$ rpki-client -vvf rpki.apnic.net/member_repository/A91BF28F/7DDC5A2E554711EDB47B332BC4F9AE02/hs2LQhipuaG84vrF7m3HhbAKkx0.mft File: hs2LQhipuaG84vrF7m3HhbAKkx0.mft (raw, json) Hash identifier: 7MSs8zlOOrEOFCvrh3f94RMcP6kYoFq5sWZl41NpREQ= Subject key identifier: 7E:E8:7B:0E:43:0D:96:18:54:B3:B3:89:A2:F7:41:58:9E:70:D8:7A Authority key identifier: 86:CD:8B:42:18:A9:B9:A1:BC:E2:FA:C5:EE:6D:C7:85:B0:0A:93:1D Certificate issuer: /CN=A91BF28F/serialNumber=86CD8B4218A9B9A1BCE2FAC5EE6DC785B00A931D Certificate serial: 0243 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hs2LQhipuaG84vrF7m3HhbAKkx0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BF28F/7DDC5A2E554711EDB47B332BC4F9AE02/hs2LQhipuaG84vrF7m3HhbAKkx0.mft Manifest number: 0221 Signing time: Thu 03 Jul 2025 02:31:48 +0000 Manifest this update: Thu 03 Jul 2025 02:31:47 +0000 Manifest next update: Thu 10 Jul 2025 02:31:47 +0000 Files and hashes: 1: hs2LQhipuaG84vrF7m3HhbAKkx0.crl (hash: d0kicAsr/qxKaQUaRAxrLNOSDTcpDdJLtDLpb1w4+qQ=) 2: FB9DB0B8778011EFA197A558C4F9AE02.roa (hash: bOpqrbhh4Bh4AWp/OZ52rop88bWyVMsrGceDfsrfghM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BF28F/7DDC5A2E554711EDB47B332BC4F9AE02/hs2LQhipuaG84vrF7m3HhbAKkx0.crl rsync://rpki.apnic.net/member_repository/A91BF28F/7DDC5A2E554711EDB47B332BC4F9AE02/hs2LQhipuaG84vrF7m3HhbAKkx0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hs2LQhipuaG84vrF7m3HhbAKkx0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 02:31:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 579 (0x243) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BF28F, serialNumber=86CD8B4218A9B9A1BCE2FAC5EE6DC785B00A931D Validity Not Before: Jul 3 02:31:47 2025 GMT Not After : Jul 10 02:31:47 2025 GMT Subject: CN=6865eb93-0b77 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:3b:4e:85:77:b7:ff:12:f9:a5:42:d2:bf:47: c3:9f:49:c9:a4:71:6d:a9:bb:ea:cd:7f:48:38:51: 81:ee:76:de:ba:94:11:12:dc:17:0e:73:46:0f:56: 99:ea:61:bf:7e:b0:e7:e6:af:27:af:0d:ce:bf:64: 9f:e4:3e:16:6a:5a:90:40:3b:1d:06:f1:70:4c:20: c2:67:0f:89:05:20:96:8e:73:27:5e:c7:7c:ab:7b: c9:f6:8f:01:12:ed:56:d9:b2:9a:8f:33:7e:d8:ee: ff:e4:ae:e7:fc:8f:ae:f3:2f:89:a0:49:29:ce:27: e5:46:2d:60:55:a4:75:39:d6:1d:22:e1:bb:67:74: 6a:b4:c4:82:36:1b:0c:bb:bb:f6:05:ca:66:53:3b: 18:cb:d4:d1:ed:02:fb:5b:af:e8:6a:c9:16:b2:56: db:0c:ba:12:75:45:c6:e8:cf:d9:3b:76:b1:8d:65: ac:2e:bd:c7:f8:2a:48:75:d3:48:3a:df:fc:2f:96: 7f:a0:85:00:a6:17:e9:a7:01:1c:b7:30:09:0f:76: a7:4c:ec:50:30:12:66:45:11:7f:33:d5:a9:8b:18: 0a:50:41:37:fd:cf:31:c1:51:86:e6:80:c9:f5:3e: 65:8a:8a:df:66:3a:d4:05:f5:40:e6:c1:60:15:c2: 7e:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:E8:7B:0E:43:0D:96:18:54:B3:B3:89:A2:F7:41:58:9E:70:D8:7A X509v3 Authority Key Identifier: keyid:86:CD:8B:42:18:A9:B9:A1:BC:E2:FA:C5:EE:6D:C7:85:B0:0A:93:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BF28F/7DDC5A2E554711EDB47B332BC4F9AE02/hs2LQhipuaG84vrF7m3HhbAKkx0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hs2LQhipuaG84vrF7m3HhbAKkx0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BF28F/7DDC5A2E554711EDB47B332BC4F9AE02/hs2LQhipuaG84vrF7m3HhbAKkx0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 96:13:f8:c3:77:fc:ed:77:72:0c:19:65:54:e5:15:c8:89:fe: 86:79:67:b8:2e:1a:41:aa:fd:b2:78:78:d9:b3:41:7f:5f:78: 71:6f:75:da:4f:6d:4a:da:87:7c:d0:d2:f2:53:32:fc:3d:e0: af:e0:f8:de:db:c1:a1:d4:38:9b:34:b8:79:5d:b1:e6:a4:b5: 8a:ed:b2:f6:a1:12:7e:49:e8:bf:b7:5b:02:f8:eb:e0:30:3c: 2c:69:5e:e9:03:d4:08:56:dd:cb:c2:7d:e3:ce:8e:84:be:14: af:f7:74:fb:93:65:17:91:75:87:66:08:4c:fa:2c:34:07:59: 54:fc:09:d9:e7:35:68:ce:a4:3a:6e:dc:76:98:db:30:3a:24: ed:89:62:48:af:9d:99:d8:4f:97:b3:b1:3f:27:71:c5:09:52: d6:5c:92:20:a5:ee:11:92:13:ce:0b:9f:2c:e6:d9:97:ae:7a: 35:3c:f3:93:33:cb:f4:30:7d:fb:ae:ff:74:b9:21:11:b8:2b: 3e:38:40:39:94:73:cd:72:94:e7:e6:76:06:40:3c:3d:f9:4b: fb:86:6e:f1:96:dd:a4:a3:87:8a:8a:ba:cf:90:04:a6:47:c7: b6:62:34:22:36:19:3f:a8:03:a5:88:a6:cb:78:b2:4a:af:5d: 6b:44:e0:b1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAkMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkYyOEYxMTAvBgNVBAUTKDg2Q0Q4QjQyMThBOUI5QTFCQ0UyRkFDNUVFNkRDNzg1 QjAwQTkzMUQwHhcNMjUwNzAzMDIzMTQ3WhcNMjUwNzEwMDIzMTQ3WjAYMRYwFAYD VQQDEw02ODY1ZWI5My0wYjc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArztOhXe3/xL5pULSv0fDn0nJpHFtqbvqzX9IOFGB7nbeupQREtwXDnNGD1aZ 6mG/frDn5q8nrw3Ov2Sf5D4WalqQQDsdBvFwTCDCZw+JBSCWjnMnXsd8q3vJ9o8B Eu1W2bKajzN+2O7/5K7n/I+u8y+JoEkpziflRi1gVaR1OdYdIuG7Z3RqtMSCNhsM u7v2BcpmUzsYy9TR7QL7W6/oaskWslbbDLoSdUXG6M/ZO3axjWWsLr3H+CpIddNI Ot/8L5Z/oIUAphfppwEctzAJD3anTOxQMBJmRRF/M9WpixgKUEE3/c8xwVGG5oDJ 9T5liorfZjrUBfVA5sFgFcJ+2QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH7oew5D DZYYVLOziaL3QViecNh6MB8GA1UdIwQYMBaAFIbNi0IYqbmhvOL6xe5tx4WwCpMd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRjI4Ri83RERDNUEyRTU1 NDcxMUVEQjQ3QjMzMkJDNEY5QUUwMi9oczJMUWhpcHVhRzg0dnJGN20zSGhiQUtr eDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hzMkxRaGlwdWFHODR2ckY3bTNIaGJBS2t4MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC RjI4Ri83RERDNUEyRTU1NDcxMUVEQjQ3QjMzMkJDNEY5QUUwMi9oczJMUWhpcHVh Rzg0dnJGN20zSGhiQUtreDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCWE/jDd/ztd3IMGWVU5RXIif6GeWe4LhpBqv2yeHjZs0F/X3hxb3Xa T21K2od80NLyUzL8PeCv4Pje28Gh1DibNLh5XbHmpLWK7bL2oRJ+Sei/t1sC+Ovg MDwsaV7pA9QIVt3Lwn3jzo6EvhSv93T7k2UXkXWHZghM+iw0B1lU/AnZ5zVozqQ6 btx2mNswOiTtiWJIr52Z2E+Xs7E/J3HFCVLWXJIgpe4RkhPOC58s5tmXrno1PPOT M8v0MH37rv90uSERuCs+OEA5lHPNcpTn5nYGQDw9+Uv7hm7xlt2ko4eKirrPkASm R8e2YjQiNhk/qAOliKbLeLJKr11rROCx -----END CERTIFICATE-----Generated at Fri Jul 4 07:27:32 2025 by rpki-client