$ rpki-client -vvf rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.mft File: hn09aLZZeAOvVkZcDptTq2Z7cqg.mft (raw, json) Hash identifier: qnx4ZwOwrpAun/y44E9AfrA452gNNRO+zjsbstSAQtE= Subject key identifier: C7:B5:BB:C2:E2:BB:67:42:15:D0:69:FA:27:BE:36:DE:6B:22:E0:6D Authority key identifier: 86:7D:3D:68:B6:59:78:03:AF:56:46:5C:0E:9B:53:AB:66:7B:72:A8 Certificate issuer: /CN=A912CDC5/serialNumber=867D3D68B6597803AF56465C0E9B53AB667B72A8 Certificate serial: 0686 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hn09aLZZeAOvVkZcDptTq2Z7cqg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.mft Manifest number: 0681 Signing time: Fri 18 Jul 2025 22:38:47 +0000 Manifest this update: Fri 18 Jul 2025 22:38:47 +0000 Manifest next update: Fri 25 Jul 2025 22:38:47 +0000 Files and hashes: 1: hn09aLZZeAOvVkZcDptTq2Z7cqg.crl (hash: dWXDNOrfrB4SUM6K2RqPTNTAau0OBd64Qptl6xftDZQ=) 2: 4EC5B52480B811EBBEE2CA7FC4F9AE02.roa (hash: bzwAo1vTwZtUvpqV0SE31TfJe7tyOs8AEfKtkNJnl48=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.crl rsync://rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hn09aLZZeAOvVkZcDptTq2Z7cqg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 22:38:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1670 (0x686) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912CDC5, serialNumber=867D3D68B6597803AF56465C0E9B53AB667B72A8 Validity Not Before: Jul 18 22:38:47 2025 GMT Not After : Jul 25 22:38:47 2025 GMT Subject: CN=687accf7-f73b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:ef:78:f8:0b:62:4b:c7:21:14:22:44:6e:77: 21:80:f1:d3:c0:e7:50:26:2e:4f:f2:45:49:ab:8f: f9:63:29:e7:aa:5f:88:a9:5d:90:7e:f9:40:64:10: a1:de:1b:c5:be:ad:b7:24:e5:7d:9c:83:1c:e3:28: 5f:30:1b:91:5d:29:c4:43:8f:aa:59:f8:68:c1:b4: 7f:00:18:f2:4b:22:55:78:48:3c:f9:80:55:e8:92: ad:9e:70:4e:5f:4f:94:f1:b1:00:a4:97:2a:17:fa: 3e:9a:f9:b2:c1:c2:ef:55:e7:2e:b1:15:92:30:92: 9f:8d:66:5d:c1:09:e8:52:61:3d:7f:4b:b3:31:63: 24:a7:1f:5e:22:bf:62:c4:9e:a0:df:1f:38:ca:d7: a2:80:be:af:5a:c2:06:8c:d2:43:8a:70:70:31:b8: 2b:a3:f6:29:7b:a9:06:77:57:e3:30:62:af:71:9d: ff:52:bf:87:93:0f:c4:14:9d:a5:45:e8:2c:4a:66: 09:e8:cb:b5:67:5b:65:b0:55:ea:d1:14:f6:ed:54: 67:c5:9e:d0:aa:b4:6f:bf:7c:88:8f:b3:37:3f:b3: 4e:d3:41:76:3e:74:61:3b:78:3a:7b:f1:42:95:eb: 43:4e:06:16:62:a8:da:a8:a0:35:d3:f5:be:80:9d: 4c:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:B5:BB:C2:E2:BB:67:42:15:D0:69:FA:27:BE:36:DE:6B:22:E0:6D X509v3 Authority Key Identifier: keyid:86:7D:3D:68:B6:59:78:03:AF:56:46:5C:0E:9B:53:AB:66:7B:72:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hn09aLZZeAOvVkZcDptTq2Z7cqg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 79:b2:1e:af:fc:47:5b:65:3f:6e:4f:bd:51:35:61:5d:5f:08: c5:fd:69:b7:e3:00:30:5c:24:e1:04:f2:ee:bd:07:ea:c6:fe: f5:69:6a:37:fd:0d:e3:0e:52:96:76:30:b2:60:d0:11:25:2e: 09:f7:5c:b4:e5:6d:e4:fd:e7:14:35:bd:54:38:5f:9b:19:12: 44:f4:a8:d4:4b:eb:6e:67:0c:90:c2:1f:c3:dc:15:21:09:32: 37:ec:e0:be:ea:07:51:10:86:93:95:33:7e:f7:d6:a7:b9:b3: fb:09:b5:10:f2:a5:ea:5f:a1:c0:0a:ff:ca:52:4d:97:c6:58: fb:77:a5:81:58:ea:36:70:c4:91:a8:f1:69:df:f2:55:31:b1: 2b:50:65:d4:52:49:09:20:c0:a1:4c:19:59:34:de:3e:c9:a0: 84:8a:2b:79:c4:a2:fb:fe:e4:8f:88:0d:94:93:27:05:eb:7f: 15:d9:91:b7:c0:fa:fb:f2:cc:e9:9d:81:d0:81:ad:74:5d:0a: 8f:5a:89:bd:f5:b4:c1:8a:da:96:8f:38:7e:e9:1c:70:ef:44: d4:19:09:8a:a0:13:2e:54:de:f3:90:a6:24:3e:69:36:68:79: 6a:5a:4a:a6:06:0e:2f:f6:1e:69:11:08:7d:74:01:99:79:4b: 21:dd:ec:86 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBoYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkNEQzUxMTAvBgNVBAUTKDg2N0QzRDY4QjY1OTc4MDNBRjU2NDY1QzBFOUI1M0FC NjY3QjcyQTgwHhcNMjUwNzE4MjIzODQ3WhcNMjUwNzI1MjIzODQ3WjAYMRYwFAYD VQQDEw02ODdhY2NmNy1mNzNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAne94+AtiS8chFCJEbnchgPHTwOdQJi5P8kVJq4/5Yynnql+IqV2QfvlAZBCh 3hvFvq23JOV9nIMc4yhfMBuRXSnEQ4+qWfhowbR/ABjySyJVeEg8+YBV6JKtnnBO X0+U8bEApJcqF/o+mvmywcLvVecusRWSMJKfjWZdwQnoUmE9f0uzMWMkpx9eIr9i xJ6g3x84yteigL6vWsIGjNJDinBwMbgro/Ype6kGd1fjMGKvcZ3/Ur+Hkw/EFJ2l RegsSmYJ6Mu1Z1tlsFXq0RT27VRnxZ7QqrRvv3yIj7M3P7NO00F2PnRhO3g6e/FC letDTgYWYqjaqKA10/W+gJ1MUwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMe1u8Li u2dCFdBp+ie+Nt5rIuBtMB8GA1UdIwQYMBaAFIZ9PWi2WXgDr1ZGXA6bU6tme3Ko MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQ0RDNS9FOUYyOTJDNjgw QjYxMUVCQkVDQkYzNzlDNEY5QUUwMi9objA5YUxaWmVBT3ZWa1pjRHB0VHEyWjdj cWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2huMDlhTFpaZUFPdlZrWmNEcHRUcTJaN2NxZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy Q0RDNS9FOUYyOTJDNjgwQjYxMUVCQkVDQkYzNzlDNEY5QUUwMi9objA5YUxaWmVB T3ZWa1pjRHB0VHEyWjdjcWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB5sh6v/EdbZT9uT71RNWFdXwjF/Wm34wAwXCThBPLuvQfqxv71aWo3 /Q3jDlKWdjCyYNARJS4J91y05W3k/ecUNb1UOF+bGRJE9KjUS+tuZwyQwh/D3BUh CTI37OC+6gdREIaTlTN+99anubP7CbUQ8qXqX6HACv/KUk2Xxlj7d6WBWOo2cMSR qPFp3/JVMbErUGXUUkkJIMChTBlZNN4+yaCEiit5xKL7/uSPiA2UkycF638V2ZG3 wPr78szpnYHQga10XQqPWom99bTBitqWjzh+6Rxw70TUGQmKoBMuVN7zkKYkPmk2 aHlqWkqmBg4v9h5pEQh9dAGZeUsh3eyG -----END CERTIFICATE-----Generated at Sun Jul 20 07:38:31 2025 by rpki-client