$ rpki-client -vvf rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft File: hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft (raw, json) Hash identifier: PvzYC6z7hU5WXfByXaVSh6TudbkZk+vJZmrNc2PaTSE= Subject key identifier: 16:8D:9E:54:CF:47:66:9C:1A:B7:0D:42:95:D9:5D:1F:20:3F:97:8E Authority key identifier: 84:E4:FF:B6:92:7F:77:F5:C3:F0:A2:52:68:2F:71:DD:B3:77:B1:1D Certificate issuer: /CN=A911C743/serialNumber=84E4FFB6927F77F5C3F0A252682F71DDB377B11D Certificate serial: 0E42 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft Manifest number: 0E35 Signing time: Mon 12 May 2025 17:40:58 +0000 Manifest this update: Mon 12 May 2025 17:40:57 +0000 Manifest next update: Mon 19 May 2025 17:40:57 +0000 Files and hashes: 1: hOT_tpJ_d_XD8KJSaC9x3bN3sR0.crl (hash: B0S16IsdeXCi8TvmMS1i/9Qrl85AEcBLJa4hjYb1ErY=) 2: 2B21EC2EE4E111E981365C17C4F9AE02.roa (hash: jnR4T4XlGdfZ2gOhYWumXwRlSJ7MxpHX0lAGLhkJjWk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.crl rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 17:40:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3650 (0xe42) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911C743, serialNumber=84E4FFB6927F77F5C3F0A252682F71DDB377B11D Validity Not Before: May 12 17:40:57 2025 GMT Not After : May 19 17:40:57 2025 GMT Subject: CN=682232a9-6cd2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:46:d7:b7:73:a2:4c:ea:c9:10:54:71:c1:cc: a3:0a:51:57:59:c8:28:86:f4:2a:47:a5:13:59:bc: ba:f4:25:92:92:35:40:d3:b2:66:a9:57:91:fb:8d: 9d:5d:14:bd:ca:a5:cc:87:dc:3c:34:33:a3:e2:0a: 93:f8:a0:52:41:23:2b:e5:01:f5:dd:f8:81:7b:c1: f0:ec:08:2a:b3:a6:4a:db:1e:e1:c4:91:fd:e9:84: ce:ff:b3:12:48:c8:a9:db:ad:f8:93:f6:e6:f7:3a: 6f:08:f6:15:69:c0:fd:24:e1:ab:bc:4c:32:00:9b: 76:98:13:05:09:e9:75:73:bc:36:2b:3e:48:5d:35: 83:c8:8c:6d:55:be:0a:75:96:24:6b:38:2e:89:50: 23:04:a3:4a:d1:8a:78:db:cb:e3:86:9a:64:3b:62: 75:1c:75:00:8f:e8:f3:ba:2c:ac:bc:46:a0:77:36: 7f:1d:93:dc:96:5f:02:07:bc:44:1d:6e:04:9f:41: f0:31:d7:21:69:62:d2:e6:76:51:ee:90:f1:32:83: da:26:70:67:24:07:e5:93:5d:e7:2f:97:f8:26:2a: b1:b2:ed:97:09:e3:0b:2a:7e:53:70:df:a7:25:b0: 59:de:5b:8d:43:70:81:c2:42:b2:94:b2:c4:14:5a: 79:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:8D:9E:54:CF:47:66:9C:1A:B7:0D:42:95:D9:5D:1F:20:3F:97:8E X509v3 Authority Key Identifier: keyid:84:E4:FF:B6:92:7F:77:F5:C3:F0:A2:52:68:2F:71:DD:B3:77:B1:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 