$ rpki-client -vvf rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.mft File: hfK68bffHaqMiKtsXnjB_MP3jQg.mft (raw, json) Hash identifier: lKFJPPSvBCMlNaMUtmKc7skqyoVuhYziCvexUSoKCC4= Subject key identifier: 09:CA:49:D1:3A:C5:11:E4:A2:57:4C:19:B1:98:00:37:8B:68:2B:29 Authority key identifier: 85:F2:BA:F1:B7:DF:1D:AA:8C:88:AB:6C:5E:78:C1:FC:C3:F7:8D:08 Certificate issuer: /CN=A91342C5/serialNumber=85F2BAF1B7DF1DAA8C88AB6C5E78C1FCC3F78D08 Certificate serial: 03B1 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hfK68bffHaqMiKtsXnjB_MP3jQg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.mft Manifest number: 03A1 Signing time: Thu 19 Jun 2025 00:41:03 +0000 Manifest this update: Thu 19 Jun 2025 00:41:03 +0000 Manifest next update: Thu 26 Jun 2025 00:41:03 +0000 Files and hashes: 1: hfK68bffHaqMiKtsXnjB_MP3jQg.crl (hash: +0eZ99+MDKlvlIWNO5QOqk6CmQKXHJtEB3O6UJnicl4=) 2: A7FBA00E778811EDAE39280CC4F9AE02.roa (hash: A66Rcwdstkb/5EinIJWrWOuekP0qJLH5hk4F7NZimSw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.crl rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hfK68bffHaqMiKtsXnjB_MP3jQg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 26 Jun 2025 00:41:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 945 (0x3b1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91342C5, serialNumber=85F2BAF1B7DF1DAA8C88AB6C5E78C1FCC3F78D08 Validity Not Before: Jun 19 00:41:03 2025 GMT Not After : Jun 26 00:41:03 2025 GMT Subject: CN=68535c9f-6b01 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:97:6b:95:3e:8f:0e:47:bc:b5:ea:f2:bf:40: 36:ba:65:14:7f:ec:8b:3b:55:c8:15:f2:b0:e0:3c: 82:66:ae:43:e5:82:3e:37:7e:69:d8:74:18:3c:34: bb:61:1f:37:4d:29:d1:fc:da:13:65:c6:f5:b4:6a: 58:bb:eb:ea:0b:7f:29:bc:d4:92:28:72:57:01:c8: f3:47:12:c7:be:e3:e8:29:20:01:d6:00:ba:dd:ed: d3:0e:d5:88:98:91:41:19:50:a5:3e:02:c4:74:18: 16:59:92:5a:20:28:82:ab:7c:37:94:1e:2a:73:01: ff:be:fd:07:3d:58:a7:4b:8e:5e:15:e2:5d:6f:25: 9a:ed:50:ac:7d:12:8e:3d:f2:b7:b2:d5:5c:36:09: fb:3d:30:df:b0:40:b6:40:ed:a3:d1:b8:88:f4:e6: eb:aa:36:cd:fc:74:83:5c:35:6e:b5:b7:39:b4:2b: c5:a3:f9:03:fc:ae:83:21:a5:df:5a:40:75:89:df: 1f:a3:4e:7f:40:e6:60:e4:15:fc:7f:95:0b:b4:fa: 5f:3c:b5:46:3b:f7:1c:4d:30:35:a2:1c:11:94:d7: 1a:53:0d:bd:ec:11:dd:b3:29:74:e9:98:88:94:e0: f1:a0:b8:74:60:fc:2a:c4:39:60:40:8c:bb:83:3d: dc:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:CA:49:D1:3A:C5:11:E4:A2:57:4C:19:B1:98:00:37:8B:68:2B:29 X509v3 Authority Key Identifier: