$ rpki-client -vvf rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft File: hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft (raw, json) Hash identifier: T+mKDH00FvLZG7xsZReDNi+81HZb5BcZTSsNcwax4ks= Subject key identifier: 28:3A:BC:B7:D9:0D:AE:D3:B0:E0:67:C5:FC:06:5C:41:60:1E:9D:0A Authority key identifier: 85:9D:18:4F:41:C3:48:98:B7:29:8C:99:10:75:CC:CF:51:67:9A:F1 Certificate issuer: /CN=A91A5BCD/serialNumber=859D184F41C34898B7298C991075CCCF51679AF1 Certificate serial: 0A09 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft Manifest number: 09FC Signing time: Wed 02 Jul 2025 20:05:01 +0000 Manifest this update: Wed 02 Jul 2025 20:05:01 +0000 Manifest next update: Wed 09 Jul 2025 20:05:01 +0000 Files and hashes: 1: hZ0YT0HDSJi3KYyZEHXMz1FnmvE.crl (hash: PtjJR60PASbsd3DUep4pcAz69pdLv/oU8V+rjcBJn2g=) 2: 5B5A8050DDBC11EC8378E737C4F9AE02.roa (hash: na5Q578rSQBZFcX5/CcksCy+xsZYnJfxZssE9M4rEDg=) 3: 5A3B7CECDDBC11EC8378E737C4F9AE02.roa (hash: lwmo/gkmzYuWybDmK+FVsOggd5dBx+ce2atYLFTNz2E=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.crl rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 20:05:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2569 (0xa09) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A5BCD, serialNumber=859D184F41C34898B7298C991075CCCF51679AF1 Validity Not Before: Jul 2 20:05:01 2025 GMT Not After : Jul 9 20:05:01 2025 GMT Subject: CN=686590ed-6fb9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:3e:0a:87:d8:68:70:87:c9:c6:ad:69:0e:62: f4:e3:44:e8:9e:60:3a:8e:8c:60:d6:c0:6a:e3:e5: 04:42:e4:02:51:02:20:a8:75:56:fa:55:7e:b2:17: 78:47:96:0f:d2:ae:da:72:1c:c7:6e:b5:94:47:9a: 83:51:18:72:bf:bc:c0:34:09:2e:d4:0f:02:2f:35: c4:ed:69:71:21:8e:ae:50:8d:a5:00:45:03:0c:96: 1c:99:f4:8a:fb:bf:61:77:a3:6a:c2:4c:11:9c:e7: d9:e9:e4:e3:5a:83:8e:a2:14:13:30:01:c8:50:f0: 46:51:86:e6:8d:04:2e:71:92:17:52:bd:f8:09:3f: 12:68:aa:e1:bb:9c:c6:23:78:d1:29:07:b7:fe:99: 50:14:4f:03:81:80:a8:01:45:5b:c9:53:c0:48:95: 82:a8:01:62:4f:47:4f:db:08:69:ec:7c:eb:61:8a: ce:1f:42:44:21:89:3c:d6:cc:87:a5:42:1d:23:2e: 11:fc:88:30:ef:60:da:60:42:5a:44:14:9b:40:53: 78:12:31:17:dd:6c:f5:6b:7f:a7:9b:e8:19:28:96: d7:43:03:e1:36:cb:30:3a:05:0d:e4:7d:db:29:bb: 62:d7:83:06:f6:bb:6f:86:5c:20:5f:76:6c:52:d6: 5b:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:3A:BC:B7:D9:0D:AE:D3:B0:E0:67:C5:FC:06:5C:41:60:1E:9D:0A X509v3 Authority Key Identifier: keyid:85:9D:18:4F:41:C3:48:98:B7:29:8C:99:10:75:CC:CF:51:67:9A:F1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 