$ rpki-client -vvf rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.mft File: hn09aLZZeAOvVkZcDptTq2Z7cqg.mft (raw, json) Hash identifier: NsQL3AuABv3wiZyLPg51PgM8JOXgbr5S826KbCX4OoQ= Subject key identifier: 9D:2C:FA:03:D4:8F:D7:C9:78:4F:1A:53:46:A2:FA:C8:33:CB:B9:23 Authority key identifier: 86:7D:3D:68:B6:59:78:03:AF:56:46:5C:0E:9B:53:AB:66:7B:72:A8 Certificate issuer: /CN=A912CDC5/serialNumber=867D3D68B6597803AF56465C0E9B53AB667B72A8 Certificate serial: 0665 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hn09aLZZeAOvVkZcDptTq2Z7cqg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.mft Manifest number: 0660 Signing time: Mon 12 May 2025 22:14:14 +0000 Manifest this update: Mon 12 May 2025 22:14:13 +0000 Manifest next update: Mon 19 May 2025 22:14:13 +0000 Files and hashes: 1: hn09aLZZeAOvVkZcDptTq2Z7cqg.crl (hash: lEgLpCeH1qZ8/sbNxaew5T4FkVmhVlgZrK+8pXLuAN0=) 2: 4EC5B52480B811EBBEE2CA7FC4F9AE02.roa (hash: bzwAo1vTwZtUvpqV0SE31TfJe7tyOs8AEfKtkNJnl48=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.crl rsync://rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hn09aLZZeAOvVkZcDptTq2Z7cqg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 22:14:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1637 (0x665) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912CDC5, serialNumber=867D3D68B6597803AF56465C0E9B53AB667B72A8 Validity Not Before: May 12 22:14:13 2025 GMT Not After : May 19 22:14:13 2025 GMT Subject: CN=682272b6-5cff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:86:f6:b4:c1:9b:70:ac:a2:1e:70:3b:2f:b2: b4:a5:fb:92:88:67:d7:34:49:af:ea:b7:09:44:4e: 5b:e3:8d:af:60:36:f6:8a:61:19:4d:b0:93:b1:0c: 50:48:fc:66:c3:9c:0a:23:bc:4c:d0:8d:f9:06:6b: 73:12:b6:15:ea:78:d0:df:14:ce:43:12:c6:b9:5d: af:1e:3d:d2:21:4c:7a:b8:7b:10:ea:6a:eb:7b:db: 87:e2:30:2c:16:11:a1:bc:4f:ef:99:c7:a2:84:81: 74:d2:90:3a:d6:32:c1:f1:e1:f6:73:be:f6:d8:1c: 3f:b7:98:c1:85:1c:fc:54:be:dc:30:b7:89:29:af: 5b:d7:62:bf:ec:d1:57:ee:ab:7f:3e:08:84:99:16: e9:f9:58:af:63:ee:70:ab:58:c3:f7:c5:4c:5c:86: c6:21:b7:05:d4:d3:6d:91:b8:1c:02:8a:2e:34:f2: 39:46:80:94:ea:4a:8d:69:35:6f:64:c2:9b:1c:bb: a5:3e:80:14:54:58:0b:4a:d4:86:7c:b1:58:df:06: a6:96:68:ae:57:d0:76:7b:54:45:4a:82:07:ca:58: 5f:99:2b:d6:91:b1:06:93:4c:76:9a:b4:b0:17:8e: 9b:1c:2b:8e:6b:8b:3e:17:37:e6:b6:bc:d6:b3:85: 5e:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:2C:FA:03:D4:8F:D7:C9:78:4F:1A:53:46:A2:FA:C8:33:CB:B9:23 X509v3 Authority Key Identifier: keyid:86:7D:3D:68:B6:59:78:03:AF:56:46:5C:0E:9B:53:AB:66:7B:72:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hn09aLZZeAOvVkZcDptTq2Z7cqg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8f:d9:f4:11:03:ec:95:f3:28:9a:aa:ad:c9:6d:26:29:26:24: d7:e4:e1:ca:d9:bb:62:fe:5e:dc:37:f9:5d:44:3f:87:d9:f9: 24:e9:09:74:b3:48:ad:46:51:f0:45:d1:b3:85:9a:cd:53:ea: a0:ae:fb:02:ab:d5:f2:d6:6e:3a:6b:03:8a:d7:50:97:54:94: ae:17:14:1d:7d:77:7f:51:6a:ae:80:36:4e:ee:c8:ec:75:67: 46:dc:fd:c2:d5:33:78:09:99:10:e4:12:7c:b6:ef:40:51:58: 09:95:2a:b9:64:82:72:68:02:a1:fe:50:a8:05:5b:61:80:03: 05:5e:fb:4d:ac:64:c0:dd:8c:4c:4b:24:9d:3c:bd:a2:65:54: 80:9a:ca:2e:7e:6f:fa:c7:f1:dd:56:10:94:d7:30:2b:2e:f4: c9:8c:96:21:91:66:93:9c:14:c0:7e:00:b3:63:13:be:d3:ee: 53:98:ce:d8:f3:cd:e5:c2:73:7e:1c:78:ee:a5:7f:0a:6b:2d: 53:cf:aa:98:18:66:b4:0f:da:78:59:db:0a:55:15:de:d0:81: c7:bc:36:96:44:67:36:a1:89:fe:51:d1:37:56:54:15:9c:92: 16:e1:c2:56:3c:4c:e4:bb:dc:8d:e5:2d:49:43:bb:af:5a:ea: 7d:f4:f4:81 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBmUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkNEQzUxMTAvBgNVBAUTKDg2N0QzRDY4QjY1OTc4MDNBRjU2NDY1QzBFOUI1M0FC NjY3QjcyQTgwHhcNMjUwNTEyMjIxNDEzWhcNMjUwNTE5MjIxNDEzWjAYMRYwFAYD VQQDEw02ODIyNzJiNi01Y2ZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAk4b2tMGbcKyiHnA7L7K0pfuSiGfXNEmv6rcJRE5b442vYDb2imEZTbCTsQxQ SPxmw5wKI7xM0I35BmtzErYV6njQ3xTOQxLGuV2vHj3SIUx6uHsQ6mrre9uH4jAs FhGhvE/vmceihIF00pA61jLB8eH2c7722Bw/t5jBhRz8VL7cMLeJKa9b12K/7NFX 7qt/PgiEmRbp+VivY+5wq1jD98VMXIbGIbcF1NNtkbgcAoouNPI5RoCU6kqNaTVv ZMKbHLulPoAUVFgLStSGfLFY3wamlmiuV9B2e1RFSoIHylhfmSvWkbEGk0x2mrSw F46bHCuOa4s+FzfmtrzWs4VeZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ0s+gPU j9fJeE8aU0ai+sgzy7kjMB8GA1UdIwQYMBaAFIZ9PWi2WXgDr1ZGXA6bU6tme3Ko MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQ0RDNS9FOUYyOTJDNjgw QjYxMUVCQkVDQkYzNzlDNEY5QUUwMi9objA5YUxaWmVBT3ZWa1pjRHB0VHEyWjdj cWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2huMDlhTFpaZUFPdlZrWmNEcHRUcTJaN2NxZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy Q0RDNS9FOUYyOTJDNjgwQjYxMUVCQkVDQkYzNzlDNEY5QUUwMi9objA5YUxaWmVB T3ZWa1pjRHB0VHEyWjdjcWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCP2fQRA+yV8yiaqq3JbSYpJiTX5OHK2bti/l7cN/ldRD+H2fkk6Ql0 s0itRlHwRdGzhZrNU+qgrvsCq9Xy1m46awOK11CXVJSuFxQdfXd/UWqugDZO7sjs dWdG3P3C1TN4CZkQ5BJ8tu9AUVgJlSq5ZIJyaAKh/lCoBVthgAMFXvtNrGTA3YxM SySdPL2iZVSAmsoufm/6x/HdVhCU1zArLvTJjJYhkWaTnBTAfgCzYxO+0+5TmM7Y 883lwnN+HHjupX8Kay1Tz6qYGGa0D9p4WdsKVRXe0IHHvDaWRGc2oYn+UdE3VlQV nJIW4cJWPEzku9yN5S1JQ7uvWup99PSB -----END CERTIFICATE-----Generated at Tue May 13 08:27:41 2025 by rpki-client