$ rpki-client -vvf rpki.apnic.net/member_repository/A91348DF/F02B5DBCC1DD11ECB97B9C7FC4F9AE02/8HDB502tEidOj1dd_gu3wU69yZA.mft File: 8HDB502tEidOj1dd_gu3wU69yZA.mft (raw, json) Hash identifier: zaXyxnV1T5iPXfQEcO3CoLKHiP5rGQeYlNrviNael/A= Subject key identifier: FE:34:0E:9D:C9:68:36:10:40:37:E5:26:6B:C2:C3:E5:17:0C:99:5E Authority key identifier: F0:70:C1:E7:4D:AD:12:27:4E:8F:57:5D:FE:0B:B7:C1:4E:BD:C9:90 Certificate issuer: /CN=A91348DF/serialNumber=F070C1E74DAD12274E8F575DFE0BB7C14EBDC990 Certificate serial: 0333 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8HDB502tEidOj1dd_gu3wU69yZA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91348DF/F02B5DBCC1DD11ECB97B9C7FC4F9AE02/8HDB502tEidOj1dd_gu3wU69yZA.mft Manifest number: 032F Signing time: Sun 11 May 2025 00:39:10 +0000 Manifest this update: Sun 11 May 2025 00:39:10 +0000 Manifest next update: Sun 18 May 2025 00:39:10 +0000 Files and hashes: 1: 8HDB502tEidOj1dd_gu3wU69yZA.crl (hash: GtCrlSX5XInRlB4e56CUCwgTRNgJqygg0e7tDQx86pI=) 2: 06A2C3E2C1E211EC86C79687C4F9AE02.roa (hash: L9t+DRBbmPVBfDehx/WMt8l2VQJogVd/uUcSz4yUxtc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91348DF/F02B5DBCC1DD11ECB97B9C7FC4F9AE02/8HDB502tEidOj1dd_gu3wU69yZA.crl rsync://rpki.apnic.net/member_repository/A91348DF/F02B5DBCC1DD11ECB97B9C7FC4F9AE02/8HDB502tEidOj1dd_gu3wU69yZA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8HDB502tEidOj1dd_gu3wU69yZA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 00:39:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 819 (0x333) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91348DF, serialNumber=F070C1E74DAD12274E8F575DFE0BB7C14EBDC990 Validity Not Before: May 11 00:39:10 2025 GMT Not After : May 18 00:39:10 2025 GMT Subject: CN=681ff1ae-fece Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:08:2b:13:a8:e9:da:f1:8a:b4:3c:c1:e7:88: a2:12:54:d4:6e:5b:b0:86:04:52:fc:d3:8d:d5:f6: 99:eb:b9:b6:b0:34:53:c3:2d:0a:1e:19:16:b4:95: 12:3c:5c:4d:3b:6a:27:72:7c:61:cf:4f:54:5f:f0: cf:c6:ae:32:d7:ac:f3:37:c2:fa:bc:2a:11:9a:f8: 88:ac:a3:92:57:53:d8:6f:7f:42:c4:33:13:9f:b5: 40:83:07:f0:ff:8f:a0:96:eb:b0:c7:ae:86:8e:dc: 3f:70:1b:94:84:da:ba:88:fe:df:54:84:d5:50:55: d6:34:52:7d:12:e2:6c:2b:68:51:ad:1c:fd:f1:ff: 16:32:ae:16:99:3f:29:3b:14:28:a0:c1:41:6c:06: ca:42:71:25:be:6e:31:7f:d2:5f:27:1a:9f:6e:42: a9:a5:8f:69:cc:b7:19:6a:82:5f:18:ce:20:97:da: f6:3a:bc:84:24:4e:e8:9e:e9:81:ef:8b:e5:4c:0c: 4c:d2:db:0d:e5:87:00:bf:ab:27:20:f9:1f:69:54: 41:fb:a0:66:5d:97:9e:be:01:1c:62:08:e5:0d:ce: ce:82:03:51:3d:53:d2:05:3e:6e:7a:37:25:56:a3: 95:63:12:38:7c:18:1f:3e:e6:c9:7d:4b:cf:13:a7: 80:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:34:0E:9D:C9:68:36:10:40:37:E5:26:6B:C2:C3:E5:17:0C:99:5E X509v3 Authority Key Identifier: keyid:F0:70:C1:E7:4D:AD:12:27:4E:8F:57:5D:FE:0B:B7:C1:4E:BD:C9:90 