$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.mft File: hpBNLQLbigWb7ZOPL46u88Qgb9A.mft (raw, json) Hash identifier: 3VNNFR+TuHDkfC90sFUrLjVLcg/dDC8oqFoXU8PnD/s= Subject key identifier: 2F:08:C3:51:C3:27:6B:34:59:AE:56:D9:57:18:1A:BE:01:A0:CD:66 Authority key identifier: 86:90:4D:2D:02:DB:8A:05:9B:ED:93:8F:2F:8E:AE:F3:C4:20:6F:D0 Certificate issuer: /CN=A91D4ACD/serialNumber=86904D2D02DB8A059BED938F2F8EAEF3C4206FD0 Certificate serial: 7E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hpBNLQLbigWb7ZOPL46u88Qgb9A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.mft Manifest number: 7D Signing time: Sun 11 May 2025 05:28:42 +0000 Manifest this update: Sun 11 May 2025 05:28:41 +0000 Manifest next update: Sun 18 May 2025 05:28:41 +0000 Files and hashes: 1: hpBNLQLbigWb7ZOPL46u88Qgb9A.crl (hash: i9QWnWMgNMd9yV5xoRq0L1IEH4oqx91XX9DCwaUlZEw=) 2: 388D7E38797D11EF8CA64711C4F9AE02.roa (hash: psVpSVTIe8+AZiKNpgFs07aLN6Bb1+TjrtoRE57p52A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.crl rsync://rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hpBNLQLbigWb7ZOPL46u88Qgb9A.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 05:28:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 126 (0x7e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D4ACD, serialNumber=86904D2D02DB8A059BED938F2F8EAEF3C4206FD0 Validity Not Before: May 11 05:28:41 2025 GMT Not After : May 18 05:28:41 2025 GMT Subject: CN=6820358a-4dd0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:df:fb:10:67:e4:7f:16:e4:f1:74:b6:ce:c2: 6e:d5:08:2d:f7:a5:6d:40:52:80:4c:f0:ef:97:d1: 0a:5f:1f:fa:89:f7:06:04:4d:10:0d:1b:ed:45:d6: 04:98:42:19:f1:9f:ad:b0:8e:7e:c6:04:e5:7c:65: f6:06:01:5a:f4:46:e0:4b:ed:e1:e5:52:bd:e2:83: 52:d6:8d:3e:be:33:89:c3:e4:a9:a9:c8:53:90:8c: 34:6a:50:8c:20:d6:02:71:0d:ac:ac:43:7b:79:4b: 13:bf:e6:b1:57:d8:b8:a8:48:4a:22:64:1a:6a:a7: 23:b7:b7:64:ec:a5:62:84:80:eb:98:9c:16:f4:68: 97:de:df:b6:19:65:a9:50:65:b7:7c:11:82:7f:6c: db:31:8d:d0:a2:54:71:f8:3f:aa:d6:de:f7:8e:0a: d5:f0:f2:38:c7:a4:4b:32:67:9d:ba:ea:d7:9a:41: 04:f8:a3:2f:eb:c7:82:38:76:89:7b:a9:31:ee:92: d7:0a:b2:ce:12:df:e3:13:ef:a5:27:93:42:65:f6: 0a:0c:20:76:9b:8b:79:97:38:fe:ca:35:a2:69:18: 2a:5d:ac:49:f0:ee:ee:39:00:7d:ce:0b:8b:69:57: 6b:2c:97:5e:d8:98:64:e3:ad:43:01:ce:47:50:3a: 2b:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:08:C3:51:C3:27:6B:34:59:AE:56:D9:57:18:1A:BE:01:A0:CD:66 X509v3 Authority Key Identifier: keyid:86:90:4D:2D:02:DB:8A:05:9B:ED:93:8F:2F:8E:AE:F3:C4:20:6F:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hpBNLQLbigWb7ZOPL46u88Qgb9A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0a:dc:49:02:8d:a8:73:07:5a:a7:cf:e3:42:8a:1c:17:5e:9d: 4c:04:81:b7:fc:fa:4a:3c:96:52:b7:41:c8:44:e5:d6:ff:25: d7:2d:78:56:06:89:33:a4:c3:30:37:13:3a:55:7e:84:d1:9f: a4:82:b5:2a:02:a3:dc:59:ae:ae:7f:26:a7:d3:c1:85:73:9a: 50:27:73:b9:cd:c3:69:cf:78:1a:1d:96:57:20:11:93:cf:e3: 74:71:d1:2c:64:2c:49:86:90:ac:35:23:d2:d9:67:b8:29:2f: 7f:c7:bd:40:1e:93:d3:f5:1b:ca:35:dc:46:9b:57:ca:05:ec: 13:95:19:4f:54:59:f5:db:37:8b:b0:72:4e:1c:c5:87:b5:e0: d1:88:e0:42:e2:cf:23:08:a3:99:24:bf:aa:15:c2:f7:ac:fb: aa:e5:ed:6d:f4:7e:aa:80:68:38:7e:52:bd:d0:69:7f:dd:2e: 4c:c9:b8:39:9b:01:d1:d6:6b:e2:79:d7:e1:7d:fb:4b:13:e8: ba:19:fa:4b:19:66:85:63:1f:65:c4:b0:4a:61:c3:dc:eb:4d: f8:75:30:1d:17:20:a5:12:38:0d:36:99:bf:4e:50:54:ad:39: 1f:44:58:bc:85:3d:5f:3d:d3:ea:59:f3:0b:8a:fe:54:13:32: 95:18:b3:d3 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBfjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE NEFDRDExMC8GA1UEBRMoODY5MDREMkQwMkRCOEEwNTlCRUQ5MzhGMkY4RUFFRjND NDIwNkZEMDAeFw0yNTA1MTEwNTI4NDFaFw0yNTA1MTgwNTI4NDFaMBgxFjAUBgNV BAMTDTY4MjAzNThhLTRkZDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDs3/sQZ+R/FuTxdLbOwm7VCC33pW1AUoBM8O+X0QpfH/qJ9wYETRANG+1F1gSY Qhnxn62wjn7GBOV8ZfYGAVr0RuBL7eHlUr3ig1LWjT6+M4nD5KmpyFOQjDRqUIwg 1gJxDaysQ3t5SxO/5rFX2LioSEoiZBpqpyO3t2TspWKEgOuYnBb0aJfe37YZZalQ Zbd8EYJ/bNsxjdCiVHH4P6rW3veOCtXw8jjHpEsyZ5266teaQQT4oy/rx4I4dol7 qTHuktcKss4S3+MT76Unk0Jl9goMIHabi3mXOP7KNaJpGCpdrEnw7u45AH3OC4tp V2ssl17YmGTjrUMBzkdQOivhAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQULwjDUcMn azRZrlbZVxgavgGgzWYwHwYDVR0jBBgwFoAUhpBNLQLbigWb7ZOPL46u88Qgb9Aw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ0QUNELzFGNTM1NjlFNzU2 RTExRUY5Q0E0NkU1MUM0RjlBRTAyL2hwQk5MUUxiaWdXYjdaT1BMNDZ1ODhRZ2I5 QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvaHBCTkxRTGJpZ1diN1pPUEw0NnU4OFFnYjlBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ0 QUNELzFGNTM1NjlFNzU2RTExRUY5Q0E0NkU1MUM0RjlBRTAyL2hwQk5MUUxiaWdX YjdaT1BMNDZ1ODhRZ2I5QS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAArcSQKNqHMHWqfP40KKHBdenUwEgbf8+ko8llK3QchE5db/JdcteFYG iTOkwzA3EzpVfoTRn6SCtSoCo9xZrq5/JqfTwYVzmlAnc7nNw2nPeBodllcgEZPP 43Rx0SxkLEmGkKw1I9LZZ7gpL3/HvUAek9P1G8o13EabV8oF7BOVGU9UWfXbN4uw ck4cxYe14NGI4ELizyMIo5kkv6oVwves+6rl7W30fqqAaDh+Ur3QaX/dLkzJuDmb AdHWa+J51+F9+0sT6LoZ+ksZZoVjH2XEsEphw9zrTfh1MB0XIKUSOA02mb9OUFSt OR9EWLyFPV890+pZ8wuK/lQTMpUYs9M= -----END CERTIFICATE-----Generated at Mon May 12 04:40:05 2025 by rpki-client