$ rpki-client -vvf rpki.apnic.net/member_repository/A91E1D77/4B6427E2ABF911EA88AAE32CC4F9AE02/hsI8F7xNIO4W8JLTWiz2VU_scRk.mft File: hsI8F7xNIO4W8JLTWiz2VU_scRk.mft (raw, json) Hash identifier: eYajhlGbVWkgppkj9+zh8gG/aQOELHiIh3H6tFeGPs0= Subject key identifier: 3D:E6:A2:10:1C:3F:AB:E7:39:2A:47:4F:A2:11:67:24:17:1B:2F:88 Authority key identifier: 86:C2:3C:17:BC:4D:20:EE:16:F0:92:D3:5A:2C:F6:55:4F:EC:71:19 Certificate issuer: /CN=A91E1D77/serialNumber=86C23C17BC4D20EE16F092D35A2CF6554FEC7119 Certificate serial: 0907 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hsI8F7xNIO4W8JLTWiz2VU_scRk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E1D77/4B6427E2ABF911EA88AAE32CC4F9AE02/hsI8F7xNIO4W8JLTWiz2VU_scRk.mft Manifest number: 08FE Signing time: Mon 30 Jun 2025 20:32:00 +0000 Manifest this update: Mon 30 Jun 2025 20:32:00 +0000 Manifest next update: Mon 07 Jul 2025 20:32:00 +0000 Files and hashes: 1: hsI8F7xNIO4W8JLTWiz2VU_scRk.crl (hash: TghjJdm2xnMk/mEzBctcj9zvK6ksMKCeAJQw7SMEu5M=) 2: E6FD5EBCBA3A11EBA9482F5AC4F9AE02.roa (hash: Do71l71FTiixHCCIPeakkaaBf4R9F2qJdYWGM64Ufb8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E1D77/4B6427E2ABF911EA88AAE32CC4F9AE02/hsI8F7xNIO4W8JLTWiz2VU_scRk.crl rsync://rpki.apnic.net/member_repository/A91E1D77/4B6427E2ABF911EA88AAE32CC4F9AE02/hsI8F7xNIO4W8JLTWiz2VU_scRk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hsI8F7xNIO4W8JLTWiz2VU_scRk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 20:31:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2311 (0x907) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E1D77, serialNumber=86C23C17BC4D20EE16F092D35A2CF6554FEC7119 Validity Not Before: Jun 30 20:32:00 2025 GMT Not After : Jul 7 20:32:00 2025 GMT Subject: CN=6862f440-cf84 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:9f:17:79:e4:64:da:c6:e9:45:d0:20:7f:dd: 70:26:33:3f:46:18:27:45:92:32:e7:6b:b4:af:56: b3:ea:d6:c1:07:f5:9c:da:a1:1c:4f:e9:ba:ea:c5: 60:a4:6d:99:5a:33:38:48:e5:66:4d:21:52:a0:d6: 67:e8:d4:45:0d:b5:20:38:88:08:59:92:c9:a7:12: 3a:6a:2f:24:7b:0b:d3:43:6e:b3:6e:16:04:e1:48: 87:3a:66:45:6f:2c:61:00:14:d7:c2:ec:72:07:ff: 42:72:f5:c7:ac:c9:6d:a7:ff:ac:4a:e0:97:4c:1d: 3a:34:16:2c:5d:75:87:b0:9f:19:93:4f:b9:1b:5e: 54:d5:44:f2:01:bf:92:b7:cc:6d:79:30:49:f5:b5: 3d:46:3d:3d:52:af:ae:a9:b5:db:7a:1f:ef:30:29: df:9a:e3:51:e5:75:86:1b:a9:44:1e:23:22:92:fd: ee:11:9d:fb:c0:92:32:fa:9c:75:24:67:fa:36:3e: cc:a6:e9:8a:f8:b8:b8:08:9c:d1:95:86:69:b7:61: 4a:b6:33:b5:fc:87:7c:90:02:3b:d9:6d:7f:96:ea: 1b:9f:ba:3e:34:04:8a:33:2e:a2:2b:ec:10:cc:36: df:f6:3a:ab:ef:0d:6d:fd:f5:06:45:48:2e:df:39: dc:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:E6:A2:10:1C:3F:AB:E7:39:2A:47:4F:A2:11:67:24:17:1B:2F:88 X509v3 Authority Key Identifier: keyid:86:C2:3C:17:BC:4D:20:EE:16:F0:92:D3:5A:2C:F6:55:4F:EC:71:19 