$ rpki-client -vvf rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft File: hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft (raw, json) Hash identifier: ymPnRd6KMms0wcRtcn7FT09dXiOgqG2tZ+tHzGGlr+s= Subject key identifier: 35:0B:13:97:A8:6E:28:53:EB:37:DB:2B:6C:A0:17:EA:4F:95:08:B7 Authority key identifier: 84:E4:FF:B6:92:7F:77:F5:C3:F0:A2:52:68:2F:71:DD:B3:77:B1:1D Certificate issuer: /CN=A911C743/serialNumber=84E4FFB6927F77F5C3F0A252682F71DDB377B11D Certificate serial: 0E4F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft Manifest number: 0E42 Signing time: Sun 08 Jun 2025 17:38:07 +0000 Manifest this update: Sun 08 Jun 2025 17:38:07 +0000 Manifest next update: Sun 15 Jun 2025 17:38:07 +0000 Files and hashes: 1: hOT_tpJ_d_XD8KJSaC9x3bN3sR0.crl (hash: ykxkYyPoDm0a//aAajPH1wfZnXt21wXy0My1geRtmZw=) 2: 2B21EC2EE4E111E981365C17C4F9AE02.roa (hash: jnR4T4XlGdfZ2gOhYWumXwRlSJ7MxpHX0lAGLhkJjWk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.crl rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 15 Jun 2025 17:38:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3663 (0xe4f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911C743, serialNumber=84E4FFB6927F77F5C3F0A252682F71DDB377B11D Validity Not Before: Jun 8 17:38:07 2025 GMT Not After : Jun 15 17:38:07 2025 GMT Subject: CN=6845ca7f-eb29 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:22:22:ae:15:02:a2:1a:e9:97:c7:c3:34:68: f3:27:98:1f:ef:b6:0c:d0:cc:3d:7d:3d:55:d1:0f: 4c:07:71:41:21:46:55:21:e6:a8:b4:0e:bb:57:34: a3:7f:27:06:44:fa:f6:a5:69:65:c2:49:6e:a7:51: 4e:6c:25:39:ce:f6:ae:dc:cc:95:4c:c9:36:48:1e: 5c:cc:38:25:8f:b9:0f:8e:38:2c:3e:be:2f:18:82: 24:3d:da:cb:0b:28:80:93:22:a2:04:61:bc:8e:c8: a6:65:f7:f7:37:7e:82:33:50:3c:dc:7c:b7:45:82: 6e:ce:ed:d4:88:9a:bc:3e:04:13:ef:8f:cc:61:25: 67:c2:35:0a:5e:69:3a:1a:a0:4d:cf:ac:b8:ad:47: 16:8d:7c:d9:a8:d6:5a:bf:7a:d7:38:b8:51:5e:4c: 5b:5e:5e:48:30:59:26:12:bb:64:81:7c:d1:b9:da: a5:b1:ed:5e:84:2d:ce:64:8f:f2:ea:65:37:8a:a2: ad:5a:b1:53:f0:58:f7:fb:47:e3:d9:42:04:6d:99: a6:37:7a:f7:0a:82:9b:3a:68:9d:24:28:34:b1:2f: 1a:9e:04:2d:e2:4d:6e:c9:5d:81:d5:3c:aa:99:7b: 1c:f0:51:b1:e4:84:07:4e:56:2a:f0:fd:6a:06:9e: d8:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:0B:13:97:A8:6E:28:53:EB:37:DB:2B:6C:A0:17:EA:4F:95:08:B7 X509v3 Authority Key Identifier: keyid:84:E4:FF:B6:92:7F:77:F5:C3:F0:A2:52:68:2F:71:DD:B3:77:B1:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 