$ rpki-client -vvf rpki.apnic.net/member_repository/A91561B7/5FA1ED309EF011E681102733C4F9AE02/5HE8G511dZKVr2TN-6YrcNuaBTc.mft File: 5HE8G511dZKVr2TN-6YrcNuaBTc.mft (raw, json) Hash identifier: IVCx/nGgG9lxL7etWIP1oVyUgmFRDNpjMnvPpu9qUfM= Subject key identifier: 4B:88:11:2A:6B:27:51:F4:5D:74:B6:68:09:42:FC:0E:69:D0:59:0C Authority key identifier: E4:71:3C:1B:9D:75:75:92:95:AF:64:CD:FB:A6:2B:70:DB:9A:05:37 Certificate issuer: /CN=A91561B7/serialNumber=E4713C1B9D75759295AF64CDFBA62B70DB9A0537 Certificate serial: 1DBD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5HE8G511dZKVr2TN-6YrcNuaBTc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91561B7/5FA1ED309EF011E681102733C4F9AE02/5HE8G511dZKVr2TN-6YrcNuaBTc.mft Manifest number: 1DA8 Signing time: Mon 30 Jun 2025 16:16:33 +0000 Manifest this update: Mon 30 Jun 2025 16:16:33 +0000 Manifest next update: Mon 07 Jul 2025 16:16:33 +0000 Files and hashes: 1: 5HE8G511dZKVr2TN-6YrcNuaBTc.crl (hash: HcQi4GwXgLrDocCbKEcbZUJiIzu5V4GIsI/BW+wEB1M=) 2: 4865DD00A13B11E687921078C4F9AE02.roa (hash: MaFWYkY2HcnSI16cq7zrf3Xg1TMrKe+K2OOU5n2vPcU=) 3: 1D57FF40A01311E684546521C4F9AE02.roa (hash: 8kLRR6g7/NXM5uPCUqU+X4Qb9woBVi0kDN/Wkxs+ARo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91561B7/5FA1ED309EF011E681102733C4F9AE02/5HE8G511dZKVr2TN-6YrcNuaBTc.crl rsync://rpki.apnic.net/member_repository/A91561B7/5FA1ED309EF011E681102733C4F9AE02/5HE8G511dZKVr2TN-6YrcNuaBTc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5HE8G511dZKVr2TN-6YrcNuaBTc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 16:16:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7613 (0x1dbd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91561B7, serialNumber=E4713C1B9D75759295AF64CDFBA62B70DB9A0537 Validity Not Before: Jun 30 16:16:33 2025 GMT Not After : Jul 7 16:16:33 2025 GMT Subject: CN=6862b861-ccb4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:f4:c6:42:6d:0d:df:1a:6d:0b:5f:19:cb:0f: c8:35:53:5f:57:87:60:8b:ea:2e:6e:7d:ca:d4:25: 5c:ec:47:44:44:81:a8:98:50:ff:7a:00:3a:32:53: 90:5c:12:a3:47:df:1a:c5:b6:86:43:ee:6a:b1:aa: 3a:41:13:30:9c:6e:ad:57:38:b4:62:4c:25:1f:68: 1d:11:56:05:c7:5f:cd:68:3a:32:10:24:4e:e2:82: 75:8d:05:0c:c4:cd:84:94:8b:35:ea:74:f3:58:91: fd:9a:64:8e:36:ad:b3:e0:51:18:ea:97:b1:08:cd: 08:8d:1d:29:c6:0e:c8:c9:f4:bd:3d:45:c3:9b:c0: b1:3a:96:ff:6e:24:91:30:d1:f2:c4:75:ca:95:d1: 96:1d:5e:a5:eb:44:99:0b:ab:95:8f:b9:73:c0:08: eb:38:0a:02:3e:1b:d9:c5:ec:b2:6a:7f:b8:45:4e: b7:8e:f1:e9:b6:d9:11:52:a0:bc:8e:ce:51:6e:26: 71:2e:be:ab:dc:d0:87:f5:92:01:a1:cd:7c:fe:5a: ab:58:df:dd:b6:50:87:5c:69:68:9e:00:47:6a:35: ea:19:b3:ff:1b:cb:da:47:7d:dd:d2:47:6c:8b:c1: 84:b6:cc:22:ae:6d:bf:4c:2d:b2:fd:6e:89:a2:80: 4a:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:88:11:2A:6B:27:51:F4:5D:74:B6:68:09:42:FC:0E:69:D0:59:0C X509v3 Authority Key Identifier: