$ rpki-client -vvf rpki.apnic.net/member_repository/A91BC2E3/9B4A489089A011ED83759346C4F9AE02/xHENSLTk8rc1vksbXJDtuI0mmyw.mft File: xHENSLTk8rc1vksbXJDtuI0mmyw.mft (raw, json) Hash identifier: x1Tf3b0nArziQwI8bPVHpuSd6LZyLiOx4nINFhHil0A= Subject key identifier: 32:B1:55:91:1F:7F:2E:C7:78:F7:D2:7E:79:F2:49:36:47:A8:E5:59 Authority key identifier: C4:71:0D:48:B4:E4:F2:B7:35:BE:4B:1B:5C:90:ED:B8:8D:26:9B:2C Certificate issuer: /CN=A91BC2E3/serialNumber=C4710D48B4E4F2B735BE4B1B5C90EDB88D269B2C Certificate serial: 01D7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xHENSLTk8rc1vksbXJDtuI0mmyw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BC2E3/9B4A489089A011ED83759346C4F9AE02/xHENSLTk8rc1vksbXJDtuI0mmyw.mft Manifest number: 01D3 Signing time: Thu 03 Jul 2025 02:53:13 +0000 Manifest this update: Thu 03 Jul 2025 02:53:13 +0000 Manifest next update: Thu 10 Jul 2025 02:53:13 +0000 Files and hashes: 1: xHENSLTk8rc1vksbXJDtuI0mmyw.crl (hash: Mr0u9RcbQuf6fpPATU55alhv3pM1qr/Q+kvAu0np4SM=) 2: 0DC2D3EC8D7A11EDBFA7C381C4F9AE02.roa (hash: fk3GNutu1Xl8jf9hzH4EWHosYGuy+JY1n5pgsTabR1E=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BC2E3/9B4A489089A011ED83759346C4F9AE02/xHENSLTk8rc1vksbXJDtuI0mmyw.crl rsync://rpki.apnic.net/member_repository/A91BC2E3/9B4A489089A011ED83759346C4F9AE02/xHENSLTk8rc1vksbXJDtuI0mmyw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xHENSLTk8rc1vksbXJDtuI0mmyw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 02:53:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 471 (0x1d7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BC2E3, serialNumber=C4710D48B4E4F2B735BE4B1B5C90EDB88D269B2C Validity Not Before: Jul 3 02:53:13 2025 GMT Not After : Jul 10 02:53:13 2025 GMT Subject: CN=6865f099-02f3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:f8:0e:0f:e3:a6:76:18:0e:d8:f5:54:a4:e5: 28:e0:4a:f6:ac:51:d6:8d:2c:a5:bb:bd:ad:2b:5d: 23:73:32:d0:f0:66:67:c8:50:1b:19:ac:7c:c4:07: da:35:44:44:89:76:f7:3e:b4:e4:35:e3:cf:8c:b4: aa:6d:34:27:52:e0:de:62:21:42:cc:27:20:85:d7: 99:d4:d2:f2:68:53:4b:fb:c7:64:a4:84:b2:c9:18: 3f:d6:f8:9a:c0:cb:b3:e5:ce:6f:23:af:63:55:35: bc:16:01:fc:a7:84:8f:66:5e:58:92:a1:4c:e4:80: 18:94:12:f0:35:ce:00:30:f9:10:f8:f6:d9:39:91: 19:70:3c:9c:f9:fc:8c:a3:24:ed:52:e1:f5:bf:4d: 89:99:93:ca:cc:84:5a:53:45:38:3c:c3:41:9d:03: a4:06:90:16:e6:47:a1:73:8f:d8:9d:0e:02:6a:ba: b6:ba:78:3c:0f:f7:b0:fe:30:b6:e3:5b:cc:35:25: 02:d4:83:83:4c:d7:9f:cc:86:1b:b1:f5:af:99:c7: fe:5c:49:38:a1:75:f3:c4:67:a5:fb:6d:c8:ad:d1: 65:a8:a4:d7:a4:dd:f1:8b:cf:b8:df:a1:dc:93:c4: 70:b7:e4:31:9e:0c:70:2b:a1:62:a5:ac:c9:ee:bb: 10:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:B1:55:91:1F:7F:2E:C7:78:F7:D2:7E:79:F2:49:36:47:A8:E5:59 X509v3 Authority Key Identifier: keyid:C4:71:0D:48:B4:E4:F2:B7:35:BE:4B:1B:5C:90:ED:B8:8D:26:9B:2C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BC2E3/9B4A489089A011ED83759346C4F9AE02/xHENSLTk8rc1vksbXJDtuI0mmyw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xHENSLTk8rc1vksbXJDtuI0mmyw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BC2E3/9B4A489089A011ED83759346C4F9AE02/xHENSLTk8rc1vksbXJDtuI0mmyw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1e:e8:21:2a:13:0a:62:f3:52:b0:e7:49:38:c3:92:c8:34:af: c5:0d:79:5e:2b:2d:00:07:9f:af:e2:65:70:cf:4b:05:ab:47: ba:3c:54:7d:a0:29:0f:ed:d3:d0:46:5a:b3:53:8d:41:fa:06: cc:cf:a5:a2:3d:5f:4d:77:2f:3c:80:b0:56:6d:64:e7:32:c8: 3e:7e:9a:d9:4a:4f:67:b4:7a:4b:b6:f4:a7:ad:eb:30:5f:90: e3:18:16:5f:65:61:4b:0d:5c:4f:f4:f6:87:90:d1:93:82:7e: 73:35:42:95:11:11:cd:1e:8d:f0:f4:24:19:34:8a:01:5c:bd: 49:c9:25:54:17:7d:46:b3:b5:3d:40:c6:2c:01:92:d5:9e:85: 07:aa:56:51:4b:2e:a6:97:cb:98:93:54:72:6d:6e:e8:dd:5e: 1c:68:33:3b:ed:7d:05:a7:e4:37:53:ac:18:f2:65:da:0d:c3: dd:c3:ee:9d:02:9e:8f:40:c3:fb:e9:f6:be:c6:0b:7a:95:2d: f6:20:33:89:c7:90:d0:2c:f6:3c:cb:0e:f4:9d:a4:e9:44:c0: 67:56:0e:01:a7:c1:e5:b4:74:43:5f:99:e8:01:bc:31:f9:69: c2:f4:a3:36:60:97:a5:68:87:51:52:32:4f:84:c9:b2:43:b3: 74:74:9d:3b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAdcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkMyRTMxMTAvBgNVBAUTKEM0NzEwRDQ4QjRFNEYyQjczNUJFNEIxQjVDOTBFREI4 OEQyNjlCMkMwHhcNMjUwNzAzMDI1MzEzWhcNMjUwNzEwMDI1MzEzWjAYMRYwFAYD VQQDEw02ODY1ZjA5OS0wMmYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5PgOD+OmdhgO2PVUpOUo4Er2rFHWjSylu72tK10jczLQ8GZnyFAbGax8xAfa NUREiXb3PrTkNePPjLSqbTQnUuDeYiFCzCcghdeZ1NLyaFNL+8dkpISyyRg/1via wMuz5c5vI69jVTW8FgH8p4SPZl5YkqFM5IAYlBLwNc4AMPkQ+PbZOZEZcDyc+fyM oyTtUuH1v02JmZPKzIRaU0U4PMNBnQOkBpAW5kehc4/YnQ4Carq2ung8D/ew/jC2 41vMNSUC1IODTNefzIYbsfWvmcf+XEk4oXXzxGel+23IrdFlqKTXpN3xi8+436Hc k8Rwt+QxngxwK6FipazJ7rsQbQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDKxVZEf fy7HePfSfnnySTZHqOVZMB8GA1UdIwQYMBaAFMRxDUi05PK3Nb5LG1yQ7biNJpss MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQzJFMy85QjRBNDg5MDg5 QTAxMUVEODM3NTkzNDZDNEY5QUUwMi94SEVOU0xUazhyYzF2a3NiWEpEdHVJMG1t eXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hIRU5TTFRrOHJjMXZrc2JYSkR0dUkwbW15dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QzJFMy85QjRBNDg5MDg5QTAxMUVEODM3NTkzNDZDNEY5QUUwMi94SEVOU0xUazhy YzF2a3NiWEpEdHVJMG1teXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAe6CEqEwpi81Kw50k4w5LINK/FDXleKy0AB5+v4mVwz0sFq0e6PFR9 oCkP7dPQRlqzU41B+gbMz6WiPV9Ndy88gLBWbWTnMsg+fprZSk9ntHpLtvSnresw X5DjGBZfZWFLDVxP9PaHkNGTgn5zNUKVERHNHo3w9CQZNIoBXL1JySVUF31Gs7U9 QMYsAZLVnoUHqlZRSy6ml8uYk1RybW7o3V4caDM77X0Fp+Q3U6wY8mXaDcPdw+6d Ap6PQMP76fa+xgt6lS32IDOJx5DQLPY8yw70naTpRMBnVg4Bp8HltHRDX5noAbwx +WnC9KM2YJelaIdRUjJPhMmyQ7N0dJ07 -----END CERTIFICATE-----Generated at Thu Jul 3 10:16:59 2025 by rpki-client