$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft File: He4XpqM4DuSI7ztuISW4eOZAckg.mft (raw, json) Hash identifier: SY2GoXT6v/X0TyG7MiDBsc6Sh8yhBPuMo+QBGv1wB98= Subject key identifier: 1E:1D:90:04:80:36:36:C7:D7:61:93:42:4D:63:CE:65:B5:78:C9:9E Authority key identifier: 1D:EE:17:A6:A3:38:0E:E4:88:EF:3B:6E:21:25:B8:78:E6:40:72:48 Certificate issuer: /CN=A91E8D22/serialNumber=1DEE17A6A3380EE488EF3B6E2125B878E6407248 Certificate serial: 01A1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft Manifest number: 019C Signing time: Tue 05 Aug 2025 03:48:29 +0000 Manifest this update: Tue 05 Aug 2025 03:48:29 +0000 Manifest next update: Tue 12 Aug 2025 03:48:29 +0000 Files and hashes: 1: He4XpqM4DuSI7ztuISW4eOZAckg.crl (hash: OGhTbHv6UDDP8eG65NVMI04nQzDZYeTvVYZppB2shME=) 2: 805A2E74660311EF90397033C4F9AE02.roa (hash: kr3XK/LA3ME6CWbcxw7hFQfhU6QavtLWXc2+mP6aHgc=) 3: 8405155C69EB11EF933A993CC4F9AE02.roa (hash: Nc218pLJmDdsf2Z9Kv612BkBE9ixmiOBUD2+vg6KRQA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.crl rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 12 Aug 2025 03:48:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 417 (0x1a1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8D22, serialNumber=1DEE17A6A3380EE488EF3B6E2125B878E6407248 Validity Not Before: Aug 5 03:48:29 2025 GMT Not After : Aug 12 03:48:29 2025 GMT Subject: CN=68917f0d-0f98 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:4e:79:7f:ba:ff:99:bb:a5:36:c1:4c:cf:22: 97:0b:d5:03:d1:57:1c:33:e2:cf:46:78:f3:8d:40: c1:71:17:88:70:f8:1a:bf:91:2d:9e:bf:cc:ec:31: c7:7b:b7:d0:1c:96:95:10:e4:fd:2a:ba:82:c2:8b: 70:93:53:5e:c3:40:de:a7:e6:23:ca:64:b5:72:f3: aa:0d:c8:3a:82:b5:a2:c8:7b:67:5f:47:8b:19:ae: 90:a3:8f:9b:7f:82:f0:fd:9f:7e:bd:0b:a3:40:1f: 15:23:c8:ab:77:a0:21:21:a6:01:df:a6:f4:0a:0e: f1:e7:92:19:88:8e:c4:1a:8a:ba:c1:ba:12:e1:bc: 7c:b4:ef:c3:fe:f9:13:4e:c7:44:3d:ee:bd:11:82: 77:5c:0b:21:03:37:cd:0d:a0:24:aa:da:5d:26:d6: df:33:41:f4:ea:7a:0e:74:c5:1a:f3:74:7e:7b:1c: 68:70:f0:90:5a:c2:f0:c4:9c:af:0e:11:c2:55:ab: 02:9f:ac:28:d2:63:e4:13:89:b0:6b:14:89:85:ee: ff:61:09:ad:16:ed:78:4c:9c:fc:ae:20:89:a9:38: 1f:fa:0c:ea:0b:a5:27:8e:4f:09:7a:f9:2a:33:66: e7:f4:4f:62:52:f6:a9:f2:dc:0f:76:bf:fe:c5:8b: 53:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:1D:90:04:80:36:36:C7:D7:61:93:42:4D:63:CE:65:B5:78:C9:9E X509v3 Authority Key Identifier: keyid:1D:EE:17:A6:A3:38:0E:E4:88:EF:3B:6E:21:25:B8:78:E6:40:72:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4e:b6:5b:f1:b5:72:a7:57:31:98:9e:c1:1a:ff:6f:0c:47:67: 8c:34:94:01:a0:d8:68:b5:06:6a:e8:c8:36:38:f7:a7:6b:c2: 1b:6e:7b:2d:5c:73:5b:e1:4f:5a:ca:c6:ba:fd:31:d1:d5:c2: 81:44:60:1f:39:bf:58:c9:ac:6e:1b:10:d7:55:85:d7:8f:b1: 72:46:0e:e7:68:de:cf:b7:40:df:eb:7e:f2:2c:f5:25:52:8e: a4:ca:7e:e7:f4:c5:76:45:c6:3a:2e:ba:09:8e:70:07:b8:9b: ef:22:72:20:c5:c4:d6:12:93:68:04:4d:a8:a5:a2:66:b4:e5: 50:b1:f5:45:15:69:72:3a:db:56:7b:8c:1c:ab:8d:17:92:4f: 55:bd:36:92:6a:6c:fc:44:83:ba:82:aa:f6:c8:ed:04:50:48: c5:5a:9b:85:72:ac:5a:26:32:f2:a5:a8:08:86:a3:fd:b1:c3: fd:5c:62:85:d2:fa:7e:8e:ef:78:2e:5d:f5:c3:ff:54:03:d3: 88:3e:71:91:73:05:92:60:75:35:56:91:aa:ac:b1:d5:64:ed: e6:b4:a3:4a:1b:5b:b5:47:6b:95:2a:b9:e0:ed:61:dd:b0:6b: 7b:9a:d9:37:06:06:5e:33:d0:5e:e3:d7:ac:dd:df:c9:f5:dd: f7:eb:95:2b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAaEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RThEMjIxMTAvBgNVBAUTKDFERUUxN0E2QTMzODBFRTQ4OEVGM0I2RTIxMjVCODc4 RTY0MDcyNDgwHhcNMjUwODA1MDM0ODI5WhcNMjUwODEyMDM0ODI5WjAYMRYwFAYD VQQDEw02ODkxN2YwZC0wZjk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5E55f7r/mbulNsFMzyKXC9UD0VccM+LPRnjzjUDBcReIcPgav5Etnr/M7DHH e7fQHJaVEOT9KrqCwotwk1New0Dep+YjymS1cvOqDcg6grWiyHtnX0eLGa6Qo4+b f4Lw/Z9+vQujQB8VI8ird6AhIaYB36b0Cg7x55IZiI7EGoq6wboS4bx8tO/D/vkT TsdEPe69EYJ3XAshAzfNDaAkqtpdJtbfM0H06noOdMUa83R+exxocPCQWsLwxJyv DhHCVasCn6wo0mPkE4mwaxSJhe7/YQmtFu14TJz8riCJqTgf+gzqC6Unjk8Jevkq M2bn9E9iUvap8twPdr/+xYtT6QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB4dkASA NjbH12GTQk1jzmW1eMmeMB8GA1UdIwQYMBaAFB3uF6ajOA7kiO87biEluHjmQHJI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEQyMi8zRjdENjhBOEZE RTUxMUVEODc4NDE3NzBDNEY5QUUwMi9IZTRYcHFNNER1U0k3enR1SVNXNGVPWkFj a2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hlNFhwcU00RHVTSTd6dHVJU1c0ZU9aQWNrZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OEQyMi8zRjdENjhBOEZERTUxMUVEODc4NDE3NzBDNEY5QUUwMi9IZTRYcHFNNER1 U0k3enR1SVNXNGVPWkFja2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBOtlvxtXKnVzGYnsEa/28MR2eMNJQBoNhotQZq6Mg2OPena8Ibbnst XHNb4U9aysa6/THR1cKBRGAfOb9YyaxuGxDXVYXXj7FyRg7naN7Pt0Df637yLPUl Uo6kyn7n9MV2RcY6LroJjnAHuJvvInIgxcTWEpNoBE2opaJmtOVQsfVFFWlyOttW e4wcq40Xkk9VvTaSamz8RIO6gqr2yO0EUEjFWpuFcqxaJjLypagIhqP9scP9XGKF 0vp+ju94Ll31w/9UA9OIPnGRcwWSYHU1VpGqrLHVZO3mtKNKG1u1R2uVKrng7WHd sGt7mtk3BgZeM9Be49es3d/J9d3365Ur -----END CERTIFICATE-----Generated at Wed Aug 6 11:17:43 2025 by rpki-client