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91348DF/F02B5DBCC1DD11ECB97B9C7FC4F9AE02/8HDB502tEidOj1dd_gu3wU69yZA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8HDB502tEidOj1dd_gu3wU69yZA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91348DF/F02B5DBCC1DD11ECB97B9C7FC4F9AE02/8HDB502tEidOj1dd_gu3wU69yZA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 78:2b:70:25:17:5e:ee:0d:f3:75:7f:f1:9b:d9:a8:b8:7b:95: c2:15:e9:94:45:fa:28:d4:e1:a5:e2:d1:52:24:ea:d2:04:b0: 60:b2:72:80:46:64:e1:7e:de:1e:7f:d4:85:5c:30:ba:99:e0: 0d:52:1a:13:0e:4c:83:08:ee:44:68:6d:93:1c:95:39:ae:63: 3a:57:95:ec:44:35:dc:77:a9:ea:6b:24:fc:8c:ba:e7:a0:9c: 30:0c:e5:eb:2f:07:76:75:b0:ef:6b:c3:0c:1a:f6:12:0f:5e: 62:d2:01:85:1c:13:74:ed:d9:ee:94:a8:a3:b8:4b:bf:70:c1: 7c:3d:3f:22:02:6d:b3:19:3b:25:67:7f:63:b1:ac:80:90:ac: f9:2e:52:00:5c:1d:77:d4:42:c1:09:ff:cb:ac:5c:90:93:90: ac:ec:a4:f4:39:c1:d9:b4:09:28:34:19:8f:de:ed:ae:ac:cb: f9:12:c5:9f:73:c1:e8:cd:10:d7:84:3a:94:37:52:aa:42:8f: cd:48:20:cb:bb:d7:b1:6f:28:f5:5d:2e:09:2b:08:5e:10:15: b2:da:06:0c:83:29:fd:2b:76:a2:3f:9c:b9:17:13:53:ca:cf: 78:0a:a0:cd:7f:80:68:02:6a:56:10:0f:54:10:09:75:ed:24: 8e:b8:9a:44 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAzMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzQ4REYxMTAvBgNVBAUTKEYwNzBDMUU3NERBRDEyMjc0RThGNTc1REZFMEJCN0Mx NEVCREM5OTAwHhcNMjUwNTExMDAzOTEwWhcNMjUwNTE4MDAzOTEwWjAYMRYwFAYD VQQDEw02ODFmZjFhZS1mZWNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuggrE6jp2vGKtDzB54iiElTUbluwhgRS/NON1faZ67m2sDRTwy0KHhkWtJUS PFxNO2oncnxhz09UX/DPxq4y16zzN8L6vCoRmviIrKOSV1PYb39CxDMTn7VAgwfw /4+gluuwx66Gjtw/cBuUhNq6iP7fVITVUFXWNFJ9EuJsK2hRrRz98f8WMq4WmT8p OxQooMFBbAbKQnElvm4xf9JfJxqfbkKppY9pzLcZaoJfGM4gl9r2OryEJE7onumB 74vlTAxM0tsN5YcAv6snIPkfaVRB+6BmXZeevgEcYgjlDc7OggNRPVPSBT5uejcl VqOVYxI4fBgfPubJfUvPE6eAOQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP40Dp3J aDYQQDflJmvCw+UXDJleMB8GA1UdIwQYMBaAFPBwwedNrRInTo9XXf4Lt8FOvcmQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNDhERi9GMDJCNURCQ0Mx REQxMUVDQjk3QjlDN0ZDNEY5QUUwMi84SERCNTAydEVpZE9qMWRkX2d1M3dVNjl5 WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzhIREI1MDJ0RWlkT2oxZGRfZ3Uzd1U2OXlaQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NDhERi9GMDJCNURCQ0MxREQxMUVDQjk3QjlDN0ZDNEY5QUUwMi84SERCNTAydEVp ZE9qMWRkX2d1M3dVNjl5WkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB4K3AlF17uDfN1f/Gb2ai4e5XCFemURfoo1OGl4tFSJOrSBLBgsnKA RmThft4ef9SFXDC6meANUhoTDkyDCO5EaG2THJU5rmM6V5XsRDXcd6nqayT8jLrn oJwwDOXrLwd2dbDva8MMGvYSD15i0gGFHBN07dnulKijuEu/cMF8PT8iAm2zGTsl Z39jsayAkKz5LlIAXB131ELBCf/LrFyQk5Cs7KT0OcHZtAkoNBmP3u2urMv5EsWf c8HozRDXhDqUN1KqQo/NSCDLu9exbyj1XS4JKwheEBWy2gYMgyn9K3aiP5y5FxNT ys94CqDNf4BoAmpWEA9UEAl17SSOuJpE -----END CERTIFICATE-----Generated at Sun May 11 12:35:24 2025 by rpki-client