$ rpki-client -vvf rpki.apnic.net/member_repository/A91973D2/DA839C94BFC811EBA5B3A67CC4F9AE02/hqs-vXxB5lbM7s21qFDHpLHiZ-M.mft File: hqs-vXxB5lbM7s21qFDHpLHiZ-M.mft (raw, json) Hash identifier: d9cpE4cSYjn0JdkifgEkrxPRmnxGStypLt3oEvfhqRI= Subject key identifier: 7D:C5:50:6A:D5:F5:1E:B9:A5:48:7C:19:54:64:7C:E8:3C:1C:44:7A Authority key identifier: 86:AB:3E:BD:7C:41:E6:56:CC:EE:CD:B5:A8:50:C7:A4:B1:E2:67:E3 Certificate issuer: /CN=A91973D2/serialNumber=86AB3EBD7C41E656CCEECDB5A850C7A4B1E267E3 Certificate serial: 05DD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hqs-vXxB5lbM7s21qFDHpLHiZ-M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91973D2/DA839C94BFC811EBA5B3A67CC4F9AE02/hqs-vXxB5lbM7s21qFDHpLHiZ-M.mft Manifest number: 05D7 Signing time: Mon 30 Jun 2025 23:23:36 +0000 Manifest this update: Mon 30 Jun 2025 23:23:35 +0000 Manifest next update: Mon 07 Jul 2025 23:23:35 +0000 Files and hashes: 1: hqs-vXxB5lbM7s21qFDHpLHiZ-M.crl (hash: 9koNn/+vbop0M9rkMoDfg+ra7egtL+mrZwFNqdzFiz0=) 2: 6959BDA8C05B11EB9540776AC4F9AE02.roa (hash: 4SABNLVP141mmTSS6gzli1B5PVXlz3wNBkczMbOULL4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91973D2/DA839C94BFC811EBA5B3A67CC4F9AE02/hqs-vXxB5lbM7s21qFDHpLHiZ-M.crl rsync://rpki.apnic.net/member_repository/A91973D2/DA839C94BFC811EBA5B3A67CC4F9AE02/hqs-vXxB5lbM7s21qFDHpLHiZ-M.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hqs-vXxB5lbM7s21qFDHpLHiZ-M.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 23:23:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1501 (0x5dd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91973D2, serialNumber=86AB3EBD7C41E656CCEECDB5A850C7A4B1E267E3 Validity Not Before: Jun 30 23:23:35 2025 GMT Not After : Jul 7 23:23:35 2025 GMT Subject: CN=68631c78-f359 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:b3:c3:42:bc:5d:ee:a5:aa:a0:cb:e3:86:90: 88:68:2f:d6:c4:ad:04:4b:37:8f:40:19:4b:6c:b7: 0d:a8:1a:16:15:de:31:70:e0:bc:ed:cf:cf:bf:93: d8:6e:58:71:51:69:55:2d:2b:8a:55:71:d8:97:18: 28:22:2e:f4:8a:ff:31:e3:7a:2c:cb:c4:52:9c:0b: 6b:30:57:33:dc:88:6a:72:c5:7d:5f:d8:97:fd:c4: 5e:91:f6:68:70:5f:9c:de:38:a7:b1:86:40:e7:67: ac:f2:40:19:09:d8:c5:ad:82:8b:c0:7e:9b:f3:b4: c4:25:50:e8:f0:02:2f:a6:40:2e:7d:78:dc:e9:83: 46:3b:42:51:40:2d:20:30:98:7e:b2:a2:c8:23:c5: ee:86:0d:0c:12:bc:36:a9:94:8c:3a:44:e5:86:e4: ea:b5:7c:7c:28:2f:c7:3d:37:15:94:f6:48:10:06: 50:e8:97:d9:31:6d:b1:d7:f9:cf:e5:2f:ac:2c:00: 9a:19:53:22:41:2e:3f:0c:0e:71:7b:4a:11:e5:b5: b5:4d:03:d1:17:b9:a3:a3:ce:39:ff:42:5a:99:60: 99:6b:70:69:91:a1:41:35:cc:48:60:3c:66:7f:95: c9:25:53:e9:4c:62:fd:bf:8b:48:c8:6c:61:de:b6: 80:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:C5:50:6A:D5:F5:1E:B9:A5:48:7C:19:54:64:7C:E8:3C:1C:44:7A X509v3 Authority Key Identifier: keyid:86:AB:3E:BD:7C:41:E6:56:CC:EE:CD:B5:A8:50:C7:A4:B1:E2:67:E3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91973D2/DA839C94BFC811EBA5B3A67CC4F9AE02/hqs-vXxB5lbM7s21qFDHpLHiZ-M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hqs-vXxB5lbM7s21qFDHpLHiZ-M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91973D2/DA839C94BFC811EBA5B3A67CC4F9AE02/hqs-vXxB5lbM7s21qFDHpLHiZ-M.