$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3C9A/A1D61D3ACA8D11EABE5BB656C4F9AE02/Hn4NiUa8SNB1SwPphyrTiAxU5L4.mft File: Hn4NiUa8SNB1SwPphyrTiAxU5L4.mft (raw, json) Hash identifier: LXqryHSEZTMWobQV1/36KsyoP1n+IZJaG2p5BKZmq1k= Subject key identifier: 2E:D7:06:DD:28:AA:0D:AB:81:57:3B:31:FD:E6:32:C1:26:3E:29:97 Authority key identifier: 1E:7E:0D:89:46:BC:48:D0:75:4B:03:E9:87:2A:D3:88:0C:54:E4:BE Certificate issuer: /CN=A91E3C9A/serialNumber=1E7E0D8946BC48D0754B03E9872AD3880C54E4BE Certificate serial: 0870 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hn4NiUa8SNB1SwPphyrTiAxU5L4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3C9A/A1D61D3ACA8D11EABE5BB656C4F9AE02/Hn4NiUa8SNB1SwPphyrTiAxU5L4.mft Manifest number: 086B Signing time: Sat 02 Aug 2025 20:58:14 +0000 Manifest this update: Sat 02 Aug 2025 20:58:13 +0000 Manifest next update: Sat 09 Aug 2025 20:58:13 +0000 Files and hashes: 1: Hn4NiUa8SNB1SwPphyrTiAxU5L4.crl (hash: 9aPGx7y5YnXzWzWCct6z+AXREc1/YhuuFKGaX5+GIK8=) 2: 3A5B01A0CA8F11EAA35BF958C4F9AE02.roa (hash: rarNamT8etGmrzl2oBorgmdNrF9oOnpcrAlb12sZ65o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3C9A/A1D61D3ACA8D11EABE5BB656C4F9AE02/Hn4NiUa8SNB1SwPphyrTiAxU5L4.crl rsync://rpki.apnic.net/member_repository/A91E3C9A/A1D61D3ACA8D11EABE5BB656C4F9AE02/Hn4NiUa8SNB1SwPphyrTiAxU5L4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hn4NiUa8SNB1SwPphyrTiAxU5L4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 09 Aug 2025 20:58:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2160 (0x870) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3C9A, serialNumber=1E7E0D8946BC48D0754B03E9872AD3880C54E4BE Validity Not Before: Aug 2 20:58:13 2025 GMT Not After : Aug 9 20:58:13 2025 GMT Subject: CN=688e7be6-f65f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:34:18:96:04:a2:16:52:52:4e:92:24:71:49: f7:30:fd:e3:68:d8:90:e3:d8:dd:5e:3d:61:33:52: db:45:63:f1:ea:1c:73:42:65:2e:aa:bd:08:a8:08: 17:c7:c5:d3:48:a9:44:fd:73:0a:df:22:58:76:ae: 3d:bb:a7:1e:f0:3f:69:7d:a1:08:29:2e:04:79:32: 35:04:26:67:84:74:97:64:77:fd:02:79:9b:8a:12: 3a:ed:c7:e7:f6:e0:94:4e:9b:84:9c:52:d3:02:30: 8a:5f:53:e7:44:8c:e2:88:a3:ec:51:c3:10:84:55: 8f:ea:d2:79:dd:71:9a:80:48:4a:f9:5f:45:12:86: 03:f7:4d:0b:d3:ad:c4:b9:c3:fe:c9:4b:cb:38:fa: c0:70:97:fe:ab:e6:24:62:23:df:a2:4d:35:d4:b7: fb:4e:14:6e:e0:86:a3:36:32:46:8a:d7:50:74:68: a9:47:31:8a:74:18:9c:05:f6:b3:a0:2e:d2:f3:28: 90:09:0a:12:d5:24:5e:90:f5:ec:8a:4d:b5:08:f6: 23:af:5d:12:4b:91:38:05:71:7f:63:62:93:d2:2d: 81:8d:58:11:36:50:85:8e:1a:a4:b2:df:31:a0:d3: 4e:00:62:c7:66:23:81:fa:58:62:89:05:df:bf:f3: ff:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:D7:06:DD:28:AA:0D:AB:81:57:3B:31:FD:E6:32:C1:26:3E:29:97 X509v3 Authority Key Identifier: