$ rpki-client -vvf rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.mft File: hfK68bffHaqMiKtsXnjB_MP3jQg.mft (raw, json) Hash identifier: YwuAqHijEvssdNpSSZWYE8r20PZoJd0zGIn7mdEM5fQ= Subject key identifier: FF:E4:2B:9B:65:50:87:37:2B:2E:0A:5B:10:21:8D:DA:B0:2A:64:6F Authority key identifier: 85:F2:BA:F1:B7:DF:1D:AA:8C:88:AB:6C:5E:78:C1:FC:C3:F7:8D:08 Certificate issuer: /CN=A91342C5/serialNumber=85F2BAF1B7DF1DAA8C88AB6C5E78C1FCC3F78D08 Certificate serial: 03C0 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hfK68bffHaqMiKtsXnjB_MP3jQg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.mft Manifest number: 03B0 Signing time: Sat 19 Jul 2025 01:13:11 +0000 Manifest this update: Sat 19 Jul 2025 01:13:10 +0000 Manifest next update: Sat 26 Jul 2025 01:13:10 +0000 Files and hashes: 1: hfK68bffHaqMiKtsXnjB_MP3jQg.crl (hash: csee+ZsMbCA5penge00w3kyBoxc/ApE0QYu5ikpnAok=) 2: A7FBA00E778811EDAE39280CC4F9AE02.roa (hash: A66Rcwdstkb/5EinIJWrWOuekP0qJLH5hk4F7NZimSw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.crl rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hfK68bffHaqMiKtsXnjB_MP3jQg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 01:13:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 960 (0x3c0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91342C5, serialNumber=85F2BAF1B7DF1DAA8C88AB6C5E78C1FCC3F78D08 Validity Not Before: Jul 19 01:13:10 2025 GMT Not After : Jul 26 01:13:10 2025 GMT Subject: CN=687af127-e6b4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:0f:76:81:d7:04:c1:4b:a2:9e:00:36:19:62: f8:23:ae:9f:8d:f7:bb:ed:42:d6:d7:70:83:34:cb: dc:a8:4e:1e:cf:c4:86:1f:16:f7:c7:96:e6:53:d8: af:3f:5e:6a:de:29:c7:9c:9a:47:ca:81:4b:45:05: a8:b8:84:2b:75:40:7f:01:be:ff:f7:80:43:57:08: 75:fe:72:25:44:72:7d:fe:94:85:25:ac:24:64:18: ae:e2:61:c1:8c:39:e7:f0:6a:50:16:c0:83:c0:59: 35:89:e1:56:8d:f9:83:fa:0c:4c:2e:9d:60:95:25: 94:78:15:25:d2:24:10:39:20:b0:9f:90:67:18:c9: 01:14:5b:f1:8e:cc:cb:98:ef:89:b8:ae:04:73:f9: 7a:0a:a4:b9:37:1b:db:1a:a0:3c:11:78:27:f4:a1: 05:39:ef:67:d1:8e:38:db:77:40:62:cf:63:24:d5: a4:6c:21:79:ff:31:fc:fd:da:54:ff:69:bb:fe:24: 80:bd:ef:b0:3f:fc:39:b0:35:ae:de:94:35:70:0c: 03:19:c8:1e:99:10:d7:38:0f:23:e0:27:10:19:4d: ae:8b:4c:05:be:34:9d:07:d3:ec:78:6d:fd:d7:34: e4:e7:9c:6c:93:9c:64:29:a2:bd:2e:12:26:43:90: 32:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:E4:2B:9B:65:50:87:37:2B:2E:0A:5B:10:21:8D:DA:B0:2A:64:6F X509v3 Authority Key Identifier: