$ rpki-client -vvf rpki.apnic.net/member_repository/A91BEB11/9F43587E1D9A11E29AF6FC8708B02CD2/hsjX-0IuFSejmUSD0fne8sYKMHI.mft File: hsjX-0IuFSejmUSD0fne8sYKMHI.mft (raw, json) Hash identifier: PYSwHNQJmQJBjFZV7cf+c9gUBfR3LY1SzC5vcdyNjHw= Subject key identifier: 50:68:67:FC:4F:B1:ED:14:DB:41:25:75:B9:2E:5E:A4:6C:76:EE:38 Authority key identifier: 86:C8:D7:FB:42:2E:15:27:A3:99:44:83:D1:F9:DE:F2:C6:0A:30:72 Certificate issuer: /CN=A91BEB11/serialNumber=86C8D7FB422E1527A3994483D1F9DEF2C60A3072 Certificate serial: 3479 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hsjX-0IuFSejmUSD0fne8sYKMHI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BEB11/9F43587E1D9A11E29AF6FC8708B02CD2/hsjX-0IuFSejmUSD0fne8sYKMHI.mft Manifest number: 3479 Signing time: Sat 10 May 2025 14:54:24 +0000 Manifest this update: Sat 10 May 2025 14:54:24 +0000 Manifest next update: Sat 17 May 2025 14:54:24 +0000 Files and hashes: 1: hsjX-0IuFSejmUSD0fne8sYKMHI.crl (hash: dzepoxKWiWsEdn03Ksx3VD/xqfgXFuGiC4oJlrrxWmY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BEB11/9F43587E1D9A11E29AF6FC8708B02CD2/hsjX-0IuFSejmUSD0fne8sYKMHI.crl rsync://rpki.apnic.net/member_repository/A91BEB11/9F43587E1D9A11E29AF6FC8708B02CD2/hsjX-0IuFSejmUSD0fne8sYKMHI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hsjX-0IuFSejmUSD0fne8sYKMHI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 14:54:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13433 (0x3479) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BEB11, serialNumber=86C8D7FB422E1527A3994483D1F9DEF2C60A3072 Validity Not Before: May 10 14:54:24 2025 GMT Not After : May 17 14:54:24 2025 GMT Subject: CN=681f68a0-f877 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:45:03:18:b5:d2:bb:8b:95:2e:14:bd:af:3d: 5c:d7:a0:95:d4:80:27:ad:b7:9a:0b:1c:06:24:3e: 68:bb:36:eb:a4:bf:ad:49:11:e2:3e:b5:75:87:be: 7b:dc:ad:4b:0c:79:12:46:55:73:46:c8:47:01:a8: 19:11:ef:de:02:0b:42:ac:88:fc:3d:46:6a:08:22: 60:a1:cb:75:4c:77:1f:db:78:c6:13:8b:bf:4c:a3: 13:0c:e9:60:e4:01:59:53:9f:de:15:7b:ed:f2:5e: f8:93:af:24:20:33:80:5a:2e:89:65:b3:cf:0d:f5: c9:79:9f:e0:54:2b:ab:1d:d6:45:a5:e4:4f:65:9d: d5:df:e7:81:b2:de:5e:1e:d6:e2:6a:96:c8:0f:a5: 2b:2c:a8:08:cc:76:42:72:22:8c:6a:8f:29:81:84: 1f:09:cf:d7:2b:40:44:f7:f2:e7:56:18:b7:e2:da: f1:f9:0b:70:2c:4a:7d:db:49:9d:de:25:f3:06:16: 9e:90:cc:b3:52:b7:04:de:e5:03:c5:e0:d1:c7:0e: 1f:13:89:01:75:9f:c1:00:f4:e6:88:a8:69:e6:b0: 3a:8b:8a:1d:6c:3e:3a:1b:4b:00:d8:b3:95:28:af: 43:fa:a4:e3:5f:c1:f0:f8:25:14:e2:83:b7:e0:f4: 76:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:68:67:FC:4F:B1:ED:14:DB:41:25:75:B9:2E:5E:A4:6C:76:EE:38 X509v3 Authority Key Identifier: keyid:86:C8:D7:FB:42:2E:15:27:A3:99:44:83:D1:F9:DE:F2:C6:0A:30:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BEB11/9F43587E1D9A11E29AF6FC8708B02CD2/hsjX-0IuFSejmUSD0fne8sYKMHI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hsjX-0IuFSejmUSD0fne8sYKMHI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BEB11/9F43587E1D9A11E29AF6FC8708B02CD2/hsjX-0IuFSejmUSD0fne8sYKMHI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 19:ac:27:e5:47:a2:86:e1:2e:34:1f:c9:db:e6:bb:69:5b:89: ff:41:d5:5c:40:0e:f4:1d:f4:5d:5a:65:f3:00:d5:c5:98:d0: 95:92:4a:58:b0:08:16:3f:0c:6b:03:77:cb:6d:19:bd:cb:5e: 00:f5:ce:6a:d8:2e:94:b1:84:84:5d:19:e7:81:27:d1:c0:aa: 46:c3:1f:07:73:8f:6f:62:fc:1f:22:a2:04:16:00:9e:a4:b4: 4a:43:3f:73:a5:3c:c9:ec:28:11:26:16:40:76:0b:14:f5:95: 55:98:28:ea:89:4a:82:ed:00:ef:b1:e6:7b:06:d5:51:76:9d: 43:0b:d9:90:2e:b3:a6:ab:ac:16:6f:a0:20:19:4c:35:8a:b3: 7c:12:7a:7b:79:e5:e6:72:01:85:da:b4:c4:1b:2a:86:be:f9: c8:f7:9b:38:bf:25:a3:6a:b4:c2:72:d0:b2:cf:8a:1a:9f:93: 6a:81:fa:42:33:c2:44:ca:9e:49:78:19:70:a2:e2:ed:96:ea: fa:f6:5c:c4:06:d6:cb:69:92:4e:c6:c3:f4:47:f8:52:00:f9: 3a:6f:2b:25:e7:62:d5:cc:b4:86:c8:56:d6:04:4b:bb:6d:d0: c5:a6:af:69:ff:7c:ff:a7:88:8e:c5:4f:26:fa:9e:56:ad:3c: 41:fe:ee:00 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNHkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkVCMTExMTAvBgNVBAUTKDg2QzhEN0ZCNDIyRTE1MjdBMzk5NDQ4M0QxRjlERUYy QzYwQTMwNzIwHhcNMjUwNTEwMTQ1NDI0WhcNMjUwNTE3MTQ1NDI0WjAYMRYwFAYD VQQDEw02ODFmNjhhMC1mODc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs0UDGLXSu4uVLhS9rz1c16CV1IAnrbeaCxwGJD5ouzbrpL+tSRHiPrV1h757 3K1LDHkSRlVzRshHAagZEe/eAgtCrIj8PUZqCCJgoct1THcf23jGE4u/TKMTDOlg 5AFZU5/eFXvt8l74k68kIDOAWi6JZbPPDfXJeZ/gVCurHdZFpeRPZZ3V3+eBst5e HtbiapbID6UrLKgIzHZCciKMao8pgYQfCc/XK0BE9/LnVhi34trx+QtwLEp920md 3iXzBhaekMyzUrcE3uUDxeDRxw4fE4kBdZ/BAPTmiKhp5rA6i4odbD46G0sA2LOV KK9D+qTjX8Hw+CUU4oO34PR24QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFBoZ/xP se0U20EldbkuXqRsdu44MB8GA1UdIwQYMBaAFIbI1/tCLhUno5lEg9H53vLGCjBy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRUIxMS85RjQzNTg3RTFE OUExMUUyOUFGNkZDODcwOEIwMkNEMi9oc2pYLTBJdUZTZWptVVNEMGZuZThzWUtN SEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hzalgtMEl1RlNlam1VU0QwZm5lOHNZS01ISS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC RUIxMS85RjQzNTg3RTFEOUExMUUyOUFGNkZDODcwOEIwMkNEMi9oc2pYLTBJdUZT ZWptVVNEMGZuZThzWUtNSEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAZrCflR6KG4S40H8nb5rtpW4n/QdVcQA70HfRdWmXzANXFmNCVkkpY sAgWPwxrA3fLbRm9y14A9c5q2C6UsYSEXRnngSfRwKpGwx8Hc49vYvwfIqIEFgCe pLRKQz9zpTzJ7CgRJhZAdgsU9ZVVmCjqiUqC7QDvseZ7BtVRdp1DC9mQLrOmq6wW b6AgGUw1irN8Enp7eeXmcgGF2rTEGyqGvvnI95s4vyWjarTCctCyz4oan5NqgfpC M8JEyp5JeBlwouLtlur69lzEBtbLaZJOxsP0R/hSAPk6bysl52LVzLSGyFbWBEu7 bdDFpq9p/3z/p4iOxU8m+p5WrTxB/u4A -----END CERTIFICATE-----Generated at Mon May 12 10:59:24 2025 by rpki-client