$ rpki-client -vvf rpki.apnic.net/member_repository/A918A35C/52FC6B98261811EABFEDE113C4F9AE02/h4uGhpX8RcnGO2-8VMyzUJxLn0s.mft File: h4uGhpX8RcnGO2-8VMyzUJxLn0s.mft (raw, json) Hash identifier: 9rM1JfGat5monSeHKBNNWjVYQMYUrm2+zEIl1+lEUCw= Subject key identifier: 8D:66:6D:D8:1E:A0:94:44:97:F8:6A:CE:99:BF:1C:77:0C:33:5A:33 Authority key identifier: 87:8B:86:86:95:FC:45:C9:C6:3B:6F:BC:54:CC:B3:50:9C:4B:9F:4B Certificate issuer: /CN=A918A35C/serialNumber=878B868695FC45C9C63B6FBC54CCB3509C4B9F4B Certificate serial: 0BC1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h4uGhpX8RcnGO2-8VMyzUJxLn0s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918A35C/52FC6B98261811EABFEDE113C4F9AE02/h4uGhpX8RcnGO2-8VMyzUJxLn0s.mft Manifest number: 0BBA Signing time: Mon 04 Aug 2025 19:09:47 +0000 Manifest this update: Mon 04 Aug 2025 19:09:47 +0000 Manifest next update: Mon 11 Aug 2025 19:09:47 +0000 Files and hashes: 1: h4uGhpX8RcnGO2-8VMyzUJxLn0s.crl (hash: mc7HB9vdvb66m3ZTGTKbNyHgCUZph0t0PAMg3Ab+8rc=) 2: 0D22F748261A11EA83CE8D17C4F9AE02.roa (hash: dTqPYAZ0fYSqCYvtzmzk6vV87y7uZ4+mAQSsb1JNqeI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918A35C/52FC6B98261811EABFEDE113C4F9AE02/h4uGhpX8RcnGO2-8VMyzUJxLn0s.crl rsync://rpki.apnic.net/member_repository/A918A35C/52FC6B98261811EABFEDE113C4F9AE02/h4uGhpX8RcnGO2-8VMyzUJxLn0s.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h4uGhpX8RcnGO2-8VMyzUJxLn0s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 Aug 2025 19:09:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3009 (0xbc1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918A35C, serialNumber=878B868695FC45C9C63B6FBC54CCB3509C4B9F4B Validity Not Before: Aug 4 19:09:47 2025 GMT Not After : Aug 11 19:09:47 2025 GMT Subject: CN=6891057b-ef0c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:d3:13:6c:6b:60:eb:ec:77:d0:e5:88:90:cd: 5e:63:d9:f4:83:02:9f:02:6d:40:88:db:65:47:2f: a4:02:a5:d6:3e:69:74:28:0c:24:10:47:66:24:96: 22:57:dc:29:02:e3:94:27:63:1a:0e:7b:da:fe:89: 08:3d:35:31:b6:fe:66:0c:17:b9:b9:ae:83:40:5a: 11:73:ef:c9:27:9d:a3:0a:03:35:67:06:eb:96:90: 4d:bb:c7:87:48:f0:0f:cc:35:0d:d2:88:9c:b8:b1: da:45:2d:ec:b3:f0:d9:d5:c3:bd:9c:cc:8c:6d:65: ee:52:f1:1b:7d:df:09:8c:5f:97:a4:cc:15:d6:6c: 2e:56:f5:0a:77:2c:46:7b:06:fc:75:59:fe:48:5d: 15:84:42:e4:48:81:2f:e7:c9:06:64:ef:37:06:d0: 99:46:26:a6:18:9c:75:00:a2:73:41:c6:11:76:66: 58:3e:34:70:3c:f7:f4:6c:12:38:c7:71:cc:81:8f: 0a:73:40:c7:0e:9e:6e:b7:87:f5:48:11:18:c2:1d: 7c:ae:60:61:59:a1:5a:90:8e:bd:38:0c:6a:eb:ca: b3:6c:e1:e6:51:ce:52:c3:45:51:e9:96:7d:06:4c: ed:f1:ef:d0:25:c5:4d:b8:3a:d7:45:fa:9d:2d:80: 6c:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:66:6D:D8:1E:A0:94:44:97:F8:6A:CE:99:BF:1C:77:0C:33:5A:33 X509v3 Authority Key Identifier: keyid:87:8B:86:86:95:FC:45:C9:C6:3B:6F:BC:54:CC:B3:50:9C:4B:9F:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918A35C/52FC6B98261811EABFEDE113C4F9AE02/h4uGhpX8RcnGO2-8VMyzUJxLn0s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h4uGhpX8RcnGO2-8VMyzUJxLn0s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918A35C/52FC6B98261811EABFEDE113C4F9AE02/h4uGhpX8RcnGO2-8VMyzUJxLn0s.