$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6825/1AA90FB69ABC11EB900A164CC4F9AE02/hxSXyIUOQWJXlcT42UXHs9BBbB8.mft File: hxSXyIUOQWJXlcT42UXHs9BBbB8.mft (raw, json) Hash identifier: PRCN69Dt2NYMUCKsAWzqm3EtEXsr94DozjlKJvmVhGc= Subject key identifier: C6:44:F9:87:A9:25:84:AA:2D:8B:D5:18:1B:70:B6:39:B3:DD:07:E8 Authority key identifier: 87:14:97:C8:85:0E:41:62:57:95:C4:F8:D9:45:C7:B3:D0:41:6C:1F Certificate issuer: /CN=A91C6825/serialNumber=871497C8850E41625795C4F8D945C7B3D0416C1F Certificate serial: 062E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hxSXyIUOQWJXlcT42UXHs9BBbB8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C6825/1AA90FB69ABC11EB900A164CC4F9AE02/hxSXyIUOQWJXlcT42UXHs9BBbB8.mft Manifest number: 0628 Signing time: Wed 04 Jun 2025 22:36:26 +0000 Manifest this update: Wed 04 Jun 2025 22:36:25 +0000 Manifest next update: Wed 11 Jun 2025 22:36:25 +0000 Files and hashes: 1: hxSXyIUOQWJXlcT42UXHs9BBbB8.crl (hash: rZV+WC7l0L6lAkrHTRNbl6HPh4PUD7Jjd9V6NlxDXw4=) 2: 925B815E9ABE11EBA445A74FC4F9AE02.roa (hash: tc+HUzngZ7VVMdvUKEWM7ZZWawGnaExqZ4p3l2kRuv4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C6825/1AA90FB69ABC11EB900A164CC4F9AE02/hxSXyIUOQWJXlcT42UXHs9BBbB8.crl rsync://rpki.apnic.net/member_repository/A91C6825/1AA90FB69ABC11EB900A164CC4F9AE02/hxSXyIUOQWJXlcT42UXHs9BBbB8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hxSXyIUOQWJXlcT42UXHs9BBbB8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 11 Jun 2025 22:36:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1582 (0x62e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C6825, serialNumber=871497C8850E41625795C4F8D945C7B3D0416C1F Validity Not Before: Jun 4 22:36:25 2025 GMT Not After : Jun 11 22:36:25 2025 GMT Subject: CN=6840ca6a-7737 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:d1:e2:b0:14:59:76:76:da:f6:93:f2:c8:de: 1f:93:ee:88:92:cf:19:61:ff:e0:63:4c:08:7c:41: 1e:b5:ca:4e:9d:b7:01:81:c0:fa:9e:d8:4c:6b:2f: 14:6f:f9:44:67:ab:a3:66:6d:e0:1e:cb:90:38:52: 6b:12:89:1b:ca:ab:a7:88:ec:6b:02:37:0a:9f:18: de:bb:47:2f:a7:3a:99:ac:0e:e0:23:91:b1:b2:99: c4:7d:f0:da:50:6b:11:73:b1:b4:9a:3c:21:ac:8d: 7b:34:6f:5b:bc:94:cc:22:35:21:6e:15:bf:37:90: 04:c7:6f:3b:6b:7e:44:c1:7b:d2:9f:49:6e:ad:12: 6f:b7:c8:ce:08:d6:6f:dc:09:d5:14:28:84:11:88: 2d:44:aa:ee:12:ed:67:6f:46:ea:93:40:ee:94:b8: 3a:e9:d6:ca:cf:fe:37:61:fb:48:9e:5f:8b:11:e4: c0:0e:03:a4:0e:25:a7:9a:7f:9c:9c:02:a1:86:e1: 5d:25:a2:b9:55:ea:48:c9:35:a5:08:25:c8:5b:24: 53:b3:22:0f:11:76:ab:20:5e:9b:f4:dd:88:ee:fa: 85:4f:1e:b2:68:5d:c2:09:62:e0:50:2d:38:a5:4b: 10:6c:4e:61:ce:b8:15:54:44:ce:b2:22:36:0a:83: ef:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:44:F9:87:A9:25:84:AA:2D:8B:D5:18:1B:70:B6:39:B3:DD:07:E8 X509v3 Authority Key Identifier: keyid:87:14:97:C8:85:0E:41:62:57:95:C4:F8:D9:45:C7:B3:D0:41:6C:1F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C6825/1AA90FB69ABC11EB900A164CC4F9AE02/hxSXyIUOQWJXlcT42UXHs9BBbB8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hxSXyIUOQWJXlcT42UXHs9BBbB8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6825/1AA90FB69ABC11EB900A164CC4F9AE02/hxSXyIUOQWJXlcT42UXHs9BBbB8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 90:68:37:0d:60:18:8c:49:4c:da:86:67:43:42:2b:46:f7:cf: ef:60:d4:20:06:de:44:6b:60:f6:1b:94:4d:38:ae:80:d4:9e: 19:e0:c7:c1:ba:89:b8:85:e9:78:6a:96:15:1a:1e:b8:ff:ff: c3:c2:c3:e9:6e:a9:fb:a5:27:95:94:84:df:53:24:a3:f9:66: 79:2c:7c:5e:79:84:60:d9:0e:d5:48:b0:7d:09:d4:8b:83:d6: 0e:95:68:4c:56:3e:95:98:0b:00:01:f2:76:6d:86:7d:7c:9c: 59:23:95:7e:d0:f4:a7:fd:f2:a6:09:6e:3d:2a:7f:e4:cd:24: d8:19:8e:61:1a:56:c6:81:97:3a:83:00:5f:12:71:41:26:ac: d1:78:1d:61:db:0c:30:51:4c:68:b9:00:65:16:53:0e:91:29: 55:50:4d:f3:b4:47:36:a6:dc:59:02:35:aa:e1:c5:de:94:ca: d8:b9:f4:24:ea:19:a9:0b:a0:05:48:78:07:1b:c5:cc:24:8a: f8:9d:7d:f9:19:53:ae:bc:59:44:5f:2b:02:a2:d6:31:ec:13: b8:10:47:8d:e2:4a:e5:43:48:e6:e9:bd:2f:94:de:be:dc:be: bf:a1:14:49:09:9d:03:0f:12:73:d4:04:b0:e0:85:47:4a:06: c1:72:b0:95 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBi4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzY4MjUxMTAvBgNVBAUTKDg3MTQ5N0M4ODUwRTQxNjI1Nzk1QzRGOEQ5NDVDN0Iz RDA0MTZDMUYwHhcNMjUwNjA0MjIzNjI1WhcNMjUwNjExMjIzNjI1WjAYMRYwFAYD VQQDEw02ODQwY2E2YS03NzM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxtHisBRZdnba9pPyyN4fk+6Iks8ZYf/gY0wIfEEetcpOnbcBgcD6nthMay8U b/lEZ6ujZm3gHsuQOFJrEokbyquniOxrAjcKnxjeu0cvpzqZrA7gI5GxspnEffDa UGsRc7G0mjwhrI17NG9bvJTMIjUhbhW/N5AEx287a35EwXvSn0lurRJvt8jOCNZv 3AnVFCiEEYgtRKruEu1nb0bqk0DulLg66dbKz/43YftInl+LEeTADgOkDiWnmn+c nAKhhuFdJaK5VepIyTWlCCXIWyRTsyIPEXarIF6b9N2I7vqFTx6yaF3CCWLgUC04 pUsQbE5hzrgVVETOsiI2CoPvjwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMZE+Yep JYSqLYvVGBtwtjmz3QfoMB8GA1UdIwQYMBaAFIcUl8iFDkFiV5XE+NlFx7PQQWwf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNjgyNS8xQUE5MEZCNjlB QkMxMUVCOTAwQTE2NENDNEY5QUUwMi9oeFNYeUlVT1FXSlhsY1Q0MlVYSHM5QkJi QjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2h4U1h5SVVPUVdKWGxjVDQyVVhIczlCQmJCOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NjgyNS8xQUE5MEZCNjlBQkMxMUVCOTAwQTE2NENDNEY5QUUwMi9oeFNYeUlVT1FX SlhsY1Q0MlVYSHM5QkJiQjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCQaDcNYBiMSUzahmdDQitG98/vYNQgBt5Ea2D2G5RNOK6A1J4Z4MfB uom4hel4apYVGh64///DwsPpbqn7pSeVlITfUySj+WZ5LHxeeYRg2Q7VSLB9CdSL g9YOlWhMVj6VmAsAAfJ2bYZ9fJxZI5V+0PSn/fKmCW49Kn/kzSTYGY5hGlbGgZc6 gwBfEnFBJqzReB1h2wwwUUxouQBlFlMOkSlVUE3ztEc2ptxZAjWq4cXelMrYufQk 6hmpC6AFSHgHG8XMJIr4nX35GVOuvFlEXysCotYx7BO4EEeN4krlQ0jm6b0vlN6+ 3L6/oRRJCZ0DDxJz1ASw4IVHSgbBcrCV -----END CERTIFICATE-----Generated at Thu Jun 5 19:54:19 2025 by rpki-client