$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.mft File: hpBNLQLbigWb7ZOPL46u88Qgb9A.mft (raw, json) Hash identifier: QWvawvKhgj/Bh691d30f+mglwgWTa/9sTM7LN0PRmTY= Subject key identifier: 14:CF:52:15:EE:27:5E:C3:BC:07:1B:E9:7B:25:5A:05:E0:CA:F3:E7 Authority key identifier: 86:90:4D:2D:02:DB:8A:05:9B:ED:93:8F:2F:8E:AE:F3:C4:20:6F:D0 Certificate issuer: /CN=A91D4ACD/serialNumber=86904D2D02DB8A059BED938F2F8EAEF3C4206FD0 Certificate serial: 88 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hpBNLQLbigWb7ZOPL46u88Qgb9A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.mft Manifest number: 87 Signing time: Sun 01 Jun 2025 06:18:54 +0000 Manifest this update: Sun 01 Jun 2025 06:18:53 +0000 Manifest next update: Sun 08 Jun 2025 06:18:53 +0000 Files and hashes: 1: hpBNLQLbigWb7ZOPL46u88Qgb9A.crl (hash: OCldzMWm8HhqYyaltFQ05yjFBYWUxdnc3ic6spXOWu8=) 2: 388D7E38797D11EF8CA64711C4F9AE02.roa (hash: psVpSVTIe8+AZiKNpgFs07aLN6Bb1+TjrtoRE57p52A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.crl rsync://rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hpBNLQLbigWb7ZOPL46u88Qgb9A.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Jun 2025 06:18:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 136 (0x88) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D4ACD, serialNumber=86904D2D02DB8A059BED938F2F8EAEF3C4206FD0 Validity Not Before: Jun 1 06:18:53 2025 GMT Not After : Jun 8 06:18:53 2025 GMT Subject: CN=683bf0cd-2f4a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:7c:e5:88:ee:ae:70:16:9b:47:cc:8b:8a:39: 3a:04:27:1a:d8:51:69:bf:04:bf:d7:1b:0d:96:80: 17:59:60:17:a2:8e:12:eb:5f:a4:77:39:dc:74:de: ac:a4:8f:e1:bc:50:32:2f:0b:8a:90:34:df:c2:7a: 51:fd:1b:58:fc:a5:30:93:33:54:57:06:b3:90:b3: 1f:9c:1b:3c:3e:64:4e:9f:d2:1f:cf:de:15:20:de: 00:af:e7:64:73:7c:9f:66:fe:e7:05:d7:e9:44:6c: 65:f1:cb:ab:19:05:dc:c4:8d:b0:d1:ec:90:a7:a1: bf:44:22:6a:e1:19:b8:df:55:8d:d3:a4:c0:c5:d7: 83:70:ef:00:63:cd:e2:11:10:f7:b7:4f:09:aa:42: 61:5a:b3:42:ac:f8:06:63:70:1e:d7:f5:11:b7:ab: ac:39:3b:11:51:91:03:f8:7b:06:a4:ab:3c:02:47: 8f:a5:78:0d:57:a1:ac:f8:78:3e:9c:cf:20:64:f2: 1e:82:17:ef:de:cc:a2:cf:48:05:cf:7f:14:af:65: f4:a4:1d:87:a2:62:b2:51:dd:26:61:54:e5:2d:8d: 32:87:0c:35:5d:0e:3c:12:e7:fe:15:be:ca:3b:5d: 70:7b:29:d8:a7:b1:1f:80:6c:2d:4a:5c:9f:aa:b4: 1e:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:CF:52:15:EE:27:5E:C3:BC:07:1B:E9:7B:25:5A:05:E0:CA:F3:E7 X509v3 Authority Key Identifier: keyid:86:90:4D:2D:02:DB:8A:05:9B:ED:93:8F:2F:8E:AE:F3:C4:20:6F:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hpBNLQLbigWb7ZOPL46u88Qgb9A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption d3:3e:bb:24:66:60:99:e6:ee:55:4b:07:30:1c:8b:92:ce:9d: ac:f0:1a:4d:8b:c4:2d:9f:2c:37:47:23:55:cf:e3:fb:c5:31: d5:bb:46:49:28:22:15:a0:14:8f:40:bc:85:21:a8:64:95:43: cd:c5:b6:33:3b:40:b9:c9:7c:50:38:a1:07:b8:c7:17:94:21: 0c:bd:8d:47:f7:1c:9c:ec:9d:ea:63:44:e6:99:7d:89:ca:2d: 30:4c:05:06:9b:76:ec:e5:fc:4c:10:3c:4b:48:72:79:aa:da: e2:48:d7:90:d0:71:1d:dc:fb:d7:15:d5:f4:8b:1b:ca:a7:3c: af:0e:50:71:17:81:3d:40:21:69:c4:41:e1:87:d8:41:61:5d: 87:81:47:7a:1b:e7:8e:fc:2d:52:f7:85:a4:ed:ac:03:e2:79: 87:9d:fc:f0:ba:c9:52:c7:ec:60:ae:bf:73:07:d0:0c:f5:8c: 89:03:34:cf:56:7b:aa:7b:10:c8:40:3a:dc:83:b0:3e:0a:78: a6:ad:60:c7:4b:86:91:d8:00:83:c1:7e:02:b4:d5:bc:d9:3f: 60:dc:44:57:71:4d:c2:2b:a9:58:61:9a:fc:6e:e2:59:8e:3b: 59:25:06:0d:5b:3c:ef:62:d7:0b:13:59:d8:67:b5:e7:a0:75: c1:1d:58:5f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDRBQ0QxMTAvBgNVBAUTKDg2OTA0RDJEMDJEQjhBMDU5QkVEOTM4RjJGOEVBRUYz QzQyMDZGRDAwHhcNMjUwNjAxMDYxODUzWhcNMjUwNjA4MDYxODUzWjAYMRYwFAYD VQQDEw02ODNiZjBjZC0yZjRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy3zliO6ucBabR8yLijk6BCca2FFpvwS/1xsNloAXWWAXoo4S61+kdzncdN6s pI/hvFAyLwuKkDTfwnpR/RtY/KUwkzNUVwazkLMfnBs8PmROn9Ifz94VIN4Ar+dk c3yfZv7nBdfpRGxl8curGQXcxI2w0eyQp6G/RCJq4Rm431WN06TAxdeDcO8AY83i ERD3t08JqkJhWrNCrPgGY3Ae1/URt6usOTsRUZED+HsGpKs8AkePpXgNV6Gs+Hg+ nM8gZPIeghfv3syiz0gFz38Ur2X0pB2HomKyUd0mYVTlLY0yhww1XQ48Euf+Fb7K O11weynYp7EfgGwtSlyfqrQe2wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBTPUhXu J17DvAcb6XslWgXgyvPnMB8GA1UdIwQYMBaAFIaQTS0C24oFm+2Tjy+OrvPEIG/Q MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENEFDRC8xRjUzNTY5RTc1 NkUxMUVGOUNBNDZFNTFDNEY5QUUwMi9ocEJOTFFMYmlnV2I3Wk9QTDQ2dTg4UWdi OUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2hwQk5MUUxiaWdXYjdaT1BMNDZ1ODhRZ2I5QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NEFDRC8xRjUzNTY5RTc1NkUxMUVGOUNBNDZFNTFDNEY5QUUwMi9ocEJOTFFMYmln V2I3Wk9QTDQ2dTg4UWdiOUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDTPrskZmCZ5u5VSwcwHIuSzp2s8BpNi8Qtnyw3RyNVz+P7xTHVu0ZJ KCIVoBSPQLyFIahklUPNxbYzO0C5yXxQOKEHuMcXlCEMvY1H9xyc7J3qY0TmmX2J yi0wTAUGm3bs5fxMEDxLSHJ5qtriSNeQ0HEd3PvXFdX0ixvKpzyvDlBxF4E9QCFp xEHhh9hBYV2HgUd6G+eO/C1S94Wk7awD4nmHnfzwuslSx+xgrr9zB9AM9YyJAzTP VnuqexDIQDrcg7A+CnimrWDHS4aR2ACDwX4CtNW82T9g3ERXcU3CK6lYYZr8buJZ jjtZJQYNWzzvYtcLE1nYZ7XnoHXBHVhf -----END CERTIFICATE-----Generated at Mon Jun 2 18:49:09 2025 by rpki-client