$ rpki-client -vvf rpki.apnic.net/member_repository/A911954F/591A3220914A11EE942CC871C4F9AE02/hf--WNwc9_kcLTgTTiC27wssOl8.mft File: hf--WNwc9_kcLTgTTiC27wssOl8.mft (raw, json) Hash identifier: PPthUbw2RONyJpN+IpBrnTxP1amEu0juanN/J/yrJL0= Subject key identifier: C5:9E:BA:A0:C2:9A:C2:9A:38:75:45:ED:5C:F9:B6:BB:D1:55:12:6E Authority key identifier: 85:FF:BE:58:DC:1C:F7:F9:1C:2D:38:13:4E:20:B6:EF:0B:2C:3A:5F Certificate issuer: /CN=A911954F/serialNumber=85FFBE58DC1CF7F91C2D38134E20B6EF0B2C3A5F Certificate serial: D8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hf--WNwc9_kcLTgTTiC27wssOl8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911954F/591A3220914A11EE942CC871C4F9AE02/hf--WNwc9_kcLTgTTiC27wssOl8.mft Manifest number: 021C Signing time: Thu 07 Aug 2025 04:55:01 +0000 Manifest this update: Thu 07 Aug 2025 04:55:00 +0000 Manifest next update: Thu 14 Aug 2025 04:55:00 +0000 Files and hashes: 1: hf--WNwc9_kcLTgTTiC27wssOl8.crl (hash: 2tOJQVMSVlnfCVO10kjPihfqH6YtuNXksbx7UkRYmX4=) 2: 6BCEC330344311EFB7DD0D34C4F9AE02.roa (hash: V5GXfj7MVmj/bsrh8ZK5BOMK+sTslcHA1M5O9HLWM8M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911954F/591A3220914A11EE942CC871C4F9AE02/hf--WNwc9_kcLTgTTiC27wssOl8.crl rsync://rpki.apnic.net/member_repository/A911954F/591A3220914A11EE942CC871C4F9AE02/hf--WNwc9_kcLTgTTiC27wssOl8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hf--WNwc9_kcLTgTTiC27wssOl8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 04:54:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 216 (0xd8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911954F, serialNumber=85FFBE58DC1CF7F91C2D38134E20B6EF0B2C3A5F Validity Not Before: Aug 7 04:55:00 2025 GMT Not After : Aug 14 04:55:00 2025 GMT Subject: CN=689431a4-5cba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:13:6b:88:20:a3:67:6f:ce:ce:0c:4a:74:49: 3b:5f:d2:1d:5e:6a:de:c9:fd:70:90:c0:04:32:39: 0a:18:ce:b4:9e:7c:3f:57:ea:14:87:72:63:89:54: 96:ac:8c:77:03:ed:a4:8d:d9:14:42:49:d8:98:04: 9f:c6:1e:f1:ce:1c:17:4b:69:77:e9:ee:c6:51:44: 68:3a:f8:16:3f:28:21:09:fc:6c:55:fe:88:30:b8: ea:fb:52:f0:9b:f3:82:c2:6d:1c:a6:8b:8e:2a:f5: 53:dd:28:0b:7f:df:c0:2a:14:a5:9e:48:82:04:d2: 67:de:6b:88:92:41:5b:ee:53:57:87:02:d0:33:02: 27:dd:de:81:07:7d:0e:3b:2d:a1:38:ec:50:46:4e: 90:e8:6b:84:e2:07:7c:71:d5:b7:9b:6f:fe:fb:47: 19:6e:ef:f4:40:e8:92:f8:92:22:1f:1e:d4:f3:c2: 37:80:61:33:74:96:ed:17:d9:25:19:2b:95:29:90: 51:1e:50:65:38:68:98:97:60:5d:21:e1:86:db:5e: 6d:32:8e:b0:55:ff:ef:fc:cc:56:ba:50:52:71:90: a4:4d:6b:71:5b:78:4b:f1:2f:43:88:8f:91:31:63: ce:30:ce:90:c8:0b:96:1b:52:99:22:3a:7a:84:d9: 74:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:9E:BA:A0:C2:9A:C2:9A:38:75:45:ED:5C:F9:B6:BB:D1:55:12:6E X509v3 Authority Key Identifier: keyid:85:FF:BE:58:DC:1C:F7:F9:1C:2D:38:13:4E:20:B6:EF:0B:2C:3A:5F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911954F/591A3220914A11EE942CC871C4F9AE02/hf--WNwc9_kcLTgTTiC27wssOl8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hf--WNwc9_kcLTgTTiC27wssOl8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911954F/591A3220914A11EE942CC871C4F9AE02/hf--WNwc9_kcLTgTTiC27wssOl8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 87:c0:a0:0f:80:30:85:76:bc:ff:42:84:0c:2d:1e:ee:7a:31: 8d:e0:41:46:25:cb:cd:35:65:ab:e8:87:fa:30:e9:f2:be:06: 23:33:8f:78:ca:aa:ad:cb:aa:f0:a8:46:88:61:58:49:17:b8: 8d:53:30:b3:ed:5f:97:ff:d4:ec:a6:40:0d:c2:41:73:ac:04: 7d:8b:fb:4f:70:e1:20:fc:c0:6b:5d:b1:6d:c6:2e:8a:12:0b: f8:08:6e:53:8d:b1:86:c7:0f:01:c8:60:60:57:d0:a1:45:89: 32:85:05:a2:03:6c:a6:2d:8c:b7:c3:10:b7:03:7f:75:14:c6: 2f:7c:1a:98:f6:b3:49:52:f4:2e:03:a5:54:0b:ea:32:dd:5a: 6f:24:5c:a8:0a:97:ed:bf:3d:6e:3d:eb:cf:2f:f6:05:37:f4: 6c:d7:bf:4d:30:98:61:62:e7:cf:71:4a:a3:ed:5c:f6:6f:81: 6f:61:32:80:e5:2a:dd:3f:16:f3:9e:e9:64:c6:13:37:bb:98: e4:33:a5:04:60:e6:84:2a:1f:69:69:0d:9e:89:b3:7f:8b:b0: aa:34:ff:8d:4f:f5:0b:8d:62:ec:7b:e7:d9:94:50:e0:a3:50: 21:bb:77:ae:48:de:c3:c6:30:29:34:23:fa:d1:aa:f6:b4:0d: e3:6d:be:d9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTk1NEYxMTAvBgNVBAUTKDg1RkZCRTU4REMxQ0Y3RjkxQzJEMzgxMzRFMjBCNkVG MEIyQzNBNUYwHhcNMjUwODA3MDQ1NTAwWhcNMjUwODE0MDQ1NTAwWjAYMRYwFAYD VQQDEw02ODk0MzFhNC01Y2JhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuhNriCCjZ2/OzgxKdEk7X9IdXmreyf1wkMAEMjkKGM60nnw/V+oUh3JjiVSW rIx3A+2kjdkUQknYmASfxh7xzhwXS2l36e7GUURoOvgWPyghCfxsVf6IMLjq+1Lw m/OCwm0cpouOKvVT3SgLf9/AKhSlnkiCBNJn3muIkkFb7lNXhwLQMwIn3d6BB30O Oy2hOOxQRk6Q6GuE4gd8cdW3m2/++0cZbu/0QOiS+JIiHx7U88I3gGEzdJbtF9kl GSuVKZBRHlBlOGiYl2BdIeGG215tMo6wVf/v/MxWulBScZCkTWtxW3hL8S9DiI+R MWPOMM6QyAuWG1KZIjp6hNl0EQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMWeuqDC msKaOHVF7Vz5trvRVRJuMB8GA1UdIwQYMBaAFIX/vljcHPf5HC04E04gtu8LLDpf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOTU0Ri81OTFBMzIyMDkx NEExMUVFOTQyQ0M4NzFDNEY5QUUwMi9oZi0tV053Yzlfa2NMVGdUVGlDMjd3c3NP bDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hmLS1XTndjOV9rY0xUZ1RUaUMyN3dzc09sOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx OTU0Ri81OTFBMzIyMDkxNEExMUVFOTQyQ0M4NzFDNEY5QUUwMi9oZi0tV053Yzlf a2NMVGdUVGlDMjd3c3NPbDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCHwKAPgDCFdrz/QoQMLR7uejGN4EFGJcvNNWWr6If6MOnyvgYjM494 yqqty6rwqEaIYVhJF7iNUzCz7V+X/9TspkANwkFzrAR9i/tPcOEg/MBrXbFtxi6K Egv4CG5TjbGGxw8ByGBgV9ChRYkyhQWiA2ymLYy3wxC3A391FMYvfBqY9rNJUvQu A6VUC+oy3VpvJFyoCpftvz1uPevPL/YFN/Rs179NMJhhYufPcUqj7Vz2b4FvYTKA 5SrdPxbznulkxhM3u5jkM6UEYOaEKh9paQ2eibN/i7CqNP+NT/ULjWLse+fZlFDg o1Ahu3euSN7DxjApNCP60ar2tA3jbb7Z -----END CERTIFICATE-----Generated at Sat Aug 9 02:46:30 2025 by rpki-client