$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2CA8/870322581D9A11E2AA86C28708B02CD2/HnUsPRYEjD8_YyPSuRBwvyR9aGY.mft File: HnUsPRYEjD8_YyPSuRBwvyR9aGY.mft (raw, json) Hash identifier: /7j3B/hYPj39ApSPUtaVpmINesuI0QT/V/g6tnag8Bc= Subject key identifier: 11:19:52:D9:92:15:70:4E:83:1B:BB:75:1B:DB:48:05:7C:74:41:EA Authority key identifier: 1E:75:2C:3D:16:04:8C:3F:3F:63:23:D2:B9:10:70:BF:24:7D:68:66 Certificate issuer: /CN=A91F2CA8/serialNumber=1E752C3D16048C3F3F6323D2B91070BF247D6866 Certificate serial: 34B0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HnUsPRYEjD8_YyPSuRBwvyR9aGY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F2CA8/870322581D9A11E2AA86C28708B02CD2/HnUsPRYEjD8_YyPSuRBwvyR9aGY.mft Manifest number: 34A5 Signing time: Mon 30 Jun 2025 14:59:17 +0000 Manifest this update: Mon 30 Jun 2025 14:59:17 +0000 Manifest next update: Mon 07 Jul 2025 14:59:17 +0000 Files and hashes: 1: HnUsPRYEjD8_YyPSuRBwvyR9aGY.crl (hash: 0Rpxd+zLhesxjTB3y7mbblD3IG3buMS0MW7P70Q8ovk=) 2: 08FA1EC60C0911EDBDF8C44FC4F9AE02.roa (hash: alhBAf8jvRhFefsbDXOa8VjrZGUtci5WGYLgfA9nSPA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F2CA8/870322581D9A11E2AA86C28708B02CD2/HnUsPRYEjD8_YyPSuRBwvyR9aGY.crl rsync://rpki.apnic.net/member_repository/A91F2CA8/870322581D9A11E2AA86C28708B02CD2/HnUsPRYEjD8_YyPSuRBwvyR9aGY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HnUsPRYEjD8_YyPSuRBwvyR9aGY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 14:59:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13488 (0x34b0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F2CA8, serialNumber=1E752C3D16048C3F3F6323D2B91070BF247D6866 Validity Not Before: Jun 30 14:59:17 2025 GMT Not After : Jul 7 14:59:17 2025 GMT Subject: CN=6862a645-f8eb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:c2:74:e6:cf:b0:91:ba:f5:18:04:65:dc:96: 27:7a:05:05:c1:5f:23:19:60:19:f0:e4:ea:16:f3: b1:f7:14:6e:a5:ba:7d:e4:93:84:0b:41:bb:bb:33: 6e:ec:1c:21:72:f8:89:40:61:66:9c:90:08:96:b0: 0c:ba:26:77:11:1c:1c:af:7b:55:ed:2c:0b:3f:8b: 14:5e:0d:10:0d:af:12:19:55:53:4b:0b:1d:75:1d: cf:40:ad:ff:ca:7c:04:8a:85:01:da:05:4b:85:4f: 74:2b:e6:28:53:c0:e6:1d:47:cb:60:73:f1:95:6a: 13:a8:fd:66:e9:ab:47:5a:c1:c5:fd:75:eb:77:57: cc:9a:2d:96:78:1a:5a:2c:30:6b:30:1b:5c:09:28: 64:9e:21:60:d0:5f:2b:c8:2b:37:2a:fb:4f:d8:91: 3e:13:46:1f:e1:aa:7a:42:51:58:9f:08:3d:d7:bd: f2:b5:04:0c:23:83:6c:10:3c:82:53:75:2e:d7:13: 77:9d:dd:71:51:0e:09:41:ef:97:4e:0c:e7:2d:77: 59:3c:74:66:4f:5c:c8:03:01:a8:42:72:f2:bd:ff: 29:2d:90:49:6e:5f:c5:d1:35:e7:02:34:1a:d3:0c: 8d:b4:4e:4c:b6:81:84:97:20:94:73:67:55:73:6a: ba:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:19:52:D9:92:15:70:4E:83:1B:BB:75:1B:DB:48:05:7C:74:41:EA X509v3 Authority Key Identifier: keyid:1E:75:2C:3D:16:04:8C:3F:3F:63:23:D2:B9:10:70:BF:24:7D:68:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F2CA8/870322581D9A11E2AA86C28708B02CD2/HnUsPRYEjD8_YyPSuRBwvyR9aGY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HnUsPRYEjD8_YyPSuRBwvyR9aGY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2CA8/870322581D9A11E2AA86C28708B02CD2/HnUsPRYEjD8_YyPSuRBwvyR9aGY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 14:d2:2c:5a:d6:b8:91:7c:e9:3b:a5:01:17:2b:dd:dd:07:5e: 6f:f3:64:01:37:91:ae:fc:5e:d3:74:60:04:a5:00:3f:7e:20: 5d:1b:b4:cc:c6:82:43:6d:8e:85:6c:01:15:bf:c8:b3:ae:13: 24:7d:06:37:ce:87:b1:35:ba:94:df:df:71:f3:98:4c:0f:cd: c1:b3:59:2a:aa:1a:4b:47:e6:94:ec:45:bc:ba:d3:dc:3d:41: fe:6a:eb:25:d1:42:c3:90:35:19:7b:80:5a:0d:17:8c:e7:35: a9:ac:e2:f8:24:db:6f:88:5c:57:7a:21:99:f8:11:63:de:85: ba:ff:25:22:15:5f:6a:0b:06:84:fa:90:c2:92:22:a0:38:cd: 8e:08:94:71:45:8d:7d:72:6d:20:1f:62:7c:d2:b4:df:cd:5a: 5b:7f:f8:de:df:3f:88:04:5e:fd:73:34:22:b0:33:6f:ce:ae: d6:50:a4:56:f5:22:07:eb:9b:2a:d2:3f:0b:ca:65:6d:3e:c4: 30:88:ab:64:49:b1:f2:a5:f1:d4:9b:49:41:c2:2c:ce:87:69: 58:da:dc:49:2b:e1:ed:2a:ae:37:ac:39:6f:d1:80:50:15:c5: 96:c1:2a:ad:23:94:1a:6f:f0:7f:85:5e:79:38:c6:64:38:8b: ae:83:f1:80 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNLAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjJDQTgxMTAvBgNVBAUTKDFFNzUyQzNEMTYwNDhDM0YzRjYzMjNEMkI5MTA3MEJG MjQ3RDY4NjYwHhcNMjUwNjMwMTQ1OTE3WhcNMjUwNzA3MTQ1OTE3WjAYMRYwFAYD VQQDEw02ODYyYTY0NS1mOGViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxsJ05s+wkbr1GARl3JYnegUFwV8jGWAZ8OTqFvOx9xRupbp95JOEC0G7uzNu 7BwhcviJQGFmnJAIlrAMuiZ3ERwcr3tV7SwLP4sUXg0QDa8SGVVTSwsddR3PQK3/ ynwEioUB2gVLhU90K+YoU8DmHUfLYHPxlWoTqP1m6atHWsHF/XXrd1fMmi2WeBpa LDBrMBtcCShkniFg0F8ryCs3KvtP2JE+E0Yf4ap6QlFYnwg9173ytQQMI4NsEDyC U3Uu1xN3nd1xUQ4JQe+XTgznLXdZPHRmT1zIAwGoQnLyvf8pLZBJbl/F0TXnAjQa 0wyNtE5MtoGElyCUc2dVc2q6TwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBEZUtmS FXBOgxu7dRvbSAV8dEHqMB8GA1UdIwQYMBaAFB51LD0WBIw/P2Mj0rkQcL8kfWhm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMkNBOC84NzAzMjI1ODFE OUExMUUyQUE4NkMyODcwOEIwMkNEMi9IblVzUFJZRWpEOF9ZeVBTdVJCd3Z5Ujlh R1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0huVXNQUllFakQ4X1l5UFN1UkJ3dnlSOWFHWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MkNBOC84NzAzMjI1ODFEOUExMUUyQUE4NkMyODcwOEIwMkNEMi9IblVzUFJZRWpE OF9ZeVBTdVJCd3Z5UjlhR1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAU0ixa1riRfOk7pQEXK93dB15v82QBN5Gu/F7TdGAEpQA/fiBdG7TM xoJDbY6FbAEVv8izrhMkfQY3zoexNbqU399x85hMD83Bs1kqqhpLR+aU7EW8utPc PUH+ausl0ULDkDUZe4BaDReM5zWprOL4JNtviFxXeiGZ+BFj3oW6/yUiFV9qCwaE +pDCkiKgOM2OCJRxRY19cm0gH2J80rTfzVpbf/je3z+IBF79czQisDNvzq7WUKRW 9SIH65sq0j8LymVtPsQwiKtkSbHypfHUm0lBwizOh2lY2txJK+HtKq43rDlv0YBQ FcWWwSqtI5Qab/B/hV55OMZkOIuug/GA -----END CERTIFICATE-----Generated at Tue Jul 1 16:04:27 2025 by rpki-client