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 29:83:47:fd:8d:ba:68:53:e4:70:2a:b3:ec:c2:a3:5f:8e:15: dd:34:55:85:15:91:e1:f3:1b:81:4b:8e:9e:9a:db:8c:59:99: e9:90:32:4d:21:15:22:58:ac:cc:74:55:15:eb:38:a3:88:6b: ed:3b:f3:17:b3:e9:aa:f4:16:a6:8e:8b:13:39:cb:b3:14:57: 65:a9:46:64:fd:71:71:1c:33:9a:82:78:f6:36:6c:e1:c6:f6: ba:11:70:f3:da:43:5b:d2:4d:43:01:31:08:90:f1:dc:44:09: 19:60:e2:2e:10:79:53:d3:25:8f:0e:db:d6:9e:ad:4d:4e:8e: 5a:e2:88:75:65:80:9f:35:d3:c4:38:d8:11:99:83:06:85:5d: 9a:c8:b8:9c:d5:f0:26:35:29:8d:8f:3a:fb:55:9a:e8:53:50: de:ed:a3:b4:d6:87:c8:e6:a3:48:21:f7:26:3e:5f:c7:ab:f1: 17:96:74:b7:ba:0a:a9:ec:e3:24:37:a7:ec:a1:d3:eb:3a:19: 39:cb:9d:af:ef:01:64:cb:99:43:c3:f4:36:22:90:86:f0:23: 7c:f7:3d:d1:6b:09:ae:7f:e1:c9:c6:6a:91:e6:6a:9e:db:a4: 6f:4d:7c:c2:80:94:74:14:4f:fd:6e:47:e0:1b:a1:5a:3b:59: 93:5e:99:c4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBd0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTczRDIxMTAvBgNVBAUTKDg2QUIzRUJEN0M0MUU2NTZDQ0VFQ0RCNUE4NTBDN0E0 QjFFMjY3RTMwHhcNMjUwNjMwMjMyMzM1WhcNMjUwNzA3MjMyMzM1WjAYMRYwFAYD VQQDEw02ODYzMWM3OC1mMzU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvLPDQrxd7qWqoMvjhpCIaC/WxK0ESzePQBlLbLcNqBoWFd4xcOC87c/Pv5PY blhxUWlVLSuKVXHYlxgoIi70iv8x43osy8RSnAtrMFcz3IhqcsV9X9iX/cRekfZo cF+c3jinsYZA52es8kAZCdjFrYKLwH6b87TEJVDo8AIvpkAufXjc6YNGO0JRQC0g MJh+sqLII8Xuhg0MErw2qZSMOkTlhuTqtXx8KC/HPTcVlPZIEAZQ6JfZMW2x1/nP 5S+sLACaGVMiQS4/DA5xe0oR5bW1TQPRF7mjo845/0JamWCZa3BpkaFBNcxIYDxm f5XJJVPpTGL9v4tIyGxh3raA8QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH3FUGrV 9R65pUh8GVRkfOg8HER6MB8GA1UdIwQYMBaAFIarPr18QeZWzO7NtahQx6Sx4mfj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NzNEMi9EQTgzOUM5NEJG QzgxMUVCQTVCM0E2N0NDNEY5QUUwMi9ocXMtdlh4QjVsYk03czIxcUZESHBMSGla LU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hxcy12WHhCNWxiTTdzMjFxRkRIcExIaVotTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NzNEMi9EQTgzOUM5NEJGQzgxMUVCQTVCM0E2N0NDNEY5QUUwMi9ocXMtdlh4QjVs Yk03czIxcUZESHBMSGlaLU0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQApg0f9jbpoU+RwKrPswqNfjhXdNFWFFZHh8xuBS46emtuMWZnpkDJN IRUiWKzMdFUV6zijiGvtO/MXs+mq9BamjosTOcuzFFdlqUZk/XFxHDOagnj2Nmzh xva6EXDz2kNb0k1DATEIkPHcRAkZYOIuEHlT0yWPDtvWnq1NTo5a4oh1ZYCfNdPE ONgRmYMGhV2ayLic1fAmNSmNjzr7VZroU1De7aO01ofI5qNIIfcmPl/Hq/EXlnS3 ugqp7OMkN6fsodPrOhk5y52v7wFky5lDw/Q2IpCG8CN89z3Rawmuf+HJxmqR5mqe 26RvTXzCgJR0FE/9bkfgG6FaO1mTXpnE -----END CERTIFICATE-----Generated at Tue Jul 1 22:45:26 2025 by rpki-client