$ rpki-client -vvf rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.mft File: HfNLnj96ONdYmO1LBfntTEAEzrw.mft (raw, json) Hash identifier: maFHm3ODo0i5scki2i8kQStjFVUz6+GSXqiIO/wQpZc= Subject key identifier: 8A:02:DB:44:7C:07:A2:D0:38:A9:E5:E1:F2:47:7F:37:76:B2:E2:40 Authority key identifier: 1D:F3:4B:9E:3F:7A:38:D7:58:98:ED:4B:05:F9:ED:4C:40:04:CE:BC Certificate issuer: /CN=A91F6227/serialNumber=1DF34B9E3F7A38D75898ED4B05F9ED4C4004CEBC Certificate serial: 09F7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HfNLnj96ONdYmO1LBfntTEAEzrw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.mft Manifest number: 09ED Signing time: Fri 30 May 2025 20:05:07 +0000 Manifest this update: Fri 30 May 2025 20:05:07 +0000 Manifest next update: Fri 06 Jun 2025 20:05:07 +0000 Files and hashes: 1: HfNLnj96ONdYmO1LBfntTEAEzrw.crl (hash: skT5U9uJbSKMjlxG/k70KzYLJgE4HIZBChsrlN9qGOs=) 2: A23D5DE87A6911EA930EB439C4F9AE02.roa (hash: pkQyF6/gfOZsdS2FZ7pXb1wwkEQgEQkFPici094hylM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.crl rsync://rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HfNLnj96ONdYmO1LBfntTEAEzrw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 20:05:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2551 (0x9f7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F6227, serialNumber=1DF34B9E3F7A38D75898ED4B05F9ED4C4004CEBC Validity Not Before: May 30 20:05:07 2025 GMT Not After : Jun 6 20:05:07 2025 GMT Subject: CN=683a0f73-7985 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:f7:fc:e7:97:83:c1:d5:c8:59:9a:62:70:1a: d1:47:2d:5e:27:1c:3e:0e:f4:f9:1c:e1:d8:63:fb: c6:33:2e:af:2c:93:fc:bc:dd:e3:aa:47:e2:b3:b8: 33:a0:5d:f3:44:ee:e9:5b:ec:45:0c:de:33:db:09: 12:d6:aa:d0:a9:f8:e2:5a:21:66:98:44:a4:79:2e: 53:d3:c9:0f:dd:24:bf:55:4c:e8:93:fd:bf:2e:e0: d4:cd:7b:30:af:5f:66:ae:98:b4:3d:eb:68:6b:3f: 19:f8:60:6e:b4:b4:c3:96:a2:12:70:8c:90:9f:9f: 1c:2d:d5:7d:aa:62:d9:52:71:72:54:cf:02:a4:6f: 2b:c3:62:d6:6c:03:2c:67:10:ef:0f:c3:ca:1c:fc: da:51:cb:47:14:91:ee:43:12:21:37:52:a9:82:ac: 5c:e9:32:b1:28:b7:18:f4:39:c0:3b:78:af:43:df: 59:c9:5e:af:90:4c:32:bb:cd:1a:31:27:74:64:14: 2d:20:e5:c5:da:5e:a2:07:f5:3a:ea:17:db:17:5d: 81:fb:b8:17:7d:81:8f:eb:7f:28:8f:3a:97:02:25: 75:d8:d9:05:94:a0:84:56:ec:5d:ff:b6:c2:97:b1: ce:34:55:e0:b6:d6:63:c4:83:75:91:a5:38:2c:4b: 63:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:02:DB:44:7C:07:A2:D0:38:A9:E5:E1:F2:47:7F:37:76:B2:E2:40 X509v3 Authority Key Identifier: keyid:1D:F3:4B:9E:3F:7A:38:D7:58:98:ED:4B:05:F9:ED:4C:40:04:CE:BC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HfNLnj96ONdYmO1LBfntTEAEzrw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3b:a4:68:9b:22:e1:f1:0b:77:cc:ba:ef:6b:f0:b6:4b:37:e0: bc:c3:e3:37:93:17:a4:fe:56:f5:a5:52:4f:d1:77:13:43:0e: 9f:2e:ac:d8:83:fd:81:ab:04:39:3d:c4:16:92:1e:92:ac:8b: a1:b7:4c:5c:96:a0:2a:b2:e0:88:c8:12:c6:e5:6e:6e:55:0c: 49:c1:c4:54:8d:ce:2b:d9:a3:ed:41:78:7c:07:89:df:b3:b6: ef:da:c8:97:86:c1:44:ee:ba:64:5e:7c:90:95:00:b0:8a:d5: 05:56:eb:d4:38:91:2c:0d:d6:df:8a:54:bd:72:cb:40:22:29: d7:45:6c:40:02:0d:c1:26:a0:12:3b:3b:b5:00:2a:08:75:0b: 0c:f9:97:2d:0c:ec:38:14:c7:7f:83:d1:fb:f5:6e:dc:2f:37: 34:d1:06:95:b8:e4:72:b4:86:17:68:e1:8b:17:48:c1:73:e9: 0b:de:50:f9:3a:0d:41:01:32:0a:17:6f:46:a5:c2:dd:68:6d: 90:13:64:24:50:c5:5f:63:ab:91:4e:c4:39:3e:a7:8a:ca:84: 4e:59:de:eb:18:0f:63:eb:11:a0:a5:34:cc:16:38:79:bf:d3: b1:20:bb:2d:b2:ed:1f:b1:fa:7d:0c:bd:8b:06:e6:02:2d:5c: 7c:b6:c3:56 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCfcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjYyMjcxMTAvBgNVBAUTKDFERjM0QjlFM0Y3QTM4RDc1ODk4RUQ0QjA1RjlFRDRD NDAwNENFQkMwHhcNMjUwNTMwMjAwNTA3WhcNMjUwNjA2MjAwNTA3WjAYMRYwFAYD VQQDEw02ODNhMGY3My03OTg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtvf855eDwdXIWZpicBrRRy1eJxw+DvT5HOHYY/vGMy6vLJP8vN3jqkfis7gz oF3zRO7pW+xFDN4z2wkS1qrQqfjiWiFmmESkeS5T08kP3SS/VUzok/2/LuDUzXsw r19mrpi0Petoaz8Z+GButLTDlqIScIyQn58cLdV9qmLZUnFyVM8CpG8rw2LWbAMs ZxDvD8PKHPzaUctHFJHuQxIhN1Kpgqxc6TKxKLcY9DnAO3ivQ99ZyV6vkEwyu80a MSd0ZBQtIOXF2l6iB/U66hfbF12B+7gXfYGP638ojzqXAiV12NkFlKCEVuxd/7bC l7HONFXgttZjxIN1kaU4LEtjpwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIoC20R8 B6LQOKnl4fJHfzd2suJAMB8GA1UdIwQYMBaAFB3zS54/ejjXWJjtSwX57UxABM68 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjIyNy8wRDcyOEEwQTdB M0YxMUVBOEUzRDgwMzVDNEY5QUUwMi9IZk5Mbmo5Nk9OZFltTzFMQmZudFRFQUV6 cncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hmTkxuajk2T05kWW1PMUxCZm50VEVBRXpydy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NjIyNy8wRDcyOEEwQTdBM0YxMUVBOEUzRDgwMzVDNEY5QUUwMi9IZk5Mbmo5Nk9O ZFltTzFMQmZudFRFQUV6cncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA7pGibIuHxC3fMuu9r8LZLN+C8w+M3kxek/lb1pVJP0XcTQw6fLqzY g/2BqwQ5PcQWkh6SrIuht0xclqAqsuCIyBLG5W5uVQxJwcRUjc4r2aPtQXh8B4nf s7bv2siXhsFE7rpkXnyQlQCwitUFVuvUOJEsDdbfilS9cstAIinXRWxAAg3BJqAS Ozu1ACoIdQsM+ZctDOw4FMd/g9H79W7cLzc00QaVuORytIYXaOGLF0jBc+kL3lD5 Og1BATIKF29GpcLdaG2QE2QkUMVfY6uRTsQ5PqeKyoROWd7rGA9j6xGgpTTMFjh5 v9OxILstsu0fsfp9DL2LBuYCLVx8tsNW -----END CERTIFICATE-----Generated at Sat May 31 17:57:44 2025 by rpki-client