$ rpki-client -vvf rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.mft File: hfK68bffHaqMiKtsXnjB_MP3jQg.mft (raw, json) Hash identifier: g5IJBJOxixPIJoYMyANQ2VXJuqtK9S9JNB/MDj9ve04= Subject key identifier: E4:97:D8:7C:D1:AB:35:D4:F6:4E:78:2D:BC:C6:65:42:2D:38:BC:B7 Authority key identifier: 85:F2:BA:F1:B7:DF:1D:AA:8C:88:AB:6C:5E:78:C1:FC:C3:F7:8D:08 Certificate issuer: /CN=A91342C5/serialNumber=85F2BAF1B7DF1DAA8C88AB6C5E78C1FCC3F78D08 Certificate serial: 03A9 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hfK68bffHaqMiKtsXnjB_MP3jQg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.mft Manifest number: 0399 Signing time: Tue 03 Jun 2025 01:06:31 +0000 Manifest this update: Tue 03 Jun 2025 01:06:31 +0000 Manifest next update: Tue 10 Jun 2025 01:06:31 +0000 Files and hashes: 1: hfK68bffHaqMiKtsXnjB_MP3jQg.crl (hash: HUBdNYpIXTqrfBp991AsLXSADCD0tItP8V+SnC7btGs=) 2: A7FBA00E778811EDAE39280CC4F9AE02.roa (hash: A66Rcwdstkb/5EinIJWrWOuekP0qJLH5hk4F7NZimSw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.crl rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hfK68bffHaqMiKtsXnjB_MP3jQg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 10 Jun 2025 01:06:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 937 (0x3a9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91342C5, serialNumber=85F2BAF1B7DF1DAA8C88AB6C5E78C1FCC3F78D08 Validity Not Before: Jun 3 01:06:31 2025 GMT Not After : Jun 10 01:06:31 2025 GMT Subject: CN=683e4a97-139c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:ee:a0:b2:7d:8b:d1:5d:c5:48:12:58:a1:2d: 2e:1e:40:2c:13:b9:7e:ce:2d:5f:e1:dc:80:c3:8e: ee:45:a2:23:a8:8d:36:dd:07:4c:38:cc:26:0e:49: cd:c9:59:df:cf:53:bc:d5:26:96:8b:95:86:d6:64: 9d:fa:31:58:54:b2:3e:90:47:18:8b:73:27:07:c4: a7:6d:5f:f0:2e:76:f2:19:89:00:4b:b0:9a:72:45: dc:b8:2c:a4:31:29:27:e9:18:c2:6b:e6:7e:8a:1f: cc:1a:18:55:b5:cd:66:94:c6:aa:8a:1e:a6:3b:ea: e2:c1:9e:4c:ec:ba:4a:19:d7:7e:a0:c5:7e:2b:83: 9d:9e:7d:ae:a9:e0:d8:f2:1e:70:70:e6:b1:e5:be: f2:7c:ec:a4:a2:10:90:fa:0f:3e:1d:65:01:b7:52: 89:33:2e:02:17:aa:44:a0:e2:82:14:b4:8b:e1:00: bf:53:c3:a4:83:8a:a6:f5:8b:d7:16:51:53:e8:e2: 26:51:5a:c1:e9:03:e6:8d:5c:3e:d8:77:29:71:28: 01:4d:15:1b:48:26:42:40:b8:e5:64:15:05:5d:ea: f8:ba:38:63:6f:6f:97:cd:50:b0:f0:41:1f:cf:ac: f9:ed:94:c3:c0:13:30:2d:ab:62:50:aa:0d:5a:43: 38:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:97:D8:7C:D1:AB:35:D4:F6:4E:78:2D:BC:C6:65:42:2D:38:BC:B7 X509v3 Authority Key Identifier: