$ rpki-client -vvf rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.mft File: hfK68bffHaqMiKtsXnjB_MP3jQg.mft (raw, json) Hash identifier: DIeclUAXC2KrSrC+cBuqZMQnOKTJipDGPJVImylc8/M= Subject key identifier: 1F:AF:D3:BF:D9:2C:7D:FC:06:5B:66:1A:20:6E:58:4D:4D:C6:3D:31 Authority key identifier: 85:F2:BA:F1:B7:DF:1D:AA:8C:88:AB:6C:5E:78:C1:FC:C3:F7:8D:08 Certificate issuer: /CN=A91342C5/serialNumber=85F2BAF1B7DF1DAA8C88AB6C5E78C1FCC3F78D08 Certificate serial: 03CA Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hfK68bffHaqMiKtsXnjB_MP3jQg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.mft Manifest number: 03BA Signing time: Thu 07 Aug 2025 01:21:11 +0000 Manifest this update: Thu 07 Aug 2025 01:21:10 +0000 Manifest next update: Thu 14 Aug 2025 01:21:10 +0000 Files and hashes: 1: hfK68bffHaqMiKtsXnjB_MP3jQg.crl (hash: a1FKj3tVy0DDHpYWDjstqsZm8tNUnBF/bJPLOuzTG+g=) 2: A7FBA00E778811EDAE39280CC4F9AE02.roa (hash: A66Rcwdstkb/5EinIJWrWOuekP0qJLH5hk4F7NZimSw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.crl rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hfK68bffHaqMiKtsXnjB_MP3jQg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 01:21:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 970 (0x3ca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91342C5, serialNumber=85F2BAF1B7DF1DAA8C88AB6C5E78C1FCC3F78D08 Validity Not Before: Aug 7 01:21:10 2025 GMT Not After : Aug 14 01:21:10 2025 GMT Subject: CN=6893ff86-02af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:ec:d3:3f:ad:f0:86:3f:a6:10:ec:ad:fd:5c: 8c:a7:0a:da:2c:98:25:e5:78:e3:3e:76:c2:a4:1a: 44:e7:ef:3c:0a:70:71:65:3d:36:9a:ff:81:22:a2: 59:b0:f8:e5:41:66:c2:fe:b8:8a:91:1f:79:a1:7b: 6c:21:bc:56:e7:3e:80:4b:9b:4b:33:1d:67:fe:b5: f5:07:6f:2d:79:57:01:bb:d1:38:c5:ad:61:6a:9c: 01:32:49:e8:87:a3:84:ef:7d:5d:ad:8d:2a:e8:a8: fd:e6:b0:a5:74:e5:5b:0e:77:62:4a:66:82:fb:fa: ce:f1:a3:9b:c8:f1:1d:e5:88:9d:1c:f8:2d:21:fc: fd:a4:a9:4e:f2:93:cd:9c:d7:1d:ae:60:c5:70:4e: e8:10:c8:1e:ee:d2:dc:d2:ea:d1:0d:31:e7:c2:10: d4:bb:2c:90:1c:91:8f:c7:ff:0b:02:45:75:96:ab: 3a:85:d9:1f:b6:f7:e4:a9:93:88:10:0b:65:12:18: 2e:38:7a:26:51:8e:b5:48:bc:fc:02:db:7e:91:f3: 93:c1:96:65:f2:9e:79:fc:fe:57:fb:3a:98:76:f5: 27:36:82:20:28:e6:08:58:cb:ab:d6:e7:8f:88:a5: c4:cd:cd:b3:5e:43:62:fb:89:15:10:3b:d0:da:5c: 86:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:AF:D3:BF:D9:2C:7D:FC:06:5B:66:1A:20:6E:58:4D:4D:C6:3D:31 X509v3 Authority Key Identifier: keyid:85:F2:BA:F1:B7:DF:1D:AA:8C:88:AB:6C:5E:78:C1:FC:C3:F7:8D:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hfK68bffHaqMiKtsXnjB_MP3jQg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 93:b7:71:9b:11:cc:db:2c:7d:ac:c6:27:a1:3c:a0:9f:c2:b8: ab:c5:bf:93:21:36:e7:5c:aa:c6:96:55:0c:d1:12:04:4a:ed: 0e:5a:86:e8:3c:2c:f3:10:c3:9c:f8:23:cb:ab:c9:fc:b9:8c: c4:3e:bf:79:96:42:82:70:a2:f7:7e:5d:4a:f3:12:0e:e4:27: f2:2b:f0:54:38:b4:9f:05:0d:5b:08:59:de:30:de:b1:46:d3: 7f:e5:1b:84:ad:5f:d0:75:f3:0e:a2:60:4e:f3:6f:1b:96:1a: c5:36:c4:10:89:f2:e1:25:83:73:c3:c8:93:b1:77:b3:bf:b2: 54:6a:19:94:30:53:05:a2:44:65:88:21:22:e5:f1:0e:93:f1: 74:89:b5:22:d4:82:79:10:da:8e:27:99:84:46:14:cf:86:a7: 86:5a:15:51:a2:4f:52:79:fa:b6:47:dd:7a:45:de:b1:06:8f: f1:93:86:a0:d6:56:de:8c:11:d9:2e:7a:1a:c4:9e:5b:1a:5d: 30:99:12:e3:df:eb:06:99:c4:24:b6:86:19:0c:09:da:fb:4d: e5:4b:ea:54:84:93:de:7a:08:b6:84:9e:d4:7e:26:d5:b3:2d: c4:f3:26:12:f1:e9:f4:3b:25:d0:5d:8b:d8:da:b0:f7:5c:d8: ee:ad:aa:1c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA8owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzQyQzUxMTAvBgNVBAUTKDg1RjJCQUYxQjdERjFEQUE4Qzg4QUI2QzVFNzhDMUZD QzNGNzhEMDgwHhcNMjUwODA3MDEyMTEwWhcNMjUwODE0MDEyMTEwWjAYMRYwFAYD VQQDEw02ODkzZmY4Ni0wMmFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyezTP63whj+mEOyt/VyMpwraLJgl5XjjPnbCpBpE5+88CnBxZT02mv+BIqJZ sPjlQWbC/riKkR95oXtsIbxW5z6AS5tLMx1n/rX1B28teVcBu9E4xa1hapwBMkno h6OE731drY0q6Kj95rCldOVbDndiSmaC+/rO8aObyPEd5YidHPgtIfz9pKlO8pPN nNcdrmDFcE7oEMge7tLc0urRDTHnwhDUuyyQHJGPx/8LAkV1lqs6hdkftvfkqZOI EAtlEhguOHomUY61SLz8Att+kfOTwZZl8p55/P5X+zqYdvUnNoIgKOYIWMur1ueP iKXEzc2zXkNi+4kVEDvQ2lyGFQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB+v07/Z LH38BltmGiBuWE1Nxj0xMB8GA1UdIwQYMBaAFIXyuvG33x2qjIirbF54wfzD940I MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNDJDNS8xRjQwNEUzMEE0 RTkxMUVDQUYzRkIxNTJDNEY5QUUwMi9oZks2OGJmZkhhcU1pS3RzWG5qQl9NUDNq UWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2hmSzY4YmZmSGFxTWlLdHNYbmpCX01QM2pRZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NDJDNS8xRjQwNEUzMEE0RTkxMUVDQUYzRkIxNTJDNEY5QUUwMi9oZks2OGJmZkhh cU1pS3RzWG5qQl9NUDNqUWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCTt3GbEczbLH2sxiehPKCfwrirxb+TITbnXKrGllUM0RIESu0OWobo PCzzEMOc+CPLq8n8uYzEPr95lkKCcKL3fl1K8xIO5CfyK/BUOLSfBQ1bCFneMN6x RtN/5RuErV/QdfMOomBO828blhrFNsQQifLhJYNzw8iTsXezv7JUahmUMFMFokRl iCEi5fEOk/F0ibUi1IJ5ENqOJ5mERhTPhqeGWhVRok9Sefq2R916Rd6xBo/xk4ag 1lbejBHZLnoaxJ5bGl0wmRLj3+sGmcQktoYZDAna+03lS+pUhJPeegi2hJ7UfibV sy3E8yYS8en0OyXQXYvY2rD3XNjuraoc -----END CERTIFICATE-----Generated at Fri Aug 8 20:40:09 2025 by rpki-client