$ rpki-client -vvf rpki.apnic.net/member_repository/A91973D2/DA839C94BFC811EBA5B3A67CC4F9AE02/hqs-vXxB5lbM7s21qFDHpLHiZ-M.mft File: hqs-vXxB5lbM7s21qFDHpLHiZ-M.mft (raw, json) Hash identifier: dD64i9g3c9mEvMHQx5VWJ++PE8o52nhhFXBFZSfTcJs= Subject key identifier: 47:B5:9F:74:13:E2:5C:B5:ED:67:15:1C:1B:C9:38:3A:54:11:0A:94 Authority key identifier: 86:AB:3E:BD:7C:41:E6:56:CC:EE:CD:B5:A8:50:C7:A4:B1:E2:67:E3 Certificate issuer: /CN=A91973D2/serialNumber=86AB3EBD7C41E656CCEECDB5A850C7A4B1E267E3 Certificate serial: 05CD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hqs-vXxB5lbM7s21qFDHpLHiZ-M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91973D2/DA839C94BFC811EBA5B3A67CC4F9AE02/hqs-vXxB5lbM7s21qFDHpLHiZ-M.mft Manifest number: 05C7 Signing time: Fri 30 May 2025 23:17:20 +0000 Manifest this update: Fri 30 May 2025 23:17:19 +0000 Manifest next update: Fri 06 Jun 2025 23:17:19 +0000 Files and hashes: 1: hqs-vXxB5lbM7s21qFDHpLHiZ-M.crl (hash: lNALEb+i2wPoRao0LyBtMD+1DSMNpK96iktsgPkQyFU=) 2: 6959BDA8C05B11EB9540776AC4F9AE02.roa (hash: 4SABNLVP141mmTSS6gzli1B5PVXlz3wNBkczMbOULL4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91973D2/DA839C94BFC811EBA5B3A67CC4F9AE02/hqs-vXxB5lbM7s21qFDHpLHiZ-M.crl rsync://rpki.apnic.net/member_repository/A91973D2/DA839C94BFC811EBA5B3A67CC4F9AE02/hqs-vXxB5lbM7s21qFDHpLHiZ-M.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hqs-vXxB5lbM7s21qFDHpLHiZ-M.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 23:17:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1485 (0x5cd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91973D2, serialNumber=86AB3EBD7C41E656CCEECDB5A850C7A4B1E267E3 Validity Not Before: May 30 23:17:19 2025 GMT Not After : Jun 6 23:17:19 2025 GMT Subject: CN=683a3c7f-379c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:71:01:ba:51:a0:2b:97:b3:63:d8:a1:11:c7: 23:f9:45:7d:43:53:30:f6:3a:0b:2a:25:a7:ab:76: 8a:e3:61:25:d7:4e:c2:fb:09:20:c3:70:70:fb:bf: ea:1c:d1:5b:d9:10:ed:4f:9c:1f:e4:03:61:da:ca: f9:f8:18:19:95:78:ef:7a:f1:a5:17:cc:46:96:f0: 09:03:6d:3a:1d:4b:eb:56:1c:d3:bc:e5:30:44:27: 0e:c0:ce:c4:4a:ab:68:b2:a0:b0:8c:dc:f7:68:4c: 00:49:c8:99:da:30:c3:f5:ee:92:a0:24:5c:04:99: 15:03:be:bf:24:c3:99:f1:cc:4c:b9:92:1b:b9:dc: a3:99:78:b7:dc:b6:d8:f8:b9:38:cd:91:12:22:90: c2:89:35:22:31:6e:02:5d:dc:31:76:99:ff:78:08: 25:8d:24:80:7f:fd:dd:a1:c1:30:62:c2:b0:18:fe: ce:24:23:7c:ce:36:5d:d9:33:6c:38:33:ae:c8:83: 30:cd:43:ac:15:72:84:3e:e3:50:54:ed:bf:b1:ed: cc:78:cc:e4:53:83:a5:bb:7e:f7:ba:f9:4d:45:8b: b7:20:2e:d0:69:bb:ba:45:a2:88:3a:89:3a:48:51: cf:9d:4b:f8:c4:c3:15:09:d7:5b:46:36:c6:0d:23: 15:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:B5:9F:74:13:E2:5C:B5:ED:67:15:1C:1B:C9:38:3A:54:11:0A:94 X509v3 Authority Key Identifier: keyid:86:AB:3E:BD:7C:41:E6:56:CC:EE:CD:B5:A8:50:C7:A4:B1:E2:67:E3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91973D2/DA839C94BFC811EBA5B3A67CC4F9AE02/hqs-vXxB5lbM7s21qFDHpLHiZ-M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hqs-vXxB5lbM7s21qFDHpLHiZ-M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91973D2/DA839C94BFC811EBA5B3A67CC4F9AE02/hqs-vXxB5lbM7s21qFDHpLHiZ-M.