$ rpki-client -vvf rpki.apnic.net/member_repository/A91509C4/4B8961381D8B11E28A33C7E508B02CD2/hQaYWfujzd6OwbgaHgTdYFCzgRM.mft File: hQaYWfujzd6OwbgaHgTdYFCzgRM.mft (raw, json) Hash identifier: p0aSLZta4xwODm8+vWFiaDvwTdfsBUJVCJaHFbInFv0= Subject key identifier: 76:A8:85:AF:09:9E:F9:12:C4:55:BF:EE:D4:5B:56:5E:92:C2:BE:85 Authority key identifier: 85:06:98:59:FB:A3:CD:DE:8E:C1:B8:1A:1E:04:DD:60:50:B3:81:13 Certificate issuer: /CN=A91509C4/serialNumber=85069859FBA3CDDE8EC1B81A1E04DD6050B38113 Certificate serial: 347C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hQaYWfujzd6OwbgaHgTdYFCzgRM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91509C4/4B8961381D8B11E28A33C7E508B02CD2/hQaYWfujzd6OwbgaHgTdYFCzgRM.mft Manifest number: 347C Signing time: Mon 12 May 2025 14:33:50 +0000 Manifest this update: Mon 12 May 2025 14:33:50 +0000 Manifest next update: Mon 19 May 2025 14:33:50 +0000 Files and hashes: 1: hQaYWfujzd6OwbgaHgTdYFCzgRM.crl (hash: Wbv9aO7HB+OQSZmzGFTOPGm6FcbcMHXzeOBVYYzQPac=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91509C4/4B8961381D8B11E28A33C7E508B02CD2/hQaYWfujzd6OwbgaHgTdYFCzgRM.crl rsync://rpki.apnic.net/member_repository/A91509C4/4B8961381D8B11E28A33C7E508B02CD2/hQaYWfujzd6OwbgaHgTdYFCzgRM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hQaYWfujzd6OwbgaHgTdYFCzgRM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 14:33:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13436 (0x347c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509C4, serialNumber=85069859FBA3CDDE8EC1B81A1E04DD6050B38113 Validity Not Before: May 12 14:33:50 2025 GMT Not After : May 19 14:33:50 2025 GMT Subject: CN=682206ce-8e31 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:de:01:90:32:dc:68:38:0e:4b:60:d0:8e:f9: af:79:02:23:18:e0:46:e0:e0:dd:86:53:f3:31:40: 4b:3c:ea:72:32:e4:81:04:6f:cb:b7:35:46:6a:3c: 69:08:f0:88:25:3a:91:19:c0:1c:14:7a:4c:5d:3e: 4a:c4:dc:38:9a:ad:34:cc:9a:d9:b7:4f:9d:48:56: d5:f4:5a:35:97:66:e6:5e:af:90:ba:70:2d:65:3b: c2:cc:f2:1a:7f:d0:c7:aa:45:65:07:23:74:e2:73: 0b:0a:93:01:69:5d:0c:62:fb:aa:3b:69:0a:89:14: 37:2a:bc:4d:df:fe:e8:7c:f8:28:ed:4e:07:3b:e6: 58:ab:16:90:d0:3e:9e:4a:85:37:21:59:cb:ea:ad: ba:c0:c1:f5:90:b9:8d:af:a6:83:81:d4:f0:98:0a: 37:13:7e:28:e6:89:77:43:77:02:94:57:b4:a1:8d: de:17:2b:90:23:7d:de:f0:d8:d2:dd:a8:a5:fe:55: d6:43:df:48:c8:b6:bf:f6:d1:17:9e:de:a2:60:88: 16:54:cb:78:46:48:7e:a0:71:f8:bb:7e:0b:2d:8d: 07:8f:fa:73:b3:37:2a:21:66:c5:2c:78:c4:84:55: d7:75:5e:7d:8b:b6:8a:a9:f0:ee:46:e2:2b:13:d9: 0f:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:A8:85:AF:09:9E:F9:12:C4:55:BF:EE:D4:5B:56:5E:92:C2:BE:85 X509v3 Authority Key Identifier: keyid:85:06:98:59:FB:A3:CD:DE:8E:C1:B8:1A:1E:04:DD:60:50:B3:81:13 