$ rpki-client -vvf rpki.apnic.net/member_repository/A91AAC4B/E635F796CD7D11EFAA07230AC4F9AE02/hSBGkVGF-FXgnrNEeIE5Qw50Dwc.mft File: hSBGkVGF-FXgnrNEeIE5Qw50Dwc.mft (raw, json) Hash identifier: eiaf2eVsEIa+/NUT5YZ80DpNasRVPnV+g8lE0TV/V20= Subject key identifier: 95:6B:48:91:7D:2D:DC:CF:FC:31:C8:47:70:8A:7A:2C:A6:87:29:17 Authority key identifier: 85:20:46:91:51:85:F8:55:E0:9E:B3:44:78:81:39:43:0E:74:0F:07 Certificate issuer: /CN=A91AAC4B/serialNumber=852046915185F855E09EB344788139430E740F07 Certificate serial: 42 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hSBGkVGF-FXgnrNEeIE5Qw50Dwc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AAC4B/E635F796CD7D11EFAA07230AC4F9AE02/hSBGkVGF-FXgnrNEeIE5Qw50Dwc.mft Manifest number: 41 Signing time: Sun 11 May 2025 06:10:50 +0000 Manifest this update: Sun 11 May 2025 06:10:50 +0000 Manifest next update: Sun 18 May 2025 06:10:50 +0000 Files and hashes: 1: hSBGkVGF-FXgnrNEeIE5Qw50Dwc.crl (hash: eS6bbIBsWb3G+wQ0gAnQUCjAmq8cv3WiSvKRHqHVOLk=) 2: B710956ACD7E11EFBBAE2137C4F9AE02.roa (hash: JjAbZf5k619HY4BxA5a3XYqwkE4mZ8Dpr0cRyMIFTZI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AAC4B/E635F796CD7D11EFAA07230AC4F9AE02/hSBGkVGF-FXgnrNEeIE5Qw50Dwc.crl rsync://rpki.apnic.net/member_repository/A91AAC4B/E635F796CD7D11EFAA07230AC4F9AE02/hSBGkVGF-FXgnrNEeIE5Qw50Dwc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hSBGkVGF-FXgnrNEeIE5Qw50Dwc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 06:10:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66 (0x42) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AAC4B, serialNumber=852046915185F855E09EB344788139430E740F07 Validity Not Before: May 11 06:10:50 2025 GMT Not After : May 18 06:10:50 2025 GMT Subject: CN=68203f6a-f583 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:90:52:45:1c:e5:60:76:1a:84:0c:86:8d:28: 7b:4d:2f:76:20:77:b9:1e:6d:d6:be:b6:f9:64:87: e3:73:b7:7e:e0:5c:10:31:64:3f:70:18:72:d8:e3: fa:d7:e1:68:74:ec:b0:04:c8:ff:15:6f:f4:63:89: 53:86:fe:30:ac:68:04:9a:96:19:f5:fc:80:a4:93: b9:38:73:17:bc:91:e1:15:d4:91:e0:70:67:50:0e: d3:cb:16:ca:13:c4:1f:97:79:1d:2c:91:02:b7:aa: f1:a8:8f:4c:38:02:0d:e7:91:9d:de:32:9a:a6:4a: ee:b4:b3:57:ae:cb:cb:66:3f:bc:ca:29:bc:87:62: 59:44:83:bd:f7:50:b2:8f:84:30:03:ab:0b:9b:c8: 3c:54:ab:43:c4:69:19:97:11:f9:cc:96:bb:c0:ff: 39:4e:4c:53:55:08:d8:51:6f:94:74:63:cb:3f:6a: 2a:c4:ba:69:a9:dd:03:03:be:f4:51:5d:bc:ab:9d: 84:e5:d3:63:a9:fc:78:47:bf:3f:20:d0:a5:7b:46: 8f:e1:a0:fd:0f:f9:9e:54:9a:86:78:c0:20:d2:25: 1a:36:06:0c:1d:4e:5b:8c:e6:a3:60:dd:f7:a6:68: 32:e7:0d:6e:12:3f:f7:e2:99:72:1d:aa:ee:c5:6a: b5:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:6B:48:91:7D:2D:DC:CF:FC:31:C8:47:70:8A:7A:2C:A6:87:29:17 X509v3 Authority Key Identifier: keyid:85:20:46:91:51:85:F8:55:E0:9E:B3:44:78:81:39:43:0E:74:0F:07 