$ rpki-client -vvf rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.mft File: hfK68bffHaqMiKtsXnjB_MP3jQg.mft (raw, json) Hash identifier: V3/h1+MaQ8BspaYS/BYRB1H+5Q5ruz7TcvPWjm41xhc= Subject key identifier: 86:7C:4E:B6:85:B4:9E:29:2B:91:36:B5:D0:F9:8B:A0:AA:7B:8C:A3 Authority key identifier: 85:F2:BA:F1:B7:DF:1D:AA:8C:88:AB:6C:5E:78:C1:FC:C3:F7:8D:08 Certificate issuer: /CN=A91342C5/serialNumber=85F2BAF1B7DF1DAA8C88AB6C5E78C1FCC3F78D08 Certificate serial: 03B8 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hfK68bffHaqMiKtsXnjB_MP3jQg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.mft Manifest number: 03A8 Signing time: Thu 03 Jul 2025 01:11:20 +0000 Manifest this update: Thu 03 Jul 2025 01:11:19 +0000 Manifest next update: Thu 10 Jul 2025 01:11:19 +0000 Files and hashes: 1: hfK68bffHaqMiKtsXnjB_MP3jQg.crl (hash: 6d9foVVLBnIPCW2D/NLO7GfUluLTgxyXAic2J84vj10=) 2: A7FBA00E778811EDAE39280CC4F9AE02.roa (hash: A66Rcwdstkb/5EinIJWrWOuekP0qJLH5hk4F7NZimSw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.crl rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hfK68bffHaqMiKtsXnjB_MP3jQg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 01:11:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 952 (0x3b8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91342C5, serialNumber=85F2BAF1B7DF1DAA8C88AB6C5E78C1FCC3F78D08 Validity Not Before: Jul 3 01:11:19 2025 GMT Not After : Jul 10 01:11:19 2025 GMT Subject: CN=6865d8b8-2858 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:cc:01:44:9a:a1:99:76:50:52:f0:33:aa:3c: da:bb:6b:ca:ff:d1:63:ed:f1:62:78:e5:3c:35:55: 29:c5:38:26:ae:e2:51:88:40:06:00:3b:cf:89:e0: 35:be:48:1a:9d:ea:20:27:39:42:50:f4:f4:f6:dd: dd:23:7d:b1:06:8d:b8:41:eb:52:b5:b7:37:f7:e4: fb:ab:39:ed:34:54:10:bc:9d:d3:6d:7e:a7:67:a1: fa:f8:7b:65:43:13:39:b9:06:2b:41:0d:ec:89:83: 41:a7:e0:78:44:e1:3d:4b:b6:b1:34:3f:78:b0:11: 4c:e7:d7:65:b6:d6:b1:1a:2e:8e:b7:1a:72:5c:39: 34:6b:83:46:d0:ce:ad:42:f0:6b:5a:31:e2:45:29: 9c:1a:3e:ea:b7:47:74:97:09:b6:cb:cf:fe:f2:3d: 91:af:b3:e4:d5:82:47:ac:33:2d:63:3c:61:c4:5f: 13:14:8d:21:a0:57:08:b7:80:1c:2d:dd:45:6e:30: fe:b1:39:68:75:d0:e8:3c:f7:f7:07:d0:ba:8a:68: 17:d0:00:a2:9e:da:8e:49:c5:0b:d2:d7:2d:2f:0b: b9:08:f4:9e:ed:87:d2:7b:b0:61:cf:ee:a7:17:83: 38:10:be:eb:66:a3:03:e6:ef:75:0d:9e:91:11:81: 50:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:7C:4E:B6:85:B4:9E:29:2B:91:36:B5:D0:F9:8B:A0:AA:7B:8C:A3 X509v3 Authority Key Identifier: