$ rpki-client -vvf rpki.apnic.net/member_repository/A91D83D0/03116312AFBC11EAA961CB86C4F9AE02/HLS_2cCnMryPSmDIaUyR-DTKvBM.mft File: HLS_2cCnMryPSmDIaUyR-DTKvBM.mft (raw, json) Hash identifier: INKuaJTHCkCnbVG1lb21mWa/aEFIVFEPFqwJ0bXeqHA= Subject key identifier: 16:E0:FA:AF:00:DA:62:E4:64:34:0B:A8:54:4F:4F:11:0C:6A:23:46 Authority key identifier: 1C:B4:BF:D9:C0:A7:32:BC:8F:4A:60:C8:69:4C:91:F8:34:CA:BC:13 Certificate issuer: /CN=A91D83D0/serialNumber=1CB4BFD9C0A732BC8F4A60C8694C91F834CABC13 Certificate serial: 08F3 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HLS_2cCnMryPSmDIaUyR-DTKvBM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D83D0/03116312AFBC11EAA961CB86C4F9AE02/HLS_2cCnMryPSmDIaUyR-DTKvBM.mft Manifest number: 08EC Signing time: Wed 02 Jul 2025 20:38:45 +0000 Manifest this update: Wed 02 Jul 2025 20:38:44 +0000 Manifest next update: Wed 09 Jul 2025 20:38:44 +0000 Files and hashes: 1: HLS_2cCnMryPSmDIaUyR-DTKvBM.crl (hash: slMTWly8PWFyJJrcy+FrS0whygyxHLgYU2eCEakJE6w=) 2: 3C52563E781F11EE9787607FC4F9AE02.roa (hash: iGx2/OJLyjhg1Fasnl64EO8+YlI70PVJOH1c6PHse0Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D83D0/03116312AFBC11EAA961CB86C4F9AE02/HLS_2cCnMryPSmDIaUyR-DTKvBM.crl rsync://rpki.apnic.net/member_repository/A91D83D0/03116312AFBC11EAA961CB86C4F9AE02/HLS_2cCnMryPSmDIaUyR-DTKvBM.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HLS_2cCnMryPSmDIaUyR-DTKvBM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 20:38:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2291 (0x8f3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D83D0, serialNumber=1CB4BFD9C0A732BC8F4A60C8694C91F834CABC13 Validity Not Before: Jul 2 20:38:44 2025 GMT Not After : Jul 9 20:38:44 2025 GMT Subject: CN=686598d4-24bb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:b6:47:42:c1:51:b5:ab:c2:0e:de:c5:8e:d5: 05:4b:c2:fe:df:e7:08:09:48:f4:78:b2:d1:59:d5: 3c:a5:cc:a1:06:16:8c:b0:9a:7e:cc:f4:99:7d:2f: 07:1d:8e:06:f9:a1:53:2f:08:95:eb:01:f9:1a:6d: e5:9a:80:33:69:3a:27:4b:4b:35:e0:fa:18:51:6c: 87:22:4f:06:ab:6e:e6:a5:e8:f2:ee:a2:03:6d:39: 70:52:90:10:93:82:b0:2c:9a:9c:c3:8b:a3:e0:8a: f3:8f:50:21:d1:5d:b6:dd:4d:21:14:80:f2:3d:3e: 79:8f:2a:18:bf:c6:55:9c:77:58:70:df:93:bb:af: 2f:63:67:f4:b9:72:4c:7c:a4:16:9a:2f:34:fb:c1: 07:13:b2:29:ee:2a:37:9b:7e:53:d9:09:62:7a:81: 5b:aa:10:56:6a:21:b1:29:e8:c3:dd:bd:ca:ef:38: 8e:d9:08:ae:26:ab:6a:9a:58:2b:39:13:8c:be:aa: 6f:93:1d:9c:bf:be:5d:2a:43:22:f8:96:4e:b6:09: 3e:7f:de:0a:19:98:27:41:28:03:9c:51:8d:4e:44: 7b:f0:01:98:e6:8f:1a:63:d4:06:54:00:92:6a:9f: 60:e0:04:9f:0f:fd:09:31:a4:b1:3c:6a:1c:af:4d: cb:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:E0:FA:AF:00:DA:62:E4:64:34:0B:A8:54:4F:4F:11:0C:6A:23:46 X509v3 Authority Key Identifier: keyid:1C:B4:BF:D9:C0:A7:32:BC:8F:4A:60:C8:69:4C:91:F8:34:CA:BC:13 