$ rpki-client -vvf rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.mft File: hn09aLZZeAOvVkZcDptTq2Z7cqg.mft (raw, json) Hash identifier: flSuc1eRZ3L+A1arwGfFZ04ouA7Qxg0WzyXwJzALLPo= Subject key identifier: 7F:12:47:D6:09:FC:2B:B2:AF:08:E4:65:DA:F1:8E:36:4B:18:B7:F5 Authority key identifier: 86:7D:3D:68:B6:59:78:03:AF:56:46:5C:0E:9B:53:AB:66:7B:72:A8 Certificate issuer: /CN=A912CDC5/serialNumber=867D3D68B6597803AF56465C0E9B53AB667B72A8 Certificate serial: 067E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hn09aLZZeAOvVkZcDptTq2Z7cqg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.mft Manifest number: 0679 Signing time: Wed 02 Jul 2025 22:40:16 +0000 Manifest this update: Wed 02 Jul 2025 22:40:15 +0000 Manifest next update: Wed 09 Jul 2025 22:40:15 +0000 Files and hashes: 1: hn09aLZZeAOvVkZcDptTq2Z7cqg.crl (hash: DsAj0hZBPDmBD/yQ3ML7d1CO3KIcwKfWYzG8PIU8oWI=) 2: 4EC5B52480B811EBBEE2CA7FC4F9AE02.roa (hash: bzwAo1vTwZtUvpqV0SE31TfJe7tyOs8AEfKtkNJnl48=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.crl rsync://rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hn09aLZZeAOvVkZcDptTq2Z7cqg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 22:40:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1662 (0x67e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912CDC5, serialNumber=867D3D68B6597803AF56465C0E9B53AB667B72A8 Validity Not Before: Jul 2 22:40:15 2025 GMT Not After : Jul 9 22:40:15 2025 GMT Subject: CN=6865b54f-226a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:61:b3:af:42:cd:a3:bd:3a:30:85:52:a7:be: 02:d6:62:a1:1c:03:e1:af:f1:23:c2:e6:2b:60:08: ca:8b:0c:8f:3c:c4:ed:dc:98:6c:78:2e:49:9c:28: 55:d6:6c:7b:4e:22:f2:9a:e5:2d:29:8c:7f:f9:2f: fe:ed:ac:9d:ef:a9:0e:69:d1:46:85:b7:0a:ef:d8: 0b:64:8a:61:4f:06:f9:64:2a:58:26:c0:69:5a:f1: c4:55:a6:69:ac:30:2b:cc:c9:83:ad:15:4f:c7:00: e1:b0:1c:6e:6d:e9:7a:cf:81:a7:d8:88:dd:10:bc: bd:27:35:44:c7:d8:37:f2:24:57:db:04:19:d6:e0: 19:68:0b:4b:75:b7:a2:c2:7c:2d:92:49:4f:64:c1: 91:10:49:34:20:d0:76:97:66:03:ef:e8:ba:c9:0e: dd:60:ee:9f:60:17:3d:f2:e2:d5:7c:e8:1a:48:34: 4e:35:ae:a7:b7:34:b2:5d:58:8e:0f:60:0f:c0:bf: 40:01:07:19:ff:83:70:2f:9d:05:6e:7e:65:33:9c: 19:2e:fd:53:19:6f:62:57:2a:59:72:be:34:8a:8a: 24:fd:b7:f5:b4:5d:f5:75:67:27:2f:92:4a:71:8d: 85:94:21:52:45:46:15:3f:80:cc:3f:b9:94:ea:21: fc:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:12:47:D6:09:FC:2B:B2:AF:08:E4:65:DA:F1:8E:36:4B:18:B7:F5 X509v3 Authority Key Identifier: