$ rpki-client -vvf rpki.apnic.net/member_repository/A914D9C3/45CC82CC806911EF82C9773CC4F9AE02/HlwQfv0DzxPSFKOaaizo3a0wRw4.mft File: HlwQfv0DzxPSFKOaaizo3a0wRw4.mft (raw, json) Hash identifier: ZsIF+7yuoqRCDSwtHD06FG6tF+dkX3814FnTl77ugRU= Subject key identifier: 81:79:B2:65:E2:43:4E:BD:F7:8D:6F:08:4D:19:EC:87:3C:2E:2D:A7 Authority key identifier: 1E:5C:10:7E:FD:03:CF:13:D2:14:A3:9A:6A:2C:E8:DD:AD:30:47:0E Certificate issuer: /CN=A914D9C3/serialNumber=1E5C107EFD03CF13D214A39A6A2CE8DDAD30470E Certificate serial: 7A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HlwQfv0DzxPSFKOaaizo3a0wRw4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914D9C3/45CC82CC806911EF82C9773CC4F9AE02/HlwQfv0DzxPSFKOaaizo3a0wRw4.mft Manifest number: 77 Signing time: Sun 11 May 2025 05:32:52 +0000 Manifest this update: Sun 11 May 2025 05:32:52 +0000 Manifest next update: Sun 18 May 2025 05:32:52 +0000 Files and hashes: 1: HlwQfv0DzxPSFKOaaizo3a0wRw4.crl (hash: TNH/fX0wNfqbpChbMhD4FAhdjy+IPEvmGTf4kT0YKgw=) 2: F7B3707C806911EF8C30A03DC4F9AE02.roa (hash: 9WzRWZ39qEL+BS0hCUtMSeDhBI46JI/Ih27Az+Uy8VI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914D9C3/45CC82CC806911EF82C9773CC4F9AE02/HlwQfv0DzxPSFKOaaizo3a0wRw4.crl rsync://rpki.apnic.net/member_repository/A914D9C3/45CC82CC806911EF82C9773CC4F9AE02/HlwQfv0DzxPSFKOaaizo3a0wRw4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HlwQfv0DzxPSFKOaaizo3a0wRw4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 05:32:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 122 (0x7a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914D9C3, serialNumber=1E5C107EFD03CF13D214A39A6A2CE8DDAD30470E Validity Not Before: May 11 05:32:52 2025 GMT Not After : May 18 05:32:52 2025 GMT Subject: CN=68203684-9d4b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:8a:02:b0:58:17:78:b5:87:b2:6b:ce:85:19: 62:65:cf:4e:65:a5:8c:4f:ae:6e:53:61:17:40:0d: 03:30:e4:bc:85:01:bb:32:a1:af:43:c2:18:95:3b: ac:b6:cb:ee:d2:5a:aa:80:49:af:a7:ec:39:34:3f: ce:d1:8d:75:f4:67:8e:d9:b8:30:25:88:11:a6:7b: 23:e6:75:f3:af:10:a7:80:81:b0:95:60:00:95:01: d6:ce:6b:6c:6a:56:00:91:73:ff:fd:7a:e0:18:54: 8b:09:bf:f8:3c:77:ff:24:ff:07:c8:ca:1c:ba:a7: c3:23:0d:af:5a:d2:65:5c:a3:6f:05:78:d0:d6:f7: ca:29:60:c0:ac:94:ea:41:1c:49:de:e5:05:f2:56: 90:5c:00:73:0c:e7:ea:a5:bd:cb:7e:0c:c3:96:7b: 58:d6:63:43:42:dc:75:33:11:5e:ae:28:74:d3:0b: 49:65:c6:e7:de:5b:f9:f9:04:51:1c:21:f6:7e:c5: 4d:4d:9d:53:08:43:13:ce:4d:ab:75:8d:17:d6:eb: ac:5d:0c:af:3e:13:0a:33:5a:c2:04:f3:d8:ca:40: 9e:65:77:8a:18:78:ad:6c:aa:13:4f:66:44:96:41: 32:bc:8e:bf:db:96:bc:aa:30:be:77:02:f6:03:0e: c9:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:79:B2:65:E2:43:4E:BD:F7:8D:6F:08:4D:19:EC:87:3C:2E:2D:A7 X509v3 Authority Key Identifier: keyid:1E:5C:10:7E:FD:03:CF:13:D2:14:A3:9A:6A:2C:E8:DD:AD:30:47:0E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914D9C3/45CC82CC806911EF82C9773CC4F9AE02/HlwQfv0DzxPSFKOaaizo3a0wRw4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HlwQfv0DzxPSFKOaaizo3a0wRw4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914D9C3/45CC82CC806911EF82C9773CC4F9AE02/HlwQfv0DzxPSFKOaaizo3a0wRw4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5d:86:30:a6:25:ab:5f:00:04:f6:1a:e9:11:41:85:f2:0d:a1: c9:52:4a:9a:7d:de:ce:c2:a9:7d:e2:f0:2d:98:77:95:29:73: 3f:53:6c:e4:15:d8:e4:18:e0:dd:c4:c0:76:4b:65:58:82:85: 84:f1:8e:ae:2b:c0:6a:5a:6c:5f:ce:b2:5f:c0:19:37:16:5c: 21:65:7f:fe:51:f4:3c:e8:21:56:1b:1c:00:38:8e:ff:b6:35: 53:68:37:a3:4d:71:83:77:c0:52:73:22:c5:7a:9a:70:7c:a4: 90:fa:6e:86:54:27:b9:54:74:4a:63:29:13:57:64:ef:23:4c: 1a:44:49:a1:83:91:7e:88:24:ed:dd:b5:63:76:af:66:41:95: b2:da:ca:22:8d:9f:5c:79:2e:b8:4c:30:2c:87:8d:e6:0b:21: 98:d3:74:05:b8:fb:11:58:a5:87:66:e1:58:55:31:5b:94:5c: ec:b2:19:29:4f:4c:06:50:c2:c2:c3:35:0e:e1:06:6f:b2:35: 16:08:5d:ec:24:b6:0b:6d:6c:bf:0e:f2:c1:4c:80:f7:27:2c: b4:ac:e0:24:db:a4:6e:c8:6c:2d:e0:21:a4:0d:98:58:0f:04: 54:e5:be:83:9b:0d:17:2d:3c:52:b8:a7:a1:07:94:77:1f:cb: e8:8a:40:f5 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBejANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 RDlDMzExMC8GA1UEBRMoMUU1QzEwN0VGRDAzQ0YxM0QyMTRBMzlBNkEyQ0U4RERB RDMwNDcwRTAeFw0yNTA1MTEwNTMyNTJaFw0yNTA1MTgwNTMyNTJaMBgxFjAUBgNV BAMTDTY4MjAzNjg0LTlkNGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCuigKwWBd4tYeya86FGWJlz05lpYxPrm5TYRdADQMw5LyFAbsyoa9DwhiVO6y2 y+7SWqqASa+n7Dk0P87RjXX0Z47ZuDAliBGmeyPmdfOvEKeAgbCVYACVAdbOa2xq VgCRc//9euAYVIsJv/g8d/8k/wfIyhy6p8MjDa9a0mVco28FeNDW98opYMCslOpB HEne5QXyVpBcAHMM5+qlvct+DMOWe1jWY0NC3HUzEV6uKHTTC0llxufeW/n5BFEc IfZ+xU1NnVMIQxPOTat1jRfW66xdDK8+EwozWsIE89jKQJ5ld4oYeK1sqhNPZkSW QTK8jr/blryqML53AvYDDslFAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUgXmyZeJD Tr33jW8ITRnshzwuLacwHwYDVR0jBBgwFoAUHlwQfv0DzxPSFKOaaizo3a0wRw4w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTREOUMzLzQ1Q0M4MkNDODA2 OTExRUY4MkM5NzczQ0M0RjlBRTAyL0hsd1FmdjBEenhQU0ZLT2FhaXpvM2Ewd1J3 NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvSGx3UWZ2MER6eFBTRktPYWFpem8zYTB3Unc0LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRE OUMzLzQ1Q0M4MkNDODA2OTExRUY4MkM5NzczQ0M0RjlBRTAyL0hsd1FmdjBEenhQ U0ZLT2FhaXpvM2Ewd1J3NC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAF2GMKYlq18ABPYa6RFBhfINoclSSpp93s7CqX3i8C2Yd5Upcz9TbOQV 2OQY4N3EwHZLZViChYTxjq4rwGpabF/Osl/AGTcWXCFlf/5R9DzoIVYbHAA4jv+2 NVNoN6NNcYN3wFJzIsV6mnB8pJD6boZUJ7lUdEpjKRNXZO8jTBpESaGDkX6IJO3d tWN2r2ZBlbLayiKNn1x5LrhMMCyHjeYLIZjTdAW4+xFYpYdm4VhVMVuUXOyyGSlP TAZQwsLDNQ7hBm+yNRYIXewktgttbL8O8sFMgPcnLLSs4CTbpG7IbC3gIaQNmFgP BFTlvoObDRctPFK4p6EHlHcfy+iKQPU= -----END CERTIFICATE-----Generated at Mon May 12 16:50:25 2025 by rpki-client