$ rpki-client -vvf rpki.apnic.net/member_repository/A914D9C3/45CC82CC806911EF82C9773CC4F9AE02/HlwQfv0DzxPSFKOaaizo3a0wRw4.mft File: HlwQfv0DzxPSFKOaaizo3a0wRw4.mft (raw, json) Hash identifier: Y1OO1Kzuxvqxak9r71Ke7K6V2Iw7oOiqKYrofGNqwjM= Subject key identifier: CF:8C:FA:AA:4C:B3:2C:A8:B1:5B:C9:2D:6F:20:24:36:AC:DD:4D:23 Authority key identifier: 1E:5C:10:7E:FD:03:CF:13:D2:14:A3:9A:6A:2C:E8:DD:AD:30:47:0E Certificate issuer: /CN=A914D9C3/serialNumber=1E5C107EFD03CF13D214A39A6A2CE8DDAD30470E Certificate serial: A6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HlwQfv0DzxPSFKOaaizo3a0wRw4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914D9C3/45CC82CC806911EF82C9773CC4F9AE02/HlwQfv0DzxPSFKOaaizo3a0wRw4.mft Manifest number: A3 Signing time: Thu 07 Aug 2025 06:49:53 +0000 Manifest this update: Thu 07 Aug 2025 06:49:53 +0000 Manifest next update: Thu 14 Aug 2025 06:49:53 +0000 Files and hashes: 1: HlwQfv0DzxPSFKOaaizo3a0wRw4.crl (hash: BQ+XoZqWGYpoTBMza9jttLr2P3ez4xR0aLlQ2pPcvKU=) 2: F7B3707C806911EF8C30A03DC4F9AE02.roa (hash: 9WzRWZ39qEL+BS0hCUtMSeDhBI46JI/Ih27Az+Uy8VI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914D9C3/45CC82CC806911EF82C9773CC4F9AE02/HlwQfv0DzxPSFKOaaizo3a0wRw4.crl rsync://rpki.apnic.net/member_repository/A914D9C3/45CC82CC806911EF82C9773CC4F9AE02/HlwQfv0DzxPSFKOaaizo3a0wRw4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HlwQfv0DzxPSFKOaaizo3a0wRw4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 166 (0xa6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914D9C3, serialNumber=1E5C107EFD03CF13D214A39A6A2CE8DDAD30470E Validity Not Before: Aug 7 06:49:53 2025 GMT Not After : Aug 14 06:49:53 2025 GMT Subject: CN=68944c91-028d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:b0:4a:90:ed:2e:46:a4:98:db:f0:61:00:a8: b0:5d:40:8e:fc:a1:79:a0:f4:0e:54:8c:ec:c6:ce: 23:2b:05:dc:a5:18:e1:cb:83:f7:41:80:54:29:57: f0:ef:06:99:f8:c1:95:05:9a:e8:75:0c:a2:fd:2a: d3:54:db:c2:42:0b:a7:3b:01:ff:17:51:76:98:d0: 0a:a8:7a:fe:d9:18:35:0f:61:5f:b0:e0:1a:08:15: 45:dc:2e:95:8f:fd:e5:9d:12:40:20:08:23:b0:3c: 0d:14:c9:e5:a2:cb:93:e5:21:4d:b2:6b:7e:fd:e7: 0c:a2:12:6d:e3:b1:3b:f2:9f:c5:df:5f:b5:bf:08: 06:5a:1c:9b:bd:83:d6:0f:70:6c:c3:02:2f:df:3c: 61:18:a8:21:74:cc:3f:f9:e8:9f:f9:b2:e9:db:d8: 3a:b6:c9:3b:cb:1b:cc:62:a6:39:19:bc:df:ef:a2: 94:e0:6f:74:f0:2e:e5:37:e9:b1:3f:8d:43:84:bc: 40:38:0e:8d:f5:7b:99:cd:65:9d:f1:4c:ca:33:c4: 2e:62:3d:3c:75:9d:26:30:26:e5:fd:1a:11:01:d6: d3:7a:8d:1c:2b:d4:ab:68:93:27:94:ba:77:38:c1: cb:30:28:eb:29:e5:aa:26:27:66:3a:ac:4a:0b:1f: a5:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:8C:FA:AA:4C:B3:2C:A8:B1:5B:C9:2D:6F:20:24:36:AC:DD:4D:23 X509v3 Authority Key Identifier: keyid:1E:5C:10:7E:FD:03:CF:13:D2:14:A3:9A:6A:2C:E8:DD:AD:30:47:0E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914D9C3/45CC82CC806911EF82C9773CC4F9AE02/HlwQfv0DzxPSFKOaaizo3a0wRw4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HlwQfv0DzxPSFKOaaizo3a0wRw4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914D9C3/45CC82CC806911EF82C9773CC4F9AE02/HlwQfv0DzxPSFKOaaizo3a0wRw4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8f:96:55:5e:fd:f4:09:51:c1:b7:78:fe:76:9c:0b:a9:b6:b8: 6d:54:af:95:00:12:6c:01:da:87:60:91:de:fa:15:46:6a:7e: ba:3a:0e:93:75:b1:f9:ad:80:6e:db:65:0b:fd:7a:d0:3f:47: 8e:76:9a:c7:39:27:3d:8f:e3:6e:fa:82:4a:2c:43:10:cd:d6: b1:8b:c3:b2:6f:77:11:2e:89:de:a0:55:8f:5f:94:45:22:cf: 08:9d:0e:58:08:ac:07:0c:e4:61:32:95:4b:cb:e5:b3:99:18: b7:b6:dc:cb:83:ab:ca:e6:f1:d0:61:05:b3:df:1f:56:9d:8e: 07:a5:64:ea:5d:3b:60:c0:1f:65:42:ca:d6:27:c7:b3:44:25: 53:54:8b:49:13:bd:e8:f6:03:38:c1:02:01:ce:c8:af:df:53: d9:a0:a1:35:bf:8c:31:58:58:17:92:ca:52:52:bd:c0:28:a3: ce:c0:2e:84:3b:1e:6a:0c:ea:7d:a6:e4:b4:a5:3e:ad:f2:32: ea:b5:db:29:de:ca:d5:00:57:8c:93:31:ab:64:58:4b:e1:dd: 3e:05:ba:aa:5c:18:86:4f:b7:e0:80:a2:c2:e4:f2:b9:7f:b3: d3:5b:ec:75:26:12:68:94:15:79:54:af:16:22:02:97:e2:0d: f4:fc:0a:48 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEQ5QzMxMTAvBgNVBAUTKDFFNUMxMDdFRkQwM0NGMTNEMjE0QTM5QTZBMkNFOERE QUQzMDQ3MEUwHhcNMjUwODA3MDY0OTUzWhcNMjUwODE0MDY0OTUzWjAYMRYwFAYD VQQDEw02ODk0NGM5MS0wMjhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnrBKkO0uRqSY2/BhAKiwXUCO/KF5oPQOVIzsxs4jKwXcpRjhy4P3QYBUKVfw 7waZ+MGVBZrodQyi/SrTVNvCQgunOwH/F1F2mNAKqHr+2Rg1D2FfsOAaCBVF3C6V j/3lnRJAIAgjsDwNFMnlosuT5SFNsmt+/ecMohJt47E78p/F31+1vwgGWhybvYPW D3BswwIv3zxhGKghdMw/+eif+bLp29g6tsk7yxvMYqY5Gbzf76KU4G908C7lN+mx P41DhLxAOA6N9XuZzWWd8UzKM8QuYj08dZ0mMCbl/RoRAdbTeo0cK9SraJMnlLp3 OMHLMCjrKeWqJidmOqxKCx+lkQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFM+M+qpM syyosVvJLW8gJDas3U0jMB8GA1UdIwQYMBaAFB5cEH79A88T0hSjmmos6N2tMEcO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RDlDMy80NUNDODJDQzgw NjkxMUVGODJDOTc3M0NDNEY5QUUwMi9IbHdRZnYwRHp4UFNGS09hYWl6bzNhMHdS dzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hsd1FmdjBEenhQU0ZLT2FhaXpvM2Ewd1J3NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RDlDMy80NUNDODJDQzgwNjkxMUVGODJDOTc3M0NDNEY5QUUwMi9IbHdRZnYwRHp4 UFNGS09hYWl6bzNhMHdSdzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCPllVe/fQJUcG3eP52nAuptrhtVK+VABJsAdqHYJHe+hVGan66Og6T dbH5rYBu22UL/XrQP0eOdprHOSc9j+Nu+oJKLEMQzdaxi8Oyb3cRLoneoFWPX5RF Is8InQ5YCKwHDORhMpVLy+WzmRi3ttzLg6vK5vHQYQWz3x9WnY4HpWTqXTtgwB9l QsrWJ8ezRCVTVItJE73o9gM4wQIBzsiv31PZoKE1v4wxWFgXkspSUr3AKKPOwC6E Ox5qDOp9puS0pT6t8jLqtdsp3srVAFeMkzGrZFhL4d0+BbqqXBiGT7fggKLC5PK5 f7PTW+x1JhJolBV5VK8WIgKX4g30/ApI -----END CERTIFICATE-----Generated at Sat Aug 9 05:41:30 2025 by rpki-client