17:95:3c:96:41:19:7d:40:16:e6:ac:b8:7b:1b:e0:5c:63:95: 46:31:06:29:c3:e9:62:9a:a4:d2:f0:6d:f1:3f:7d:06:ea:c9: 82:ac:b5:a5:be:5b:cb:be:6f:c1:0f:03:de:0f:c3:78:d5:a5: 2b:55:91:6f:e9:27:1b:74:21:39:9c:7d:22:d2:b8:32:9c:07: b9:82:d8:cd:61:2d:fb:3a:7a:ba:87:90:da:70:2c:b8:fa:a3: de:32:70:cb:a2:d7:8b:f9:1b:43:3b:c7:7a:6c:99:d4:de:e4: d1:f6:ec:d5:03:b7:bc:ab:9e:6f:54:d1:37:da:b4:6a:ee:ea: 10:54:54:08:d5:e2:89:08:82:29:4b:62:f6:ff:14:d8:c4:bd: ed:85:09:43:04:ae:fe:ba:0a:a8:e6:3a:73:7d:1e:31:79:31: 22:2f:30:47:8b:f1:2e:e4:de:9c:b3:cf:4c:6a:71:cc:43:43: 27:13:bf:98:0b:36:46:e0:d2:a1:ec:57:66:af:7c:22:c4:3d: 6c:84:24:e6:6c:d2:74:4e:7f:aa:f3:32:58:96:3e:67:9d:2a: 1a:f3:4a:2f:32:33:f0:6a:df:c8:1f:88:d1:38:8e:a6:7a:cf: 82:3c:ee:e1:17:bb:6e:df:66:74:f2:16:39:2f:bd:f3:a2:da: 9c:6c:b4:44 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCgkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTVCQ0QxMTAvBgNVBAUTKDg1OUQxODRGNDFDMzQ4OThCNzI5OEM5OTEwNzVDQ0NG NTE2NzlBRjEwHhcNMjUwNzAyMjAwNTAxWhcNMjUwNzA5MjAwNTAxWjAYMRYwFAYD VQQDEw02ODY1OTBlZC02ZmI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1j4Kh9hocIfJxq1pDmL040TonmA6joxg1sBq4+UEQuQCUQIgqHVW+lV+shd4 R5YP0q7achzHbrWUR5qDURhyv7zANAku1A8CLzXE7WlxIY6uUI2lAEUDDJYcmfSK +79hd6NqwkwRnOfZ6eTjWoOOohQTMAHIUPBGUYbmjQQucZIXUr34CT8SaKrhu5zG I3jRKQe3/plQFE8DgYCoAUVbyVPASJWCqAFiT0dP2whp7HzrYYrOH0JEIYk81syH pUIdIy4R/Igw72DaYEJaRBSbQFN4EjEX3Wz1a3+nm+gZKJbXQwPhNsswOgUN5H3b Kbti14MG9rtvhlwgX3ZsUtZb0QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCg6vLfZ Da7TsOBnxfwGXEFgHp0KMB8GA1UdIwQYMBaAFIWdGE9Bw0iYtymMmRB1zM9RZ5rx MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNUJDRC82MUQwQzQ4NjdB M0ExMUVBQkY4QjU4MjZDNEY5QUUwMi9oWjBZVDBIRFNKaTNLWXlaRUhYTXoxRm5t dkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2haMFlUMEhEU0ppM0tZeVpFSFhNejFGbm12RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NUJDRC82MUQwQzQ4NjdBM0ExMUVBQkY4QjU4MjZDNEY5QUUwMi9oWjBZVDBIRFNK aTNLWXlaRUhYTXoxRm5tdkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAXlTyWQRl9QBbmrLh7G+BcY5VGMQYpw+limqTS8G3xP30G6smCrLWl vlvLvm/BDwPeD8N41aUrVZFv6ScbdCE5nH0i0rgynAe5gtjNYS37Onq6h5DacCy4 +qPeMnDLoteL+RtDO8d6bJnU3uTR9uzVA7e8q55vVNE32rRq7uoQVFQI1eKJCIIp S2L2/xTYxL3thQlDBK7+ugqo5jpzfR4xeTEiLzBHi/Eu5N6cs89ManHMQ0MnE7+Y CzZG4NKh7Fdmr3wixD1shCTmbNJ0Tn+q8zJYlj5nnSoa80ovMjPwat/IH4jROI6m es+CPO7hF7tu32Z08hY5L73zotqcbLRE -----END CERTIFICATE-----Generated at Thu Jul 3 17:40:20 2025 by rpki-client