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 51:56:85:5d:f8:25:89:f1:94:1c:3a:48:77:1e:a7:cc:3f:a9: 3a:ba:82:ed:ba:e0:75:06:b2:f9:23:20:0a:fe:b9:c0:1c:04: 12:fd:6c:aa:1e:09:e1:14:0e:04:18:f9:4f:79:35:25:fb:ed: 85:12:af:12:0d:fe:86:a4:e1:17:0d:07:1c:61:c8:5a:0e:2b: 2a:2a:76:c5:1f:fc:ed:3c:ea:f4:1b:48:fe:99:65:66:6b:cf: ac:f1:41:4e:cf:c7:4b:bc:6e:f9:23:85:85:f2:68:89:af:6d: 9e:02:20:8d:14:0f:47:1f:1e:4a:f9:17:71:a0:8c:cf:d0:24: fe:08:3f:a6:83:0e:0b:62:c9:11:33:d2:46:b1:ad:a7:29:30: a6:43:e0:0f:29:fe:49:d3:9d:32:4c:6f:28:70:14:a7:3b:39: 26:b5:78:fb:c1:e7:2d:44:b2:c1:e9:63:e5:27:7e:21:0e:a9: 05:12:91:6c:16:fd:b8:36:21:b8:dc:88:2d:17:bd:60:e6:0b: f9:be:1c:ea:71:a0:76:ff:fa:9a:43:0c:5a:ef:0e:8b:cd:af: 0d:27:36:63:40:14:e1:67:72:1f:9d:a1:d4:43:ec:6a:13:ab: c0:b9:27:78:7e:97:60:92:92:0c:f5:7a:4c:22:d2:70:ad:7a: cc:95:c7:c6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBc0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTczRDIxMTAvBgNVBAUTKDg2QUIzRUJEN0M0MUU2NTZDQ0VFQ0RCNUE4NTBDN0E0 QjFFMjY3RTMwHhcNMjUwNTMwMjMxNzE5WhcNMjUwNjA2MjMxNzE5WjAYMRYwFAYD VQQDEw02ODNhM2M3Zi0zNzljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvnEBulGgK5ezY9ihEccj+UV9Q1Mw9joLKiWnq3aK42El107C+wkgw3Bw+7/q HNFb2RDtT5wf5ANh2sr5+BgZlXjvevGlF8xGlvAJA206HUvrVhzTvOUwRCcOwM7E SqtosqCwjNz3aEwASciZ2jDD9e6SoCRcBJkVA76/JMOZ8cxMuZIbudyjmXi33LbY +Lk4zZESIpDCiTUiMW4CXdwxdpn/eAgljSSAf/3docEwYsKwGP7OJCN8zjZd2TNs ODOuyIMwzUOsFXKEPuNQVO2/se3MeMzkU4Olu373uvlNRYu3IC7Qabu6RaKIOok6 SFHPnUv4xMMVCddbRjbGDSMVHwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEe1n3QT 4ly17WcVHBvJODpUEQqUMB8GA1UdIwQYMBaAFIarPr18QeZWzO7NtahQx6Sx4mfj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NzNEMi9EQTgzOUM5NEJG QzgxMUVCQTVCM0E2N0NDNEY5QUUwMi9ocXMtdlh4QjVsYk03czIxcUZESHBMSGla LU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hxcy12WHhCNWxiTTdzMjFxRkRIcExIaVotTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NzNEMi9EQTgzOUM5NEJGQzgxMUVCQTVCM0E2N0NDNEY5QUUwMi9ocXMtdlh4QjVs Yk03czIxcUZESHBMSGlaLU0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBRVoVd+CWJ8ZQcOkh3HqfMP6k6uoLtuuB1BrL5IyAK/rnAHAQS/Wyq HgnhFA4EGPlPeTUl++2FEq8SDf6GpOEXDQccYchaDisqKnbFH/ztPOr0G0j+mWVm a8+s8UFOz8dLvG75I4WF8miJr22eAiCNFA9HHx5K+RdxoIzP0CT+CD+mgw4LYskR M9JGsa2nKTCmQ+APKf5J050yTG8ocBSnOzkmtXj7wectRLLB6WPlJ34hDqkFEpFs Fv24NiG43IgtF71g5gv5vhzqcaB2//qaQwxa7w6Lza8NJzZjQBThZ3IfnaHUQ+xq E6vAuSd4fpdgkpIM9XpMItJwrXrMlcfG -----END CERTIFICATE-----Generated at Sat May 31 15:19:46 2025 by rpki-client