$ rpki-client -vvf rpki.apnic.net/member_repository/A91D894F/0AF45E36012A11EFA5FD916FC4F9AE02/hbFKiQub1JgNl-Qbs5H8yYUPy3g.mft File: hbFKiQub1JgNl-Qbs5H8yYUPy3g.mft (raw, json) Hash identifier: kMlvBfaO2HA8d658C5irkU/X5LNYmX6aAc8yd95ptQo= Subject key identifier: 95:0A:AB:27:55:B3:D8:1E:AB:04:1E:8C:C8:FC:43:A3:AA:8F:E9:41 Authority key identifier: 85:B1:4A:89:0B:9B:D4:98:0D:97:E4:1B:B3:91:FC:C9:85:0F:CB:78 Certificate issuer: /CN=A91D894F/serialNumber=85B14A890B9BD4980D97E41BB391FCC9850FCB78 Certificate serial: E2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hbFKiQub1JgNl-Qbs5H8yYUPy3g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D894F/0AF45E36012A11EFA5FD916FC4F9AE02/hbFKiQub1JgNl-Qbs5H8yYUPy3g.mft Manifest number: DA Signing time: Sun 15 Jun 2025 04:43:21 +0000 Manifest this update: Sun 15 Jun 2025 04:43:21 +0000 Manifest next update: Sun 22 Jun 2025 04:43:21 +0000 Files and hashes: 1: hbFKiQub1JgNl-Qbs5H8yYUPy3g.crl (hash: M1PMaI9VTagkNm7EU/0W63kdEN6/Eg0RSX44K6jw7CE=) 2: 61A59876012A11EFB75C350FC4F9AE02.roa (hash: eAATcw+wwIntluEWHwykA3g4lnWZ04SXuQGRkoYM9h4=) 3: 612992C6012A11EFB75C350FC4F9AE02.roa (hash: kIIwTAeW+pDEZ3yhH1JwOUrEmJAAi9ldowt4J7C/CXc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D894F/0AF45E36012A11EFA5FD916FC4F9AE02/hbFKiQub1JgNl-Qbs5H8yYUPy3g.crl rsync://rpki.apnic.net/member_repository/A91D894F/0AF45E36012A11EFA5FD916FC4F9AE02/hbFKiQub1JgNl-Qbs5H8yYUPy3g.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hbFKiQub1JgNl-Qbs5H8yYUPy3g.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Jun 2025 02:50:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 226 (0xe2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D894F, serialNumber=85B14A890B9BD4980D97E41BB391FCC9850FCB78 Validity Not Before: Jun 15 04:43:21 2025 GMT Not After : Jun 22 04:43:21 2025 GMT Subject: CN=684e4f69-94c1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:20:fd:07:f3:62:87:9d:3d:cc:ae:26:bf:e5: a6:9e:f1:10:da:8e:17:72:1c:13:8d:47:cc:8a:44: 9c:a9:0b:e2:d3:35:db:8e:d3:37:2f:28:c2:63:4c: 97:2f:fc:dd:64:39:3f:1b:8c:6d:5f:4a:a4:dc:78: e2:c5:4c:b4:c6:4b:6a:aa:b6:8a:8d:c7:b3:43:6a: 6e:97:34:46:d1:0f:76:30:8e:9e:16:42:9e:a8:81: 9a:43:b1:29:b0:1f:cb:77:3b:3b:2d:d7:2f:b0:af: 0d:c8:92:5e:d4:0e:00:11:ec:66:72:cf:a7:67:95: 34:22:d5:8d:4a:b6:f1:48:8d:96:92:ec:70:21:02: 24:e6:bd:89:e7:e0:a0:59:03:7a:b4:d9:ad:fe:01: f7:0c:7e:34:01:3b:55:9c:52:f6:9f:89:9c:99:1a: b5:8f:ed:8c:cc:5e:ef:db:34:6d:d8:ae:b2:6c:01: 63:63:d7:18:2a:34:04:53:39:ed:75:eb:b6:96:8c: 86:d6:66:78:93:00:23:c4:69:10:b6:8c:1b:53:86: 23:ff:eb:fe:a2:78:82:7b:30:d4:c4:6c:a4:08:67: c4:84:e6:bb:26:47:7d:d8:55:16:43:6b:d6:f9:1d: 54:83:55:d8:7c:ca:ae:50:f2:1f:e1:b8:4b:ad:a3: 54:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:0A:AB:27:55:B3:D8:1E:AB:04:1E:8C:C8:FC:43:A3:AA:8F:E9:41 X509v3 Authority Key Identifier: keyid:85:B1:4A:89:0B:9B:D4:98:0D:97:E4:1B:B3:91:FC:C9:85:0F:CB:78 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D894F/0AF45E36012A11EFA5FD916FC4F9AE02/hbFKiQub1JgNl-Qbs5H8yYUPy3g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hbFKiQub1JgNl-Qbs5H8yYUPy3g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D894F/0AF45E36012A11EFA5FD916FC4F9AE02/hbFKiQub1JgNl-Qbs5H8yYUPy3g.