$ rpki-client -vvf rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.mft File: hn09aLZZeAOvVkZcDptTq2Z7cqg.mft (raw, json) Hash identifier: xRjXl+2WQ19LEgWvQ9fp/MG5zRII/4izvTh/LR4+KvU= Subject key identifier: EC:21:F1:DA:7C:2C:FE:84:CC:78:04:AC:D4:0E:B7:AC:EE:CF:C0:A8 Authority key identifier: 86:7D:3D:68:B6:59:78:03:AF:56:46:5C:0E:9B:53:AB:66:7B:72:A8 Certificate issuer: /CN=A912CDC5/serialNumber=867D3D68B6597803AF56465C0E9B53AB667B72A8 Certificate serial: 0654 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hn09aLZZeAOvVkZcDptTq2Z7cqg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.mft Manifest number: 064F Signing time: Tue 08 Apr 2025 22:15:08 +0000 Manifest this update: Tue 08 Apr 2025 22:15:07 +0000 Manifest next update: Tue 15 Apr 2025 22:15:07 +0000 Files and hashes: 1: hn09aLZZeAOvVkZcDptTq2Z7cqg.crl (hash: aE3+98AxCGlPLF+6cREZ/M4vi9hnIRYtjmVCJxn5Vv0=) 2: 4EC5B52480B811EBBEE2CA7FC4F9AE02.roa (hash: bzwAo1vTwZtUvpqV0SE31TfJe7tyOs8AEfKtkNJnl48=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.crl rsync://rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hn09aLZZeAOvVkZcDptTq2Z7cqg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 15 Apr 2025 22:15:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1620 (0x654) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912CDC5 Validity Not Before: Apr 8 22:15:07 2025 GMT Not After : Apr 15 22:15:07 2025 GMT Subject: CN=67f59fec-3916 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:13:83:cc:f6:2f:5c:b7:ee:d3:b5:5e:e1:0f: 0c:28:fd:c0:a9:84:15:3d:83:a1:be:bc:7a:27:0e: 50:97:18:3b:e3:4a:0b:f0:c7:28:d7:fa:67:d7:f5: d4:df:ab:32:5d:1d:dc:11:f4:a6:d4:16:28:cf:4d: 11:36:d4:4c:b9:e2:8b:06:42:47:71:4f:db:f3:76: b1:0c:25:91:d0:e7:44:26:45:71:23:ba:ae:15:76: fe:5e:a8:d6:af:a0:80:f1:27:39:51:aa:4c:10:bb: 7f:97:df:d7:13:98:30:f6:07:12:5b:40:cf:d0:1c: 37:0b:f1:62:d8:25:b2:2e:ad:d8:eb:60:61:22:89: e9:c6:fb:95:eb:8c:b5:7e:5b:57:9c:0a:a5:cb:69: 01:0f:c5:8e:f9:eb:52:f9:be:09:44:91:0f:e2:27: 9c:5c:b7:84:f7:0d:1d:d0:8d:1b:12:2a:4a:3a:6f: ed:2d:19:c9:f9:87:fe:97:75:5e:0e:04:d2:dd:61: 1b:6d:af:ce:e3:bd:93:a1:04:89:11:84:8b:9d:44: b4:18:3e:14:95:7f:cc:0d:a3:e6:43:cf:00:eb:e8: 9e:6b:63:6c:0d:2d:b5:71:e1:a3:34:4f:b9:38:8c: 0c:22:95:a1:86:6c:7c:d3:e1:89:90:50:ff:9c:ee: 1d:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:21:F1:DA:7C:2C:FE:84:CC:78:04:AC:D4:0E:B7:AC:EE:CF:C0:A8 X509v3 Authority Key Identifier: keyid:86:7D:3D:68:B6:59:78:03:AF:56:46:5C:0E:9B:53:AB:66:7B:72:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hn09aLZZeAOvVkZcDptTq2Z7cqg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 