$ rpki-client -vvf rpki.apnic.net/member_repository/A91BEB11/9F43587E1D9A11E29AF6FC8708B02CD2/hsjX-0IuFSejmUSD0fne8sYKMHI.mft File: hsjX-0IuFSejmUSD0fne8sYKMHI.mft (raw, json) Hash identifier: YTyxe4mmPomPnCxfD5hUAlegnjHNYYyIw2R5rNSLMbc= Subject key identifier: 8F:71:BD:75:8E:C1:E6:78:10:B7:25:7A:AC:25:8E:47:C5:C1:BF:56 Authority key identifier: 86:C8:D7:FB:42:2E:15:27:A3:99:44:83:D1:F9:DE:F2:C6:0A:30:72 Certificate issuer: /CN=A91BEB11/serialNumber=86C8D7FB422E1527A3994483D1F9DEF2C60A3072 Certificate serial: 3493 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hsjX-0IuFSejmUSD0fne8sYKMHI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BEB11/9F43587E1D9A11E29AF6FC8708B02CD2/hsjX-0IuFSejmUSD0fne8sYKMHI.mft Manifest number: 3493 Signing time: Mon 30 Jun 2025 14:59:24 +0000 Manifest this update: Mon 30 Jun 2025 14:59:23 +0000 Manifest next update: Mon 07 Jul 2025 14:59:23 +0000 Files and hashes: 1: hsjX-0IuFSejmUSD0fne8sYKMHI.crl (hash: AW4cIQAysXqV619lYj0te+yTaVlp42yo7FhcTd5g/CM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BEB11/9F43587E1D9A11E29AF6FC8708B02CD2/hsjX-0IuFSejmUSD0fne8sYKMHI.crl rsync://rpki.apnic.net/member_repository/A91BEB11/9F43587E1D9A11E29AF6FC8708B02CD2/hsjX-0IuFSejmUSD0fne8sYKMHI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hsjX-0IuFSejmUSD0fne8sYKMHI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 14:59:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13459 (0x3493) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BEB11, serialNumber=86C8D7FB422E1527A3994483D1F9DEF2C60A3072 Validity Not Before: Jun 30 14:59:23 2025 GMT Not After : Jul 7 14:59:23 2025 GMT Subject: CN=6862a64c-7ba9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:1e:1f:bc:ef:1a:52:96:13:bb:6e:13:47:fa: e2:e4:c5:c8:4f:15:ab:48:c0:ae:39:63:0a:3b:ac: a0:59:68:61:af:cf:a7:78:e4:9f:26:b8:99:7c:4c: ea:69:5a:5c:31:06:02:f5:c2:ba:5f:5f:80:e1:25: 8d:ee:41:71:b9:8f:bf:99:c7:3a:1e:89:5e:5a:0f: c9:0a:a6:9f:42:89:21:80:60:55:30:e1:4f:6c:9e: 3b:a8:82:f6:d1:69:a8:cf:bb:bd:88:05:f3:13:c2: c7:3b:22:2d:96:2e:97:e9:91:de:a4:f7:e5:f0:ac: c5:6c:a6:75:6d:54:71:32:94:20:49:14:20:f2:f5: fe:25:1c:3c:c7:41:9b:d4:e8:bd:2d:1c:96:57:60: 85:ac:9c:ca:01:53:c5:30:a6:f9:31:d0:92:7a:02: e7:5c:9a:93:fa:50:af:5c:14:b4:29:10:77:f1:9a: b3:3b:9f:24:b5:3d:b5:3b:fe:ae:7a:cd:90:ea:1e: 7c:e8:1b:e0:25:1e:32:5f:d9:99:43:7f:57:6c:19: f7:7b:08:15:b7:ed:7c:b8:3d:15:fc:60:18:b3:db: b0:32:ed:8a:19:59:07:0e:a7:86:08:3d:5c:49:a7: 9c:57:47:89:a3:a2:dc:a6:d6:25:72:53:f0:2a:47: db:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:71:BD:75:8E:C1:E6:78:10:B7:25:7A:AC:25:8E:47:C5:C1:BF:56 X509v3 Authority Key Identifier: keyid:86:C8:D7:FB:42:2E:15:27:A3:99:44:83:D1:F9:DE:F2:C6:0A:30:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BEB11/9F43587E1D9A11E29AF6FC8708B02CD2/hsjX-0IuFSejmUSD0fne8sYKMHI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hsjX-0IuFSejmUSD0fne8sYKMHI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BEB11/9F43587E1D9A11E29AF6FC8708B02CD2/hsjX-0IuFSejmUSD0fne8sYKMHI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption cf:06:e0:d4:ac:ba:a6:a0:7a:cd:d8:4d:6e:71:0f:4a:1e:a2: 7b:18:53:7f:c3:3a:dd:e6:75:8d:3f:51:7a:db:1a:d3:ae:1d: 49:6b:2c:ec:6b:b7:57:11:c6:5d:fe:36:ee:c9:8e:23:a9:4c: 9b:dc:44:d6:ee:36:85:ad:11:ca:a0:19:99:a0:0d:39:23:65: 89:d2:4f:d0:9e:40:52:8f:1f:91:2f:fa:e8:c1:47:d8:bc:ec: a8:2b:4e:9e:16:50:50:ea:d7:cc:02:78:eb:e9:e6:be:e1:78: 4d:59:23:56:68:15:31:a1:22:4a:e7:97:a2:c0:e1:4f:17:6c: 9b:cf:b7:d0:84:23:5a:bf:be:fa:f4:92:1b:7b:a5:d2:6b:9e: 67:e2:23:09:aa:1b:3f:d8:41:c7:f1:b7:d6:ba:60:c8:55:4b: 93:50:c6:47:17:ca:50:3d:5f:04:eb:0b:e6:a0:65:46:b6:5f: a0:0d:ec:63:2f:57:1e:28:01:c4:0e:2b:30:a4:c9:bb:25:e9: 47:2e:67:2d:49:6f:dc:13:42:92:4a:c1:1e:90:14:57:e0:2a: 1a:30:8e:dc:87:5f:af:e1:42:af:7b:07:e6:9d:97:c2:e6:eb: 0c:78:54:da:8f:3d:0d:6f:62:1b:95:da:47:da:ac:4a:d0:2a: 53:e3:31:b9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNJMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkVCMTExMTAvBgNVBAUTKDg2QzhEN0ZCNDIyRTE1MjdBMzk5NDQ4M0QxRjlERUYy QzYwQTMwNzIwHhcNMjUwNjMwMTQ1OTIzWhcNMjUwNzA3MTQ1OTIzWjAYMRYwFAYD VQQDEw02ODYyYTY0Yy03YmE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzh4fvO8aUpYTu24TR/ri5MXITxWrSMCuOWMKO6ygWWhhr8+neOSfJriZfEzq aVpcMQYC9cK6X1+A4SWN7kFxuY+/mcc6HoleWg/JCqafQokhgGBVMOFPbJ47qIL2 0Wmoz7u9iAXzE8LHOyItli6X6ZHepPfl8KzFbKZ1bVRxMpQgSRQg8vX+JRw8x0Gb 1Oi9LRyWV2CFrJzKAVPFMKb5MdCSegLnXJqT+lCvXBS0KRB38ZqzO58ktT21O/6u es2Q6h586BvgJR4yX9mZQ39XbBn3ewgVt+18uD0V/GAYs9uwMu2KGVkHDqeGCD1c SaecV0eJo6LcptYlclPwKkfbLwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFI9xvXWO weZ4ELcleqwljkfFwb9WMB8GA1UdIwQYMBaAFIbI1/tCLhUno5lEg9H53vLGCjBy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRUIxMS85RjQzNTg3RTFE OUExMUUyOUFGNkZDODcwOEIwMkNEMi9oc2pYLTBJdUZTZWptVVNEMGZuZThzWUtN SEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hzalgtMEl1RlNlam1VU0QwZm5lOHNZS01ISS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC RUIxMS85RjQzNTg3RTFEOUExMUUyOUFGNkZDODcwOEIwMkNEMi9oc2pYLTBJdUZT ZWptVVNEMGZuZThzWUtNSEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDPBuDUrLqmoHrN2E1ucQ9KHqJ7GFN/wzrd5nWNP1F62xrTrh1Jayzs a7dXEcZd/jbuyY4jqUyb3ETW7jaFrRHKoBmZoA05I2WJ0k/QnkBSjx+RL/rowUfY vOyoK06eFlBQ6tfMAnjr6ea+4XhNWSNWaBUxoSJK55eiwOFPF2ybz7fQhCNav776 9JIbe6XSa55n4iMJqhs/2EHH8bfWumDIVUuTUMZHF8pQPV8E6wvmoGVGtl+gDexj L1ceKAHEDiswpMm7JelHLmctSW/cE0KSSsEekBRX4CoaMI7ch1+v4UKvewfmnZfC 5usMeFTajz0Nb2IbldpH2qxK0CpT4zG5 -----END CERTIFICATE-----Generated at Tue Jul 1 19:25:30 2025 by rpki-client