$ rpki-client -vvf rpki.apnic.net/member_repository/A9169A3F/9B2754F6A24F11EFB6B0FF49C4F9AE02/hqZPKtLd4rfZYk5pInrQmxd4xsE.mft File: hqZPKtLd4rfZYk5pInrQmxd4xsE.mft (raw, json) Hash identifier: P+H67OW47XWwNwX0D9eRBlVTbn52BK/fC46pu4/9cxU= Subject key identifier: 06:14:DD:AF:87:B7:40:AA:85:A3:F3:B2:19:43:01:A9:8E:78:A2:87 Authority key identifier: 86:A6:4F:2A:D2:DD:E2:B7:D9:62:4E:69:22:7A:D0:9B:17:78:C6:C1 Certificate issuer: /CN=A9169A3F/serialNumber=86A64F2AD2DDE2B7D9624E69227AD09B1778C6C1 Certificate serial: 68 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hqZPKtLd4rfZYk5pInrQmxd4xsE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9169A3F/9B2754F6A24F11EFB6B0FF49C4F9AE02/hqZPKtLd4rfZYk5pInrQmxd4xsE.mft Manifest number: 68 Signing time: Sun 01 Jun 2025 06:42:40 +0000 Manifest this update: Sun 01 Jun 2025 06:42:39 +0000 Manifest next update: Sun 08 Jun 2025 06:42:39 +0000 Files and hashes: 1: hqZPKtLd4rfZYk5pInrQmxd4xsE.crl (hash: 2OFRnXAJYr8Xil1ibakQFYA2B18IJc/S2fdSKPcrOjU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9169A3F/9B2754F6A24F11EFB6B0FF49C4F9AE02/hqZPKtLd4rfZYk5pInrQmxd4xsE.crl rsync://rpki.apnic.net/member_repository/A9169A3F/9B2754F6A24F11EFB6B0FF49C4F9AE02/hqZPKtLd4rfZYk5pInrQmxd4xsE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hqZPKtLd4rfZYk5pInrQmxd4xsE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Jun 2025 06:42:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 104 (0x68) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9169A3F, serialNumber=86A64F2AD2DDE2B7D9624E69227AD09B1778C6C1 Validity Not Before: Jun 1 06:42:39 2025 GMT Not After : Jun 8 06:42:39 2025 GMT Subject: CN=683bf660-df0b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:d4:b4:6d:d5:c0:b5:f4:b4:bb:6f:3d:02:10: cb:1b:85:be:3a:b8:a6:33:02:19:5b:1f:b3:d5:a1: f7:0b:50:0a:a3:2c:04:dd:ec:98:0e:bf:5f:53:ef: aa:10:15:1c:e8:99:28:5a:07:19:7a:d3:12:73:21: 84:67:47:2c:53:a5:58:bf:ce:17:3a:cf:be:e7:47: 76:69:1c:a0:d2:b2:09:15:b3:c5:6c:24:53:e3:e9: 5d:d4:bd:ea:97:a1:14:3d:e3:30:2e:b3:a6:f2:85: f4:7d:9a:36:16:bc:5f:d6:a0:14:1f:87:de:70:d9: 9a:ee:eb:dd:b8:50:33:cb:2d:d1:c7:9c:22:77:15: 9b:c5:07:7a:c7:d2:2f:a3:b1:de:65:7c:45:0c:85: db:95:1c:d7:2e:fe:f8:4f:b5:6d:df:4a:fd:05:db: 5f:06:01:57:0a:f6:b9:e5:ff:53:f0:31:46:c8:d0: b2:57:41:c4:7f:ba:40:1b:a3:41:79:30:74:3e:7e: b2:28:96:30:47:87:91:72:bc:74:1b:54:06:4c:e2: 88:f2:c1:d7:56:0b:5f:bd:9e:f0:af:fd:2b:bf:a0: 51:88:80:75:ab:fd:fc:2c:d7:70:7d:16:98:34:c1: af:73:62:dd:b4:06:be:b0:32:1b:41:0b:be:90:08: 6e:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:14:DD:AF:87:B7:40:AA:85:A3:F3:B2:19:43:01:A9:8E:78:A2:87 X509v3 Authority Key Identifier: keyid:86:A6:4F:2A:D2:DD:E2:B7:D9:62:4E:69:22:7A:D0:9B:17:78:C6:C1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9169A3F/9B2754F6A24F11EFB6B0FF49C4F9AE02/hqZPKtLd4rfZYk5pInrQmxd4xsE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hqZPKtLd4rfZYk5pInrQmxd4xsE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9169A3F/9B2754F6A24F11EFB6B0FF49C4F9AE02/hqZPKtLd4rfZYk5pInrQmxd4xsE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 05:28:01:33:91:38:64:06:96:2e:19:b9:ce:65:c7:92:47:82: 23:ae:fb:47:41:ad:b9:5f:02:55:f2:4a:08:13:f4:dc:24:a4: eb:dc:86:d8:73:e5:77:c1:ed:a1:1e:43:33:90:12:ad:66:4a: 18:ac:d4:68:33:12:ec:ee:f6:ee:60:21:c4:4a:62:e5:39:98: 95:17:b8:b7:4f:8d:d8:1b:14:3f:49:6a:83:81:ef:4c:bc:96: 94:5d:cf:68:c5:1c:33:44:34:8e:7d:d7:c3:00:cd:98:41:35: 3b:7b:ac:bc:af:45:8b:3f:65:f1:de:00:bf:88:a1:9a:55:6b: 79:b2:53:80:81:df:18:72:65:db:0d:5b:44:c3:cf:44:1e:69: 61:00:a3:ed:4d:05:ea:89:93:a1:1f:53:b3:c0:fd:92:68:1b: 22:f7:8e:5c:b7:3e:5d:7f:3b:5b:3f:50:63:80:b6:aa:e2:f0: b3:c5:95:1a:8b:e6:fd:aa:7d:17:59:bb:47:69:a2:de:23:00: 5f:61:f1:82:dd:00:79:f7:df:ee:a7:86:ec:eb:bb:40:bc:e8: c9:02:b7:64:ca:d7:b6:17:29:37:3e:c1:fd:a8:a8:4e:05:7e: 77:0d:b1:4c:75:d3:ef:60:26:27:1b:15:5e:36:97:28:aa:bf: 72:ef:7e:45 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBaDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 OUEzRjExMC8GA1UEBRMoODZBNjRGMkFEMkRERTJCN0Q5NjI0RTY5MjI3QUQwOUIx Nzc4QzZDMTAeFw0yNTA2MDEwNjQyMzlaFw0yNTA2MDgwNjQyMzlaMBgxFjAUBgNV BAMTDTY4M2JmNjYwLWRmMGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC71LRt1cC19LS7bz0CEMsbhb46uKYzAhlbH7PVofcLUAqjLATd7JgOv19T76oQ FRzomShaBxl60xJzIYRnRyxTpVi/zhc6z77nR3ZpHKDSsgkVs8VsJFPj6V3UveqX oRQ94zAus6byhfR9mjYWvF/WoBQfh95w2Zru6924UDPLLdHHnCJ3FZvFB3rH0i+j sd5lfEUMhduVHNcu/vhPtW3fSv0F218GAVcK9rnl/1PwMUbI0LJXQcR/ukAbo0F5 MHQ+frIoljBHh5FyvHQbVAZM4ojywddWC1+9nvCv/Su/oFGIgHWr/fws13B9Fpg0 wa9zYt20Br6wMhtBC76QCG7FAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUBhTdr4e3 QKqFo/OyGUMBqY54oocwHwYDVR0jBBgwFoAUhqZPKtLd4rfZYk5pInrQmxd4xsEw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY5QTNGLzlCMjc1NEY2QTI0 RjExRUZCNkIwRkY0OUM0RjlBRTAyL2hxWlBLdExkNHJmWllrNXBJbnJRbXhkNHhz RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvaHFaUEt0TGQ0cmZaWWs1cEluclFteGQ0eHNFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY5 QTNGLzlCMjc1NEY2QTI0RjExRUZCNkIwRkY0OUM0RjlBRTAyL2hxWlBLdExkNHJm WllrNXBJbnJRbXhkNHhzRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAAUoATOROGQGli4Zuc5lx5JHgiOu+0dBrblfAlXySggT9NwkpOvchthz 5XfB7aEeQzOQEq1mShis1GgzEuzu9u5gIcRKYuU5mJUXuLdPjdgbFD9JaoOB70y8 lpRdz2jFHDNENI5918MAzZhBNTt7rLyvRYs/ZfHeAL+IoZpVa3myU4CB3xhyZdsN W0TDz0QeaWEAo+1NBeqJk6EfU7PA/ZJoGyL3jly3Pl1/O1s/UGOAtqri8LPFlRqL 5v2qfRdZu0dpot4jAF9h8YLdAHn33+6nhuzru0C86MkCt2TK17YXKTc+wf2oqE4F fncNsUx10+9gJicbFV42lyiqv3LvfkU= -----END CERTIFICATE-----Generated at Mon Jun 2 19:58:16 2025 by rpki-client