$ rpki-client -vvf rpki.apnic.net/member_repository/A9117715/BC1C5F107CB811EAB0F6475DC4F9AE02/hhe5_iqn_uIl8uDS3IdkCYE33m0.mft File: hhe5_iqn_uIl8uDS3IdkCYE33m0.mft (raw, json) Hash identifier: 4WyNMmdMwlWO1WKjf9wv5oo7/oLtbkz7J4TQ3JTOoLc= Subject key identifier: 7D:90:16:60:94:43:22:CD:D7:B9:2E:9E:CD:6B:4F:E9:40:D8:9D:3E Authority key identifier: 86:17:B9:FE:2A:A7:FE:E2:25:F2:E0:D2:DC:87:64:09:81:37:DE:6D Certificate issuer: /CN=A9117715/serialNumber=8617B9FE2AA7FEE225F2E0D2DC8764098137DE6D Certificate serial: 0A03 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hhe5_iqn_uIl8uDS3IdkCYE33m0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9117715/BC1C5F107CB811EAB0F6475DC4F9AE02/hhe5_iqn_uIl8uDS3IdkCYE33m0.mft Manifest number: 09FC Signing time: Sat 02 Aug 2025 20:08:26 +0000 Manifest this update: Sat 02 Aug 2025 20:08:25 +0000 Manifest next update: Sat 09 Aug 2025 20:08:25 +0000 Files and hashes: 1: hhe5_iqn_uIl8uDS3IdkCYE33m0.crl (hash: W42WfIhOqM6+QnbEWYmX56pG4FPZCLowDCjwpj4fqhk=) 2: E118A9DA7CB911EABD07CE5EC4F9AE02.roa (hash: 3BzJCKxq6lxeVjXVlpYVRMXqU7zHik0ruN2Ba5iWxOQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9117715/BC1C5F107CB811EAB0F6475DC4F9AE02/hhe5_iqn_uIl8uDS3IdkCYE33m0.crl rsync://rpki.apnic.net/member_repository/A9117715/BC1C5F107CB811EAB0F6475DC4F9AE02/hhe5_iqn_uIl8uDS3IdkCYE33m0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hhe5_iqn_uIl8uDS3IdkCYE33m0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 09 Aug 2025 20:08:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2563 (0xa03) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9117715, serialNumber=8617B9FE2AA7FEE225F2E0D2DC8764098137DE6D Validity Not Before: Aug 2 20:08:25 2025 GMT Not After : Aug 9 20:08:25 2025 GMT Subject: CN=688e703a-05c3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:8a:16:31:2e:64:7a:87:f5:6d:57:4a:09:f6: 80:5f:17:fb:1e:be:20:b2:06:87:40:cc:a7:7d:5e: 7d:35:99:17:24:1f:77:af:5b:83:eb:ad:b6:25:b5: 35:99:37:00:5a:0d:26:e8:61:95:89:c2:1b:29:31: 44:02:4d:fc:f5:0d:98:c6:b1:bd:5a:6f:e4:c3:5f: 3c:de:e1:fb:56:e9:bd:50:33:74:fc:43:7c:ce:ad: 63:38:97:c6:0a:f8:65:2b:26:27:f9:4d:f1:75:23: 8a:12:e5:1b:75:be:96:f5:b1:68:ad:5c:c1:74:ee: 2c:38:a4:fb:9f:82:1e:23:f0:32:16:d9:f9:87:03: 84:e8:71:9b:18:4d:78:b1:9e:9f:1e:33:d9:f8:a1: 0f:1e:54:31:5e:36:b3:38:50:b1:f2:c0:c2:57:d2: b0:0e:63:29:86:4b:56:43:0c:e7:bf:82:00:54:b7: ef:83:13:1a:b3:cf:e6:d6:fc:28:24:7b:9f:67:69: 67:0e:c8:6a:97:ac:6e:46:c9:57:df:89:e6:72:f7: 74:bc:f6:79:18:3e:07:99:ad:93:d0:eb:fe:3a:18: 83:f6:8b:ea:c2:cb:43:cd:cc:b5:e9:cc:2b:ae:96: 1d:f8:90:96:76:6e:b3:fe:50:27:03:a9:85:f9:26: a9:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:90:16:60:94:43:22:CD:D7:B9:2E:9E:CD:6B:4F:E9:40:D8:9D:3E X509v3 Authority Key Identifier: keyid:86:17:B9:FE:2A:A7:FE:E2:25:F2:E0:D2:DC:87:64:09:81:37:DE:6D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9117715/BC1C5F107CB811EAB0F6475DC4F9AE02/hhe5_iqn_uIl8uDS3IdkCYE33m0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hhe5_iqn_uIl8uDS3IdkCYE33m0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9117715/BC1C5F107CB811EAB0F6475DC4F9AE02/hhe5_iqn_uIl8uDS3IdkCYE33m0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a6:59:85:5d:d9:5b:ca:37:3a:6c:dc:0b:48:b4:0f:52:f5:16: 67:e9:9b:f7:f8:8b:ca:10:fb:53:73:12:94:d0:2b:6d:a0:fd: ad:e5:6c:45:da:48:97:b0:d2:a2:30:38:ad:3f:70:a9:0f:86: b3:8f:24:04:56:9b:cc:af:34:5c:31:68:af:9a:c2:a1:20:d7: 6b:b1:33:f8:59:0e:b8:98:a3:eb:b2:df:b4:d7:9b:52:9f:c7: 82:f7:93:ac:8e:af:1a:e7:80:1b:ff:37:ef:0c:48:f5:fe:5b: 63:8a:e1:9c:a1:4b:d3:69:6a:ad:3a:a0:46:bd:09:da:33:bd: 29:fa:bc:2f:8b:b7:06:e1:b5:d6:ab:e8:09:75:4c:b5:e2:9a: 0b:7a:3e:00:43:38:66:14:3a:fc:cb:60:57:58:c1:6a:c6:4c: df:fc:18:23:ae:9b:4d:a4:a3:a6:71:ed:d9:8f:69:2c:36:e1: 4a:54:db:d7:a6:1e:c9:b6:31:13:9b:da:7c:31:a0:2d:10:79: 62:7e:69:ee:ef:e3:47:0f:2d:7b:3c:03:3d:d6:ef:32:ea:25: 2c:6f:9f:cf:86:e9:c1:75:ed:7e:51:8e:b8:ee:6e:c5:e4:a7: 6d:de:fd:e6:58:64:3d:a7:f0:f3:4f:7b:88:bd:9a:0b:06:a4: 45:75:b4:d8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCgMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTc3MTUxMTAvBgNVBAUTKDg2MTdCOUZFMkFBN0ZFRTIyNUYyRTBEMkRDODc2NDA5 ODEzN0RFNkQwHhcNMjUwODAyMjAwODI1WhcNMjUwODA5MjAwODI1WjAYMRYwFAYD VQQDEw02ODhlNzAzYS0wNWMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyooWMS5keof1bVdKCfaAXxf7Hr4gsgaHQMynfV59NZkXJB93r1uD6622JbU1 mTcAWg0m6GGVicIbKTFEAk389Q2YxrG9Wm/kw1883uH7Vum9UDN0/EN8zq1jOJfG CvhlKyYn+U3xdSOKEuUbdb6W9bForVzBdO4sOKT7n4IeI/AyFtn5hwOE6HGbGE14 sZ6fHjPZ+KEPHlQxXjazOFCx8sDCV9KwDmMphktWQwznv4IAVLfvgxMas8/m1vwo JHufZ2lnDshql6xuRslX34nmcvd0vPZ5GD4Hma2T0Ov+OhiD9ovqwstDzcy16cwr rpYd+JCWdm6z/lAnA6mF+SapowIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH2QFmCU QyLN17kuns1rT+lA2J0+MB8GA1UdIwQYMBaAFIYXuf4qp/7iJfLg0tyHZAmBN95t MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNzcxNS9CQzFDNUYxMDdD QjgxMUVBQjBGNjQ3NURDNEY5QUUwMi9oaGU1X2lxbl91SWw4dURTM0lka0NZRTMz bTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hoZTVfaXFuX3VJbDh1RFMzSWRrQ1lFMzNtMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx NzcxNS9CQzFDNUYxMDdDQjgxMUVBQjBGNjQ3NURDNEY5QUUwMi9oaGU1X2lxbl91 SWw4dURTM0lka0NZRTMzbTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCmWYVd2VvKNzps3AtItA9S9RZn6Zv3+IvKEPtTcxKU0CttoP2t5WxF 2kiXsNKiMDitP3CpD4azjyQEVpvMrzRcMWivmsKhINdrsTP4WQ64mKPrst+015tS n8eC95Osjq8a54Ab/zfvDEj1/ltjiuGcoUvTaWqtOqBGvQnaM70p+rwvi7cG4bXW q+gJdUy14poLej4AQzhmFDr8y2BXWMFqxkzf/BgjrptNpKOmce3Zj2ksNuFKVNvX ph7JtjETm9p8MaAtEHlifmnu7+NHDy17PAM91u8y6iUsb5/PhunBde1+UY647m7F 5Kdt3v3mWGQ9p/DzT3uIvZoLBqRFdbTY -----END CERTIFICATE-----Generated at Mon Aug 4 11:00:32 2025 by rpki-client