE02/HQSsXQPY72rEMd4aeq57aHaBtjY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HQSsXQPY72rEMd4aeq57aHaBtjY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9131A2D/DA46609AF7C311EA9B2EF785C4F9AE02/HQSsXQPY72rEMd4aeq57aHaBtjY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8d:b1:24:d9:5f:d2:c9:f2:d3:a8:a0:74:99:59:e9:38:b0:e7: c5:7c:d2:a6:69:1a:74:c6:94:19:cd:07:2a:75:d4:69:ed:f5: 9a:4e:e5:63:36:f6:03:d3:12:92:36:a5:71:50:4b:a1:39:f2: 53:2a:24:79:b1:18:74:ac:f9:32:7a:2d:66:fb:13:c6:fd:71: 6f:5f:eb:42:79:cb:4c:43:b4:9d:61:46:69:f8:84:cb:d1:f7: a3:57:d1:90:60:3c:f6:8b:55:cd:87:92:13:07:44:d1:4b:61: 45:52:67:12:83:ee:f9:ad:89:6e:fe:bf:ca:c4:09:ed:16:53: dd:29:a0:c9:64:b6:68:94:47:12:ce:71:09:31:80:f0:d8:39: 75:d1:44:33:76:ab:44:ba:36:3c:c3:5b:38:d4:65:ea:1e:04: 53:9b:6d:d1:68:16:99:4d:67:97:98:c3:02:42:b8:d6:2c:1c: 77:6a:4d:9c:c4:79:f0:ec:2a:80:0a:df:8b:31:26:0b:cd:96: 25:0d:e9:15:89:1b:df:2b:a1:63:12:d2:79:5f:96:be:96:6d: 8b:8e:9b:29:c7:e7:10:64:b3:23:7f:2e:34:2b:ff:76:f8:5a: 5e:88:70:27:c5:ee:7b:c7:08:4d:31:ca:75:d0:0f:20:3e:f7: d1:ff:6e:9e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB9kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzFBMkQxMTAvBgNVBAUTKDFEMDRBQzVEMDNEOEVGNkFDNDMxREUxQTdBQUU3QjY4 NzY4MUI2MzYwHhcNMjUwNTE0MjExNDI4WhcNMjUwNTIxMjExNDI4WjAYMRYwFAYD VQQDEw02ODI1MDdiNC1hNzc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyWdtHDS3ENsQaTzLLjLfg6Z5DDhEZFnxLb6+Ok8gutDu4pfnYR+qHr3RRwqM hBMUx7vdloAq4Pu75lEGysm7w91kX7r0WUZH4/StJgHBYt0v+Qse8VP5ODz4vNOp QTefOf8oYdWWLgyOD63ZX9BtQODuM+ZEJPGRxGezIrRGun9DdxdOZL+wcl5yw20I Ofm+CWH42DyZ8xrHoG8pBoGlzagaNcTsJox35teAOlGA4Sj9LWLG22PfBJ19amQX ODYXAI3GCiGv46k6wNnTfT+nV6dQ1ukN5xfJqY+/f1lAa07G1lZYBVvn/PG+y5tQ JQrPcnrxpT0tlvEJ2w4iyAtMcQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBE+cpuZ wmyTg/l4Rgy0LC+nWIF0MB8GA1UdIwQYMBaAFB0ErF0D2O9qxDHeGnque2h2gbY2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMUEyRC9EQTQ2NjA5QUY3 QzMxMUVBOUIyRUY3ODVDNEY5QUUwMi9IUVNzWFFQWTcyckVNZDRhZXE1N2FIYUJ0 alkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hRU3NYUVBZNzJyRU1kNGFlcTU3YUhhQnRqWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz MUEyRC9EQTQ2NjA5QUY3QzMxMUVBOUIyRUY3ODVDNEY5QUUwMi9IUVNzWFFQWTcy ckVNZDRhZXE1N2FIYUJ0alkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCNsSTZX9LJ8tOooHSZWek4sOfFfNKmaRp0xpQZzQcqddRp7fWaTuVj NvYD0xKSNqVxUEuhOfJTKiR5sRh0rPkyei1m+xPG/XFvX+tCectMQ7SdYUZp+ITL 0fejV9GQYDz2i1XNh5ITB0TRS2FFUmcSg+75rYlu/r/KxAntFlPdKaDJZLZolEcS znEJMYDw2Dl10UQzdqtEujY8w1s41GXqHgRTm23RaBaZTWeXmMMCQrjWLBx3ak2c xHnw7CqACt+LMSYLzZYlDekViRvfK6FjEtJ5X5a+lm2Ljpspx+cQZLMjfy40K/92 +FpeiHAnxe57xwhNMcp10A8gPvfR/26e -----END CERTIFICATE-----Generated at Thu May 15 10:14:25 2025 by rpki-client