$ rpki-client -vvf rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft File: hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft (raw, json) Hash identifier: L8vRHYw4ilWpSTSzsqZ/hZIdZAX0txqJbthzYiJ12zo= Subject key identifier: 7D:59:00:D6:B4:0B:E3:59:40:25:29:5B:1D:CD:08:30:82:19:98:71 Authority key identifier: 84:E4:FF:B6:92:7F:77:F5:C3:F0:A2:52:68:2F:71:DD:B3:77:B1:1D Certificate issuer: /CN=A911C743/serialNumber=84E4FFB6927F77F5C3F0A252682F71DDB377B11D Certificate serial: 0E51 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft Manifest number: 0E44 Signing time: Thu 12 Jun 2025 17:39:25 +0000 Manifest this update: Thu 12 Jun 2025 17:39:25 +0000 Manifest next update: Thu 19 Jun 2025 17:39:25 +0000 Files and hashes: 1: hOT_tpJ_d_XD8KJSaC9x3bN3sR0.crl (hash: DOlgnB/I5tFu5VwjUQJmp08mTiScCB/58cdL4c7UuoA=) 2: 2B21EC2EE4E111E981365C17C4F9AE02.roa (hash: jnR4T4XlGdfZ2gOhYWumXwRlSJ7MxpHX0lAGLhkJjWk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.crl rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 19 Jun 2025 17:39:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3665 (0xe51) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911C743, serialNumber=84E4FFB6927F77F5C3F0A252682F71DDB377B11D Validity Not Before: Jun 12 17:39:25 2025 GMT Not After : Jun 19 17:39:25 2025 GMT Subject: CN=684b10cd-c08d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:48:40:2d:f8:ba:1e:d9:b3:d5:3d:f9:d0:72: 59:d3:fd:82:54:cc:74:02:c6:d6:5a:01:3e:bf:e1: db:7b:80:a9:54:24:35:c9:f0:19:2b:a3:39:be:c8: 5c:0e:ca:cc:40:71:8d:7b:bb:59:5f:fa:b6:6d:de: 08:43:70:02:24:93:93:a0:e3:3a:6b:0c:82:c1:a6: 88:05:e0:35:f9:82:3a:6a:1e:95:11:ae:76:99:0d: a4:7e:15:2b:1b:cf:c3:a6:b0:14:20:2d:68:17:e3: 45:11:98:c1:c1:eb:ae:e9:5d:68:8a:ea:0e:56:19: 27:6a:c4:12:b1:3b:4e:d1:ff:f2:bf:82:d7:f9:15: 50:f2:25:84:fc:4f:af:10:8e:94:48:8b:02:b8:b4: b4:64:af:2f:81:f9:51:04:dd:d6:63:74:65:4b:c2: a5:b4:f0:08:7f:7f:11:9d:71:d8:d2:e1:f7:a3:4f: d2:a8:2f:b6:e4:9b:0f:fb:e5:70:e4:29:ce:0b:25: 49:b0:34:d3:31:a1:ba:77:9b:75:b9:73:42:e9:01: 7d:0e:20:e1:31:19:cc:4b:49:28:03:a0:16:76:d8: b9:11:ce:7e:1e:6a:49:b5:50:51:b4:89:6b:94:3e: aa:7e:5a:0f:17:80:a2:7a:91:a0:69:f6:09:7e:93: 00:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:59:00:D6:B4:0B:E3:59:40:25:29:5B:1D:CD:08:30:82:19:98:71 X509v3 Authority Key Identifier: keyid:84:E4:FF:B6:92:7F:77:F5:C3:F0:A2:52:68:2F:71:DD:B3:77:B1:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 