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 70:cc:0a:30:38:79:2a:29:ba:ed:9b:4f:bf:7f:e6:84:29:8b: 50:84:42:db:54:40:5c:7b:68:e5:6c:9f:d7:67:48:5c:f2:bb: 6d:4e:d2:d5:83:89:14:9c:42:fa:5e:bd:ae:17:53:e5:63:13: 2e:d0:19:2e:22:88:e7:b4:7d:ae:fd:3f:fd:83:72:6d:49:56: 57:a2:87:5f:40:9e:39:0b:24:a2:b9:5d:f7:e0:26:b6:ab:0c: 4f:5d:eb:c9:c0:30:88:85:a2:3c:8d:3d:ef:fc:cf:c0:01:cd: 1e:05:0a:60:c0:26:75:b7:8a:54:f1:f1:b3:11:00:3b:5d:5c: 9f:b1:a1:2e:a2:6d:f1:b5:c1:50:57:87:0a:c3:31:4c:79:bb: 26:4b:80:d8:ef:63:06:dd:d1:63:aa:aa:21:aa:8e:d6:ca:7c: 14:71:63:9a:45:4a:11:d4:00:16:93:a4:52:22:48:c8:c2:ae: 76:fb:16:33:28:4e:91:00:06:d1:06:34:88:e3:1e:36:9b:b2: a4:d8:91:4a:2b:31:61:5b:ca:08:7a:e7:0a:01:70:82:8e:4e: bc:a7:ff:51:f9:36:79:c9:d8:ec:8d:5b:83:7e:8d:aa:31:ca: 9b:2d:07:4c:f5:38:6f:45:b8:78:8e:97:ba:b9:5b:ae:48:b7: bb:57:33:5f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAOIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDg5NEYxMTAvBgNVBAUTKDg1QjE0QTg5MEI5QkQ0OTgwRDk3RTQxQkIzOTFGQ0M5 ODUwRkNCNzgwHhcNMjUwNjE1MDQ0MzIxWhcNMjUwNjIyMDQ0MzIxWjAYMRYwFAYD VQQDEw02ODRlNGY2OS05NGMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxiD9B/Nih509zK4mv+WmnvEQ2o4XchwTjUfMikScqQvi0zXbjtM3LyjCY0yX L/zdZDk/G4xtX0qk3HjixUy0xktqqraKjcezQ2pulzRG0Q92MI6eFkKeqIGaQ7Ep sB/Ldzs7LdcvsK8NyJJe1A4AEexmcs+nZ5U0ItWNSrbxSI2WkuxwIQIk5r2J5+Cg WQN6tNmt/gH3DH40ATtVnFL2n4mcmRq1j+2MzF7v2zRt2K6ybAFjY9cYKjQEUznt deu2loyG1mZ4kwAjxGkQtowbU4Yj/+v+oniCezDUxGykCGfEhOa7Jkd92FUWQ2vW +R1Ug1XYfMquUPIf4bhLraNUgQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJUKqydV s9geqwQejMj8Q6Oqj+lBMB8GA1UdIwQYMBaAFIWxSokLm9SYDZfkG7OR/MmFD8t4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEODk0Ri8wQUY0NUUzNjAx MkExMUVGQTVGRDkxNkZDNEY5QUUwMi9oYkZLaVF1YjFKZ05sLVFiczVIOHlZVVB5 M2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hiRktpUXViMUpnTmwtUWJzNUg4eVlVUHkzZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE ODk0Ri8wQUY0NUUzNjAxMkExMUVGQTVGRDkxNkZDNEY5QUUwMi9oYkZLaVF1YjFK Z05sLVFiczVIOHlZVVB5M2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBwzAowOHkqKbrtm0+/f+aEKYtQhELbVEBce2jlbJ/XZ0hc8rttTtLV g4kUnEL6Xr2uF1PlYxMu0BkuIojntH2u/T/9g3JtSVZXoodfQJ45CySiuV334Ca2 qwxPXevJwDCIhaI8jT3v/M/AAc0eBQpgwCZ1t4pU8fGzEQA7XVyfsaEuom3xtcFQ V4cKwzFMebsmS4DY72MG3dFjqqohqo7WynwUcWOaRUoR1AAWk6RSIkjIwq52+xYz KE6RAAbRBjSI4x42m7Kk2JFKKzFhW8oIeucKAXCCjk68p/9R+TZ5ydjsjVuDfo2q McqbLQdM9ThvRbh4jpe6uVuuSLe7VzNf -----END CERTIFICATE-----Generated at Sun Jun 15 09:42:45 2025 by rpki-client