$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.mft File: HretI1L3xupKYveEzl-7EW3ybsI.mft (raw, json) Hash identifier: mf8k2uVP71QuDDfAwgbIViyCRRoBp2aI79LL25c7E44= Subject key identifier: 37:CB:FF:80:A1:BB:B0:11:4D:9C:95:3A:51:BA:53:79:C0:AB:CA:B6 Authority key identifier: 1E:B7:AD:23:52:F7:C6:EA:4A:62:F7:84:CE:5F:BB:11:6D:F2:6E:C2 Certificate issuer: /CN=A91EF24F/serialNumber=1EB7AD2352F7C6EA4A62F784CE5FBB116DF26EC2 Certificate serial: 07F9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HretI1L3xupKYveEzl-7EW3ybsI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.mft Manifest number: 07E0 Signing time: Fri 04 Jul 2025 21:33:21 +0000 Manifest this update: Fri 04 Jul 2025 21:33:21 +0000 Manifest next update: Fri 11 Jul 2025 21:33:21 +0000 Files and hashes: 1: HretI1L3xupKYveEzl-7EW3ybsI.crl (hash: O+NR8L6tCDZU5SheFRaKSeeEVIYVTRNB4/HPhSxptsI=) 2: 84B96CA6904111EF8D11A381C4F9AE02.roa (hash: apZe4MVRPNoFnu0VdCcMOgQQIHarERu0kJz1jLlb1yY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.crl rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HretI1L3xupKYveEzl-7EW3ybsI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2041 (0x7f9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EF24F, serialNumber=1EB7AD2352F7C6EA4A62F784CE5FBB116DF26EC2 Validity Not Before: Jul 4 21:33:21 2025 GMT Not After : Jul 11 21:33:21 2025 GMT Subject: CN=686848a1-57f9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:f1:0e:63:7f:e0:4d:5e:5b:df:c7:9b:9d:af: 4a:44:4f:9d:0c:40:f8:47:d5:c6:3a:71:8f:5a:a1: f9:37:37:8a:6e:cc:7d:2c:f6:4d:3f:03:3a:66:bb: ae:88:5e:29:bd:26:d8:fd:28:3a:f0:3a:96:d6:d6: f4:fa:a1:a2:33:f6:cd:15:21:4c:bf:60:7f:9d:a2: e3:dc:1f:43:35:d6:a4:12:bf:35:d0:07:68:d7:60: fb:6b:96:f5:28:b5:9d:f9:07:c2:65:4d:b4:a8:a9: 92:23:e1:7c:60:06:82:ab:35:cc:c3:71:d4:6e:ff: 7e:0e:bf:f8:ea:6e:60:d5:fd:a5:ae:c3:5c:b8:da: 96:41:b9:61:29:ae:ac:18:f1:15:c4:3e:8e:6c:f7: 40:57:56:72:b7:38:ea:7f:1e:11:6c:dc:9d:d5:5b: 12:ef:9c:0e:6c:82:d0:bf:f6:97:1b:0a:a6:18:8b: b2:7d:0e:1b:b5:05:79:e2:ae:72:01:0b:29:5b:4b: 2d:14:00:1c:c7:90:54:06:da:72:c0:25:59:19:6f: 66:39:a1:70:95:20:cd:42:39:c7:6f:65:bf:94:e0: 04:e2:40:20:4a:8f:7d:60:ed:3a:9c:f7:1e:c2:e9: fe:a9:d8:59:d8:d3:b3:34:47:d6:30:1a:8f:46:e6: 67:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:CB:FF:80:A1:BB:B0:11:4D:9C:95:3A:51:BA:53:79:C0:AB:CA:B6 X509v3 Authority Key Identifier: keyid:1E:B7:AD:23:52:F7:C6:EA:4A:62:F7:84:CE:5F:BB:11:6D:F2:6E:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HretI1L3xupKYveEzl-7EW3ybsI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8c:4a:b9:42:07:64:bc:eb:30:15:50:24:d8:20:48:df:55:49: f5:b1:2a:ba:44:ce:70:fd:31:86:e7:d2:ad:50:bb:e0:92:77: 35:bc:df:8e:f0:3d:c6:e8:49:46:57:0a:0c:df:bf:50:3f:26: ac:4b:cb:36:66:e5:ce:ab:82:af:f8:fa:33:f4:98:4d:18:3e: 44:fc:9e:8d:7f:6e:e5:e2:57:a5:d4:7a:b4:41:fc:be:b6:10: ca:9e:5b:bf:80:66:1a:7e:d8:dd:30:17:fe:9d:8b:08:3a:08: ea:c3:dd:f6:f1:2b:ba:d9:30:5d:91:c7:a5:50:65:34:8c:b0: 0d:5a:80:38:8e:72:d6:38:0f:52:2a:8c:71:28:1d:dc:eb:4e: 43:b4:e6:a4:c8:97:31:fb:74:b3:31:4e:73:d6:f5:98:a4:d1: 0f:39:c1:ca:ed:9b:4c:12:1d:0c:a0:e5:cf:04:16:cf:b7:ef: 74:02:00:81:27:ed:c1:c2:ae:11:d6:18:f6:76:1e:dc:f9:dc: 71:fd:8b:d3:87:de:03:e6:6d:b7:e4:50:bf:f9:d4:00:1c:fa: a8:2d:0d:95:d6:38:5a:4a:c8:6c:87:1e:29:67:cd:ef:07:3f: da:b8:da:47:8b:9a:cd:5f:eb:5d:a1:d7:ba:80:f3:b4:4e:71: 3a:ba:30:65 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB/kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUYyNEYxMTAvBgNVBAUTKDFFQjdBRDIzNTJGN0M2RUE0QTYyRjc4NENFNUZCQjEx NkRGMjZFQzIwHhcNMjUwNzA0MjEzMzIxWhcNMjUwNzExMjEzMzIxWjAYMRYwFAYD VQQDEw02ODY4NDhhMS01N2Y5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4PEOY3/gTV5b38ebna9KRE+dDED4R9XGOnGPWqH5NzeKbsx9LPZNPwM6Zruu iF4pvSbY/Sg68DqW1tb0+qGiM/bNFSFMv2B/naLj3B9DNdakEr810Ado12D7a5b1 KLWd+QfCZU20qKmSI+F8YAaCqzXMw3HUbv9+Dr/46m5g1f2lrsNcuNqWQblhKa6s GPEVxD6ObPdAV1Zytzjqfx4RbNyd1VsS75wObILQv/aXGwqmGIuyfQ4btQV54q5y AQspW0stFAAcx5BUBtpywCVZGW9mOaFwlSDNQjnHb2W/lOAE4kAgSo99YO06nPce wun+qdhZ2NOzNEfWMBqPRuZniQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDfL/4Ch u7ARTZyVOlG6U3nAq8q2MB8GA1UdIwQYMBaAFB63rSNS98bqSmL3hM5fuxFt8m7C MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRjI0Ri82NURERkFCNDAy RkExMUVCQTNBMEEyMzFDNEY5QUUwMi9IcmV0STFMM3h1cEtZdmVFemwtN0VXM3li c0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hyZXRJMUwzeHVwS1l2ZUV6bC03RVczeWJzSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF RjI0Ri82NURERkFCNDAyRkExMUVCQTNBMEEyMzFDNEY5QUUwMi9IcmV0STFMM3h1 cEtZdmVFemwtN0VXM3lic0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCMSrlCB2S86zAVUCTYIEjfVUn1sSq6RM5w/TGG59KtULvgknc1vN+O 8D3G6ElGVwoM379QPyasS8s2ZuXOq4Kv+Poz9JhNGD5E/J6Nf27l4lel1Hq0Qfy+ thDKnlu/gGYaftjdMBf+nYsIOgjqw9328Su62TBdkcelUGU0jLANWoA4jnLWOA9S KoxxKB3c605DtOakyJcx+3SzMU5z1vWYpNEPOcHK7ZtMEh0MoOXPBBbPt+90AgCB J+3Bwq4R1hj2dh7c+dxx/YvTh94D5m235FC/+dQAHPqoLQ2V1jhaSshshx4pZ83v Bz/auNpHi5rNX+tdode6gPO0TnE6ujBl -----END CERTIFICATE-----Generated at Sat Jul 5 02:32:20 2025 by rpki-client