88:87:d2:4c:b4:04:c8:18:24:f2:e8:0c:b1:f7:05:fd:78:f0: 36:c1:95:ba:ea:1c:d3:2d:22:b0:db:0e:80:08:3f:d2:5f:60: da:ef:ae:4a:71:a5:92:ba:65:80:33:de:b4:cf:84:0d:8c:98: 2c:b7:f5:b5:cb:07:ea:83:80:cd:95:e0:9c:ab:d7:d8:80:47: dd:19:aa:1c:cd:4e:4e:df:d4:76:6b:a1:e4:8b:e6:22:4a:2c: 88:a3:27:85:3a:ec:63:4a:e5:67:3e:5a:df:5f:ba:95:b2:94: 17:48:5b:79:c7:86:0c:99:62:f7:94:4e:bc:04:7e:fb:92:6e: ac:21:b5:21:a8:4d:61:01:32:18:dd:2f:6a:eb:3e:db:b7:d5: 0c:d8:ed:8e:39:f7:5a:82:83:94:fd:b9:2a:22:75:72:4b:6a: 5b:96:88:a3:7b:ec:92:46:94:cc:03:b4:a7:5a:a3:42:bd:8f: 82:91:66:d6:10:5e:8d:6f:5f:0c:51:1e:8f:41:9a:9d:e6:31: 6d:1c:01:15:8a:e3:ac:00:79:49:8c:fd:7a:c7:e4:0b:7c:3d: d7:66:c0:c3:cb:6b:8b:6a:c8:f0:8b:0b:1c:39:55:2c:87:1e: 0c:24:4e:15:48:50:d5:17:78:11:cd:b1:53:e0:50:10:ae:94: c7:5f:17:db -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDkIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUM3NDMxMTAvBgNVBAUTKDg0RTRGRkI2OTI3Rjc3RjVDM0YwQTI1MjY4MkY3MURE QjM3N0IxMUQwHhcNMjUwNTEyMTc0MDU3WhcNMjUwNTE5MTc0MDU3WjAYMRYwFAYD VQQDEw02ODIyMzJhOS02Y2QyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv0bXt3OiTOrJEFRxwcyjClFXWcgohvQqR6UTWby69CWSkjVA07JmqVeR+42d XRS9yqXMh9w8NDOj4gqT+KBSQSMr5QH13fiBe8Hw7Agqs6ZK2x7hxJH96YTO/7MS SMip2634k/bm9zpvCPYVacD9JOGrvEwyAJt2mBMFCel1c7w2Kz5IXTWDyIxtVb4K dZYkazguiVAjBKNK0Yp428vjhppkO2J1HHUAj+jzuiysvEagdzZ/HZPcll8CB7xE HW4En0HwMdchaWLS5nZR7pDxMoPaJnBnJAflk13nL5f4Jiqxsu2XCeMLKn5TcN+n JbBZ3luNQ3CBwkKylLLEFFp53wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBaNnlTP R2acGrcNQpXZXR8gP5eOMB8GA1UdIwQYMBaAFITk/7aSf3f1w/CiUmgvcd2zd7Ed MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzc0My9GOEFFMjg4MEEy MUQxMUU5ODI0MkFEODFDNEY5QUUwMi9oT1RfdHBKX2RfWEQ4S0pTYUM5eDNiTjNz UjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hPVF90cEpfZF9YRDhLSlNhQzl4M2JOM3NSMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx Qzc0My9GOEFFMjg4MEEyMUQxMUU5ODI0MkFEODFDNEY5QUUwMi9oT1RfdHBKX2Rf WEQ4S0pTYUM5eDNiTjNzUjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCIh9JMtATIGCTy6Ayx9wX9ePA2wZW66hzTLSKw2w6ACD/SX2Da765K caWSumWAM960z4QNjJgst/W1ywfqg4DNleCcq9fYgEfdGaoczU5O39R2a6Hki+Yi SiyIoyeFOuxjSuVnPlrfX7qVspQXSFt5x4YMmWL3lE68BH77km6sIbUhqE1hATIY 3S9q6z7bt9UM2O2OOfdagoOU/bkqInVyS2pbloije+ySRpTMA7SnWqNCvY+CkWbW EF6Nb18MUR6PQZqd5jFtHAEViuOsAHlJjP16x+QLfD3XZsDDy2uLasjwiwscOVUs hx4MJE4VSFDVF3gRzbFT4FAQrpTHXxfb -----END CERTIFICATE-----Generated at Tue May 13 09:09:55 2025 by rpki-client