$ rpki-client -vvf rpki.apnic.net/member_repository/A919EF2B/537322FAEBC411EC9385EC62C4F9AE02/HLqNPaqASIkwqZKLGW7e4HX0CaQ.mft File: HLqNPaqASIkwqZKLGW7e4HX0CaQ.mft (raw, json) Hash identifier: c/A4ldPhYky5vBkcsWGCUFZLQN7+QIBDgz33qtAVXPo= Subject key identifier: AA:CB:81:52:3F:3F:18:43:65:22:08:53:9D:64:39:D0:33:44:D8:B7 Authority key identifier: 1C:BA:8D:3D:AA:80:48:89:30:A9:92:8B:19:6E:DE:E0:75:F4:09:A4 Certificate issuer: /CN=A919EF2B/serialNumber=1CBA8D3DAA80488930A9928B196EDEE075F409A4 Certificate serial: 02C7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HLqNPaqASIkwqZKLGW7e4HX0CaQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919EF2B/537322FAEBC411EC9385EC62C4F9AE02/HLqNPaqASIkwqZKLGW7e4HX0CaQ.mft Manifest number: 02C4 Signing time: Sun 11 May 2025 00:57:12 +0000 Manifest this update: Sun 11 May 2025 00:57:12 +0000 Manifest next update: Sun 18 May 2025 00:57:11 +0000 Files and hashes: 1: HLqNPaqASIkwqZKLGW7e4HX0CaQ.crl (hash: mgGPSzHLB0W2HY+BfiU+cyRc3rduZrA9fIEhUEvk2Qo=) 2: 830C9F90EBCA11ECA2A1747EC4F9AE02.roa (hash: LJB886NUTljPvfWlokxnMW+kRUtkV7Ec61N0MHSXzHw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919EF2B/537322FAEBC411EC9385EC62C4F9AE02/HLqNPaqASIkwqZKLGW7e4HX0CaQ.crl rsync://rpki.apnic.net/member_repository/A919EF2B/537322FAEBC411EC9385EC62C4F9AE02/HLqNPaqASIkwqZKLGW7e4HX0CaQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HLqNPaqASIkwqZKLGW7e4HX0CaQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 00:57:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 711 (0x2c7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919EF2B, serialNumber=1CBA8D3DAA80488930A9928B196EDEE075F409A4 Validity Not Before: May 11 00:57:12 2025 GMT Not After : May 18 00:57:11 2025 GMT Subject: CN=681ff5e8-7ec9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:0c:a7:13:54:f0:21:dd:07:b7:8d:91:be:3f: 1c:84:a4:6c:72:74:cc:33:88:30:83:57:1c:dc:d6: ab:a6:e4:d4:cc:d8:38:37:80:f5:a4:bf:bd:78:43: f8:23:c5:3d:ba:37:a2:0f:cb:e8:b7:e4:a4:cd:27: a0:bd:c7:e0:31:34:ea:c5:0d:41:21:5e:ff:ac:90: 8f:a0:09:a1:56:4c:c2:3f:a2:6e:d0:50:5f:99:a7: 4a:3f:ea:06:bf:ad:9e:c3:d0:d9:56:11:2a:ff:54: d8:35:08:ea:68:ea:1b:52:65:f5:4d:b0:30:bb:5f: bc:4c:6e:9d:d7:7e:6b:24:13:c8:69:7f:d6:cd:14: 6d:71:89:69:39:cc:9d:dd:3e:48:2b:21:9c:31:7d: 21:b3:aa:1f:a7:08:16:ba:68:39:f6:da:66:b4:a3: 3d:cc:da:a1:cf:94:7e:f6:7c:ad:6b:50:b9:d5:46: f0:0e:f0:68:9a:5e:f7:e7:55:80:c2:22:4e:29:c6: f2:5c:0c:3c:86:28:e5:aa:92:1a:c3:32:b2:ff:c1: 38:b0:7f:6d:d6:e5:ff:ce:92:62:13:b3:ba:cb:08: c7:da:f3:12:0b:66:36:0d:c3:88:10:3c:a4:7b:5c: c0:21:c4:41:2a:7c:14:2a:85:e2:9e:31:34:af:3e: b5:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:CB:81:52:3F:3F:18:43:65:22:08:53:9D:64:39:D0:33:44:D8:B7 X509v3 Authority Key Identifier: keyid:1C:BA:8D:3D:AA:80:48:89:30:A9:92:8B:19:6E:DE:E0:75:F4:09:A4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919EF2B/537322FAEBC411EC9385EC62C4F9AE02/HLqNPaqASIkwqZKLGW7e4HX0CaQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HLqNPaqASIkwqZKLGW7e4HX0CaQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919EF2B/537322FAEBC411EC9385EC62C4F9AE02/HLqNPaqASIkwqZKLGW7e4HX0CaQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1b:56:2f:49:94:af:40:e0:92:f2:d7:b3:6b:eb:77:91:3f:3a: 3f:ab:2a:61:fd:33:03:bf:09:03:a8:93:99:6e:4c:81:47:57: e6:47:8e:46:ba:38:c2:8e:2b:35:e3:d1:41:ae:a3:89:66:43: b8:ae:2f:77:9f:a8:63:c0:b9:37:b8:46:41:65:09:1f:24:7a: a9:66:d9:8d:59:db:4d:04:12:3a:e8:90:ea:88:31:ef:98:dc: 84:0a:4d:a2:65:49:62:33:e3:72:39:8f:0f:be:a4:cf:39:58: 11:fe:c6:74:46:83:2d:85:cc:45:6d:d0:cd:cc:66:dc:2e:b4: 6d:06:27:9c:4a:c6:8c:be:ef:ba:51:81:1e:c4:4e:f3:c2:31: 3e:d2:5e:b1:32:b3:07:d2:60:40:e8:77:ac:34:92:8a:ee:e7: 5e:f4:d8:6a:e3:b7:11:ac:eb:fc:16:4f:df:ac:ee:84:5c:b9: f8:1c:8d:21:cd:c8:ac:83:f0:eb:d7:1f:e1:3b:08:62:9c:8b: 74:64:a1:70:a7:4a:55:a1:5d:9c:b4:fa:c4:5e:6e:d4:e8:57: 4b:52:2c:fc:b1:0b:4e:58:b7:2c:4f:4c:b6:52:7e:e6:7f:ab: 07:41:0d:bc:00:7a:a5:3a:f3:68:85:ef:e7:eb:71:a5:eb:2f: 7a:e3:c8:c7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAscwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUVGMkIxMTAvBgNVBAUTKDFDQkE4RDNEQUE4MDQ4ODkzMEE5OTI4QjE5NkVERUUw NzVGNDA5QTQwHhcNMjUwNTExMDA1NzEyWhcNMjUwNTE4MDA1NzExWjAYMRYwFAYD VQQDEw02ODFmZjVlOC03ZWM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAywynE1TwId0Ht42Rvj8chKRscnTMM4gwg1cc3NarpuTUzNg4N4D1pL+9eEP4 I8U9ujeiD8vot+SkzSegvcfgMTTqxQ1BIV7/rJCPoAmhVkzCP6Ju0FBfmadKP+oG v62ew9DZVhEq/1TYNQjqaOobUmX1TbAwu1+8TG6d135rJBPIaX/WzRRtcYlpOcyd 3T5IKyGcMX0hs6ofpwgWumg59tpmtKM9zNqhz5R+9nyta1C51UbwDvBoml7351WA wiJOKcbyXAw8hijlqpIawzKy/8E4sH9t1uX/zpJiE7O6ywjH2vMSC2Y2DcOIEDyk e1zAIcRBKnwUKoXinjE0rz61zwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKrLgVI/ PxhDZSIIU51kOdAzRNi3MB8GA1UdIwQYMBaAFBy6jT2qgEiJMKmSixlu3uB19Amk MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RUYyQi81MzczMjJGQUVC QzQxMUVDOTM4NUVDNjJDNEY5QUUwMi9ITHFOUGFxQVNJa3dxWktMR1c3ZTRIWDBD YVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hMcU5QYXFBU0lrd3FaS0xHVzdlNEhYMENhUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 RUYyQi81MzczMjJGQUVCQzQxMUVDOTM4NUVDNjJDNEY5QUUwMi9ITHFOUGFxQVNJ a3dxWktMR1c3ZTRIWDBDYVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAbVi9JlK9A4JLy17Nr63eRPzo/qyph/TMDvwkDqJOZbkyBR1fmR45G ujjCjis149FBrqOJZkO4ri93n6hjwLk3uEZBZQkfJHqpZtmNWdtNBBI66JDqiDHv mNyECk2iZUliM+NyOY8PvqTPOVgR/sZ0RoMthcxFbdDNzGbcLrRtBiecSsaMvu+6 UYEexE7zwjE+0l6xMrMH0mBA6HesNJKK7ude9Nhq47cRrOv8Fk/frO6EXLn4HI0h zcisg/Dr1x/hOwhinIt0ZKFwp0pVoV2ctPrEXm7U6FdLUiz8sQtOWLcsT0y2Un7m f6sHQQ28AHqlOvNohe/n63Gl6y9648jH -----END CERTIFICATE-----Generated at Mon May 12 04:01:15 2025 by rpki-client