$ rpki-client -vvf rpki.apnic.net/member_repository/A9194AE2/26A6F44C3BAC11EF9D7EA871C4F9AE02/hF2I4KIVFF82fZMEvz9xrujrTC0.mft File: hF2I4KIVFF82fZMEvz9xrujrTC0.mft (raw, json) Hash identifier: u/yX4ixllkowE00hFw5X+zghadCeuAInrH1P0jbhMN8= Subject key identifier: 17:76:F0:6C:3E:CE:19:CA:F2:19:F6:94:AF:8D:E6:A1:FE:DD:F4:E4 Authority key identifier: 84:5D:88:E0:A2:15:14:5F:36:7D:93:04:BF:3F:71:AE:E8:EB:4C:2D Certificate issuer: /CN=A9194AE2/serialNumber=845D88E0A215145F367D9304BF3F71AEE8EB4C2D Certificate serial: A9 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hF2I4KIVFF82fZMEvz9xrujrTC0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9194AE2/26A6F44C3BAC11EF9D7EA871C4F9AE02/hF2I4KIVFF82fZMEvz9xrujrTC0.mft Manifest number: A5 Signing time: Thu 15 May 2025 05:30:36 +0000 Manifest this update: Thu 15 May 2025 05:30:36 +0000 Manifest next update: Thu 22 May 2025 05:30:36 +0000 Files and hashes: 1: hF2I4KIVFF82fZMEvz9xrujrTC0.crl (hash: c7EprpS7z0Ap2mmx7DKgYxCuf6Id/OLcdHLwJjxYmOs=) 2: CB6840EE3BAC11EF9C334410C4F9AE02.roa (hash: q+bs+pmU+B7fJo6iymx9EUit+9N40A02etOl0mkXvRg=) 3: 2042987C6C4411EF9B263275C4F9AE02.roa (hash: bKtFSMRmBEl0oKGrwWVZYxuAEvHDipNsFv7Plkp3FeU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9194AE2/26A6F44C3BAC11EF9D7EA871C4F9AE02/hF2I4KIVFF82fZMEvz9xrujrTC0.crl rsync://rpki.apnic.net/member_repository/A9194AE2/26A6F44C3BAC11EF9D7EA871C4F9AE02/hF2I4KIVFF82fZMEvz9xrujrTC0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hF2I4KIVFF82fZMEvz9xrujrTC0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 22 May 2025 05:30:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 169 (0xa9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9194AE2, serialNumber=845D88E0A215145F367D9304BF3F71AEE8EB4C2D Validity Not Before: May 15 05:30:36 2025 GMT Not After : May 22 05:30:36 2025 GMT Subject: CN=68257bfc-3dba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:c1:98:96:a1:4a:48:20:fd:03:c3:9d:b7:73: 70:30:eb:0d:f4:71:50:39:23:f8:09:49:36:46:77: c1:22:cf:8d:b2:92:b4:0c:e2:16:ba:d8:0b:c9:fa: 92:47:43:f1:df:cd:b6:6b:ce:78:3e:73:62:08:fa: a6:68:3f:02:14:64:93:48:4b:ff:d0:ff:89:b5:f6: 47:78:12:e6:13:57:be:59:b8:45:aa:44:82:54:dc: 43:d6:03:9e:7f:e9:8e:7b:7a:91:17:4e:23:91:c7: b5:e4:02:c5:3d:bc:2c:ed:29:5b:4c:14:0c:d0:47: 7f:36:d3:41:b5:98:af:56:2d:a0:5e:a0:35:20:99: e0:fe:83:cf:d4:5d:e8:66:93:59:91:bf:77:6d:03: 62:6f:61:c7:f1:d9:f5:8b:89:fa:35:23:28:57:9f: 4e:fa:69:f8:c8:25:a0:c5:26:61:17:aa:b4:68:aa: ee:5b:a7:5b:72:88:31:cf:6e:4f:d3:bc:42:99:b3: 2c:74:1d:3d:06:4a:fa:40:67:d3:71:81:97:e6:82: 53:f1:9e:92:46:08:0d:d6:ce:46:d8:19:18:dc:6e: bf:9c:9f:8a:74:30:72:14:e0:0e:b3:69:f6:90:cc: 38:55:24:76:d5:07:18:e2:f7:d5:e8:d4:95:7a:2f: 72:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:76:F0:6C:3E:CE:19:CA:F2:19:F6:94:AF:8D:E6:A1:FE:DD:F4:E4 X509v3 Authority