$ rpki-client -vvf rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.mft File: hn09aLZZeAOvVkZcDptTq2Z7cqg.mft (raw, json) Hash identifier: A3vC3qIuoyVe1Nflcdu2t9a8NlOT+axwIVkqLaX+T+A= Subject key identifier: 4A:81:B2:1A:10:29:BD:5E:C8:73:B9:86:D6:5B:7E:19:3F:65:4E:D9 Authority key identifier: 86:7D:3D:68:B6:59:78:03:AF:56:46:5C:0E:9B:53:AB:66:7B:72:A8 Certificate issuer: /CN=A912CDC5/serialNumber=867D3D68B6597803AF56465C0E9B53AB667B72A8 Certificate serial: 0699 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hn09aLZZeAOvVkZcDptTq2Z7cqg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.mft Manifest number: 0694 Signing time: Fri 22 Aug 2025 22:27:28 +0000 Manifest this update: Fri 22 Aug 2025 22:27:27 +0000 Manifest next update: Fri 29 Aug 2025 22:27:27 +0000 Files and hashes: 1: hn09aLZZeAOvVkZcDptTq2Z7cqg.crl (hash: 4kiSd6ed3MRXaVEhAlk+vRS1Llx9M76knz39MvMrwJI=) 2: 4EC5B52480B811EBBEE2CA7FC4F9AE02.roa (hash: bzwAo1vTwZtUvpqV0SE31TfJe7tyOs8AEfKtkNJnl48=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.crl rsync://rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hn09aLZZeAOvVkZcDptTq2Z7cqg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 22:27:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1689 (0x699) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912CDC5, serialNumber=867D3D68B6597803AF56465C0E9B53AB667B72A8 Validity Not Before: Aug 22 22:27:27 2025 GMT Not After : Aug 29 22:27:27 2025 GMT Subject: CN=68a8eed0-8150 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:a1:9f:64:3e:44:b2:8e:87:f4:bb:e9:ca:6f: b9:b9:1c:2a:a9:2c:0f:df:63:c9:72:55:5f:ee:48: 7f:23:e5:e3:31:46:76:3e:ba:d7:f7:a6:98:00:f9: 7d:e5:7f:ff:c9:8a:21:fb:e3:6e:e8:ca:1c:ab:b7: 3e:d0:9e:45:05:8e:e1:b7:2b:ee:23:8d:bf:00:11: 34:6e:05:dd:85:44:1d:0f:cb:27:c5:1a:aa:06:52: 02:24:95:b6:44:c4:9e:28:e3:c5:23:4e:b0:fb:4f: a2:c5:ed:c3:85:32:07:11:64:48:8c:74:54:6f:26: b7:9d:8b:c6:05:da:3d:b6:fa:b0:d9:d3:96:65:d6: 3c:a3:19:6c:5f:c3:c5:79:cb:ae:f8:8a:29:d4:0a: b4:45:9e:a3:7a:4b:d1:fe:4d:a0:76:da:a9:49:8f: 53:08:47:03:d8:3b:08:f5:0e:65:05:a7:1f:3f:ca: 03:2f:ce:70:12:50:e0:a9:a1:33:f6:32:38:a7:19: 88:78:52:af:28:c5:26:eb:5d:71:c1:78:67:67:c1: a7:02:1f:e9:ae:82:36:8e:e2:8f:f2:34:17:cd:4e: ac:da:4b:07:0d:97:ac:1e:19:07:6d:f8:5a:03:d2: 4f:50:b5:dd:5e:38:fe:df:79:43:a0:15:94:94:49: 18:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:81:B2:1A:10:29:BD:5E:C8:73:B9:86:D6:5B:7E:19:3F:65:4E:D9 X509v3 Authority Key Identifier: keyid:86:7D:3D:68:B6:59:78:03:AF:56:46:5C:0E:9B:53:AB:66:7B:72:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hn09aLZZeAOvVkZcDptTq2Z7cqg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3a:09:80:d3:ed:b7:65:6e:a0:8f:29:15:a5:b8:4f:a7:2a:0b: 3f:06:48:88:f9:d3:d8:ea:f9:74:c3:d1:db:70:e4:af:b2:4a: 52:21:ad:7b:65:05:76:ae:f1:ce:e4:d5:4e:32:d2:b8:57:fa: 49:a6:cc:cc:ee:98:71:e0:5f:b1:55:b3:ed:be:7c:ba:ae:12: 6d:13:00:e8:e0:30:a4:ef:d8:13:b7:6b:90:e9:ec:c0:de:31: 66:82:84:23:86:25:06:1a:bd:f5:f8:2b:d5:55:38:0d:dd:bc: b8:55:ff:01:65:f4:d9:43:2d:63:a3:3c:ba:00:0c:99:f2:4d: bb:27:3a:8e:82:60:87:f7:74:a5:cd:2f:b6:aa:6d:43:f1:07: ab:5f:a9:33:b6:5a:db:e2:09:34:4c:db:5f:53:17:13:b5:ac: 62:0c:1c:e3:d1:7d:be:17:b3:a3:15:d6:3d:71:b7:00:94:dc: e7:90:64:93:a8:8a:2a:34:29:d3:78:26:f5:85:c6:3d:ae:5d: b6:9e:69:8a:71:eb:45:a5:d6:63:bb:b9:02:50:65:f1:5c:06: 59:6e:1a:f0:b0:2f:7b:8d:e9:21:c9:cd:cb:78:3a:c5:2b:66: 48:48:14:e4:fb:a0:3e:b6:9e:61:ef:92:6d:0c:01:77:c3:0f: 6f:1c:48:05 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBpkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkNEQzUxMTAvBgNVBAUTKDg2N0QzRDY4QjY1OTc4MDNBRjU2NDY1QzBFOUI1M0FC NjY3QjcyQTgwHhcNMjUwODIyMjIyNzI3WhcNMjUwODI5MjIyNzI3WjAYMRYwFAYD VQQDEw02OGE4ZWVkMC04MTUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoaGfZD5Eso6H9Lvpym+5uRwqqSwP32PJclVf7kh/I+XjMUZ2PrrX96aYAPl9 5X//yYoh++Nu6Mocq7c+0J5FBY7htyvuI42/ABE0bgXdhUQdD8snxRqqBlICJJW2 RMSeKOPFI06w+0+ixe3DhTIHEWRIjHRUbya3nYvGBdo9tvqw2dOWZdY8oxlsX8PF ecuu+Iop1Aq0RZ6jekvR/k2gdtqpSY9TCEcD2DsI9Q5lBacfP8oDL85wElDgqaEz 9jI4pxmIeFKvKMUm611xwXhnZ8GnAh/proI2juKP8jQXzU6s2ksHDZesHhkHbfha A9JPULXdXjj+33lDoBWUlEkYXwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEqBshoQ Kb1eyHO5htZbfhk/ZU7ZMB8GA1UdIwQYMBaAFIZ9PWi2WXgDr1ZGXA6bU6tme3Ko MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQ0RDNS9FOUYyOTJDNjgw QjYxMUVCQkVDQkYzNzlDNEY5QUUwMi9objA5YUxaWmVBT3ZWa1pjRHB0VHEyWjdj cWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2huMDlhTFpaZUFPdlZrWmNEcHRUcTJaN2NxZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy Q0RDNS9FOUYyOTJDNjgwQjYxMUVCQkVDQkYzNzlDNEY5QUUwMi9objA5YUxaWmVB T3ZWa1pjRHB0VHEyWjdjcWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA6CYDT7bdlbqCPKRWluE+nKgs/BkiI+dPY6vl0w9HbcOSvskpSIa17 ZQV2rvHO5NVOMtK4V/pJpszM7phx4F+xVbPtvny6rhJtEwDo4DCk79gTt2uQ6ezA 3jFmgoQjhiUGGr31+CvVVTgN3by4Vf8BZfTZQy1jozy6AAyZ8k27JzqOgmCH93Sl zS+2qm1D8QerX6kztlrb4gk0TNtfUxcTtaxiDBzj0X2+F7OjFdY9cbcAlNznkGST qIoqNCnTeCb1hcY9rl22nmmKcetFpdZju7kCUGXxXAZZbhrwsC97jekhyc3LeDrF K2ZISBTk+6A+tp5h75JtDAF3ww9vHEgF -----END CERTIFICATE-----Generated at Sat Aug 23 21:27:28 2025 by rpki-client