keyid:85:F2:BA:F1:B7:DF:1D:AA:8C:88:AB:6C:5E:78:C1:FC:C3:F7:8D:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hfK68bffHaqMiKtsXnjB_MP3jQg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 75:a2:ec:58:73:90:cf:d7:96:6f:45:bf:a1:bd:bb:2c:50:52: 85:fe:f5:af:33:89:c5:56:41:5d:f9:03:0f:70:bb:1c:b2:9a: 07:a9:8f:8b:b5:84:58:3c:69:71:3c:67:bd:20:1d:b9:4e:cc: 04:74:dd:49:f2:8a:4f:4b:31:cc:d7:c3:60:bc:ef:51:a8:c5: 54:79:af:6d:fc:b3:1b:53:09:66:5e:1b:9b:04:48:ec:56:b8: ae:3d:37:dd:54:09:01:08:6a:e0:a3:15:27:53:c0:3f:a3:c7: 38:27:00:a1:ef:23:62:4d:9a:99:a3:3f:33:b4:77:6a:b2:26: b4:9a:80:63:da:08:b0:dd:7f:fb:97:20:fb:13:c3:19:bc:76: 0d:35:fd:de:78:a2:a9:be:59:43:64:a9:43:2a:42:d1:0d:9b: 1c:f5:96:8b:28:86:7b:3c:66:5a:4e:2a:29:6d:5e:cb:29:ec: 48:00:16:bc:19:23:e1:5f:8c:34:3b:b7:61:46:df:ba:af:a6: 89:1f:a3:a4:bf:00:e1:b5:d3:ea:66:66:b7:1b:7e:92:09:c1: 71:0e:b5:8b:c1:9c:54:a4:8d:0c:04:2d:40:03:89:9c:46:a1: 28:66:72:e0:f4:87:cb:a5:27:22:39:ce:bd:ef:fc:e8:6d:d8: e6:f2:e9:2b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA7EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzQyQzUxMTAvBgNVBAUTKDg1RjJCQUYxQjdERjFEQUE4Qzg4QUI2QzVFNzhDMUZD QzNGNzhEMDgwHhcNMjUwNjE5MDA0MTAzWhcNMjUwNjI2MDA0MTAzWjAYMRYwFAYD VQQDEw02ODUzNWM5Zi02YjAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7ZdrlT6PDke8teryv0A2umUUf+yLO1XIFfKw4DyCZq5D5YI+N35p2HQYPDS7 YR83TSnR/NoTZcb1tGpYu+vqC38pvNSSKHJXAcjzRxLHvuPoKSAB1gC63e3TDtWI mJFBGVClPgLEdBgWWZJaICiCq3w3lB4qcwH/vv0HPVinS45eFeJdbyWa7VCsfRKO PfK3stVcNgn7PTDfsEC2QO2j0biI9ObrqjbN/HSDXDVutbc5tCvFo/kD/K6DIaXf WkB1id8fo05/QOZg5BX8f5ULtPpfPLVGO/ccTTA1ohwRlNcaUw297BHdsyl06ZiI lODxoLh0YPwqxDlgQIy7gz3c8wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAnKSdE6 xRHkoldMGbGYADeLaCspMB8GA1UdIwQYMBaAFIXyuvG33x2qjIirbF54wfzD940I MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNDJDNS8xRjQwNEUzMEE0 RTkxMUVDQUYzRkIxNTJDNEY5QUUwMi9oZks2OGJmZkhhcU1pS3RzWG5qQl9NUDNq UWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2hmSzY4YmZmSGFxTWlLdHNYbmpCX01QM2pRZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NDJDNS8xRjQwNEUzMEE0RTkxMUVDQUYzRkIxNTJDNEY5QUUwMi9oZks2OGJmZkhh cU1pS3RzWG5qQl9NUDNqUWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB1ouxYc5DP15ZvRb+hvbssUFKF/vWvM4nFVkFd+QMPcLscspoHqY+L tYRYPGlxPGe9IB25TswEdN1J8opPSzHM18NgvO9RqMVUea9t/LMbUwlmXhubBEjs VriuPTfdVAkBCGrgoxUnU8A/o8c4JwCh7yNiTZqZoz8ztHdqsia0moBj2giw3X/7 lyD7E8MZvHYNNf3eeKKpvllDZKlDKkLRDZsc9ZaLKIZ7PGZaTiopbV7LKexIABa8 GSPhX4w0O7dhRt+6r6aJH6OkvwDhtdPqZma3G36SCcFxDrWLwZxUpI0MBC1AA4mc RqEoZnLg9IfLpSciOc697/zobdjm8ukr -----END CERTIFICATE-----Generated at Fri Jun 20 17:02:26 2025 by rpki-client