38:4f:f8:2a:b1:50:04:cf:ca:8d:09:7d:d8:df:b2:ce:54:37: 9b:c9:29:0e:83:3c:fe:b4:35:51:ec:a8:ef:80:4e:75:66:39: 8f:b5:93:ce:c3:6c:0a:89:90:6d:5e:be:de:46:cf:52:3c:0b: c3:2a:f6:3f:42:a7:44:70:ba:a8:36:e4:1e:06:86:25:52:33: 71:f4:bf:2f:58:ae:54:f2:ce:25:c6:b6:9d:c2:b7:bf:2a:07: 6e:9d:f0:85:4e:a5:c4:df:75:21:a9:6b:38:76:d6:5a:b6:9f: 3f:04:3f:75:b1:61:57:f4:5f:62:3d:70:67:9f:08:c0:db:cf: 09:f2:58:b6:10:01:c7:f4:38:9c:1d:e3:3d:25:a5:9a:55:90: 5a:fb:41:a9:d8:bd:e5:ea:4f:6f:15:f2:e7:91:80:0e:46:80: c3:92:08:aa:04:bb:c7:a8:2e:b6:18:e5:ca:c3:4b:cb:8f:86: 10:0b:ae:dd:ab:10:ee:51:50:4e:0a:92:db:b1:ca:ba:68:75: 03:14:0f:a9:78:3e:b2:0d:5b:70:74:93:a0:13:d6:ce:f1:da: 21:0c:70:da:51:10:59:03:41:63:fc:c8:7c:54:84:bc:3e:b1: 3e:eb:44:57:bc:cf:37:39:1f:6e:40:99:a9:38:e1:db:38:34: ab:4d:fa:a8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDlEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUM3NDMxMTAvBgNVBAUTKDg0RTRGRkI2OTI3Rjc3RjVDM0YwQTI1MjY4MkY3MURE QjM3N0IxMUQwHhcNMjUwNjEyMTczOTI1WhcNMjUwNjE5MTczOTI1WjAYMRYwFAYD VQQDEw02ODRiMTBjZC1jMDhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA40hALfi6Htmz1T350HJZ0/2CVMx0AsbWWgE+v+Hbe4CpVCQ1yfAZK6M5vshc DsrMQHGNe7tZX/q2bd4IQ3ACJJOToOM6awyCwaaIBeA1+YI6ah6VEa52mQ2kfhUr G8/DprAUIC1oF+NFEZjBweuu6V1oiuoOVhknasQSsTtO0f/yv4LX+RVQ8iWE/E+v EI6USIsCuLS0ZK8vgflRBN3WY3RlS8KltPAIf38RnXHY0uH3o0/SqC+25JsP++Vw 5CnOCyVJsDTTMaG6d5t1uXNC6QF9DiDhMRnMS0koA6AWdti5Ec5+HmpJtVBRtIlr lD6qfloPF4CiepGgafYJfpMApwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH1ZANa0 C+NZQCUpWx3NCDCCGZhxMB8GA1UdIwQYMBaAFITk/7aSf3f1w/CiUmgvcd2zd7Ed MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzc0My9GOEFFMjg4MEEy MUQxMUU5ODI0MkFEODFDNEY5QUUwMi9oT1RfdHBKX2RfWEQ4S0pTYUM5eDNiTjNz UjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hPVF90cEpfZF9YRDhLSlNhQzl4M2JOM3NSMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx Qzc0My9GOEFFMjg4MEEyMUQxMUU5ODI0MkFEODFDNEY5QUUwMi9oT1RfdHBKX2Rf WEQ4S0pTYUM5eDNiTjNzUjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA4T/gqsVAEz8qNCX3Y37LOVDebySkOgzz+tDVR7KjvgE51ZjmPtZPO w2wKiZBtXr7eRs9SPAvDKvY/QqdEcLqoNuQeBoYlUjNx9L8vWK5U8s4lxradwre/ KgdunfCFTqXE33UhqWs4dtZatp8/BD91sWFX9F9iPXBnnwjA288J8li2EAHH9Dic HeM9JaWaVZBa+0Gp2L3l6k9vFfLnkYAORoDDkgiqBLvHqC62GOXKw0vLj4YQC67d qxDuUVBOCpLbscq6aHUDFA+peD6yDVtwdJOgE9bO8dohDHDaURBZA0Fj/Mh8VIS8 PrE+60RXvM83OR9uQJmpOOHbODSrTfqo -----END CERTIFICATE-----Generated at Thu Jun 12 21:30:07 2025 by rpki-client