$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.mft File: hpBNLQLbigWb7ZOPL46u88Qgb9A.mft (raw, json) Hash identifier: kMm7ereetBziScRxjRR3zTSe+LVMjam/d0q6XDo0dp8= Subject key identifier: 62:41:A5:F9:06:42:47:C0:24:99:48:33:4B:81:79:72:15:E3:32:CC Authority key identifier: 86:90:4D:2D:02:DB:8A:05:9B:ED:93:8F:2F:8E:AE:F3:C4:20:6F:D0 Certificate issuer: /CN=A91D4ACD/serialNumber=86904D2D02DB8A059BED938F2F8EAEF3C4206FD0 Certificate serial: AA Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hpBNLQLbigWb7ZOPL46u88Qgb9A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.mft Manifest number: A9 Signing time: Thu 07 Aug 2025 06:45:37 +0000 Manifest this update: Thu 07 Aug 2025 06:45:36 +0000 Manifest next update: Thu 14 Aug 2025 06:45:36 +0000 Files and hashes: 1: hpBNLQLbigWb7ZOPL46u88Qgb9A.crl (hash: BgzYx/vVcrH8VS/ZySTXFGcwoJn/wk9i0TFwpZtlJHs=) 2: 388D7E38797D11EF8CA64711C4F9AE02.roa (hash: psVpSVTIe8+AZiKNpgFs07aLN6Bb1+TjrtoRE57p52A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.crl rsync://rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hpBNLQLbigWb7ZOPL46u88Qgb9A.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 170 (0xaa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D4ACD, serialNumber=86904D2D02DB8A059BED938F2F8EAEF3C4206FD0 Validity Not Before: Aug 7 06:45:36 2025 GMT Not After : Aug 14 06:45:36 2025 GMT Subject: CN=68944b91-e882 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:79:69:16:9c:17:67:9b:06:0d:31:e4:61:2a: 57:88:dd:c3:57:7e:e6:aa:f7:2d:e0:d9:40:9a:4f: 56:b4:03:98:08:aa:68:b9:e9:0e:20:3c:d0:a4:57: 56:81:aa:05:63:8c:d5:1c:f9:a6:0e:c3:db:98:45: 0d:41:32:31:b9:49:7a:45:f3:c9:2d:02:39:28:37: ff:88:cb:95:01:08:eb:1a:bb:d2:08:06:22:dc:1a: 38:ca:47:05:69:dd:69:dd:51:f2:be:c1:d7:34:46: e0:9f:37:cb:c3:f7:f0:8b:0e:92:cb:17:1b:85:3a: 50:76:eb:97:e8:aa:5b:74:f7:b8:29:69:fe:01:ef: b7:c2:0c:f6:64:6f:47:53:8e:87:df:fa:5a:5b:87: 41:90:9f:3a:39:e2:31:7c:b2:43:f8:2b:77:f5:fa: 5d:2f:97:8b:69:b7:cd:a0:7b:16:d6:b3:62:3b:20: d6:ec:f1:f8:31:37:2f:15:55:b6:cd:6e:7c:ee:71: 27:6b:13:a0:31:ef:12:d0:43:88:c4:5c:51:32:29: 1b:21:2d:7f:d6:fc:97:e0:0d:c1:af:b8:f7:05:93: 7e:56:ff:4f:91:5f:6d:af:a1:1e:5e:05:f0:86:da: 32:2f:27:a8:d0:d8:a5:93:83:42:aa:4c:52:73:c5: 70:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:41:A5:F9:06:42:47:C0:24:99:48:33:4B:81:79:72:15:E3:32:CC X509v3 Authority Key Identifier: keyid:86:90:4D:2D:02:DB:8A:05:9B:ED:93:8F:2F:8E:AE:F3:C4:20:6F:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hpBNLQLbigWb7ZOPL46u88Qgb9A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 09:92:d9:7b:98:ae:2c:a8:5f:8f:69:90:10:96:e7:e2:8b:9b: fd:ca:a1:35:14:4c:e4:db:da:ba:e3:2d:bc:a3:1d:62:e3:dd: 72:ee:0c:62:ca:40:fd:23:72:01:b7:47:d7:5e:09:8e:d5:05: f7:1b:22:f9:ec:f8:a7:23:4e:5c:0e:3c:7e:86:e1:f3:c4:6c: 9d:44:a0:5f:95:93:76:81:5b:57:01:ae:8b:36:43:ed:64:a8: f5:44:10:f0:43:86:11:df:23:44:6c:83:30:3d:36:f0:bd:57: 49:9b:6a:51:6d:b2:b0:2f:87:07:50:38:d2:c9:8f:e5:97:f5: c8:4d:6c:05:84:27:3c:2e:62:e9:15:c3:f9:c0:d2:e9:0d:b6: 2b:f4:bf:e8:a9:eb:a7:c1:63:2f:4c:85:3d:37:8e:03:6b:d8: a0:3f:f1:e5:45:36:6a:a6:27:44:37:7a:3a:a7:1e:f5:cf:61: c8:31:5e:e0:b1:63:ae:15:a9:f0:86:7a:cd:15:d1:ab:c4:62: 53:d8:9e:d5:51:e9:48:20:58:45:b1:5b:42:a7:46:4d:5e:cf: e4:ac:17:79:ae:81:0e:6d:24:7e:f9:ed:8c:15:b2:fc:67:41: 2e:7c:aa:d2:b7:34:ca:99:6e:4a:08:b2:c4:40:b2:a3:90:44: b6:b5:ba:4a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDRBQ0QxMTAvBgNVBAUTKDg2OTA0RDJEMDJEQjhBMDU5QkVEOTM4RjJGOEVBRUYz QzQyMDZGRDAwHhcNMjUwODA3MDY0NTM2WhcNMjUwODE0MDY0NTM2WjAYMRYwFAYD VQQDEw02ODk0NGI5MS1lODgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvnlpFpwXZ5sGDTHkYSpXiN3DV37mqvct4NlAmk9WtAOYCKpouekOIDzQpFdW gaoFY4zVHPmmDsPbmEUNQTIxuUl6RfPJLQI5KDf/iMuVAQjrGrvSCAYi3Bo4ykcF ad1p3VHyvsHXNEbgnzfLw/fwiw6SyxcbhTpQduuX6KpbdPe4KWn+Ae+3wgz2ZG9H U46H3/paW4dBkJ86OeIxfLJD+Ct39fpdL5eLabfNoHsW1rNiOyDW7PH4MTcvFVW2 zW587nEnaxOgMe8S0EOIxFxRMikbIS1/1vyX4A3Br7j3BZN+Vv9PkV9tr6EeXgXw htoyLyeo0Nilk4NCqkxSc8VwbQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGJBpfkG QkfAJJlIM0uBeXIV4zLMMB8GA1UdIwQYMBaAFIaQTS0C24oFm+2Tjy+OrvPEIG/Q MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENEFDRC8xRjUzNTY5RTc1 NkUxMUVGOUNBNDZFNTFDNEY5QUUwMi9ocEJOTFFMYmlnV2I3Wk9QTDQ2dTg4UWdi OUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2hwQk5MUUxiaWdXYjdaT1BMNDZ1ODhRZ2I5QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NEFDRC8xRjUzNTY5RTc1NkUxMUVGOUNBNDZFNTFDNEY5QUUwMi9ocEJOTFFMYmln V2I3Wk9QTDQ2dTg4UWdiOUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAJktl7mK4sqF+PaZAQlufii5v9yqE1FEzk29q64y28ox1i491y7gxi ykD9I3IBt0fXXgmO1QX3GyL57PinI05cDjx+huHzxGydRKBflZN2gVtXAa6LNkPt ZKj1RBDwQ4YR3yNEbIMwPTbwvVdJm2pRbbKwL4cHUDjSyY/ll/XITWwFhCc8LmLp FcP5wNLpDbYr9L/oqeunwWMvTIU9N44Da9igP/HlRTZqpidEN3o6px71z2HIMV7g sWOuFanwhnrNFdGrxGJT2J7VUelIIFhFsVtCp0ZNXs/krBd5roEObSR++e2MFbL8 Z0EufKrStzTKmW5KCLLEQLKjkES2tbpK -----END CERTIFICATE-----Generated at Fri Aug 8 20:55:40 2025 by rpki-client