$ rpki-client -vvf rpki.apnic.net/member_repository/A91D0B6B/7EC0076CFE3F11EF8FA27752C4F9AE02/hXm-LYNFaC8nrucGK71O92ZOVxs.mft File: hXm-LYNFaC8nrucGK71O92ZOVxs.mft (raw, json) Hash identifier: UWhjDYew3f/VQFXxN4XgYCFpEy7hVYm1Pzvn59WZgnw= Subject key identifier: 3E:2C:D7:3C:58:93:AE:C8:DA:7A:49:89:F5:98:32:B0:2E:C9:74:16 Authority key identifier: 85:79:BE:2D:83:45:68:2F:27:AE:E7:06:2B:BD:4E:F7:66:4E:57:1B Certificate issuer: /CN=A91D0B6B/serialNumber=8579BE2D8345682F27AEE7062BBD4EF7664E571B Certificate serial: 3F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hXm-LYNFaC8nrucGK71O92ZOVxs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D0B6B/7EC0076CFE3F11EF8FA27752C4F9AE02/hXm-LYNFaC8nrucGK71O92ZOVxs.mft Manifest number: 3E Signing time: Thu 03 Jul 2025 07:47:09 +0000 Manifest this update: Thu 03 Jul 2025 07:47:09 +0000 Manifest next update: Thu 10 Jul 2025 07:47:09 +0000 Files and hashes: 1: hXm-LYNFaC8nrucGK71O92ZOVxs.crl (hash: TlTdczi84TjdpjoJ3I0m+mFXVhAmvWFJR7CzT/z+Whc=) 2: 73DC435A39F511F09F296862C4F9AE02.roa (hash: v8UVd7Qbh3NtEsQhX1pG9Dfe5py3W8ZuLzV2zz17/Cc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D0B6B/7EC0076CFE3F11EF8FA27752C4F9AE02/hXm-LYNFaC8nrucGK71O92ZOVxs.crl rsync://rpki.apnic.net/member_repository/A91D0B6B/7EC0076CFE3F11EF8FA27752C4F9AE02/hXm-LYNFaC8nrucGK71O92ZOVxs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hXm-LYNFaC8nrucGK71O92ZOVxs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63 (0x3f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D0B6B, serialNumber=8579BE2D8345682F27AEE7062BBD4EF7664E571B Validity Not Before: Jul 3 07:47:09 2025 GMT Not After : Jul 10 07:47:09 2025 GMT Subject: CN=6866357d-1204 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:5d:f0:89:b2:e1:1b:3b:06:47:e2:26:4a:2a: 2e:a5:75:dc:b9:94:07:a2:0a:60:d5:a0:07:79:b9: 15:75:71:22:c4:22:e8:83:81:23:18:f3:8d:e2:a7: 3b:12:26:69:09:9d:ff:dd:b8:9d:3e:4f:6d:46:74: ba:e5:80:5e:48:5d:9b:8d:7c:b8:5a:cd:c4:6a:c3: ec:d7:e8:49:17:97:23:c0:4d:78:57:a7:36:7e:f2: 6a:a6:e8:1b:49:ca:c4:56:ef:81:be:30:93:e0:df: 81:67:8f:a2:d0:f4:c4:95:dc:9d:b8:68:65:0b:c0: fa:99:bf:02:9b:c1:38:1b:90:63:fa:bd:08:96:f8: 17:35:b3:a5:86:2e:49:22:b3:8b:60:dc:8c:21:b4: 04:21:c7:d2:48:75:b0:62:93:a8:8b:c6:46:8f:ad: 4e:4d:01:6c:e3:85:fa:d5:5b:d1:91:d9:74:40:c3: 52:c3:fd:1a:0a:59:d4:7b:cc:eb:2d:93:c8:f2:7b: 5f:3c:cd:38:bc:59:13:98:7b:5f:22:63:fd:d2:9f: 4e:f6:cf:93:76:3d:07:d5:84:2a:30:e3:86:d2:ce: 31:71:ed:a0:9b:85:2b:bc:36:a2:d8:69:7c:dc:0d: 5f:16:ff:99:df:ea:3b:9d:82:3a:9a:a7:f8:ca:ee: a2:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:2C:D7:3C:58:93:AE:C8:DA:7A:49:89:F5:98:32:B0:2E:C9:74:16 X509v3 Authority Key Identifier: keyid:85:79:BE:2D:83:45:68:2F:27:AE:E7:06:2B:BD:4E:F7:66:4E:57:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D0B6B/7EC0076CFE3F11EF8FA27752C4F9AE02/hXm-LYNFaC8nrucGK71O92ZOVxs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hXm-LYNFaC8nrucGK71O92ZOVxs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D0B6B/7EC0076CFE3F11EF8FA27752C4F9AE02/hXm-LYNFaC8nrucGK71O92ZOVxs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 72:fe:e1:5b:f8:a7:23:c3:64:ae:df:cc:ca:b9:0f:f6:87:81: 42:df:49:16:ce:88:af:39:57:72:a0:45:8f:af:6f:9f:14:49: bf:ad:d7:f7:be:a7:e3:93:db:17:08:d4:16:a9:8a:62:84:2a: 4d:4d:ea:9c:79:67:35:91:0e:81:59:9f:5d:0d:57:1f:af:04: e1:19:82:1d:4d:fb:d7:1c:d2:f2:da:ea:dc:3a:21:c3:a4:a0: 8c:64:76:11:54:3f:1b:e7:71:7c:5b:a6:19:ff:9f:d2:e8:e6: 15:53:c5:d9:53:87:61:d6:94:66:af:97:b7:06:65:05:bf:4f: 5a:73:47:87:f3:4d:4d:f9:9a:28:5d:50:5f:3f:3e:6f:ad:74: 3a:49:bd:18:db:f7:2e:52:35:d7:4b:dc:c1:94:e6:09:50:ea: bc:11:c7:a0:a3:73:9e:ca:7a:72:ad:a6:6a:86:72:04:01:f9: 90:0b:30:ee:a5:ab:7e:69:18:db:93:29:4b:be:41:52:16:f6: 15:8d:13:fa:19:01:cc:d8:cc:36:e1:cd:cc:dc:69:e8:71:d1: f0:3c:85:98:8a:e4:3b:2d:25:48:a6:ad:0f:19:36:e8:63:54: 5f:6e:09:26:bc:a2:47:9f:85:32:4f:9b:00:d0:3e:a4:ac:f8: c4:af:70:e5 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBPzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE MEI2QjExMC8GA1UEBRMoODU3OUJFMkQ4MzQ1NjgyRjI3QUVFNzA2MkJCRDRFRjc2 NjRFNTcxQjAeFw0yNTA3MDMwNzQ3MDlaFw0yNTA3MTAwNzQ3MDlaMBgxFjAUBgNV BAMTDTY4NjYzNTdkLTEyMDQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC6XfCJsuEbOwZH4iZKKi6lddy5lAeiCmDVoAd5uRV1cSLEIuiDgSMY843ipzsS JmkJnf/duJ0+T21GdLrlgF5IXZuNfLhazcRqw+zX6EkXlyPATXhXpzZ+8mqm6BtJ ysRW74G+MJPg34Fnj6LQ9MSV3J24aGULwPqZvwKbwTgbkGP6vQiW+Bc1s6WGLkki s4tg3IwhtAQhx9JIdbBik6iLxkaPrU5NAWzjhfrVW9GR2XRAw1LD/RoKWdR7zOst k8jye188zTi8WROYe18iY/3Sn072z5N2PQfVhCow44bSzjFx7aCbhSu8NqLYaXzc DV8W/5nf6judgjqap/jK7qJlAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUPizXPFiT rsjaekmJ9ZgysC7JdBYwHwYDVR0jBBgwFoAUhXm+LYNFaC8nrucGK71O92ZOVxsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQwQjZCLzdFQzAwNzZDRkUz RjExRUY4RkEyNzc1MkM0RjlBRTAyL2hYbS1MWU5GYUM4bnJ1Y0dLNzFPOTJaT1Z4 cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaFhtLUxZTkZhQzhucnVjR0s3MU85MlpPVnhzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQw QjZCLzdFQzAwNzZDRkUzRjExRUY4RkEyNzc1MkM0RjlBRTAyL2hYbS1MWU5GYUM4 bnJ1Y0dLNzFPOTJaT1Z4cy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHL+4Vv4pyPDZK7fzMq5D/aHgULfSRbOiK85V3KgRY+vb58USb+t1/e+ p+OT2xcI1BapimKEKk1N6px5ZzWRDoFZn10NVx+vBOEZgh1N+9cc0vLa6tw6IcOk oIxkdhFUPxvncXxbphn/n9Lo5hVTxdlTh2HWlGavl7cGZQW/T1pzR4fzTU35mihd UF8/Pm+tdDpJvRjb9y5SNddL3MGU5glQ6rwRx6Cjc57KenKtpmqGcgQB+ZALMO6l q35pGNuTKUu+QVIW9hWNE/oZAczYzDbhzczcaehx0fA8hZiK5DstJUimrQ8ZNuhj VF9uCSa8okefhTJPmwDQPqSs+MSvcOU= -----END CERTIFICATE-----Generated at Fri Jul 4 00:30:52 2025 by rpki-client