$ rpki-client -vvf rpki.apnic.net/member_repository/A91D0B6B/7EC0076CFE3F11EF8FA27752C4F9AE02/hXm-LYNFaC8nrucGK71O92ZOVxs.mft File: hXm-LYNFaC8nrucGK71O92ZOVxs.mft (raw, json) Hash identifier: 018jyWWO8j+4JNJ6Kdf+mFrlpxNVFUIc5NiQP2gUwis= Subject key identifier: 5B:7F:91:85:28:15:99:C9:C2:3F:2A:D9:10:78:A4:9A:55:B0:2D:FD Authority key identifier: 85:79:BE:2D:83:45:68:2F:27:AE:E7:06:2B:BD:4E:F7:66:4E:57:1B Certificate issuer: /CN=A91D0B6B/serialNumber=8579BE2D8345682F27AEE7062BBD4EF7664E571B Certificate serial: 23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hXm-LYNFaC8nrucGK71O92ZOVxs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D0B6B/7EC0076CFE3F11EF8FA27752C4F9AE02/hXm-LYNFaC8nrucGK71O92ZOVxs.mft Manifest number: 23 Signing time: Thu 15 May 2025 07:08:37 +0000 Manifest this update: Thu 15 May 2025 07:08:36 +0000 Manifest next update: Thu 22 May 2025 07:08:36 +0000 Files and hashes: 1: hXm-LYNFaC8nrucGK71O92ZOVxs.crl (hash: xXPJwACPTKEAJmotFtZF+yXJXfHwny4ZoMyryOCEW7A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D0B6B/7EC0076CFE3F11EF8FA27752C4F9AE02/hXm-LYNFaC8nrucGK71O92ZOVxs.crl rsync://rpki.apnic.net/member_repository/A91D0B6B/7EC0076CFE3F11EF8FA27752C4F9AE02/hXm-LYNFaC8nrucGK71O92ZOVxs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hXm-LYNFaC8nrucGK71O92ZOVxs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 22 May 2025 07:08:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35 (0x23) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D0B6B, serialNumber=8579BE2D8345682F27AEE7062BBD4EF7664E571B Validity Not Before: May 15 07:08:36 2025 GMT Not After : May 22 07:08:36 2025 GMT Subject: CN=682592f4-ea6e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:5a:b9:33:3b:51:ec:b2:8c:bc:e9:0b:1e:a1: a6:14:ac:18:29:5d:ed:e4:c7:33:15:4d:63:ae:71: 4c:fb:5b:48:36:2a:9b:2e:06:6e:25:18:74:38:43: f5:6c:22:e5:0b:06:bc:ea:68:06:8e:5d:84:05:a9: 8a:cd:52:a9:4c:2b:1b:72:3f:40:30:97:bb:60:b3: 15:a7:0e:ca:25:4b:38:0b:5a:4b:ac:5c:df:ca:ad: 9e:19:b7:f6:9b:82:f4:e3:5a:a0:38:8e:25:f6:36: 51:91:90:55:96:ab:e6:3a:51:17:22:35:0c:87:b4: be:3d:7a:ba:2d:70:2e:11:b4:8f:42:c4:4b:25:c4: 83:48:2c:fb:e1:3d:a4:aa:76:83:7a:9c:b2:96:f1: 3e:08:36:d6:0c:ae:07:bb:11:a2:9b:b0:85:22:f9: e2:1b:19:8e:e1:3a:ea:a6:fb:95:c1:2f:14:27:f4: c1:e3:fb:e5:fc:35:ad:83:7a:42:5e:0e:05:7a:25: 61:67:eb:1c:e7:6b:9d:60:88:7c:a3:80:20:5a:0e: 63:b8:38:5c:33:12:01:f5:1c:3e:9d:0c:97:75:ab: 74:43:7a:4b:c0:91:68:ac:7a:ea:89:b1:9d:17:e1: 5b:90:6f:f7:ca:28:0b:e8:6f:a9:a1:aa:37:bc:75: 40:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:7F:91:85:28:15:99:C9:C2:3F:2A:D9:10:78:A4:9A:55:B0:2D:FD X509v3 Authority Key Identifier: keyid:85:79:BE:2D:83:45:68:2F:27:AE:E7:06:2B:BD:4E:F7:66:4E:57:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D0B6B/7EC0076CFE3F11EF8FA27752C4F9AE02/hXm-LYNFaC8nrucGK71O92ZOVxs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hXm-LYNFaC8nrucGK71O92ZOVxs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D0B6B/7EC0076CFE3F11EF8FA27752C4F9AE02/hXm-LYNFaC8nrucGK71O92ZOVxs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 60:ce:a6:00:76:0b:a0:d6:98:51:a9:56:75:20:bb:b8:b1:12: 13:48:ee:dd:0f:13:23:a5:f5:67:e1:2b:7c:82:1d:7e:33:95: 53:6e:2b:fd:cd:2b:43:82:0a:7b:9d:72:89:91:37:bb:d7:9e: 49:96:cd:a0:49:7f:0b:dc:1c:db:80:13:12:b7:11:9a:62:36: f8:9b:7e:5c:59:32:a8:ef:26:f3:95:fb:f5:66:17:6c:66:57: b4:92:5f:54:e1:d1:69:94:d7:0b:88:86:0b:e8:6f:19:d9:d6: 9d:70:82:0d:65:db:15:3f:42:45:d8:94:2e:b2:c9:a8:41:dd: 74:c4:b7:4c:c2:00:47:72:40:fd:4d:32:17:b7:54:9d:cc:42: a9:8b:b7:d3:d3:ad:96:c9:20:35:95:1a:13:ff:19:4b:82:2b: 80:e3:05:f7:33:2a:61:65:f6:7c:f4:d6:41:b5:a5:43:58:2b: 23:13:a2:f8:d5:c0:c1:e2:97:30:32:12:9a:53:ab:71:6c:5d: ac:76:b8:57:38:72:a2:3c:27:27:e0:f3:21:54:16:7a:9d:91: 4c:71:a4:43:a4:df:b3:06:85:a1:ad:74:58:16:39:77:89:97: a7:28:6a:1e:15:a0:92:fe:38:68:c1:a1:18:47:41:f9:13:db: 5a:30:4e:68 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBIzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE MEI2QjExMC8GA1UEBRMoODU3OUJFMkQ4MzQ1NjgyRjI3QUVFNzA2MkJCRDRFRjc2 NjRFNTcxQjAeFw0yNTA1MTUwNzA4MzZaFw0yNTA1MjIwNzA4MzZaMBgxFjAUBgNV BAMTDTY4MjU5MmY0LWVhNmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCsWrkzO1Hssoy86QseoaYUrBgpXe3kxzMVTWOucUz7W0g2KpsuBm4lGHQ4Q/Vs IuULBrzqaAaOXYQFqYrNUqlMKxtyP0Awl7tgsxWnDsolSzgLWkusXN/KrZ4Zt/ab gvTjWqA4jiX2NlGRkFWWq+Y6URciNQyHtL49erotcC4RtI9CxEslxINILPvhPaSq doN6nLKW8T4INtYMrge7EaKbsIUi+eIbGY7hOuqm+5XBLxQn9MHj++X8Na2DekJe DgV6JWFn6xzna51giHyjgCBaDmO4OFwzEgH1HD6dDJd1q3RDekvAkWiseuqJsZ0X 4VuQb/fKKAvob6mhqje8dUBjAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUW3+RhSgV mcnCPyrZEHikmlWwLf0wHwYDVR0jBBgwFoAUhXm+LYNFaC8nrucGK71O92ZOVxsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQwQjZCLzdFQzAwNzZDRkUz RjExRUY4RkEyNzc1MkM0RjlBRTAyL2hYbS1MWU5GYUM4bnJ1Y0dLNzFPOTJaT1Z4 cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaFhtLUxZTkZhQzhucnVjR0s3MU85MlpPVnhzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQw QjZCLzdFQzAwNzZDRkUzRjExRUY4RkEyNzc1MkM0RjlBRTAyL2hYbS1MWU5GYUM4 bnJ1Y0dLNzFPOTJaT1Z4cy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGDOpgB2C6DWmFGpVnUgu7ixEhNI7t0PEyOl9WfhK3yCHX4zlVNuK/3N K0OCCnudcomRN7vXnkmWzaBJfwvcHNuAExK3EZpiNvibflxZMqjvJvOV+/VmF2xm V7SSX1Th0WmU1wuIhgvobxnZ1p1wgg1l2xU/QkXYlC6yyahB3XTEt0zCAEdyQP1N Mhe3VJ3MQqmLt9PTrZbJIDWVGhP/GUuCK4DjBfczKmFl9nz01kG1pUNYKyMTovjV wMHilzAyEppTq3FsXax2uFc4cqI8Jyfg8yFUFnqdkUxxpEOk37MGhaGtdFgWOXeJ l6coah4VoJL+OGjBoRhHQfkT21owTmg= -----END CERTIFICATE-----Generated at Fri May 16 05:05:26 2025 by rpki-client