$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA9C0/5AFB148E388211F08CCB1866C4F9AE02/HQ2sEe2C41wjsMvv--4AYmOwmVc.mft File: HQ2sEe2C41wjsMvv--4AYmOwmVc.mft (raw, json) Hash identifier: 25P3FUQPXV/InNHQf+MNt/+zfZ/4K9876HREyvz6CdE= Subject key identifier: AD:07:4E:79:BE:5E:6F:DE:8E:EF:DF:24:B3:25:FD:AB:12:29:03:50 Authority key identifier: 1D:0D:AC:11:ED:82:E3:5C:23:B0:CB:EF:FB:EE:00:62:63:B0:99:57 Certificate issuer: /CN=A91EA9C0/serialNumber=1D0DAC11ED82E35C23B0CBEFFBEE006263B09957 Certificate serial: 29 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HQ2sEe2C41wjsMvv--4AYmOwmVc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA9C0/5AFB148E388211F08CCB1866C4F9AE02/HQ2sEe2C41wjsMvv--4AYmOwmVc.mft Manifest number: 29 Signing time: Sat 09 Aug 2025 08:16:24 +0000 Manifest this update: Sat 09 Aug 2025 08:16:24 +0000 Manifest next update: Sat 16 Aug 2025 08:16:24 +0000 Files and hashes: 1: HQ2sEe2C41wjsMvv--4AYmOwmVc.crl (hash: r9egroHJgkiWCtKWT82r/O1HUNvIVMDGuL+FMRUJc/U=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA9C0/5AFB148E388211F08CCB1866C4F9AE02/HQ2sEe2C41wjsMvv--4AYmOwmVc.crl rsync://rpki.apnic.net/member_repository/A91EA9C0/5AFB148E388211F08CCB1866C4F9AE02/HQ2sEe2C41wjsMvv--4AYmOwmVc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HQ2sEe2C41wjsMvv--4AYmOwmVc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41 (0x29) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA9C0, serialNumber=1D0DAC11ED82E35C23B0CBEFFBEE006263B09957 Validity Not Before: Aug 9 08:16:24 2025 GMT Not After : Aug 16 08:16:24 2025 GMT Subject: CN=689703d8-29b1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:37:92:db:2f:6d:c6:2b:c6:4a:96:1f:b2:76: b4:aa:33:e4:4f:2d:8a:a0:7a:48:af:2b:e1:1e:57: 53:23:38:44:e6:2e:e4:d4:1d:1b:b2:7f:ca:7d:2c: 39:0c:52:68:8c:a1:3a:f3:e5:90:01:90:d9:be:d0: 25:72:59:7b:0d:99:6d:fa:b2:64:62:b3:c5:4c:73: 3e:16:e1:bd:42:62:7e:07:3d:d2:09:c9:e9:c4:2b: af:63:7c:d1:45:18:d4:22:e8:cc:c0:eb:f2:cf:f5: 9d:a4:05:95:77:b9:67:8e:f2:96:ba:27:04:e7:11: 7b:49:65:1f:33:b3:4b:2c:c2:70:e6:34:38:46:c5: 14:39:47:a0:c9:71:bf:b4:30:a3:db:b5:7d:0e:7c: 4c:85:27:15:cf:c3:fc:ff:31:f5:72:39:42:6e:dc: a4:fc:d7:da:a0:fe:38:84:6a:08:d2:5b:ec:05:c4: 19:e9:b5:fe:c0:e6:f4:75:cd:2a:e6:e7:5d:de:12: 87:62:b7:e7:66:c3:7e:8d:d9:e1:72:31:5b:fc:1c: be:8c:66:59:2e:03:b4:70:cf:39:8c:51:5b:19:57: c6:38:32:3a:1a:a6:cb:91:47:be:7b:4a:86:32:af: 7d:ed:b9:b8:07:e0:bf:aa:9c:d8:30:aa:e6:2e:68: 6b:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:07:4E:79:BE:5E:6F:DE:8E:EF:DF:24:B3:25:FD:AB:12:29:03:50 X509v3 Authority Key Identifier: keyid:1D:0D:AC:11:ED:82:E3:5C:23:B0:CB:EF:FB:EE:00:62:63:B0:99:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA9C0/5AFB148E388211F08CCB1866C4F9AE02/HQ2sEe2C41wjsMvv--4AYmOwmVc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HQ2sEe2C41wjsMvv--4AYmOwmVc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA9C0/5AFB148E388211F08CCB1866C4F9AE02/HQ2sEe2C41wjsMvv--4AYmOwmVc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 73:25:fc:50:6d:f7:4a:cd:ba:ad:de:35:08:01:df:d2:2b:81: b9:8e:0c:7c:9e:e2:17:2e:13:7b:94:54:a0:38:38:c5:2f:cc: 92:0f:cb:63:51:9d:a3:7d:3c:8d:f4:a5:31:12:6c:ac:05:53: fc:a3:5c:34:69:8c:fb:97:1a:41:73:d4:af:30:2d:84:41:05: 4d:6a:bf:75:56:a1:e4:2f:1d:05:9e:93:da:78:db:be:13:5a: 92:01:ee:ca:15:a5:5c:2f:c7:47:6d:d8:bf:7e:96:70:79:42: 38:48:4e:eb:e4:d6:7f:b3:c5:ea:6d:d9:fd:df:34:5d:bf:a7: 17:f7:ed:1c:fa:5b:c7:33:87:c8:e5:12:ab:85:12:3d:cd:27: 67:c6:bb:f9:51:cb:97:54:2c:74:dc:5d:69:10:bf:c4:c8:b2: 5c:96:8a:b2:21:63:ee:39:2f:d0:e5:5b:30:b1:89:77:2e:45: 8b:26:c5:68:d9:cc:df:17:84:b5:4e:b6:6b:8e:d9:19:76:57: 70:dd:58:14:c2:2c:08:97:5f:16:90:ef:bb:fb:0c:d3:6c:29: 71:37:04:72:a7:86:e6:77:89:ee:2a:e4:cb:61:2c:2b:e1:3a: fa:f5:0e:9c:71:6e:d6:75:b3:40:32:4a:5e:37:46:f4:7c:96: fa:3b:66:8b -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBKTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF QTlDMDExMC8GA1UEBRMoMUQwREFDMTFFRDgyRTM1QzIzQjBDQkVGRkJFRTAwNjI2 M0IwOTk1NzAeFw0yNTA4MDkwODE2MjRaFw0yNTA4MTYwODE2MjRaMBgxFjAUBgNV BAMTDTY4OTcwM2Q4LTI5YjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDAN5LbL23GK8ZKlh+ydrSqM+RPLYqgekivK+EeV1MjOETmLuTUHRuyf8p9LDkM UmiMoTrz5ZABkNm+0CVyWXsNmW36smRis8VMcz4W4b1CYn4HPdIJyenEK69jfNFF GNQi6MzA6/LP9Z2kBZV3uWeO8pa6JwTnEXtJZR8zs0sswnDmNDhGxRQ5R6DJcb+0 MKPbtX0OfEyFJxXPw/z/MfVyOUJu3KT819qg/jiEagjSW+wFxBnptf7A5vR1zSrm 513eEodit+dmw36N2eFyMVv8HL6MZlkuA7RwzzmMUVsZV8Y4MjoapsuRR757SoYy r33tubgH4L+qnNgwquYuaGsDAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUrQdOeb5e b96O798ksyX9qxIpA1AwHwYDVR0jBBgwFoAUHQ2sEe2C41wjsMvv++4AYmOwmVcw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVBOUMwLzVBRkIxNDhFMzg4 MjExRjA4Q0NCMTg2NkM0RjlBRTAyL0hRMnNFZTJDNDF3anNNdnYtLTRBWW1Pd21W Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvSFEyc0VlMkM0MXdqc012di0tNEFZbU93bVZjLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVB OUMwLzVBRkIxNDhFMzg4MjExRjA4Q0NCMTg2NkM0RjlBRTAyL0hRMnNFZTJDNDF3 anNNdnYtLTRBWW1Pd21WYy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHMl/FBt90rNuq3eNQgB39IrgbmODHye4hcuE3uUVKA4OMUvzJIPy2NR naN9PI30pTESbKwFU/yjXDRpjPuXGkFz1K8wLYRBBU1qv3VWoeQvHQWek9p4274T WpIB7soVpVwvx0dt2L9+lnB5QjhITuvk1n+zxept2f3fNF2/pxf37Rz6W8czh8jl EquFEj3NJ2fGu/lRy5dULHTcXWkQv8TIslyWirIhY+45L9DlWzCxiXcuRYsmxWjZ zN8XhLVOtmuO2Rl2V3DdWBTCLAiXXxaQ77v7DNNsKXE3BHKnhuZ3ie4q5MthLCvh Ovr1DpxxbtZ1s0AySl43RvR8lvo7Zos= -----END CERTIFICATE-----Generated at Sun Aug 10 13:50:14 2025 by rpki-client