Key Identifier: keyid:84:5D:88:E0:A2:15:14:5F:36:7D:93:04:BF:3F:71:AE:E8:EB:4C:2D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9194AE2/26A6F44C3BAC11EF9D7EA871C4F9AE02/hF2I4KIVFF82fZMEvz9xrujrTC0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hF2I4KIVFF82fZMEvz9xrujrTC0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9194AE2/26A6F44C3BAC11EF9D7EA871C4F9AE02/hF2I4KIVFF82fZMEvz9xrujrTC0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 44:d4:40:4d:8d:8d:53:cb:9d:10:52:7f:4e:fe:8d:f8:f6:9c: 99:f0:88:37:ae:ce:8d:ac:70:31:db:04:ae:14:f8:43:5d:18: c2:9d:20:cf:98:ff:a0:e2:74:75:ae:38:73:c6:fd:dc:e4:1a: 1e:38:27:0d:eb:a6:70:e2:6f:75:58:a8:40:38:53:20:32:c8: 92:b4:3c:5f:1d:4e:cb:09:bd:90:b5:5e:8f:75:c9:17:cb:97: 27:8a:74:27:dc:47:c2:2c:e9:1f:f9:d0:c5:a5:63:fb:d0:52: 90:1c:d4:14:f8:1f:b6:38:f6:60:85:0d:fd:b4:19:ce:56:3b: c5:6b:6d:52:80:88:13:35:44:db:85:2f:48:70:55:01:d0:64: 6f:37:8e:10:10:b5:13:6a:a4:31:97:70:f4:c5:30:7d:6f:79: b5:9c:ba:43:12:63:e0:7a:a3:72:ac:bd:65:22:97:28:bc:0d: 12:80:3b:cd:ce:2d:db:45:79:85:28:b8:88:34:d5:de:8f:81: eb:37:76:c5:6a:39:3b:af:09:d9:6b:51:44:b0:0d:96:d6:86: da:a1:87:6e:5b:78:e4:86:c3:dc:35:f0:f9:d6:41:e2:f8:b9: 92:62:e2:c5:04:b5:28:4e:2e:57:20:92:1a:b8:75:a8:f2:05: b1:c4:85:f7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTRBRTIxMTAvBgNVBAUTKDg0NUQ4OEUwQTIxNTE0NUYzNjdEOTMwNEJGM0Y3MUFF RThFQjRDMkQwHhcNMjUwNTE1MDUzMDM2WhcNMjUwNTIyMDUzMDM2WjAYMRYwFAYD VQQDEw02ODI1N2JmYy0zZGJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArcGYlqFKSCD9A8Odt3NwMOsN9HFQOSP4CUk2RnfBIs+NspK0DOIWutgLyfqS R0Px3822a854PnNiCPqmaD8CFGSTSEv/0P+JtfZHeBLmE1e+WbhFqkSCVNxD1gOe f+mOe3qRF04jkce15ALFPbws7SlbTBQM0Ed/NtNBtZivVi2gXqA1IJng/oPP1F3o ZpNZkb93bQNib2HH8dn1i4n6NSMoV59O+mn4yCWgxSZhF6q0aKruW6dbcogxz25P 07xCmbMsdB09Bkr6QGfTcYGX5oJT8Z6SRggN1s5G2BkY3G6/nJ+KdDByFOAOs2n2 kMw4VSR21QcY4vfV6NSVei9yhwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBd28Gw+ zhnK8hn2lK+N5qH+3fTkMB8GA1UdIwQYMBaAFIRdiOCiFRRfNn2TBL8/ca7o60wt MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NEFFMi8yNkE2RjQ0QzNC QUMxMUVGOUQ3RUE4NzFDNEY5QUUwMi9oRjJJNEtJVkZGODJmWk1Fdno5eHJ1anJU QzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2hGMkk0S0lWRkY4MmZaTUV2ejl4cnVqclRDMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NEFFMi8yNkE2RjQ0QzNCQUMxMUVGOUQ3RUE4NzFDNEY5QUUwMi9oRjJJNEtJVkZG ODJmWk1Fdno5eHJ1anJUQzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBE1EBNjY1Ty50QUn9O/o349pyZ8Ig3rs6NrHAx2wSuFPhDXRjCnSDP mP+g4nR1rjhzxv3c5BoeOCcN66Zw4m91WKhAOFMgMsiStDxfHU7LCb2QtV6PdckX y5cninQn3EfCLOkf+dDFpWP70FKQHNQU+B+2OPZghQ39tBnOVjvFa21SgIgTNUTb hS9IcFUB0GRvN44QELUTaqQxl3D0xTB9b3m1nLpDEmPgeqNyrL1lIpcovA0SgDvN zi3bRXmFKLiINNXej4HrN3bFajk7rwnZa1FEsA2W1obaoYduW3jkhsPcNfD51kHi +LmSYuLFBLUoTi5XIJIauHWo8gWxxIX3 -----END CERTIFICATE-----Generated at Sat May 17 05:50:49 2025 by rpki-client