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D83D0/03116312AFBC11EAA961CB86C4F9AE02/HLS_2cCnMryPSmDIaUyR-DTKvBM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HLS_2cCnMryPSmDIaUyR-DTKvBM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D83D0/03116312AFBC11EAA961CB86C4F9AE02/HLS_2cCnMryPSmDIaUyR-DTKvBM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a4:3f:11:67:1a:0f:4b:d5:4a:c4:d1:cb:4b:e7:3b:4f:bb:98: aa:6b:75:dd:a8:dc:9c:b6:b6:39:85:b0:d5:b4:43:37:75:60: bc:30:20:2b:28:74:c0:2c:71:85:62:88:0a:e1:90:54:c5:de: b3:2a:cd:be:7c:e2:58:63:fc:81:c8:e2:52:15:d6:a6:21:93: a7:f3:21:d8:3c:89:94:c9:58:e2:44:4b:23:16:e6:71:7c:d8: 2f:da:ed:ee:10:53:ea:4b:5b:a6:63:95:59:aa:12:f2:92:83: 81:02:5b:0c:64:d9:d6:c3:f9:fc:36:2d:c1:ec:78:3a:b6:33: da:1e:41:35:a1:5d:c1:e1:31:47:79:df:05:43:f8:94:6e:a8: 4e:c6:16:02:d1:71:97:aa:4c:90:08:f6:b5:00:70:42:30:33: f1:6b:5e:b6:a9:f0:73:e8:e2:39:a5:ec:08:a5:79:fb:b5:78: ec:a2:87:5e:3e:41:b9:0c:d0:81:c0:f5:eb:0a:f3:e2:2b:7c: 3d:85:b2:b8:73:18:a5:c1:90:e0:2e:bb:2f:2b:53:f1:36:d7: ef:29:22:72:6c:7b:73:29:a0:ca:22:18:ef:d2:2d:1b:92:be: 16:72:52:28:19:db:a5:f1:99:60:30:60:fe:09:bd:7d:30:41: 3b:d0:44:57 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCPMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDgzRDAxMTAvBgNVBAUTKDFDQjRCRkQ5QzBBNzMyQkM4RjRBNjBDODY5NEM5MUY4 MzRDQUJDMTMwHhcNMjUwNzAyMjAzODQ0WhcNMjUwNzA5MjAzODQ0WjAYMRYwFAYD VQQDEw02ODY1OThkNC0yNGJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3rZHQsFRtavCDt7FjtUFS8L+3+cICUj0eLLRWdU8pcyhBhaMsJp+zPSZfS8H HY4G+aFTLwiV6wH5Gm3lmoAzaTonS0s14PoYUWyHIk8Gq27mpejy7qIDbTlwUpAQ k4KwLJqcw4uj4Irzj1Ah0V223U0hFIDyPT55jyoYv8ZVnHdYcN+Tu68vY2f0uXJM fKQWmi80+8EHE7Ip7io3m35T2QlieoFbqhBWaiGxKejD3b3K7ziO2QiuJqtqmlgr OROMvqpvkx2cv75dKkMi+JZOtgk+f94KGZgnQSgDnFGNTkR78AGY5o8aY9QGVACS ap9g4ASfD/0JMaSxPGocr03LZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBbg+q8A 2mLkZDQLqFRPTxEMaiNGMB8GA1UdIwQYMBaAFBy0v9nApzK8j0pgyGlMkfg0yrwT MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEODNEMC8wMzExNjMxMkFG QkMxMUVBQTk2MUNCODZDNEY5QUUwMi9ITFNfMmNDbk1yeVBTbURJYVV5Ui1EVEt2 Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0hMU18yY0NuTXJ5UFNtRElhVXlSLURUS3ZCTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE ODNEMC8wMzExNjMxMkFGQkMxMUVBQTk2MUNCODZDNEY5QUUwMi9ITFNfMmNDbk1y eVBTbURJYVV5Ui1EVEt2Qk0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCkPxFnGg9L1UrE0ctL5ztPu5iqa3XdqNyctrY5hbDVtEM3dWC8MCAr KHTALHGFYogK4ZBUxd6zKs2+fOJYY/yByOJSFdamIZOn8yHYPImUyVjiREsjFuZx fNgv2u3uEFPqS1umY5VZqhLykoOBAlsMZNnWw/n8Ni3B7Hg6tjPaHkE1oV3B4TFH ed8FQ/iUbqhOxhYC0XGXqkyQCPa1AHBCMDPxa162qfBz6OI5pewIpXn7tXjsoode PkG5DNCBwPXrCvPiK3w9hbK4cxilwZDgLrsvK1PxNtfvKSJybHtzKaDKIhjv0i0b kr4WclIoGdul8ZlgMGD+Cb19MEE70ERX -----END CERTIFICATE-----Generated at Thu Jul 3 23:14:11 2025 by rpki-client