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AAC4B/E635F796CD7D11EFAA07230AC4F9AE02/hSBGkVGF-FXgnrNEeIE5Qw50Dwc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hSBGkVGF-FXgnrNEeIE5Qw50Dwc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AAC4B/E635F796CD7D11EFAA07230AC4F9AE02/hSBGkVGF-FXgnrNEeIE5Qw50Dwc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 60:b0:cf:c3:ac:a6:a7:9a:e1:42:f2:30:f6:9f:b1:19:52:0c: 02:f1:33:24:ae:e5:e7:d3:09:2f:7d:a9:f8:32:fb:e2:91:cc: 4d:e3:9d:46:e5:3d:18:1c:89:3c:b1:ef:4d:99:77:1b:5c:bc: c3:27:c5:c3:44:a9:d3:05:56:d1:bb:4e:17:cd:db:30:07:28: a6:ab:3f:4b:12:f8:c7:ce:5d:bc:c8:37:71:bb:31:0e:fa:ad: ac:47:9d:89:8a:b6:81:c7:02:bb:52:e8:47:55:4b:6c:53:f1: 35:cc:3a:89:a5:4f:18:97:af:1b:31:0c:0c:f4:02:b3:49:22: a5:10:cf:1f:ef:c9:21:67:cf:c0:d7:a6:b4:f6:f3:32:75:0c: 3e:47:f9:0a:05:67:fb:f8:0a:cc:a3:f6:28:9a:c1:8d:fe:24: 18:64:6a:28:78:f6:e9:f0:34:c0:92:62:53:8e:fd:cb:03:ac: 05:c6:a6:eb:3b:d2:3a:9e:2a:cc:6a:c0:15:65:e4:91:6d:53: 81:4c:23:6b:59:c8:b3:c0:0a:bb:77:ad:a9:e7:60:5e:4c:71: 25:f1:18:af:a8:bf:16:ac:7f:d9:27:ce:f1:c1:1e:25:b1:79: 76:02:de:67:5f:43:3b:fc:a1:08:e7:27:b5:f6:b5:5a:04:95: 7c:36:f9:3f -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBQjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB QUM0QjExMC8GA1UEBRMoODUyMDQ2OTE1MTg1Rjg1NUUwOUVCMzQ0Nzg4MTM5NDMw RTc0MEYwNzAeFw0yNTA1MTEwNjEwNTBaFw0yNTA1MTgwNjEwNTBaMBgxFjAUBgNV BAMTDTY4MjAzZjZhLWY1ODMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDAkFJFHOVgdhqEDIaNKHtNL3Ygd7kebda+tvlkh+Nzt37gXBAxZD9wGHLY4/rX 4Wh07LAEyP8Vb/RjiVOG/jCsaASalhn1/ICkk7k4cxe8keEV1JHgcGdQDtPLFsoT xB+XeR0skQK3qvGoj0w4Ag3nkZ3eMpqmSu60s1euy8tmP7zKKbyHYllEg733ULKP hDADqwubyDxUq0PEaRmXEfnMlrvA/zlOTFNVCNhRb5R0Y8s/airEummp3QMDvvRR XbyrnYTl02Op/HhHvz8g0KV7Ro/hoP0P+Z5UmoZ4wCDSJRo2BgwdTluM5qNg3fem aDLnDW4SP/fimXIdqu7FarXpAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUlWtIkX0t 3M/8MchHcIp6LKaHKRcwHwYDVR0jBBgwFoAUhSBGkVGF+FXgnrNEeIE5Qw50Dwcw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFBQzRCL0U2MzVGNzk2Q0Q3 RDExRUZBQTA3MjMwQUM0RjlBRTAyL2hTQkdrVkdGLUZYZ25yTkVlSUU1UXc1MER3 Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaFNCR2tWR0YtRlhnbnJORWVJRTVRdzUwRHdjLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFB QzRCL0U2MzVGNzk2Q0Q3RDExRUZBQTA3MjMwQUM0RjlBRTAyL2hTQkdrVkdGLUZY Z25yTkVlSUU1UXc1MER3Yy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGCwz8Ospqea4ULyMPafsRlSDALxMySu5efTCS99qfgy++KRzE3jnUbl PRgciTyx702ZdxtcvMMnxcNEqdMFVtG7ThfN2zAHKKarP0sS+MfOXbzIN3G7MQ76 raxHnYmKtoHHArtS6EdVS2xT8TXMOomlTxiXrxsxDAz0ArNJIqUQzx/vySFnz8DX prT28zJ1DD5H+QoFZ/v4Csyj9iiawY3+JBhkaih49unwNMCSYlOO/csDrAXGpus7 0jqeKsxqwBVl5JFtU4FMI2tZyLPACrt3rannYF5McSXxGK+ovxasf9knzvHBHiWx eXYC3mdfQzv8oQjnJ7X2tVoElXw2+T8= -----END CERTIFICATE-----Generated at Tue May 13 06:37:26 2025 by rpki-client