$ rpki-client -vvf rpki.apnic.net/member_repository/A9123CA4/B7516B1089B611EE99512A6DC4F9AE02/DHxNa-htVb5Ey0rZZmbBU1GT93I.mft File: DHxNa-htVb5Ey0rZZmbBU1GT93I.mft (raw, json) Hash identifier: aIlnKGYarXz+dHFnHf+4XK/ox27JWfWMFULGSvgssdk= Subject key identifier: 23:D0:8F:27:6B:73:46:EC:D5:EA:15:F4:98:33:98:B0:2B:BF:37:BA Authority key identifier: 0C:7C:4D:6B:E8:6D:55:BE:44:CB:4A:D9:66:66:C1:53:51:93:F7:72 Certificate issuer: /CN=A9123CA4/serialNumber=0C7C4D6BE86D55BE44CB4AD96666C1535193F772 Certificate serial: 012E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DHxNa-htVb5Ey0rZZmbBU1GT93I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9123CA4/B7516B1089B611EE99512A6DC4F9AE02/DHxNa-htVb5Ey0rZZmbBU1GT93I.mft Manifest number: 012A Signing time: Sun 15 Jun 2025 03:51:20 +0000 Manifest this update: Sun 15 Jun 2025 03:51:20 +0000 Manifest next update: Sun 22 Jun 2025 03:51:20 +0000 Files and hashes: 1: DHxNa-htVb5Ey0rZZmbBU1GT93I.crl (hash: u14fpJ1ts9iwNEN5WcoZnfWnsOtJpvGHI7ispfkjfSo=) 2: 300438B6C03511EFA42E9085C4F9AE02.roa (hash: vfKxgRyaFVDrpAYeeSphpPYjXOMfsg5HY/hQjECiMtA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9123CA4/B7516B1089B611EE99512A6DC4F9AE02/DHxNa-htVb5Ey0rZZmbBU1GT93I.crl rsync://rpki.apnic.net/member_repository/A9123CA4/B7516B1089B611EE99512A6DC4F9AE02/DHxNa-htVb5Ey0rZZmbBU1GT93I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DHxNa-htVb5Ey0rZZmbBU1GT93I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Jun 2025 02:50:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 302 (0x12e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9123CA4, serialNumber=0C7C4D6BE86D55BE44CB4AD96666C1535193F772 Validity Not Before: Jun 15 03:51:20 2025 GMT Not After : Jun 22 03:51:20 2025 GMT Subject: CN=684e4338-9866 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:3f:33:f6:31:b1:2e:ef:5c:96:dc:32:2b:04: c9:bc:01:f1:86:21:46:28:d7:27:7c:fd:e8:9c:1b: 7e:17:ec:c4:10:1f:2c:81:3c:d6:21:ed:ef:e1:8c: 12:67:18:4f:57:9e:14:71:91:a2:2d:9c:2b:d9:9e: 75:b9:82:6c:27:ca:46:f4:b6:3c:64:8f:85:3c:f3: 95:0c:9c:36:ca:c9:ee:c5:10:74:46:71:7f:e5:4c: 6c:54:af:f0:f1:c7:cf:80:71:74:25:d6:30:ad:c2: f5:1b:42:a1:45:ff:26:65:65:c5:ae:f0:50:da:e5: 7d:77:f0:09:fd:84:b2:83:29:5a:d8:01:7b:0c:57: a7:1f:b8:8d:fc:b7:5d:dc:24:cf:15:94:f5:21:ea: f2:30:7a:ec:cd:e1:51:09:e7:8a:83:33:41:ed:fa: 0b:74:4a:8f:14:f8:c9:a9:54:05:23:61:a5:f1:4d: 39:05:c0:e3:1f:4d:e9:d3:57:84:63:d7:7d:19:1a: 43:0f:6d:7f:12:28:76:88:f4:15:4b:f1:1e:53:08: 91:27:f2:49:f9:dc:ee:7d:ad:3f:94:b8:82:f4:c0: de:bf:e4:ae:b4:c8:63:fe:c8:c4:70:b9:25:9d:66: 3b:f5:fb:f2:05:48:00:b2:6f:29:23:0b:65:5a:26: 93:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:D0:8F:27:6B:73:46:EC:D5:EA:15:F4:98:33:98:B0:2B:BF:37:BA X509v3 Authority Key Identifier: keyid:0C:7C:4D:6B:E8:6D:55:BE:44:CB:4A:D9:66:66:C1:53:51:93:F7:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9123CA4/B7516B1089B611EE99512A6DC4F9AE02/DHxNa-htVb5Ey0rZZmbBU1GT93I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DHxNa-htVb5Ey0rZZmbBU1GT93I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9123CA4/B7516B1089B611EE99512A6DC4F9AE02/DHxNa-htVb5Ey0rZZmbBU1GT93I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9f:01:ff:c9:be:5c:4e:47:e6:bc:0f:5c:4a:40:3a:ac:c3:77: bd:f1:83:1b:33:8b:54:03:56:65:c0:0d:f4:7a:d3:08:a7:12: f2:94:60:28:00:a0:90:8a:95:8f:f6:18:9d:c8:9f:5c:34:42: e3:8c:c0:ad:9f:67:0b:64:02:71:c1:97:62:16:ff:5b:00:c1: 0e:b2:e4:7d:3a:b0:fc:60:cd:c4:94:51:eb:69:df:78:67:d8: 9c:19:1a:9b:ff:2f:32:4b:67:65:0a:74:76:fc:be:ce:10:0d: a4:03:fd:18:15:90:cb:32:99:ed:0f:98:fc:31:c4:21:05:c7: 73:a1:95:7a:1f:62:3b:be:ba:f5:22:ed:05:02:bf:f9:37:f1: 13:87:5d:ea:a6:a7:b7:d6:7a:4b:a7:6d:91:3a:28:46:41:ed: b6:bf:59:27:ef:c3:8b:c7:82:f8:fe:89:c5:f1:cf:db:fd:bf: 02:0a:0b:04:98:70:11:a0:eb:af:15:84:4d:82:42:7e:a5:7c: 82:82:70:38:e7:31:8d:dc:e0:23:be:5a:f9:72:dd:1a:6a:25: 6a:8d:ce:9e:47:05:7e:48:d1:b3:9a:cc:00:6f:67:c1:61:b7: 85:14:8a:48:9b:40:ea:00:a8:e6:b3:e8:71:fa:2e:6e:3a:6c: 44:c3:f1:af -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAS4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjNDQTQxMTAvBgNVBAUTKDBDN0M0RDZCRTg2RDU1QkU0NENCNEFEOTY2NjZDMTUz NTE5M0Y3NzIwHhcNMjUwNjE1MDM1MTIwWhcNMjUwNjIyMDM1MTIwWjAYMRYwFAYD VQQDEw02ODRlNDMzOC05ODY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvT8z9jGxLu9cltwyKwTJvAHxhiFGKNcnfP3onBt+F+zEEB8sgTzWIe3v4YwS ZxhPV54UcZGiLZwr2Z51uYJsJ8pG9LY8ZI+FPPOVDJw2ysnuxRB0RnF/5UxsVK/w 8cfPgHF0JdYwrcL1G0KhRf8mZWXFrvBQ2uV9d/AJ/YSygyla2AF7DFenH7iN/Ldd 3CTPFZT1IeryMHrszeFRCeeKgzNB7foLdEqPFPjJqVQFI2Gl8U05BcDjH03p01eE Y9d9GRpDD21/Eih2iPQVS/EeUwiRJ/JJ+dzufa0/lLiC9MDev+SutMhj/sjEcLkl nWY79fvyBUgAsm8pIwtlWiaTQwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCPQjydr c0bs1eoV9JgzmLArvze6MB8GA1UdIwQYMBaAFAx8TWvobVW+RMtK2WZmwVNRk/dy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyM0NBNC9CNzUxNkIxMDg5 QjYxMUVFOTk1MTJBNkRDNEY5QUUwMi9ESHhOYS1odFZiNUV5MHJaWm1iQlUxR1Q5 M0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0RIeE5hLWh0VmI1RXkwclpabWJCVTFHVDkzSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy M0NBNC9CNzUxNkIxMDg5QjYxMUVFOTk1MTJBNkRDNEY5QUUwMi9ESHhOYS1odFZi NUV5MHJaWm1iQlUxR1Q5M0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCfAf/JvlxOR+a8D1xKQDqsw3e98YMbM4tUA1ZlwA30etMIpxLylGAo AKCQipWP9hidyJ9cNELjjMCtn2cLZAJxwZdiFv9bAMEOsuR9OrD8YM3ElFHrad94 Z9icGRqb/y8yS2dlCnR2/L7OEA2kA/0YFZDLMpntD5j8McQhBcdzoZV6H2I7vrr1 Iu0FAr/5N/ETh13qpqe31npLp22ROihGQe22v1kn78OLx4L4/onF8c/b/b8CCgsE mHARoOuvFYRNgkJ+pXyCgnA45zGN3OAjvlr5ct0aaiVqjc6eRwV+SNGzmswAb2fB YbeFFIpIm0DqAKjms+hx+i5uOmxEw/Gv -----END CERTIFICATE-----Generated at Sun Jun 15 08:34:05 2025 by rpki-client