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ba:55:c4:6d:c8:bd:7a:96:68:94:98:4e:e9:83:45:ea:12:51: f3:9c:c8:6b:48:0d:f0:87:a1:2e:7d:1d:2b:8d:24:b0:59:70: 99:a3:b0:3b:04:ca:9e:3e:6c:fb:94:00:30:e4:f8:8b:b1:0b: 41:ca:b3:44:9a:46:c6:ea:a3:04:46:51:8c:b8:62:d8:6c:08: 09:f4:55:ca:40:1c:3d:eb:71:5f:ca:bc:db:e4:36:a9:90:99: 6d:17:96:4d:2d:ed:50:94:5c:ef:c3:05:5f:a3:f0:32:7e:ca: e3:fe:54:bb:8c:a0:71:7b:01:6b:63:03:53:ac:72:93:02:82: 60:1e:99:f9:c3:38:4f:86:e6:c1:1d:4a:26:cc:dc:1c:f7:7b: a4:ca:54:f3:96:25:87:fe:a1:12:e2:41:64:3c:97:d2:30:8d: 9c:d5:03:db:c8:2c:7f:58:d6:21:b5:d5:32:f8:59:8d:20:62: 84:e5:9d:6b:2f:b8:47:fc:c8:46:28:84:5d:51:6c:27:12:bb: 80:89:f5:3f:f9:32:49:15:cf:7c:df:c7:c1:ac:a9:92:fc:91: 7b:ae:8b:06:94:86:00:2a:7d:a4:fa:e2:6b:b2:44:77:1f:20: 61:dd:12:5a:85:78:0e:0e:8f:a5:74:f1:c9:8a:8a:4b:66:40: 4b:ce:ae:79 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC8EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEEzNUMxMTAvBgNVBAUTKDg3OEI4Njg2OTVGQzQ1QzlDNjNCNkZCQzU0Q0NCMzUw OUM0QjlGNEIwHhcNMjUwODA0MTkwOTQ3WhcNMjUwODExMTkwOTQ3WjAYMRYwFAYD VQQDEw02ODkxMDU3Yi1lZjBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArNMTbGtg6+x30OWIkM1eY9n0gwKfAm1AiNtlRy+kAqXWPml0KAwkEEdmJJYi V9wpAuOUJ2MaDnva/okIPTUxtv5mDBe5ua6DQFoRc+/JJ52jCgM1ZwbrlpBNu8eH SPAPzDUN0oicuLHaRS3ss/DZ1cO9nMyMbWXuUvEbfd8JjF+XpMwV1mwuVvUKdyxG ewb8dVn+SF0VhELkSIEv58kGZO83BtCZRiamGJx1AKJzQcYRdmZYPjRwPPf0bBI4 x3HMgY8Kc0DHDp5ut4f1SBEYwh18rmBhWaFakI69OAxq68qzbOHmUc5Sw0VR6ZZ9 Bkzt8e/QJcVNuDrXRfqdLYBsOQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFI1mbdge oJREl/hqzpm/HHcMM1ozMB8GA1UdIwQYMBaAFIeLhoaV/EXJxjtvvFTMs1CcS59L MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QTM1Qy81MkZDNkI5ODI2 MTgxMUVBQkZFREUxMTNDNEY5QUUwMi9oNHVHaHBYOFJjbkdPMi04Vk15elVKeExu MHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2g0dUdocFg4UmNuR08yLThWTXl6VUp4TG4wcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 QTM1Qy81MkZDNkI5ODI2MTgxMUVBQkZFREUxMTNDNEY5QUUwMi9oNHVHaHBYOFJj bkdPMi04Vk15elVKeExuMHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC6VcRtyL16lmiUmE7pg0XqElHznMhrSA3wh6EufR0rjSSwWXCZo7A7 BMqePmz7lAAw5PiLsQtByrNEmkbG6qMERlGMuGLYbAgJ9FXKQBw963Ffyrzb5Dap kJltF5ZNLe1QlFzvwwVfo/Ayfsrj/lS7jKBxewFrYwNTrHKTAoJgHpn5wzhPhubB HUomzNwc93ukylTzliWH/qES4kFkPJfSMI2c1QPbyCx/WNYhtdUy+FmNIGKE5Z1r L7hH/MhGKIRdUWwnEruAifU/+TJJFc9838fBrKmS/JF7rosGlIYAKn2k+uJrskR3 HyBh3RJahXgODo+ldPHJiopLZkBLzq55 -----END CERTIFICATE-----Generated at Wed Aug 6 11:00:54 2025 by rpki-client