$ rpki-client -vvf rpki.apnic.net/member_repository/A911C61C/2A7090FAB58611ECAE81ED22C4F9AE02/hEIqhfpOTNTW7plGMaPQ8OboLTo.mft File: hEIqhfpOTNTW7plGMaPQ8OboLTo.mft (raw, json) Hash identifier: p0/QbPIgK9KOz7Ub60uQa9KFdfcq0mK2Oc8T7K7JrPs= Subject key identifier: 97:E7:74:A5:3B:3C:8F:F5:38:77:7B:97:D4:75:12:28:CC:80:2B:67 Authority key identifier: 84:42:2A:85:FA:4E:4C:D4:D6:EE:99:46:31:A3:D0:F0:E6:E8:2D:3A Certificate issuer: /CN=A911C61C/serialNumber=84422A85FA4E4CD4D6EE994631A3D0F0E6E82D3A Certificate serial: 036F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hEIqhfpOTNTW7plGMaPQ8OboLTo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911C61C/2A7090FAB58611ECAE81ED22C4F9AE02/hEIqhfpOTNTW7plGMaPQ8OboLTo.mft Manifest number: 036A Signing time: Thu 03 Jul 2025 01:17:00 +0000 Manifest this update: Thu 03 Jul 2025 01:17:00 +0000 Manifest next update: Thu 10 Jul 2025 01:17:00 +0000 Files and hashes: 1: hEIqhfpOTNTW7plGMaPQ8OboLTo.crl (hash: WoPPzefQ7/ZxtJc5Im9on0yWK9uvcdK9eANzcH3r5R8=) 2: 214E0454B58A11ECAF32FE29C4F9AE02.roa (hash: m/bIsnc72f+GKlsPAyrWqEs82wNRpWBNpwKZDStdnM8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911C61C/2A7090FAB58611ECAE81ED22C4F9AE02/hEIqhfpOTNTW7plGMaPQ8OboLTo.crl rsync://rpki.apnic.net/member_repository/A911C61C/2A7090FAB58611ECAE81ED22C4F9AE02/hEIqhfpOTNTW7plGMaPQ8OboLTo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hEIqhfpOTNTW7plGMaPQ8OboLTo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 01:16:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 879 (0x36f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911C61C, serialNumber=84422A85FA4E4CD4D6EE994631A3D0F0E6E82D3A Validity Not Before: Jul 3 01:17:00 2025 GMT Not After : Jul 10 01:17:00 2025 GMT Subject: CN=6865da0c-f811 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:c3:d8:14:c0:fb:05:93:72:78:7b:37:f1:dc: 54:4c:62:f5:36:78:3e:91:83:76:ea:11:6a:b7:96: 8e:7f:1c:15:7f:96:94:08:1a:79:7f:be:61:ce:42: 5a:0b:09:f1:27:ed:62:98:4a:09:03:e2:81:8c:a0: 1b:19:11:7d:ae:01:61:83:1c:5e:b9:fa:14:0c:e9: 35:83:63:71:2f:b5:3e:5c:35:e6:f1:cd:0e:3f:f1: ce:0c:1d:61:91:63:66:16:6e:cc:99:23:b8:e8:20: b8:4d:0f:80:2b:14:a3:a4:a2:0a:d4:b5:11:ab:69: b3:05:df:2b:72:0e:cf:d7:3b:01:ab:eb:43:7a:1e: 35:2c:b1:a9:81:4c:41:03:9f:c8:09:ed:a6:99:14: 15:29:3d:33:ba:d9:cc:d8:dd:b8:0a:1f:ca:b1:86: 63:36:7f:20:26:c9:b2:60:41:16:4c:6c:aa:35:f4: 41:4c:9b:9b:f8:76:46:6c:05:cc:d1:0d:d7:f7:34: 22:38:87:42:d5:bd:88:c3:a9:18:cb:90:a8:6b:9c: 7e:95:8c:af:e1:58:d0:02:04:ba:96:4e:b0:7b:8b: de:52:6f:17:4c:7a:c8:75:1e:55:c6:ec:cc:c1:06: 90:cc:54:af:da:17:a6:51:a5:51:a2:ca:9d:9a:67: c1:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:E7:74:A5:3B:3C:8F:F5:38:77:7B:97:D4:75:12:28:CC:80:2B:67 X509v3 Authority Key Identifier: keyid:84:42:2A:85:FA:4E:4C:D4:D6:EE:99:46:31:A3:D0:F0:E6:E8:2D:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911C61C/2A7090FAB58611ECAE81ED22C4F9AE02/hEIqhfpOTNTW7plGMaPQ8OboLTo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hEIqhfpOTNTW7plGMaPQ8OboLTo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C61C/2A7090FAB58611ECAE81ED22C4F9AE02/hEIqhfpOTNTW7plGMaPQ8OboLTo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3c:c6:a7:b5:d4:a3:9e:34:9c:50:80:ed:29:4d:9e:05:df:ba: 19:98:56:b8:a4:e5:83:97:b6:c9:37:80:08:6a:c0:79:b9:05: d0:bb:cd:e0:80:1d:07:de:1b:c4:ff:64:f0:f0:9b:17:09:c6: 33:37:d4:a5:fa:a2:7c:d1:32:b4:2c:ee:e7:8d:ed:8f:83:16: b5:8b:f2:6b:2d:98:ca:f5:bf:0f:5d:97:cd:d0:27:c1:b7:e3: 06:9c:c2:2e:9f:12:5c:6b:88:97:1c:fa:c4:e4:8a:1d:af:df: 17:92:07:6e:41:1e:7c:68:6a:55:64:d8:2d:2d:6e:c8:bd:8c: 77:2b:8a:28:29:07:5c:cc:bc:8e:92:cc:e4:d2:0c:49:0f:b5: 0f:99:88:c2:ea:1a:95:3b:45:6f:28:52:09:3e:dc:a6:18:fa: bc:ab:c7:e1:67:95:b2:2d:7e:18:6a:0b:29:1e:a7:b7:e5:f8: 59:d3:b1:d5:59:78:0a:db:60:a3:87:9c:75:03:ff:7e:8b:f6: 0d:be:8c:ca:34:f3:d0:a0:32:7d:23:d7:29:2d:88:64:b4:87: 47:0e:28:35:2b:de:79:b6:d8:10:47:96:8b:ef:26:5e:26:81: c7:52:4c:58:18:a0:b6:70:63:89:1b:f1:8f:0a:51:c5:d4:2a: ac:ff:88:5f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA28wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUM2MUMxMTAvBgNVBAUTKDg0NDIyQTg1RkE0RTRDRDRENkVFOTk0NjMxQTNEMEYw RTZFODJEM0EwHhcNMjUwNzAzMDExNzAwWhcNMjUwNzEwMDExNzAwWjAYMRYwFAYD VQQDEw02ODY1ZGEwYy1mODExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApcPYFMD7BZNyeHs38dxUTGL1Nng+kYN26hFqt5aOfxwVf5aUCBp5f75hzkJa CwnxJ+1imEoJA+KBjKAbGRF9rgFhgxxeufoUDOk1g2NxL7U+XDXm8c0OP/HODB1h kWNmFm7MmSO46CC4TQ+AKxSjpKIK1LURq2mzBd8rcg7P1zsBq+tDeh41LLGpgUxB A5/ICe2mmRQVKT0zutnM2N24Ch/KsYZjNn8gJsmyYEEWTGyqNfRBTJub+HZGbAXM 0Q3X9zQiOIdC1b2Iw6kYy5Coa5x+lYyv4VjQAgS6lk6we4veUm8XTHrIdR5VxuzM wQaQzFSv2hemUaVRosqdmmfBswIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJfndKU7 PI/1OHd7l9R1EijMgCtnMB8GA1UdIwQYMBaAFIRCKoX6TkzU1u6ZRjGj0PDm6C06 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzYxQy8yQTcwOTBGQUI1 ODYxMUVDQUU4MUVEMjJDNEY5QUUwMi9oRUlxaGZwT1ROVFc3cGxHTWFQUThPYm9M VG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hFSXFoZnBPVE5UVzdwbEdNYVBROE9ib0xUby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx QzYxQy8yQTcwOTBGQUI1ODYxMUVDQUU4MUVEMjJDNEY5QUUwMi9oRUlxaGZwT1RO VFc3cGxHTWFQUThPYm9MVG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA8xqe11KOeNJxQgO0pTZ4F37oZmFa4pOWDl7bJN4AIasB5uQXQu83g gB0H3hvE/2Tw8JsXCcYzN9Sl+qJ80TK0LO7nje2Pgxa1i/JrLZjK9b8PXZfN0CfB t+MGnMIunxJca4iXHPrE5Iodr98XkgduQR58aGpVZNgtLW7IvYx3K4ooKQdczLyO kszk0gxJD7UPmYjC6hqVO0VvKFIJPtymGPq8q8fhZ5WyLX4YagspHqe35fhZ07HV WXgK22Cjh5x1A/9+i/YNvozKNPPQoDJ9I9cpLYhktIdHDig1K955ttgQR5aL7yZe JoHHUkxYGKC2cGOJG/GPClHF1Cqs/4hf -----END CERTIFICATE-----Generated at Fri Jul 4 18:00:06 2025 by rpki-client