$ rpki-client -vvf rpki.apnic.net/member_repository/A91B13FE/8D8E22C2564311F0B1627A15C4F9AE02/UqHEINgnwWzqoEKD3Si2QKMVY00.mft File: UqHEINgnwWzqoEKD3Si2QKMVY00.mft (raw, json) Hash identifier: 7jr5f4TcWLW2VqYiJCZMHKZAPhJMQTYIklaR8NrFh5Q= Subject key identifier: 51:4E:0C:DA:B5:1B:C0:67:9C:CD:07:54:15:82:F2:62:55:58:F0:CF Authority key identifier: 52:A1:C4:20:D8:27:C1:6C:EA:A0:42:83:DD:28:B6:40:A3:15:63:4D Certificate issuer: /CN=A91B13FE/serialNumber=52A1C420D827C16CEAA04283DD28B640A315634D Certificate serial: 1A Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/UqHEINgnwWzqoEKD3Si2QKMVY00.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B13FE/8D8E22C2564311F0B1627A15C4F9AE02/UqHEINgnwWzqoEKD3Si2QKMVY00.mft Manifest number: 18 Signing time: Sat 09 Aug 2025 08:29:12 +0000 Manifest this update: Sat 09 Aug 2025 08:29:12 +0000 Manifest next update: Sat 16 Aug 2025 08:29:12 +0000 Files and hashes: 1: UqHEINgnwWzqoEKD3Si2QKMVY00.crl (hash: +P1BBUoqpMKP02VBCoBtB0cFGdMi70X8hmjEmfGFSOk=) 2: 07026748564511F09ED8993AC4F9AE02.roa (hash: 6QcYqyX5KFb0vGx40KSlwE5riWI0V4vT0LCNn9S8ZHQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B13FE/8D8E22C2564311F0B1627A15C4F9AE02/UqHEINgnwWzqoEKD3Si2QKMVY00.crl rsync://rpki.apnic.net/member_repository/A91B13FE/8D8E22C2564311F0B1627A15C4F9AE02/UqHEINgnwWzqoEKD3Si2QKMVY00.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/UqHEINgnwWzqoEKD3Si2QKMVY00.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26 (0x1a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B13FE, serialNumber=52A1C420D827C16CEAA04283DD28B640A315634D Validity Not Before: Aug 9 08:29:12 2025 GMT Not After : Aug 16 08:29:12 2025 GMT Subject: CN=689706d8-0dd5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:4c:4a:f6:c2:06:c4:11:07:bc:f5:30:b7:e6: 64:7f:46:de:86:0a:42:f3:2b:9d:74:fe:3f:6e:ee: ee:ce:71:3e:69:7f:f8:3b:4c:3b:6b:12:f5:d6:03: 19:d0:c6:02:27:5c:c2:b6:c7:07:6f:9c:78:93:c9: c9:55:ac:1e:0a:28:c3:4d:85:7e:43:c1:5f:78:e2: bc:0c:80:ed:52:6b:8b:c7:69:27:9e:a5:8c:0d:72: f4:c9:e9:22:1a:62:96:78:5e:a6:16:ab:db:37:ff: 97:f0:33:55:60:f4:0b:6a:c7:4c:92:b8:79:5c:52: 24:cc:30:89:bf:41:92:bc:e9:43:82:ba:47:39:88: 94:87:90:47:a6:f0:0d:b5:cf:68:d4:01:84:2d:55: 3f:cb:9a:00:50:9b:7f:3c:cf:e3:9f:ea:d8:bc:ae: 01:27:b8:35:8d:92:d4:ab:8f:ce:67:b5:81:35:f4: ae:fd:dc:c4:82:bd:04:92:34:94:fd:20:f4:f5:b9: bc:37:f4:15:ec:24:e7:2b:2f:90:07:88:40:c0:60: 21:8b:37:21:a1:04:81:6d:55:4c:21:84:62:a3:54: 3c:56:7a:15:6d:d3:c8:a9:e7:ce:aa:ed:d0:60:1a: ea:c2:a1:f3:f1:19:46:a0:48:db:62:96:af:93:1b: ba:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:4E:0C:DA:B5:1B:C0:67:9C:CD:07:54:15:82:F2:62:55:58:F0:CF X509v3 Authority Key Identifier: keyid:52:A1:C4:20:D8:27:C1:6C:EA:A0:42:83:DD:28:B6:40:A3:15:63:4D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B13FE/8D8E22C2564311F0B1627A15C4F9AE02/UqHEINgnwWzqoEKD3Si2QKMVY00.