07:e4:fa:f2:18:ca:b6:dc:23:01:ce:d8:f7:e7:e0:81:ec:d9: 71:3c:39:b3:31:e5:bc:b1:f2:62:67:b8:db:65:58:2e:81:95: f2:bc:0c:53:99:40:55:ec:b2:7e:10:2e:1c:f1:08:57:3a:ae: a7:6a:0b:2c:37:83:24:ff:b7:53:be:8f:4e:4a:64:4e:0a:21: 77:74:0f:27:1c:30:3e:23:71:28:4e:ac:55:ed:f5:87:fb:a1: 42:68:d0:a4:94:58:34:dd:64:9e:8d:3c:b9:cf:af:39:c8:3e: d3:ba:75:59:4e:6c:bb:39:41:26:f0:79:70:bb:c0:2f:02:f9: 29:39:ef:18:46:ea:32:3e:12:ed:f1:f9:12:f0:9e:8f:19:7f: 96:f6:f0:97:6b:61:a8:e9:61:80:65:d2:22:95:90:f7:87:41: fb:09:f7:05:5d:26:86:23:da:72:59:8f:63:16:65:fc:f5:e4: 60:5a:18:58:6b:66:67:63:a2:99:76:7f:e5:01:25:21:3d:5f: 58:fc:7b:c0:cd:72:c5:f5:a5:92:e0:29:e0:95:0f:c6:1c:3e: 5a:51:a7:da:09:fc:ef:ba:ea:dc:21:c2:e4:28:c8:13:2e:bc: 87:9b:d2:84:f7:50:24:b5:81:de:b7:ca:32:1b:8a:b4:3c:92: ae:89:dc:ca -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBlQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkNEQzUxMTAvBgNVBAUTKDg2N0QzRDY4QjY1OTc4MDNBRjU2NDY1QzBFOUI1M0FC NjY3QjcyQTgwHhcNMjUwNDA4MjIxNTA3WhcNMjUwNDE1MjIxNTA3WjAYMRYwFAYD VQQDEw02N2Y1OWZlYy0zOTE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsRODzPYvXLfu07Ve4Q8MKP3AqYQVPYOhvrx6Jw5Qlxg740oL8Mco1/pn1/XU 36syXR3cEfSm1BYoz00RNtRMueKLBkJHcU/b83axDCWR0OdEJkVxI7quFXb+XqjW r6CA8Sc5UapMELt/l9/XE5gw9gcSW0DP0Bw3C/Fi2CWyLq3Y62BhIonpxvuV64y1 fltXnAqly2kBD8WO+etS+b4JRJEP4iecXLeE9w0d0I0bEipKOm/tLRnJ+Yf+l3Ve DgTS3WEbba/O472ToQSJEYSLnUS0GD4UlX/MDaPmQ88A6+iea2NsDS21ceGjNE+5 OIwMIpWhhmx80+GJkFD/nO4dpwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOwh8dp8 LP6EzHgErNQOt6zuz8CoMB8GA1UdIwQYMBaAFIZ9PWi2WXgDr1ZGXA6bU6tme3Ko MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQ0RDNS9FOUYyOTJDNjgw QjYxMUVCQkVDQkYzNzlDNEY5QUUwMi9objA5YUxaWmVBT3ZWa1pjRHB0VHEyWjdj cWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2huMDlhTFpaZUFPdlZrWmNEcHRUcTJaN2NxZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy Q0RDNS9FOUYyOTJDNjgwQjYxMUVCQkVDQkYzNzlDNEY5QUUwMi9objA5YUxaWmVB T3ZWa1pjRHB0VHEyWjdjcWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAH5PryGMq23CMBztj35+CB7NlxPDmzMeW8sfJiZ7jbZVgugZXyvAxT mUBV7LJ+EC4c8QhXOq6nagssN4Mk/7dTvo9OSmROCiF3dA8nHDA+I3EoTqxV7fWH +6FCaNCklFg03WSejTy5z685yD7TunVZTmy7OUEm8Hlwu8AvAvkpOe8YRuoyPhLt 8fkS8J6PGX+W9vCXa2Go6WGAZdIilZD3h0H7CfcFXSaGI9pyWY9jFmX89eRgWhhY a2ZnY6KZdn/lASUhPV9Y/HvAzXLF9aWS4CnglQ/GHD5aUafaCfzvuurcIcLkKMgT LryHm9KE91AktYHet8oyG4q0PJKuidzK -----END CERTIFICATE-----Generated at Fri Apr 11 00:34:36 2025 by rpki-client