keyid:86:7D:3D:68:B6:59:78:03:AF:56:46:5C:0E:9B:53:AB:66:7B:72:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hn09aLZZeAOvVkZcDptTq2Z7cqg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 05:a2:d7:69:d9:52:fa:8c:60:7a:6f:12:6f:d1:6e:12:38:12: c3:97:64:e4:6d:f1:d9:c5:b2:5d:1b:84:bd:a7:a1:e5:b6:86: 69:48:8b:8a:86:52:30:e0:c8:77:70:47:97:64:24:ee:03:86: 5c:24:35:f6:f2:29:b1:49:8f:d9:d6:85:ab:27:30:3c:1a:35: 40:9f:1d:b5:1a:de:a4:7b:fa:0c:02:74:39:1d:31:a4:ce:60: 4a:fb:95:32:cc:d4:4a:b4:6c:8d:48:05:0f:f3:c8:f2:37:03: 21:26:59:2a:a0:49:21:ea:53:ef:68:c6:c0:ea:11:5a:1f:ae: 1a:0a:b1:2c:c5:8e:64:86:23:23:ec:a3:35:38:b0:25:8a:c7: eb:51:56:2b:cd:bf:07:1a:a7:0f:45:f2:30:20:32:58:09:52: ee:19:a6:43:01:1c:3b:d9:6e:cc:d8:36:52:04:43:0e:26:b0: 61:48:55:11:c3:d9:dd:9b:e0:99:64:cf:21:90:9a:e1:1b:6f: 60:61:84:bd:fa:c9:6a:74:3a:fd:61:36:38:79:15:ad:ac:af: f4:3e:e6:31:8e:77:2a:1f:86:27:8a:54:ad:70:84:57:d1:93: 35:47:cd:f2:d3:5a:10:27:17:27:d3:98:79:89:98:f6:dc:55: 28:9f:7c:a4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBn4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkNEQzUxMTAvBgNVBAUTKDg2N0QzRDY4QjY1OTc4MDNBRjU2NDY1QzBFOUI1M0FC NjY3QjcyQTgwHhcNMjUwNzAyMjI0MDE1WhcNMjUwNzA5MjI0MDE1WjAYMRYwFAYD VQQDEw02ODY1YjU0Zi0yMjZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz2Gzr0LNo706MIVSp74C1mKhHAPhr/EjwuYrYAjKiwyPPMTt3JhseC5JnChV 1mx7TiLymuUtKYx/+S/+7ayd76kOadFGhbcK79gLZIphTwb5ZCpYJsBpWvHEVaZp rDArzMmDrRVPxwDhsBxubel6z4Gn2IjdELy9JzVEx9g38iRX2wQZ1uAZaAtLdbei wnwtkklPZMGREEk0INB2l2YD7+i6yQ7dYO6fYBc98uLVfOgaSDRONa6ntzSyXViO D2APwL9AAQcZ/4NwL50Fbn5lM5wZLv1TGW9iVypZcr40iook/bf1tF31dWcnL5JK cY2FlCFSRUYVP4DMP7mU6iH8EQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH8SR9YJ /CuyrwjkZdrxjjZLGLf1MB8GA1UdIwQYMBaAFIZ9PWi2WXgDr1ZGXA6bU6tme3Ko MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQ0RDNS9FOUYyOTJDNjgw QjYxMUVCQkVDQkYzNzlDNEY5QUUwMi9objA5YUxaWmVBT3ZWa1pjRHB0VHEyWjdj cWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2huMDlhTFpaZUFPdlZrWmNEcHRUcTJaN2NxZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy Q0RDNS9FOUYyOTJDNjgwQjYxMUVCQkVDQkYzNzlDNEY5QUUwMi9objA5YUxaWmVB T3ZWa1pjRHB0VHEyWjdjcWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAFotdp2VL6jGB6bxJv0W4SOBLDl2TkbfHZxbJdG4S9p6HltoZpSIuK hlIw4Mh3cEeXZCTuA4ZcJDX28imxSY/Z1oWrJzA8GjVAnx21Gt6ke/oMAnQ5HTGk zmBK+5UyzNRKtGyNSAUP88jyNwMhJlkqoEkh6lPvaMbA6hFaH64aCrEsxY5khiMj 7KM1OLAlisfrUVYrzb8HGqcPRfIwIDJYCVLuGaZDARw72W7M2DZSBEMOJrBhSFUR w9ndm+CZZM8hkJrhG29gYYS9+slqdDr9YTY4eRWtrK/0PuYxjncqH4YnilStcIRX 0ZM1R83y01oQJxcn05h5iZj23FUon3yk -----END CERTIFICATE-----Generated at Thu Jul 3 23:24:33 2025 by rpki-client