$ rpki-client -vvf rpki.apnic.net/member_repository/A91BF28F/7DDC5A2E554711EDB47B332BC4F9AE02/hs2LQhipuaG84vrF7m3HhbAKkx0.mft File: hs2LQhipuaG84vrF7m3HhbAKkx0.mft (raw, json) Hash identifier: n8r4ycGxHDqy8ucng5TIDbYiMhAlHz0dphrhlkTqJsU= Subject key identifier: C3:AC:04:49:81:8F:92:AA:DB:53:AD:34:31:A3:2E:4B:96:EA:64:8F Authority key identifier: 86:CD:8B:42:18:A9:B9:A1:BC:E2:FA:C5:EE:6D:C7:85:B0:0A:93:1D Certificate issuer: /CN=A91BF28F/serialNumber=86CD8B4218A9B9A1BCE2FAC5EE6DC785B00A931D Certificate serial: 022A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hs2LQhipuaG84vrF7m3HhbAKkx0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BF28F/7DDC5A2E554711EDB47B332BC4F9AE02/hs2LQhipuaG84vrF7m3HhbAKkx0.mft Manifest number: 0208 Signing time: Tue 13 May 2025 01:59:46 +0000 Manifest this update: Tue 13 May 2025 01:59:45 +0000 Manifest next update: Tue 20 May 2025 01:59:45 +0000 Files and hashes: 1: hs2LQhipuaG84vrF7m3HhbAKkx0.crl (hash: m92hfjn7a1wfKknIgXjBfEzH7xSjZ/JRf3W8O8+XhXU=) 2: FB9DB0B8778011EFA197A558C4F9AE02.roa (hash: bOpqrbhh4Bh4AWp/OZ52rop88bWyVMsrGceDfsrfghM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BF28F/7DDC5A2E554711EDB47B332BC4F9AE02/hs2LQhipuaG84vrF7m3HhbAKkx0.crl rsync://rpki.apnic.net/member_repository/A91BF28F/7DDC5A2E554711EDB47B332BC4F9AE02/hs2LQhipuaG84vrF7m3HhbAKkx0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hs2LQhipuaG84vrF7m3HhbAKkx0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 01:59:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 554 (0x22a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BF28F, serialNumber=86CD8B4218A9B9A1BCE2FAC5EE6DC785B00A931D Validity Not Before: May 13 01:59:45 2025 GMT Not After : May 20 01:59:45 2025 GMT Subject: CN=6822a792-ba19 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:48:35:3f:fe:83:dd:b7:b8:7b:54:73:50:46: f5:62:ba:a7:1b:80:95:2c:8a:a5:36:11:8d:50:0b: 61:21:e2:4b:b9:64:a7:f6:61:e3:ef:a6:d7:eb:e6: 21:2d:fb:e8:a2:40:db:d2:cf:72:a6:ab:f8:17:f0: a6:50:b5:1b:9a:02:c8:89:17:ea:c1:ea:d7:28:e8: 95:c9:b1:fb:44:44:c8:2d:a2:9c:ac:f4:ca:31:90: 6c:72:08:96:ff:af:60:d0:8f:5e:ce:a5:b0:24:7e: a7:6d:5d:e5:b3:ba:20:94:8d:cb:40:2b:4a:03:b8: 9d:63:fb:fa:1b:00:b4:08:2d:0a:6a:38:cf:fa:c4: 11:9b:da:21:5c:4f:4a:aa:a4:8c:18:b0:62:44:3c: a0:f8:d3:73:5c:45:56:79:1d:e0:c4:b0:94:8c:84: d6:a2:99:82:95:dc:58:36:59:24:b2:5e:d0:89:ec: 9e:75:f1:e2:ef:a1:3b:bb:9f:9b:27:47:11:90:9b: db:fd:de:99:75:fe:86:2a:78:27:28:83:80:0e:f3: 0a:58:56:4a:e9:4e:40:07:fb:c9:95:cc:f8:02:33: ba:bd:b2:1f:6e:b2:cd:84:f2:75:fb:f3:16:d2:af: 9d:57:44:1a:b7:c9:0c:32:c3:da:ee:d2:4e:02:52: 61:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:AC:04:49:81:8F:92:AA:DB:53:AD:34:31:A3:2E:4B:96:EA:64:8F X509v3 Authority Key Identifier: keyid:86:CD:8B:42:18:A9:B9:A1:BC:E2:FA:C5:EE:6D:C7:85:B0:0A:93:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BF28F/7DDC5A2E554711EDB47B332BC4F9AE02/hs2LQhipuaG84vrF7m3HhbAKkx0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hs2LQhipuaG84vrF7m3HhbAKkx0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BF28F/7DDC5A2E554711EDB47B332BC4F9AE02/hs2LQhipuaG84vrF7m3HhbAKkx0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 30:1d:34:60:06:2f:3e:6d:e6:aa:a6:3c:f4:8d:6f:f8:16:be: c4:ee:99:9b:14:5f:f4:a6:d7:39:b5:b6:f0:87:86:82:9f:61: e9:dd:63:24:a6:a4:5c:61:5f:ac:24:fb:89:31:3e:45:0d:0a: 60:0a:6b:3e:96:48:28:e9:1c:4f:c9:57:b9:28:90:53:ce:81: 41:e7:e0:38:f9:25:6a:60:04:22:90:48:60:de:51:a8:97:fb: 1b:fa:72:c2:5f:45:07:d2:c0:e6:2b:fa:2e:0f:aa:fd:e0:23: fa:3f:f0:2c:77:d1:47:7a:8c:96:33:b3:eb:9e:2e:5d:03:f8: f7:21:1f:de:a9:b0:fa:d2:c3:68:c4:2a:8c:0f:eb:0f:ec:4c: 97:c8:62:db:f1:e8:99:b0:c7:73:f3:5d:27:cd:e2:7e:d7:b6: e8:d0:db:03:d0:be:c2:7b:00:d8:0a:58:72:0d:0b:fa:c0:6f: a7:54:2a:1c:9b:2f:8c:2e:87:14:5e:7b:70:5a:46:96:82:36: f9:19:01:9c:41:be:84:1c:e1:58:69:50:cd:cf:df:1d:e5:ae: 0b:bb:df:de:39:b7:76:82:b2:f4:55:68:84:c2:16:cf:8d:51: 2d:32:1b:9d:0b:04:f0:17:64:90:10:d3:79:c5:1b:05:3b:76: c5:23:47:e9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAiowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkYyOEYxMTAvBgNVBAUTKDg2Q0Q4QjQyMThBOUI5QTFCQ0UyRkFDNUVFNkRDNzg1 QjAwQTkzMUQwHhcNMjUwNTEzMDE1OTQ1WhcNMjUwNTIwMDE1OTQ1WjAYMRYwFAYD VQQDEw02ODIyYTc5Mi1iYTE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvkg1P/6D3be4e1RzUEb1YrqnG4CVLIqlNhGNUAthIeJLuWSn9mHj76bX6+Yh LfvookDb0s9ypqv4F/CmULUbmgLIiRfqwerXKOiVybH7RETILaKcrPTKMZBscgiW /69g0I9ezqWwJH6nbV3ls7oglI3LQCtKA7idY/v6GwC0CC0KajjP+sQRm9ohXE9K qqSMGLBiRDyg+NNzXEVWeR3gxLCUjITWopmCldxYNlkksl7QieyedfHi76E7u5+b J0cRkJvb/d6Zdf6GKngnKIOADvMKWFZK6U5AB/vJlcz4AjO6vbIfbrLNhPJ1+/MW 0q+dV0Qat8kMMsPa7tJOAlJhBQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMOsBEmB j5Kq21OtNDGjLkuW6mSPMB8GA1UdIwQYMBaAFIbNi0IYqbmhvOL6xe5tx4WwCpMd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRjI4Ri83RERDNUEyRTU1 NDcxMUVEQjQ3QjMzMkJDNEY5QUUwMi9oczJMUWhpcHVhRzg0dnJGN20zSGhiQUtr eDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hzMkxRaGlwdWFHODR2ckY3bTNIaGJBS2t4MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC RjI4Ri83RERDNUEyRTU1NDcxMUVEQjQ3QjMzMkJDNEY5QUUwMi9oczJMUWhpcHVh Rzg0dnJGN20zSGhiQUtreDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAwHTRgBi8+beaqpjz0jW/4Fr7E7pmbFF/0ptc5tbbwh4aCn2Hp3WMk pqRcYV+sJPuJMT5FDQpgCms+lkgo6RxPyVe5KJBTzoFB5+A4+SVqYAQikEhg3lGo l/sb+nLCX0UH0sDmK/ouD6r94CP6P/Asd9FHeoyWM7Prni5dA/j3IR/eqbD60sNo xCqMD+sP7EyXyGLb8eiZsMdz810nzeJ+17bo0NsD0L7CewDYClhyDQv6wG+nVCoc my+MLocUXntwWkaWgjb5GQGcQb6EHOFYaVDNz98d5a4Lu9/eObd2grL0VWiEwhbP jVEtMhudCwTwF2SQENN5xRsFO3bFI0fp -----END CERTIFICATE-----Generated at Wed May 14 11:18:49 2025 by rpki-client