keyid:E4:71:3C:1B:9D:75:75:92:95:AF:64:CD:FB:A6:2B:70:DB:9A:05:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91561B7/5FA1ED309EF011E681102733C4F9AE02/5HE8G511dZKVr2TN-6YrcNuaBTc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5HE8G511dZKVr2TN-6YrcNuaBTc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91561B7/5FA1ED309EF011E681102733C4F9AE02/5HE8G511dZKVr2TN-6YrcNuaBTc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 39:90:70:72:bf:76:12:13:65:4c:9a:5e:4e:a0:bc:a1:4a:e8: 4a:2b:71:79:b1:32:7b:ee:b7:b6:45:82:ed:9c:43:86:a6:be: 94:3c:f2:b9:13:2c:b3:21:f7:9f:1e:31:f7:c7:53:4e:ef:17: a4:0a:a2:18:f2:4a:82:6e:a0:b1:24:6a:a3:93:97:d8:ba:7e: 50:f9:41:29:b5:f4:36:fe:c0:f3:2f:91:ee:de:52:09:5b:bb: 41:24:e2:d6:9a:9c:6f:83:85:7a:a6:a3:eb:16:aa:df:af:be: bc:a2:60:8c:0e:d2:89:1a:6a:17:32:30:73:74:0e:83:18:77: 3f:51:e5:09:09:2f:ad:19:b3:48:a4:01:ef:88:ba:5d:6c:92: 66:e8:9d:a1:5b:19:c8:97:55:39:7c:8c:79:8f:1d:29:a1:35: 5b:c3:b3:bc:51:8e:d6:10:12:49:3e:ff:d9:dd:e0:c0:fb:90: 17:f7:e0:6a:e9:b4:85:6b:74:8b:a4:0b:b4:26:90:b9:e4:17: 10:d5:49:00:ad:21:32:de:4b:22:9d:fd:03:2e:e3:8d:4c:9a: 97:a6:78:04:46:d8:7c:38:38:d4:30:51:58:54:7d:3d:fd:89: 1d:83:c4:08:11:ed:a3:63:ad:f2:a0:41:2d:3f:da:1a:22:21: 55:51:f5:53 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHb0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTYxQjcxMTAvBgNVBAUTKEU0NzEzQzFCOUQ3NTc1OTI5NUFGNjRDREZCQTYyQjcw REI5QTA1MzcwHhcNMjUwNjMwMTYxNjMzWhcNMjUwNzA3MTYxNjMzWjAYMRYwFAYD VQQDEw02ODYyYjg2MS1jY2I0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1vTGQm0N3xptC18Zyw/INVNfV4dgi+oubn3K1CVc7EdERIGomFD/egA6MlOQ XBKjR98axbaGQ+5qsao6QRMwnG6tVzi0YkwlH2gdEVYFx1/NaDoyECRO4oJ1jQUM xM2ElIs16nTzWJH9mmSONq2z4FEY6pexCM0IjR0pxg7IyfS9PUXDm8CxOpb/biSR MNHyxHXKldGWHV6l60SZC6uVj7lzwAjrOAoCPhvZxeyyan+4RU63jvHpttkRUqC8 js5RbiZxLr6r3NCH9ZIBoc18/lqrWN/dtlCHXGlongBHajXqGbP/G8vaR33d0kds i8GEtswirm2/TC2y/W6JooBKAQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEuIESpr J1H0XXS2aAlC/A5p0FkMMB8GA1UdIwQYMBaAFORxPBuddXWSla9kzfumK3DbmgU3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NjFCNy81RkExRUQzMDlF RjAxMUU2ODExMDI3MzNDNEY5QUUwMi81SEU4RzUxMWRaS1ZyMlROLTZZcmNOdWFC VGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzVIRThHNTExZFpLVnIyVE4tNllyY051YUJUYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 NjFCNy81RkExRUQzMDlFRjAxMUU2ODExMDI3MzNDNEY5QUUwMi81SEU4RzUxMWRa S1ZyMlROLTZZcmNOdWFCVGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA5kHByv3YSE2VMml5OoLyhSuhKK3F5sTJ77re2RYLtnEOGpr6UPPK5 EyyzIfefHjH3x1NO7xekCqIY8kqCbqCxJGqjk5fYun5Q+UEptfQ2/sDzL5Hu3lIJ W7tBJOLWmpxvg4V6pqPrFqrfr768omCMDtKJGmoXMjBzdA6DGHc/UeUJCS+tGbNI pAHviLpdbJJm6J2hWxnIl1U5fIx5jx0poTVbw7O8UY7WEBJJPv/Z3eDA+5AX9+Bq 6bSFa3SLpAu0JpC55BcQ1UkArSEy3ksinf0DLuONTJqXpngERth8ODjUMFFYVH09 /Ykdg8QIEe2jY63yoEEtP9oaIiFVUfVT -----END CERTIFICATE-----Generated at Wed Jul 2 16:18:20 2025 by rpki-client