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/UqHEINgnwWzqoEKD3Si2QKMVY00.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B13FE/8D8E22C2564311F0B1627A15C4F9AE02/UqHEINgnwWzqoEKD3Si2QKMVY00.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a9:d6:91:5e:6b:37:7e:70:99:d3:1d:3f:67:34:75:99:c2:30: 6a:bc:2f:91:a2:9c:55:d0:f7:40:87:05:15:47:87:16:67:3a: c1:a0:7f:8f:53:5a:f4:54:32:a6:80:b8:dd:2e:fc:72:1c:cc: b2:d9:2e:ba:bb:d0:17:92:e7:60:ea:2f:01:04:9f:f4:aa:dc: 8d:4c:1b:32:85:9b:7b:23:31:9d:de:93:ee:15:30:04:7a:44: f0:a7:e5:95:26:34:f2:5a:52:ae:48:b3:53:3d:e5:cb:9d:5f: 7c:f1:4e:07:46:d9:4c:69:b9:ca:6b:21:19:7e:9b:5f:a5:49: 77:a5:40:59:d6:9c:27:ac:4e:03:df:12:69:6d:7d:7b:6f:a0: 6e:c5:c0:ee:3f:1b:84:78:a4:4d:70:be:e5:2d:4e:aa:1b:d0: 6e:66:05:75:06:73:5e:b5:91:19:f2:f8:de:6f:55:84:3b:35: ff:67:3a:38:a3:63:3e:0b:2f:bc:9c:83:31:5d:97:19:f7:fa: 49:81:70:d6:cc:ab:5e:ca:73:37:07:71:90:3d:a1:db:31:74: a3:d8:99:a0:87:f9:c4:a7:5b:de:3b:b6:ab:91:96:94:59:b2: a1:a2:b9:bd:f5:6d:2e:0e:c4:e5:42:1c:4c:23:5e:84:94:d0: 53:93:7a:e5 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBGjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC MTNGRTExMC8GA1UEBRMoNTJBMUM0MjBEODI3QzE2Q0VBQTA0MjgzREQyOEI2NDBB MzE1NjM0RDAeFw0yNTA4MDkwODI5MTJaFw0yNTA4MTYwODI5MTJaMBgxFjAUBgNV BAMTDTY4OTcwNmQ4LTBkZDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCkTEr2wgbEEQe89TC35mR/Rt6GCkLzK510/j9u7u7OcT5pf/g7TDtrEvXWAxnQ xgInXMK2xwdvnHiTyclVrB4KKMNNhX5DwV944rwMgO1Sa4vHaSeepYwNcvTJ6SIa YpZ4XqYWq9s3/5fwM1Vg9Atqx0ySuHlcUiTMMIm/QZK86UOCukc5iJSHkEem8A21 z2jUAYQtVT/LmgBQm388z+Of6ti8rgEnuDWNktSrj85ntYE19K793MSCvQSSNJT9 IPT1ubw39BXsJOcrL5AHiEDAYCGLNyGhBIFtVUwhhGKjVDxWehVt08ip586q7dBg GurCofPxGUagSNtilq+TG7qbAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUUU4M2rUb wGeczQdUFYLyYlVY8M8wHwYDVR0jBBgwFoAUUqHEINgnwWzqoEKD3Si2QKMVY00w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUIxM0ZFLzhEOEUyMkMyNTY0 MzExRjBCMTYyN0ExNUM0RjlBRTAyL1VxSEVJTmdud1d6cW9FS0QzU2kyUUtNVlkw MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvVXFIRUlOZ253V3pxb0VLRDNTaTJRS01WWTAwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUIx M0ZFLzhEOEUyMkMyNTY0MzExRjBCMTYyN0ExNUM0RjlBRTAyL1VxSEVJTmdud1d6 cW9FS0QzU2kyUUtNVlkwMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKnWkV5rN35wmdMdP2c0dZnCMGq8L5GinFXQ90CHBRVHhxZnOsGgf49T WvRUMqaAuN0u/HIczLLZLrq70BeS52DqLwEEn/Sq3I1MGzKFm3sjMZ3ek+4VMAR6 RPCn5ZUmNPJaUq5Is1M95cudX3zxTgdG2UxpucprIRl+m1+lSXelQFnWnCesTgPf EmltfXtvoG7FwO4/G4R4pE1wvuUtTqob0G5mBXUGc161kRny+N5vVYQ7Nf9nOjij Yz4LL7ycgzFdlxn3+kmBcNbMq17KczcHcZA9odsxdKPYmaCH+cSnW947tquRlpRZ sqGiub31bS4OxOVCHEwjXoSU0FOTeuU= -----END CERTIFICATE-----Generated at Mon Aug 11 04:26:57 2025 by rpki-client