$ rpki-client -vvf rpki.apnic.net/member_repository/A91D894F/0AF45E36012A11EFA5FD916FC4F9AE02/hbFKiQub1JgNl-Qbs5H8yYUPy3g.mft File: hbFKiQub1JgNl-Qbs5H8yYUPy3g.mft (raw, json) Hash identifier: CjwAt8rRlq0X3Xbs6ZBZOa7nHLkucGS+QjnMmwk9GjU= Subject key identifier: DD:8F:EC:74:AD:F2:DD:1B:24:5B:71:94:7D:4D:78:BB:94:F2:EA:1A Authority key identifier: 85:B1:4A:89:0B:9B:D4:98:0D:97:E4:1B:B3:91:FC:C9:85:0F:CB:78 Certificate issuer: /CN=A91D894F/serialNumber=85B14A890B9BD4980D97E41BB391FCC9850FCB78 Certificate serial: D2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hbFKiQub1JgNl-Qbs5H8yYUPy3g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D894F/0AF45E36012A11EFA5FD916FC4F9AE02/hbFKiQub1JgNl-Qbs5H8yYUPy3g.mft Manifest number: CA Signing time: Tue 13 May 2025 04:58:38 +0000 Manifest this update: Tue 13 May 2025 04:58:37 +0000 Manifest next update: Tue 20 May 2025 04:58:37 +0000 Files and hashes: 1: hbFKiQub1JgNl-Qbs5H8yYUPy3g.crl (hash: 4uDOViKyXjDWtGmQGLww+uNOjJ3MVe1j75pPe2WSY74=) 2: 61A59876012A11EFB75C350FC4F9AE02.roa (hash: eAATcw+wwIntluEWHwykA3g4lnWZ04SXuQGRkoYM9h4=) 3: 612992C6012A11EFB75C350FC4F9AE02.roa (hash: kIIwTAeW+pDEZ3yhH1JwOUrEmJAAi9ldowt4J7C/CXc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D894F/0AF45E36012A11EFA5FD916FC4F9AE02/hbFKiQub1JgNl-Qbs5H8yYUPy3g.crl rsync://rpki.apnic.net/member_repository/A91D894F/0AF45E36012A11EFA5FD916FC4F9AE02/hbFKiQub1JgNl-Qbs5H8yYUPy3g.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hbFKiQub1JgNl-Qbs5H8yYUPy3g.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 04:58:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 210 (0xd2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D894F, serialNumber=85B14A890B9BD4980D97E41BB391FCC9850FCB78 Validity Not Before: May 13 04:58:37 2025 GMT Not After : May 20 04:58:37 2025 GMT Subject: CN=6822d17e-ddff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:2f:35:6e:bf:7a:37:e7:96:be:78:b4:d0:00: 46:e1:43:17:4d:5e:47:d5:06:d5:2a:c0:b0:c5:c4: 5e:6e:49:f6:2f:b1:40:fb:01:bb:3a:01:47:54:37: 7a:f7:47:08:45:bc:13:10:c0:39:21:be:24:01:b8: 53:47:8d:cd:44:6c:41:73:e2:d5:82:bd:78:a3:96: d3:ea:02:51:c3:d7:aa:ca:96:cb:8f:72:3c:09:ac: 2b:2c:eb:a9:88:72:17:75:3d:cf:d9:94:45:79:f9: 76:b0:e6:38:f2:cc:8e:65:1c:5f:45:a3:3f:21:34: 4a:ed:37:0f:37:53:57:8b:3f:d6:5b:b0:4a:ae:51: a3:a7:e0:9e:c0:ea:8e:eb:aa:3a:86:20:6a:82:a7: 54:f9:64:34:2d:53:3e:98:e7:fc:87:a7:97:34:06: 8d:06:91:2f:ef:43:d7:ee:45:74:97:7a:5c:d5:43: a8:98:a5:65:71:33:c7:c8:73:55:44:98:1c:f7:16: 39:47:84:99:4a:6e:12:ba:3d:65:8f:f5:f0:9a:ce: 0b:f1:5b:8a:e7:35:4e:5e:64:21:57:92:93:56:4c: ef:f5:e0:1a:c6:7b:10:96:dd:1b:d5:08:fa:b1:71: 02:25:17:42:cc:1e:8b:fa:b1:ff:a9:95:d6:ef:fb: 2f:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:8F:EC:74:AD:F2:DD:1B:24:5B:71:94:7D:4D:78:BB:94:F2:EA:1A X509v3 Authority Key Identifier: keyid:85:B1:4A:89:0B:9B:D4:98:0D:97:E4:1B:B3:91:FC:C9:85:0F:CB:78 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D894F/0AF45E36012A11EFA5FD916FC4F9AE02/hbFKiQub1JgNl-Qbs5H8yYUPy3g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hbFKiQub1JgNl-Qbs5H8yYUPy3g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D894F/0AF45E36012A11EFA5FD916FC4F9AE02/hbFKiQub1JgNl-Qbs5H8yYUPy3g.