keyid:1E:7E:0D:89:46:BC:48:D0:75:4B:03:E9:87:2A:D3:88:0C:54:E4:BE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3C9A/A1D61D3ACA8D11EABE5BB656C4F9AE02/Hn4NiUa8SNB1SwPphyrTiAxU5L4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hn4NiUa8SNB1SwPphyrTiAxU5L4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3C9A/A1D61D3ACA8D11EABE5BB656C4F9AE02/Hn4NiUa8SNB1SwPphyrTiAxU5L4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 50:eb:22:27:f7:2e:c0:d9:e1:0c:9e:92:bf:74:f0:5b:4c:95: 55:3a:2d:18:d4:6a:33:c0:7d:34:7e:29:99:69:5c:cf:5e:96: c5:b0:9d:95:b7:dc:9c:33:cb:b6:b0:81:f8:69:c4:f4:db:ce: 2d:ac:6f:6d:c9:22:b7:45:45:35:03:67:b4:5e:3a:8e:bd:21: 3a:25:dd:e9:dc:d8:2c:ef:15:89:62:8d:29:55:6f:c1:88:20: 0e:bf:69:12:e5:9d:01:72:86:e2:e8:97:7b:67:a6:14:58:ab: 15:b1:3e:25:06:86:1e:1f:63:a6:c4:36:bc:e0:60:71:14:32: 16:14:cb:89:f4:26:8f:d1:b5:1f:68:6b:cf:13:ed:d6:df:ab: f9:ab:9a:8c:f5:84:e3:0a:73:6e:4e:68:94:78:50:9b:3b:c8: 5a:0b:6c:83:bf:a0:d3:1d:4b:c0:0c:77:86:8c:55:eb:5d:00: 7e:29:64:b9:73:97:76:01:e7:a1:66:f8:4a:04:e9:02:0b:b7: 32:33:dd:4e:af:d0:de:05:44:cb:b8:1b:35:12:32:92:72:b9: 4d:2f:c6:a4:09:67:2b:16:be:81:d4:63:84:1d:c9:94:dc:b8: af:9d:df:9b:3e:ba:4f:b2:51:9c:9d:3c:06:13:d9:bc:4a:88: a9:9a:70:d8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCHAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNDOUExMTAvBgNVBAUTKDFFN0UwRDg5NDZCQzQ4RDA3NTRCMDNFOTg3MkFEMzg4 MEM1NEU0QkUwHhcNMjUwODAyMjA1ODEzWhcNMjUwODA5MjA1ODEzWjAYMRYwFAYD VQQDEw02ODhlN2JlNi1mNjVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyDQYlgSiFlJSTpIkcUn3MP3jaNiQ49jdXj1hM1LbRWPx6hxzQmUuqr0IqAgX x8XTSKlE/XMK3yJYdq49u6ce8D9pfaEIKS4EeTI1BCZnhHSXZHf9AnmbihI67cfn 9uCUTpuEnFLTAjCKX1PnRIziiKPsUcMQhFWP6tJ53XGagEhK+V9FEoYD900L063E ucP+yUvLOPrAcJf+q+YkYiPfok011Lf7ThRu4IajNjJGitdQdGipRzGKdBicBfaz oC7S8yiQCQoS1SRekPXsik21CPYjr10SS5E4BXF/Y2KT0i2BjVgRNlCFjhqkst8x oNNOAGLHZiOB+lhiiQXfv/P/awIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC7XBt0o qg2rgVc7Mf3mMsEmPimXMB8GA1UdIwQYMBaAFB5+DYlGvEjQdUsD6Ycq04gMVOS+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0M5QS9BMUQ2MUQzQUNB OEQxMUVBQkU1QkI2NTZDNEY5QUUwMi9IbjROaVVhOFNOQjFTd1BwaHlyVGlBeFU1 TDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0huNE5pVWE4U05CMVN3UHBoeXJUaUF4VTVMNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF M0M5QS9BMUQ2MUQzQUNBOEQxMUVBQkU1QkI2NTZDNEY5QUUwMi9IbjROaVVhOFNO QjFTd1BwaHlyVGlBeFU1TDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBQ6yIn9y7A2eEMnpK/dPBbTJVVOi0Y1GozwH00fimZaVzPXpbFsJ2V t9ycM8u2sIH4acT0284trG9tySK3RUU1A2e0XjqOvSE6Jd3p3Ngs7xWJYo0pVW/B iCAOv2kS5Z0Bcobi6Jd7Z6YUWKsVsT4lBoYeH2OmxDa84GBxFDIWFMuJ9CaP0bUf aGvPE+3W36v5q5qM9YTjCnNuTmiUeFCbO8haC2yDv6DTHUvADHeGjFXrXQB+KWS5 c5d2AeehZvhKBOkCC7cyM91Or9DeBUTLuBs1EjKScrlNL8akCWcrFr6B1GOEHcmU 3Livnd+bPrpPslGcnTwGE9m8SoipmnDY -----END CERTIFICATE-----Generated at Mon Aug 4 19:04:53 2025 by rpki-client