$ rpki-client -vvf rpki.apnic.net/member_repository/A912F17E/FCFF84661DA311E281EAAF9908B02CD2/Hz6LAdhBy-YiDQLSzRETVPGcR7I.mft File: Hz6LAdhBy-YiDQLSzRETVPGcR7I.mft (raw, json) Hash identifier: HEJz45LE5BZTbzeniVJfLJwxLM6A4GvJVeOne1aHUiM= Subject key identifier: 29:3C:15:DA:6D:C7:72:FD:99:B7:93:1B:E1:C5:81:9D:F1:C4:DE:9C Authority key identifier: 1F:3E:8B:01:D8:41:CB:E6:22:0D:02:D2:CD:11:13:54:F1:9C:47:B2 Certificate issuer: /CN=A912F17E/serialNumber=1F3E8B01D841CBE6220D02D2CD111354F19C47B2 Certificate serial: 348E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hz6LAdhBy-YiDQLSzRETVPGcR7I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912F17E/FCFF84661DA311E281EAAF9908B02CD2/Hz6LAdhBy-YiDQLSzRETVPGcR7I.mft Manifest number: 3487 Signing time: Sat 31 May 2025 15:08:37 +0000 Manifest this update: Sat 31 May 2025 15:08:36 +0000 Manifest next update: Sat 07 Jun 2025 15:08:36 +0000 Files and hashes: 1: Hz6LAdhBy-YiDQLSzRETVPGcR7I.crl (hash: Klz98GRPLa6ST6NlfBzHcmzFlIjOgNKEa++EjELV3dQ=) 2: FFCDED80FFE111EFB1C18E52C4F9AE02.roa (hash: mU82c9UsN7aMzC4DMeuqqygQy0O+yLmNqhxj9poHsyI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912F17E/FCFF84661DA311E281EAAF9908B02CD2/Hz6LAdhBy-YiDQLSzRETVPGcR7I.crl rsync://rpki.apnic.net/member_repository/A912F17E/FCFF84661DA311E281EAAF9908B02CD2/Hz6LAdhBy-YiDQLSzRETVPGcR7I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hz6LAdhBy-YiDQLSzRETVPGcR7I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 15:08:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13454 (0x348e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912F17E, serialNumber=1F3E8B01D841CBE6220D02D2CD111354F19C47B2 Validity Not Before: May 31 15:08:36 2025 GMT Not After : Jun 7 15:08:36 2025 GMT Subject: CN=683b1b75-b8c2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:8c:d7:4b:53:43:3d:2d:96:ee:86:ea:38:9a: dc:a7:a9:55:1d:d5:1b:53:36:ca:d3:8a:2f:b7:91: ca:b2:4a:21:74:f4:c1:96:a9:96:cf:bb:28:2d:1e: 25:39:77:35:7b:cf:be:14:05:35:b6:02:7d:2f:6a: a2:22:5c:02:e4:34:80:e9:d0:7b:a3:bd:a5:59:a6: d6:d6:d9:87:a1:ae:5c:11:47:31:61:ff:ac:31:4b: 0b:1e:4d:2d:a2:76:c9:16:31:0f:3b:db:76:6d:64: 1e:92:b3:58:1e:60:61:a8:7c:38:6f:3d:9b:16:3e: d7:13:da:59:f9:89:b5:0c:8f:be:ca:76:f9:73:ef: 54:8d:65:70:fb:06:65:6c:55:70:96:6c:38:03:65: a0:d7:c3:06:50:96:15:2f:77:2c:8d:85:b3:86:42: c2:05:6b:3c:e7:27:a8:e5:92:77:9e:da:17:03:7b: bb:48:4a:b5:8c:b0:19:58:22:2e:4c:24:c6:5a:6a: 60:ca:a6:40:a2:f8:98:53:54:8c:ef:e1:8a:ad:3e: 7b:46:25:a4:c6:ec:44:f9:7b:d8:39:9a:ab:b6:dd: 01:14:a5:94:e6:3c:29:0d:08:f6:1b:89:bd:15:b6: ab:c8:c6:30:39:37:f2:f6:03:c5:29:59:95:4b:f7: cf:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:3C:15:DA:6D:C7:72:FD:99:B7:93:1B:E1:C5:81:9D:F1:C4:DE:9C X509v3 Authority Key Identifier: keyid:1F:3E:8B:01:D8:41:CB:E6:22:0D:02:D2:CD:11:13:54:F1:9C:47:B2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912F17E/FCFF84661DA311E281EAAF9908B02CD2/Hz6LAdhBy-YiDQLSzRETVPGcR7I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hz6LAdhBy-YiDQLSzRETVPGcR7I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912F17E/FCFF84661DA311E281EAAF9908B02CD2/Hz6LAdhBy-YiDQLSzRETVPGcR7I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b3:03:fa:e7:cc:31:f7:d1:3e:eb:78:81:68:c7:a6:e2:f7:d5: f3:3c:24:1b:bc:2e:b8:db:14:fe:b6:98:f2:e2:08:1f:e4:51: de:56:9d:40:01:7b:3d:8d:f1:1b:b5:9f:25:ce:26:07:21:0e: 6f:eb:f9:b1:de:bb:7f:1f:a6:52:b4:77:48:a4:94:b6:6d:57: a8:fd:40:d7:ca:ea:21:4f:a7:7d:67:a0:ac:96:e4:24:5e:e3: 2c:3d:77:16:41:37:c5:19:57:9b:ea:0c:23:6f:c9:71:5e:3b: 4a:39:ab:9a:69:94:ee:3f:bf:ed:d1:6c:72:8e:46:a3:6a:32: ed:b0:4c:33:16:c9:d7:b6:dc:b4:9a:6c:e6:20:d8:d2:f0:20: 22:89:b9:d9:11:1c:14:59:87:f2:f6:cb:56:f2:e8:33:ec:5f: 56:76:7b:12:18:13:d2:44:9e:8b:83:57:bb:38:db:b1:97:5f: 47:f8:80:21:04:75:f8:07:7c:39:9f:eb:29:d8:1b:d6:b7:e3: 9d:ec:df:5c:0c:71:05:04:c8:76:71:cf:4b:93:20:33:3d:16: e3:33:16:e3:41:92:68:11:96:f7:e5:3a:f7:c3:2d:64:c5:0a: c1:16:c1:af:33:7f:f7:0b:2e:77:fc:01:75:99:0b:10:eb:b2: 3a:bd:05:29 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNI4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkYxN0UxMTAvBgNVBAUTKDFGM0U4QjAxRDg0MUNCRTYyMjBEMDJEMkNEMTExMzU0 RjE5QzQ3QjIwHhcNMjUwNTMxMTUwODM2WhcNMjUwNjA3MTUwODM2WjAYMRYwFAYD VQQDEw02ODNiMWI3NS1iOGMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxIzXS1NDPS2W7obqOJrcp6lVHdUbUzbK04ovt5HKskohdPTBlqmWz7soLR4l OXc1e8++FAU1tgJ9L2qiIlwC5DSA6dB7o72lWabW1tmHoa5cEUcxYf+sMUsLHk0t onbJFjEPO9t2bWQekrNYHmBhqHw4bz2bFj7XE9pZ+Ym1DI++ynb5c+9UjWVw+wZl bFVwlmw4A2Wg18MGUJYVL3csjYWzhkLCBWs85yeo5ZJ3ntoXA3u7SEq1jLAZWCIu TCTGWmpgyqZAoviYU1SM7+GKrT57RiWkxuxE+XvYOZqrtt0BFKWU5jwpDQj2G4m9 FbaryMYwOTfy9gPFKVmVS/fPnQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCk8Fdpt x3L9mbeTG+HFgZ3xxN6cMB8GA1UdIwQYMBaAFB8+iwHYQcvmIg0C0s0RE1TxnEey MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRjE3RS9GQ0ZGODQ2NjFE QTMxMUUyODFFQUFGOTkwOEIwMkNEMi9IejZMQWRoQnktWWlEUUxTelJFVFZQR2NS N0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0h6NkxBZGhCeS1ZaURRTFN6UkVUVlBHY1I3SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy RjE3RS9GQ0ZGODQ2NjFEQTMxMUUyODFFQUFGOTkwOEIwMkNEMi9IejZMQWRoQnkt WWlEUUxTelJFVFZQR2NSN0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCzA/rnzDH30T7reIFox6bi99XzPCQbvC642xT+tpjy4ggf5FHeVp1A AXs9jfEbtZ8lziYHIQ5v6/mx3rt/H6ZStHdIpJS2bVeo/UDXyuohT6d9Z6CsluQk XuMsPXcWQTfFGVeb6gwjb8lxXjtKOauaaZTuP7/t0WxyjkajajLtsEwzFsnXtty0 mmzmINjS8CAiibnZERwUWYfy9stW8ugz7F9WdnsSGBPSRJ6Lg1e7ONuxl19H+IAh BHX4B3w5n+sp2BvWt+Od7N9cDHEFBMh2cc9LkyAzPRbjMxbjQZJoEZb35Tr3wy1k xQrBFsGvM3/3Cy53/AF1mQsQ67I6vQUp -----END CERTIFICATE-----Generated at Sat May 31 17:07:35 2025 by rpki-client