$ rpki-client -vvf rpki.apnic.net/member_repository/A912C8AF/197FF7A2B40911EF94E6745DC4F9AE02/hA_W9-iR44BKfbMJ0EzoXBr3htE.mft File: hA_W9-iR44BKfbMJ0EzoXBr3htE.mft (raw, json) Hash identifier: fNxd1hRFb1ig59OOghCq3aTXhZ1stETiBBT/RZB8Esg= Subject key identifier: 2A:F0:21:BA:25:41:1C:BF:D8:22:1A:6E:92:EE:5B:A3:FA:79:C4:A6 Authority key identifier: 84:0F:D6:F7:E8:91:E3:80:4A:7D:B3:09:D0:4C:E8:5C:1A:F7:86:D1 Certificate issuer: /CN=A912C8AF/serialNumber=840FD6F7E891E3804A7DB309D04CE85C1AF786D1 Certificate serial: 5B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hA_W9-iR44BKfbMJ0EzoXBr3htE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912C8AF/197FF7A2B40911EF94E6745DC4F9AE02/hA_W9-iR44BKfbMJ0EzoXBr3htE.mft Manifest number: 5B Signing time: Sat 31 May 2025 19:39:28 +0000 Manifest this update: Sat 31 May 2025 19:39:28 +0000 Manifest next update: Sat 07 Jun 2025 19:39:28 +0000 Files and hashes: 1: hA_W9-iR44BKfbMJ0EzoXBr3htE.crl (hash: N1t+VBuaxFN8jbPXbCwmQeaN3cPNCdyMGPJ71GjTD2c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912C8AF/197FF7A2B40911EF94E6745DC4F9AE02/hA_W9-iR44BKfbMJ0EzoXBr3htE.crl rsync://rpki.apnic.net/member_repository/A912C8AF/197FF7A2B40911EF94E6745DC4F9AE02/hA_W9-iR44BKfbMJ0EzoXBr3htE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hA_W9-iR44BKfbMJ0EzoXBr3htE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 19:39:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 91 (0x5b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912C8AF, serialNumber=840FD6F7E891E3804A7DB309D04CE85C1AF786D1 Validity Not Before: May 31 19:39:28 2025 GMT Not After : Jun 7 19:39:28 2025 GMT Subject: CN=683b5af0-17ba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:2e:00:f4:3a:17:6c:b6:d2:f1:f2:15:2b:29: e7:7e:0f:30:68:22:df:3c:5f:86:8f:4b:ef:95:63: c5:91:b7:30:db:dd:2b:80:dd:52:3e:a0:ae:94:5c: bb:28:db:5d:4f:70:28:b5:57:b8:25:3e:50:21:2e: e4:76:e2:16:f6:39:63:0c:53:55:81:d9:c8:1c:57: 6f:8d:b8:6e:2e:20:b4:57:37:44:19:94:cf:dc:2e: f9:17:9b:20:76:f4:ab:64:22:ce:cb:d9:99:10:fd: 0f:20:98:b0:3a:a6:49:91:02:ba:3e:cb:bc:5d:98: f7:e1:6b:0d:45:e1:68:90:35:f6:7c:59:7c:3f:79: 03:e6:92:47:38:64:53:ea:09:72:d3:33:72:2c:ed: 29:42:12:c1:6e:8c:55:f6:3f:73:d8:ab:7d:4e:70: df:51:5f:37:29:e1:c6:da:e9:a2:3d:6c:04:ff:86: 47:09:e3:8d:ae:c7:81:13:44:36:4a:8e:7f:e4:84: dc:42:cd:42:8d:74:9b:70:45:a2:64:99:16:b0:2c: 6d:94:80:57:bd:0f:12:ed:59:89:be:d8:cd:2a:ea: 7b:ed:e9:b6:ea:36:0a:22:67:0a:05:eb:34:11:61: 0a:0f:96:14:a9:75:26:34:60:4d:d1:dc:8c:f1:c9: 0e:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:F0:21:BA:25:41:1C:BF:D8:22:1A:6E:92:EE:5B:A3:FA:79:C4:A6 X509v3 Authority Key Identifier: keyid:84:0F:D6:F7:E8:91:E3:80:4A:7D:B3:09:D0:4C:E8:5C:1A:F7:86:D1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912C8AF/197FF7A2B40911EF94E6745DC4F9AE02/hA_W9-iR44BKfbMJ0EzoXBr3htE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hA_W9-iR44BKfbMJ0EzoXBr3htE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912C8AF/197FF7A2B40911EF94E6745DC4F9AE02/hA_W9-iR44BKfbMJ0EzoXBr3htE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0f:f1:d8:c3:5e:15:63:7f:aa:7c:1b:4b:6d:34:92:c0:3e:cc: b5:74:ff:4f:b9:dd:77:6c:c9:ce:8c:f0:45:d5:16:93:8d:c3: a6:de:c1:df:5e:81:90:8a:af:1c:2a:fd:d8:9c:aa:01:6f:b2: 96:8d:9a:20:8a:ff:ef:be:93:82:6a:64:0b:84:54:41:ca:8e: 0d:94:5a:55:01:72:bb:d2:50:7e:42:77:ac:47:09:dc:f6:ee: e9:88:51:78:2b:43:79:f2:10:c9:34:18:98:2b:e2:80:59:a5: 24:3d:05:4b:33:8e:15:75:24:fd:5b:3d:da:b9:34:43:7d:0a: d0:bf:7e:57:9e:aa:c7:41:27:f7:39:5f:41:0e:f3:90:bc:ea: e1:0f:c3:4b:29:8a:af:14:24:a9:29:07:66:fb:9c:84:6d:62: 83:9b:70:07:2f:18:13:ef:a3:81:f3:59:f4:5a:b0:c1:39:af: bc:9e:fa:94:60:42:6b:e4:26:3e:36:ac:1d:b2:54:db:c5:92: bc:3b:ea:75:f6:e5:34:a9:02:bc:df:c7:8a:35:4c:96:f8:0a: ed:89:df:da:fd:bf:9c:ff:e6:cd:70:bf:f7:e5:18:41:0b:ac: b6:11:0f:9f:40:43:78:d9:f4:a4:eb:54:c5:49:53:6d:f3:5f: b6:86:3b:02 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBWzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy QzhBRjExMC8GA1UEBRMoODQwRkQ2RjdFODkxRTM4MDRBN0RCMzA5RDA0Q0U4NUMx QUY3ODZEMTAeFw0yNTA1MzExOTM5MjhaFw0yNTA2MDcxOTM5MjhaMBgxFjAUBgNV BAMTDTY4M2I1YWYwLTE3YmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCjLgD0OhdsttLx8hUrKed+DzBoIt88X4aPS++VY8WRtzDb3SuA3VI+oK6UXLso 211PcCi1V7glPlAhLuR24hb2OWMMU1WB2cgcV2+NuG4uILRXN0QZlM/cLvkXmyB2 9KtkIs7L2ZkQ/Q8gmLA6pkmRAro+y7xdmPfhaw1F4WiQNfZ8WXw/eQPmkkc4ZFPq CXLTM3Is7SlCEsFujFX2P3PYq31OcN9RXzcp4cba6aI9bAT/hkcJ442ux4ETRDZK jn/khNxCzUKNdJtwRaJkmRawLG2UgFe9DxLtWYm+2M0q6nvt6bbqNgoiZwoF6zQR YQoPlhSpdSY0YE3R3IzxyQ6rAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUKvAhuiVB HL/YIhpuku5bo/p5xKYwHwYDVR0jBBgwFoAUhA/W9+iR44BKfbMJ0EzoXBr3htEw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJDOEFGLzE5N0ZGN0EyQjQw OTExRUY5NEU2NzQ1REM0RjlBRTAyL2hBX1c5LWlSNDRCS2ZiTUowRXpvWEJyM2h0 RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvaEFfVzktaVI0NEJLZmJNSjBFem9YQnIzaHRFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJD OEFGLzE5N0ZGN0EyQjQwOTExRUY5NEU2NzQ1REM0RjlBRTAyL2hBX1c5LWlSNDRC S2ZiTUowRXpvWEJyM2h0RS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAA/x2MNeFWN/qnwbS200ksA+zLV0/0+53Xdsyc6M8EXVFpONw6bewd9e gZCKrxwq/dicqgFvspaNmiCK/+++k4JqZAuEVEHKjg2UWlUBcrvSUH5Cd6xHCdz2 7umIUXgrQ3nyEMk0GJgr4oBZpSQ9BUszjhV1JP1bPdq5NEN9CtC/fleeqsdBJ/c5 X0EO85C86uEPw0spiq8UJKkpB2b7nIRtYoObcAcvGBPvo4HzWfRasME5r7ye+pRg QmvkJj42rB2yVNvFkrw76nX25TSpArzfx4o1TJb4Cu2J39r9v5z/5s1wv/flGEEL rLYRD59AQ3jZ9KTrVMVJU23zX7aGOwI= -----END CERTIFICATE-----Generated at Mon Jun 2 21:45:47 2025 by rpki-client