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E1D77/4B6427E2ABF911EA88AAE32CC4F9AE02/hsI8F7xNIO4W8JLTWiz2VU_scRk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hsI8F7xNIO4W8JLTWiz2VU_scRk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E1D77/4B6427E2ABF911EA88AAE32CC4F9AE02/hsI8F7xNIO4W8JLTWiz2VU_scRk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 99:a1:a9:8c:88:b0:e0:58:04:b6:99:ed:63:02:e4:62:a8:7a: b9:83:81:d0:a7:7d:ff:a7:7f:e4:4e:9c:92:2c:c8:9e:dd:55: 78:78:ce:d3:be:75:ef:56:04:89:47:af:50:85:ef:06:3b:52: 8a:eb:73:66:ba:c1:45:80:1e:51:d0:29:c5:c6:cd:1e:8f:95: 95:ab:8c:97:2a:b9:1f:36:4d:00:2d:06:ac:61:03:ea:62:aa: 08:c4:09:4e:ec:ec:20:ce:92:c6:8b:21:61:74:96:82:33:3b: ce:1c:42:19:be:b6:12:8d:88:24:97:38:dd:95:f7:d9:f2:30: 9a:86:fe:f9:da:8c:3b:36:13:9d:ac:77:3b:1a:e3:13:ce:7e: d2:02:59:f9:bc:24:ea:0a:2e:0d:3c:e9:42:7b:5d:cd:24:d7: a7:5f:96:78:21:80:a4:cd:a4:2b:51:5f:a5:da:8b:88:79:08: 64:1e:26:aa:ba:ad:55:97:d8:7d:33:14:dc:8d:da:da:39:2f: b5:af:6d:93:fe:6c:6d:57:3a:c4:d2:7b:51:33:8a:2c:2a:c4: 47:46:0e:fa:30:2a:7f:fb:d7:c8:ef:df:6b:ba:e1:91:6e:a2: d0:7d:5c:4a:90:b8:ac:bf:e3:55:fa:0e:01:38:4d:c7:16:58: 07:e9:f3:be -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCQcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTFENzcxMTAvBgNVBAUTKDg2QzIzQzE3QkM0RDIwRUUxNkYwOTJEMzVBMkNGNjU1 NEZFQzcxMTkwHhcNMjUwNjMwMjAzMjAwWhcNMjUwNzA3MjAzMjAwWjAYMRYwFAYD VQQDEw02ODYyZjQ0MC1jZjg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzJ8XeeRk2sbpRdAgf91wJjM/RhgnRZIy52u0r1az6tbBB/Wc2qEcT+m66sVg pG2ZWjM4SOVmTSFSoNZn6NRFDbUgOIgIWZLJpxI6ai8kewvTQ26zbhYE4UiHOmZF byxhABTXwuxyB/9CcvXHrMltp/+sSuCXTB06NBYsXXWHsJ8Zk0+5G15U1UTyAb+S t8xteTBJ9bU9Rj09Uq+uqbXbeh/vMCnfmuNR5XWGG6lEHiMikv3uEZ37wJIy+px1 JGf6Nj7MpumK+Li4CJzRlYZpt2FKtjO1/Id8kAI72W1/luobn7o+NASKMy6iK+wQ zDbf9jqr7w1t/fUGRUgu3zncjwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD3mohAc P6vnOSpHT6IRZyQXGy+IMB8GA1UdIwQYMBaAFIbCPBe8TSDuFvCS01os9lVP7HEZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMUQ3Ny80QjY0MjdFMkFC RjkxMUVBODhBQUUzMkNDNEY5QUUwMi9oc0k4Rjd4TklPNFc4SkxUV2l6MlZVX3Nj UmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hzSThGN3hOSU80VzhKTFRXaXoyVlVfc2NSay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MUQ3Ny80QjY0MjdFMkFCRjkxMUVBODhBQUUzMkNDNEY5QUUwMi9oc0k4Rjd4TklP NFc4SkxUV2l6MlZVX3NjUmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCZoamMiLDgWAS2me1jAuRiqHq5g4HQp33/p3/kTpySLMie3VV4eM7T vnXvVgSJR69Qhe8GO1KK63NmusFFgB5R0CnFxs0ej5WVq4yXKrkfNk0ALQasYQPq YqoIxAlO7OwgzpLGiyFhdJaCMzvOHEIZvrYSjYgklzjdlffZ8jCahv752ow7NhOd rHc7GuMTzn7SAln5vCTqCi4NPOlCe13NJNenX5Z4IYCkzaQrUV+l2ouIeQhkHiaq uq1Vl9h9MxTcjdraOS+1r22T/mxtVzrE0ntRM4osKsRHRg76MCp/+9fI799ruuGR bqLQfVxKkLisv+NV+g4BOE3HFlgH6fO+ -----END CERTIFICATE-----Generated at Tue Jul 1 11:04:48 2025 by rpki-client