keyid:85:F2:BA:F1:B7:DF:1D:AA:8C:88:AB:6C:5E:78:C1:FC:C3:F7:8D:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hfK68bffHaqMiKtsXnjB_MP3jQg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b8:54:08:fc:fc:e0:50:b1:d0:83:4f:4a:56:14:e8:e2:b5:ba: ad:ac:a6:e7:6e:3a:9f:cd:67:ec:1e:f7:6b:d3:94:a0:fd:b1: ee:49:e1:5e:6d:8f:0d:fe:54:b4:d5:f9:15:9e:f7:9c:24:02: 50:5b:92:12:9b:04:5a:ef:4f:4c:4d:c1:72:1b:3f:9a:64:c6: f5:ba:c5:f8:77:36:e4:cc:90:80:87:6a:77:59:f2:8c:97:1e: 53:e3:d9:6c:7b:a0:0c:79:a0:47:bd:15:cd:f1:f7:14:c7:a9: 6c:98:2b:ff:fc:47:6a:f9:7d:3e:3c:14:a3:c1:9f:7e:b4:5f: 65:1d:81:21:2a:a0:30:43:2e:6e:2f:ef:1c:8e:de:6c:be:74: 4d:cb:b3:0f:a9:bd:09:c5:b9:37:30:83:57:69:53:9d:c0:2d: 05:53:d1:ab:ad:ed:cb:70:bf:9d:2a:f3:34:9f:73:f8:ea:56: dd:8b:05:16:0c:37:f4:16:58:85:29:cf:86:05:da:6c:26:c3: 00:77:b1:61:53:36:31:cf:07:5a:c8:5c:bb:85:bc:7b:70:fc: f7:46:d3:40:7b:d0:ef:b9:2e:e7:7a:bc:ac:d4:10:56:a8:0a: 2a:ea:00:a5:94:eb:42:02:27:5f:49:90:e0:f4:c8:6a:72:83: 92:cb:e7:65 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA7gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzQyQzUxMTAvBgNVBAUTKDg1RjJCQUYxQjdERjFEQUE4Qzg4QUI2QzVFNzhDMUZD QzNGNzhEMDgwHhcNMjUwNzAzMDExMTE5WhcNMjUwNzEwMDExMTE5WjAYMRYwFAYD VQQDEw02ODY1ZDhiOC0yODU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyMwBRJqhmXZQUvAzqjzau2vK/9Fj7fFieOU8NVUpxTgmruJRiEAGADvPieA1 vkganeogJzlCUPT09t3dI32xBo24QetStbc39+T7qzntNFQQvJ3TbX6nZ6H6+Htl QxM5uQYrQQ3siYNBp+B4ROE9S7axND94sBFM59dlttaxGi6OtxpyXDk0a4NG0M6t QvBrWjHiRSmcGj7qt0d0lwm2y8/+8j2Rr7Pk1YJHrDMtYzxhxF8TFI0hoFcIt4Ac Ld1FbjD+sTloddDoPPf3B9C6imgX0ACintqOScUL0tctLwu5CPSe7YfSe7Bhz+6n F4M4EL7rZqMD5u91DZ6REYFQCQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIZ8TraF tJ4pK5E2tdD5i6Cqe4yjMB8GA1UdIwQYMBaAFIXyuvG33x2qjIirbF54wfzD940I MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNDJDNS8xRjQwNEUzMEE0 RTkxMUVDQUYzRkIxNTJDNEY5QUUwMi9oZks2OGJmZkhhcU1pS3RzWG5qQl9NUDNq UWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2hmSzY4YmZmSGFxTWlLdHNYbmpCX01QM2pRZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NDJDNS8xRjQwNEUzMEE0RTkxMUVDQUYzRkIxNTJDNEY5QUUwMi9oZks2OGJmZkhh cU1pS3RzWG5qQl9NUDNqUWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC4VAj8/OBQsdCDT0pWFOjitbqtrKbnbjqfzWfsHvdr05Sg/bHuSeFe bY8N/lS01fkVnvecJAJQW5ISmwRa709MTcFyGz+aZMb1usX4dzbkzJCAh2p3WfKM lx5T49lse6AMeaBHvRXN8fcUx6lsmCv//Edq+X0+PBSjwZ9+tF9lHYEhKqAwQy5u L+8cjt5svnRNy7MPqb0Jxbk3MINXaVOdwC0FU9Grre3LcL+dKvM0n3P46lbdiwUW DDf0FliFKc+GBdpsJsMAd7FhUzYxzwdayFy7hbx7cPz3RtNAe9DvuS7nerys1BBW qAoq6gCllOtCAidfSZDg9MhqcoOSy+dl -----END CERTIFICATE-----Generated at Thu Jul 3 23:16:28 2025 by rpki-client