13:02:67:18:f4:d3:62:91:3d:26:de:ef:a3:44:68:9d:9a:5c: cd:05:53:0a:68:f9:71:51:24:60:b8:88:28:3f:f9:76:7d:55: 0c:c8:66:81:c7:57:d4:db:29:aa:8c:b4:6d:68:14:27:ab:28: 2f:df:e9:ac:b9:76:cf:7e:ee:0e:2c:d4:6a:b7:14:db:c0:14: 57:87:73:39:37:2d:be:16:66:19:75:e5:46:01:59:e6:6f:82: 23:ec:9c:3a:69:3f:fa:14:55:d0:c6:d0:95:37:54:2c:31:0f: ae:31:a7:0a:54:a6:80:41:99:59:89:17:65:56:22:f1:77:cd: cf:ec:d7:72:eb:81:54:e9:c4:b6:f0:0b:75:a1:88:da:22:22: 45:f1:91:b0:b4:09:f8:14:d6:b3:48:c8:7e:0c:af:a0:c8:b7: 7c:a6:cd:b3:7f:05:98:e9:b8:de:86:48:7e:00:0b:b7:76:fd: ba:9b:7a:77:9c:a2:8a:d4:90:c2:1b:8d:64:29:c3:53:f0:84: 5a:86:71:ac:b6:84:30:a6:d9:f4:06:d2:c8:7f:ec:6b:8f:0f: fd:65:65:ba:37:a5:2c:60:d0:1a:24:00:64:51:95:94:c5:cf: 94:bd:d3:d9:b3:1f:5f:c4:1f:6d:06:00:e6:ac:99:99:b3:00: 72:50:2a:0d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDk8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUM3NDMxMTAvBgNVBAUTKDg0RTRGRkI2OTI3Rjc3RjVDM0YwQTI1MjY4MkY3MURE QjM3N0IxMUQwHhcNMjUwNjA4MTczODA3WhcNMjUwNjE1MTczODA3WjAYMRYwFAYD VQQDEw02ODQ1Y2E3Zi1lYjI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApiIirhUCohrpl8fDNGjzJ5gf77YM0Mw9fT1V0Q9MB3FBIUZVIeaotA67VzSj fycGRPr2pWllwklup1FObCU5zvau3MyVTMk2SB5czDglj7kPjjgsPr4vGIIkPdrL CyiAkyKiBGG8jsimZff3N36CM1A83Hy3RYJuzu3UiJq8PgQT74/MYSVnwjUKXmk6 GqBNz6y4rUcWjXzZqNZav3rXOLhRXkxbXl5IMFkmErtkgXzRudqlse1ehC3OZI/y 6mU3iqKtWrFT8Fj3+0fj2UIEbZmmN3r3CoKbOmidJCg0sS8angQt4k1uyV2B1Tyq mXsc8FGx5IQHTlYq8P1qBp7YJwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDULE5eo bihT6zfbK2ygF+pPlQi3MB8GA1UdIwQYMBaAFITk/7aSf3f1w/CiUmgvcd2zd7Ed MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzc0My9GOEFFMjg4MEEy MUQxMUU5ODI0MkFEODFDNEY5QUUwMi9oT1RfdHBKX2RfWEQ4S0pTYUM5eDNiTjNz UjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hPVF90cEpfZF9YRDhLSlNhQzl4M2JOM3NSMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx Qzc0My9GOEFFMjg4MEEyMUQxMUU5ODI0MkFEODFDNEY5QUUwMi9oT1RfdHBKX2Rf WEQ4S0pTYUM5eDNiTjNzUjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQATAmcY9NNikT0m3u+jRGidmlzNBVMKaPlxUSRguIgoP/l2fVUMyGaB x1fU2ymqjLRtaBQnqygv3+msuXbPfu4OLNRqtxTbwBRXh3M5Ny2+FmYZdeVGAVnm b4Ij7Jw6aT/6FFXQxtCVN1QsMQ+uMacKVKaAQZlZiRdlViLxd83P7Ndy64FU6cS2 8At1oYjaIiJF8ZGwtAn4FNazSMh+DK+gyLd8ps2zfwWY6bjehkh+AAu3dv26m3p3 nKKK1JDCG41kKcNT8IRahnGstoQwptn0BtLIf+xrjw/9ZWW6N6UsYNAaJABkUZWU xc+UvdPZsx9fxB9tBgDmrJmZswByUCoN -----END CERTIFICATE-----Generated at Mon Jun 9 13:26:05 2025 by rpki-client