keyid:85:F2:BA:F1:B7:DF:1D:AA:8C:88:AB:6C:5E:78:C1:FC:C3:F7:8D:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hfK68bffHaqMiKtsXnjB_MP3jQg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 30:52:a4:18:bd:33:9e:54:91:53:50:29:d6:b6:fe:51:76:06: f7:ab:89:43:1f:d2:38:12:0a:04:3c:ce:78:2c:c2:7e:b3:ba: 91:32:0b:28:80:23:ff:c1:0e:3f:cd:90:45:ae:1f:1d:20:3b: 2b:5c:08:cb:9d:20:00:ec:37:6b:c6:91:3d:6f:c7:15:08:8f: 7c:01:eb:e9:14:ce:42:53:80:d6:14:2a:a4:47:92:a1:7b:62: 1d:a4:0c:57:50:c8:05:1c:71:91:bb:55:0d:b3:e6:4d:06:9c: b0:86:22:d9:e2:6e:12:6b:c9:29:e5:fe:21:de:fc:5f:0c:9a: 98:e4:c4:e8:ae:2c:e4:d0:7b:e7:0c:27:58:4f:7d:8e:9e:a6: 5e:27:68:71:10:1c:a6:63:d6:fe:65:9f:50:d9:a7:d3:f3:71: 1d:70:3f:67:78:ca:80:17:f9:97:76:08:d9:60:5e:6c:c5:bd: 43:95:47:8b:9d:ce:ff:c3:aa:14:4c:db:db:24:cb:0f:cc:b3: 83:2d:48:90:0e:dd:7d:a2:02:39:87:db:9e:37:de:a7:45:2b: 4d:2f:a3:27:5b:be:d5:e0:39:b7:51:b6:81:6c:5d:66:47:5c: c9:37:7d:94:82:0a:f7:0c:4b:b0:37:81:a7:ae:e6:9b:1e:62: 52:94:52:9e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA8AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzQyQzUxMTAvBgNVBAUTKDg1RjJCQUYxQjdERjFEQUE4Qzg4QUI2QzVFNzhDMUZD QzNGNzhEMDgwHhcNMjUwNzE5MDExMzEwWhcNMjUwNzI2MDExMzEwWjAYMRYwFAYD VQQDEw02ODdhZjEyNy1lNmI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5Q92gdcEwUuingA2GWL4I66fjfe77ULW13CDNMvcqE4ez8SGHxb3x5bmU9iv P15q3inHnJpHyoFLRQWouIQrdUB/Ab7/94BDVwh1/nIlRHJ9/pSFJawkZBiu4mHB jDnn8GpQFsCDwFk1ieFWjfmD+gxMLp1glSWUeBUl0iQQOSCwn5BnGMkBFFvxjszL mO+JuK4Ec/l6CqS5NxvbGqA8EXgn9KEFOe9n0Y4423dAYs9jJNWkbCF5/zH8/dpU /2m7/iSAve+wP/w5sDWu3pQ1cAwDGcgemRDXOA8j4CcQGU2ui0wFvjSdB9PseG39 1zTk55xsk5xkKaK9LhImQ5AyxwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP/kK5tl UIc3Ky4KWxAhjdqwKmRvMB8GA1UdIwQYMBaAFIXyuvG33x2qjIirbF54wfzD940I MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNDJDNS8xRjQwNEUzMEE0 RTkxMUVDQUYzRkIxNTJDNEY5QUUwMi9oZks2OGJmZkhhcU1pS3RzWG5qQl9NUDNq UWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2hmSzY4YmZmSGFxTWlLdHNYbmpCX01QM2pRZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NDJDNS8xRjQwNEUzMEE0RTkxMUVDQUYzRkIxNTJDNEY5QUUwMi9oZks2OGJmZkhh cU1pS3RzWG5qQl9NUDNqUWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAwUqQYvTOeVJFTUCnWtv5Rdgb3q4lDH9I4EgoEPM54LMJ+s7qRMgso gCP/wQ4/zZBFrh8dIDsrXAjLnSAA7DdrxpE9b8cVCI98AevpFM5CU4DWFCqkR5Kh e2IdpAxXUMgFHHGRu1UNs+ZNBpywhiLZ4m4Sa8kp5f4h3vxfDJqY5MTorizk0Hvn DCdYT32OnqZeJ2hxEBymY9b+ZZ9Q2afT83EdcD9neMqAF/mXdgjZYF5sxb1DlUeL nc7/w6oUTNvbJMsPzLODLUiQDt19ogI5h9ueN96nRStNL6MnW77V4Dm3UbaBbF1m R1zJN32Uggr3DEuwN4GnruabHmJSlFKe -----END CERTIFICATE-----Generated at Sun Jul 20 11:45:34 2025 by rpki-client