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 31:af:77:0d:34:2d:91:78:de:aa:b3:4e:ec:f9:d8:2e:57:55: 65:22:0f:4d:2e:5b:d2:14:1e:38:5d:94:9a:15:24:80:45:e0: 39:4b:8f:55:34:f3:d8:9f:18:ee:c7:27:3b:a6:e4:76:90:68: dc:6f:c3:85:46:52:cf:02:70:be:7c:60:ba:7c:55:b0:62:2c: d2:ac:f5:85:1b:2c:54:71:d2:a1:91:03:24:7a:1c:96:e4:70: 31:30:64:c2:21:39:06:7e:0f:78:df:e2:1f:64:33:c0:3f:91: 5c:92:58:14:e2:f8:7d:92:18:d8:a1:b8:52:48:a5:d5:6b:06: 65:f1:01:61:aa:19:22:77:cd:5f:27:a5:0f:58:0d:ee:46:48: 90:f5:ba:5b:f8:14:7a:13:11:25:45:52:82:dd:74:d4:f5:ce: 95:9d:ca:12:78:c9:44:7b:c4:b5:59:2f:b2:68:6a:fe:9c:c8: 19:da:98:9c:97:e4:19:88:37:c6:17:21:70:9c:22:50:47:60: 08:4a:c2:07:4d:a4:92:ef:ce:af:0b:b0:de:23:cc:d7:b4:e9: b4:ea:a9:6c:33:65:39:7c:f0:fd:30:a8:ea:00:0f:95:f0:2d: 07:33:ad:52:7d:54:95:3f:6d:6b:ce:63:4b:3a:e8:4c:ed:4e: 78:23:9c:0c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDg5NEYxMTAvBgNVBAUTKDg1QjE0QTg5MEI5QkQ0OTgwRDk3RTQxQkIzOTFGQ0M5 ODUwRkNCNzgwHhcNMjUwNTEzMDQ1ODM3WhcNMjUwNTIwMDQ1ODM3WjAYMRYwFAYD VQQDEw02ODIyZDE3ZS1kZGZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxS81br96N+eWvni00ABG4UMXTV5H1QbVKsCwxcRebkn2L7FA+wG7OgFHVDd6 90cIRbwTEMA5Ib4kAbhTR43NRGxBc+LVgr14o5bT6gJRw9eqypbLj3I8CawrLOup iHIXdT3P2ZRFefl2sOY48syOZRxfRaM/ITRK7TcPN1NXiz/WW7BKrlGjp+CewOqO 66o6hiBqgqdU+WQ0LVM+mOf8h6eXNAaNBpEv70PX7kV0l3pc1UOomKVlcTPHyHNV RJgc9xY5R4SZSm4Suj1lj/Xwms4L8VuK5zVOXmQhV5KTVkzv9eAaxnsQlt0b1Qj6 sXECJRdCzB6L+rH/qZXW7/svhwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN2P7HSt 8t0bJFtxlH1NeLuU8uoaMB8GA1UdIwQYMBaAFIWxSokLm9SYDZfkG7OR/MmFD8t4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEODk0Ri8wQUY0NUUzNjAx MkExMUVGQTVGRDkxNkZDNEY5QUUwMi9oYkZLaVF1YjFKZ05sLVFiczVIOHlZVVB5 M2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hiRktpUXViMUpnTmwtUWJzNUg4eVlVUHkzZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE ODk0Ri8wQUY0NUUzNjAxMkExMUVGQTVGRDkxNkZDNEY5QUUwMi9oYkZLaVF1YjFK Z05sLVFiczVIOHlZVVB5M2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAxr3cNNC2ReN6qs07s+dguV1VlIg9NLlvSFB44XZSaFSSAReA5S49V NPPYnxjuxyc7puR2kGjcb8OFRlLPAnC+fGC6fFWwYizSrPWFGyxUcdKhkQMkehyW 5HAxMGTCITkGfg943+IfZDPAP5FcklgU4vh9khjYobhSSKXVawZl8QFhqhkid81f J6UPWA3uRkiQ9bpb+BR6ExElRVKC3XTU9c6VncoSeMlEe8S1WS+yaGr+nMgZ2pic l+QZiDfGFyFwnCJQR2AISsIHTaSS786vC7DeI8zXtOm06qlsM2U5fPD9MKjqAA+V 8C0HM61SfVSVP21rzmNLOuhM7U54I5wM -----END CERTIFICATE-----Generated at Wed May 14 08:16:33 2025 by rpki-client