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91509C4/4B8961381D8B11E28A33C7E508B02CD2/hQaYWfujzd6OwbgaHgTdYFCzgRM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hQaYWfujzd6OwbgaHgTdYFCzgRM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91509C4/4B8961381D8B11E28A33C7E508B02CD2/hQaYWfujzd6OwbgaHgTdYFCzgRM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 68:21:10:f9:1a:4e:bf:dd:12:9b:af:b0:0a:f5:35:60:cf:99: a5:ce:7f:94:af:37:c5:ce:8c:dd:b3:dc:31:f6:e6:c8:a7:d0: 82:02:d3:b4:41:e0:4a:41:a4:63:76:ca:3d:59:94:a9:87:20: 4b:ed:25:8a:9f:97:03:dd:33:c7:30:e1:62:93:2b:56:85:b4: fb:20:68:36:bb:f3:4e:2f:93:61:49:b5:ad:ca:69:90:4b:2e: f2:a1:09:d1:b6:6a:64:7a:30:6b:df:87:d1:fe:bb:06:79:a7: da:7c:08:1b:50:9d:0b:ac:96:2b:9d:f5:bd:a6:d4:89:58:0a: fb:8e:d1:94:77:81:ff:9d:e9:5d:11:58:b3:85:c6:f7:0a:79: 80:85:f9:d5:b0:5b:48:cc:ee:3e:85:c2:33:0d:18:d9:00:61: a0:48:0f:00:ce:4a:95:82:51:e9:ce:b8:81:9e:b4:76:c4:a5: 81:7a:9d:d8:3e:73:96:af:45:73:77:fa:04:09:00:ce:07:3f: fd:0d:e5:20:7e:93:4e:6f:17:34:29:e7:d0:f2:89:4e:97:c2: 17:68:e2:9e:c8:85:c6:ff:92:8c:7f:68:5f:e2:94:f9:01:dd: 48:1d:ee:6e:f2:e3:14:88:9f:f8:11:f3:ae:8e:84:7c:92:86: b5:4b:df:5c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNHwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTA5QzQxMTAvBgNVBAUTKDg1MDY5ODU5RkJBM0NEREU4RUMxQjgxQTFFMDRERDYw NTBCMzgxMTMwHhcNMjUwNTEyMTQzMzUwWhcNMjUwNTE5MTQzMzUwWjAYMRYwFAYD VQQDEw02ODIyMDZjZS04ZTMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxN4BkDLcaDgOS2DQjvmveQIjGOBG4ODdhlPzMUBLPOpyMuSBBG/LtzVGajxp CPCIJTqRGcAcFHpMXT5KxNw4mq00zJrZt0+dSFbV9Fo1l2bmXq+QunAtZTvCzPIa f9DHqkVlByN04nMLCpMBaV0MYvuqO2kKiRQ3KrxN3/7ofPgo7U4HO+ZYqxaQ0D6e SoU3IVnL6q26wMH1kLmNr6aDgdTwmAo3E34o5ol3Q3cClFe0oY3eFyuQI33e8NjS 3ail/lXWQ99IyLa/9tEXnt6iYIgWVMt4Rkh+oHH4u34LLY0Hj/pzszcqIWbFLHjE hFXXdV59i7aKqfDuRuIrE9kPhwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHaoha8J nvkSxFW/7tRbVl6Swr6FMB8GA1UdIwQYMBaAFIUGmFn7o83ejsG4Gh4E3WBQs4ET MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MDlDNC80Qjg5NjEzODFE OEIxMUUyOEEzM0M3RTUwOEIwMkNEMi9oUWFZV2Z1anpkNk93YmdhSGdUZFlGQ3pn Uk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hRYVlXZnVqemQ2T3diZ2FIZ1RkWUZDemdSTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 MDlDNC80Qjg5NjEzODFEOEIxMUUyOEEzM0M3RTUwOEIwMkNEMi9oUWFZV2Z1anpk Nk93YmdhSGdUZFlGQ3pnUk0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBoIRD5Gk6/3RKbr7AK9TVgz5mlzn+UrzfFzozds9wx9ubIp9CCAtO0 QeBKQaRjdso9WZSphyBL7SWKn5cD3TPHMOFikytWhbT7IGg2u/NOL5NhSbWtymmQ Sy7yoQnRtmpkejBr34fR/rsGeafafAgbUJ0LrJYrnfW9ptSJWAr7jtGUd4H/neld EVizhcb3CnmAhfnVsFtIzO4+hcIzDRjZAGGgSA8AzkqVglHpzriBnrR2xKWBep3Y PnOWr0Vzd/oECQDOBz/9DeUgfpNObxc0KefQ8olOl8IXaOKeyIXG/5KMf2hf4pT5 Ad1IHe5u8uMUiJ/4EfOujoR8koa1S99c -----END CERTIFICATE-----Generated at Tue May 13 12:36:08 2025 by rpki-client