keyid:85:F2:BA:F1:B7:DF:1D:AA:8C:88:AB:6C:5E:78:C1:FC:C3:F7:8D:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hfK68bffHaqMiKtsXnjB_MP3jQg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 91:d3:a2:c8:50:ee:aa:28:6c:4d:0b:17:92:f0:33:89:89:dc: 5a:9d:ef:22:16:2e:b9:35:65:60:f6:53:0e:5b:58:b4:80:cd: be:47:5e:45:f1:b8:f0:09:eb:e7:59:03:8f:a1:34:de:6d:9f: 8f:a2:67:a0:ae:f9:ec:f1:6e:e7:31:8a:fc:d5:f4:e4:46:68: 52:d3:1e:e5:a3:07:0a:28:56:2c:a7:18:a5:af:ba:ef:02:8d: 23:af:7c:9a:b7:05:39:8d:3a:18:e9:c4:92:74:b4:3e:b0:89: c3:6a:b4:0a:74:02:dc:60:31:cf:70:5c:7e:48:20:7f:9b:bf: 8f:a0:e0:8c:27:5d:d5:0a:99:96:8c:d4:1f:1a:4a:e6:6f:28: 05:80:b4:6b:3b:aa:e6:c0:28:c9:79:bd:b8:62:53:c9:2b:90: bb:a4:8d:4f:67:cc:f4:11:17:64:59:fe:5e:b5:78:06:dd:17: 19:fe:51:d4:ce:9a:e9:99:ce:f7:21:12:cf:e2:1f:e2:f4:b5: 8e:22:d7:d0:53:3b:04:20:9b:3e:f1:5e:ff:0a:bc:00:46:c9: 19:92:6c:e7:9f:a0:14:8e:5b:a0:5f:e0:17:b1:72:94:b0:f1: ea:c6:d2:af:3f:0a:ac:ac:5d:98:c8:78:0b:17:90:4a:4e:06: dd:5a:a1:f0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA6kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzQyQzUxMTAvBgNVBAUTKDg1RjJCQUYxQjdERjFEQUE4Qzg4QUI2QzVFNzhDMUZD QzNGNzhEMDgwHhcNMjUwNjAzMDEwNjMxWhcNMjUwNjEwMDEwNjMxWjAYMRYwFAYD VQQDEw02ODNlNGE5Ny0xMzljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz+6gsn2L0V3FSBJYoS0uHkAsE7l+zi1f4dyAw47uRaIjqI023QdMOMwmDknN yVnfz1O81SaWi5WG1mSd+jFYVLI+kEcYi3MnB8SnbV/wLnbyGYkAS7CackXcuCyk MSkn6RjCa+Z+ih/MGhhVtc1mlMaqih6mO+riwZ5M7LpKGdd+oMV+K4Odnn2uqeDY 8h5wcOax5b7yfOykohCQ+g8+HWUBt1KJMy4CF6pEoOKCFLSL4QC/U8Okg4qm9YvX FlFT6OImUVrB6QPmjVw+2HcpcSgBTRUbSCZCQLjlZBUFXer4ujhjb2+XzVCw8EEf z6z57ZTDwBMwLatiUKoNWkM4wQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOSX2HzR qzXU9k54LbzGZUItOLy3MB8GA1UdIwQYMBaAFIXyuvG33x2qjIirbF54wfzD940I MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNDJDNS8xRjQwNEUzMEE0 RTkxMUVDQUYzRkIxNTJDNEY5QUUwMi9oZks2OGJmZkhhcU1pS3RzWG5qQl9NUDNq UWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2hmSzY4YmZmSGFxTWlLdHNYbmpCX01QM2pRZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NDJDNS8xRjQwNEUzMEE0RTkxMUVDQUYzRkIxNTJDNEY5QUUwMi9oZks2OGJmZkhh cU1pS3RzWG5qQl9NUDNqUWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCR06LIUO6qKGxNCxeS8DOJidxane8iFi65NWVg9lMOW1i0gM2+R15F 8bjwCevnWQOPoTTebZ+Pomegrvns8W7nMYr81fTkRmhS0x7lowcKKFYspxilr7rv Ao0jr3yatwU5jToY6cSSdLQ+sInDarQKdALcYDHPcFx+SCB/m7+PoOCMJ13VCpmW jNQfGkrmbygFgLRrO6rmwCjJeb24YlPJK5C7pI1PZ8z0ERdkWf5etXgG3RcZ/lHU zprpmc73IRLP4h/i9LWOItfQUzsEIJs+8V7/CrwARskZkmznn6AUjlugX+AXsXKU sPHqxtKvPwqsrF2YyHgLF5BKTgbdWqHw -----END CERTIFICATE-----Generated at Tue Jun 3 23:49:21 2025 by rpki-client