$ rpki-client -vvf rpki.apnic.net/member_repository/A9125E1B/749525147D2211EEA7B07460C4F9AE02/hkxROVpl1d5w7NMKrSemn0ubIrw.mft File: hkxROVpl1d5w7NMKrSemn0ubIrw.mft (raw, json) Hash identifier: Mt3r0T2IW/ACviWmXRLk7mVNgbxJwblqSypBBhybzMg= Subject key identifier: F9:C4:C2:A6:61:10:96:C1:D4:A9:47:C3:C5:C6:4A:6E:CE:79:88:3A Authority key identifier: 86:4C:51:39:5A:65:D5:DE:70:EC:D3:0A:AD:27:A6:9F:4B:9B:22:BC Certificate issuer: /CN=A9125E1B/serialNumber=864C51395A65D5DE70ECD30AAD27A69F4B9B22BC Certificate serial: 0146 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hkxROVpl1d5w7NMKrSemn0ubIrw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9125E1B/749525147D2211EEA7B07460C4F9AE02/hkxROVpl1d5w7NMKrSemn0ubIrw.mft Manifest number: 0140 Signing time: Wed 23 Jul 2025 04:36:42 +0000 Manifest this update: Wed 23 Jul 2025 04:36:42 +0000 Manifest next update: Wed 30 Jul 2025 04:36:42 +0000 Files and hashes: 1: hkxROVpl1d5w7NMKrSemn0ubIrw.crl (hash: cVcG6VlpPLbR37LwmZ/xRlcqlKNpKypv11aboNmrsR4=) 2: BA3E92207D2311EEA3696814C4F9AE02.roa (hash: UKOODE+aPAFflvFmKVNYOJaCaH8V6bUeZIgoCqj/k80=) 3: B9CAD7A47D2311EEA3696814C4F9AE02.roa (hash: IP+1b1MWNwsXEa5/Ri8CW/cM8GMHLYMixTxcrnkax+s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9125E1B/749525147D2211EEA7B07460C4F9AE02/hkxROVpl1d5w7NMKrSemn0ubIrw.crl rsync://rpki.apnic.net/member_repository/A9125E1B/749525147D2211EEA7B07460C4F9AE02/hkxROVpl1d5w7NMKrSemn0ubIrw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hkxROVpl1d5w7NMKrSemn0ubIrw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Jul 2025 04:36:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 326 (0x146) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9125E1B, serialNumber=864C51395A65D5DE70ECD30AAD27A69F4B9B22BC Validity Not Before: Jul 23 04:36:42 2025 GMT Not After : Jul 30 04:36:42 2025 GMT Subject: CN=688066da-85b4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:c8:7a:95:f7:0d:0a:99:1a:ff:c4:fd:54:7e: 64:15:83:c2:21:4c:49:ff:ed:94:6a:73:b0:62:45: 23:aa:4c:91:68:ca:52:4e:4a:88:86:61:4b:11:36: c5:97:48:ab:88:91:94:15:d5:65:82:67:6f:9a:62: fe:1a:5f:3b:9c:c1:c0:7b:63:1d:83:d9:a5:49:c7: 68:a0:5f:02:19:a3:08:da:bb:1b:ee:5a:28:14:4c: db:9c:05:76:85:6c:98:8e:0d:a0:68:79:81:71:bc: f0:63:4d:bd:3f:e6:a8:8b:fd:ca:6b:1b:4f:b1:9e: 2b:e1:92:2e:94:fa:74:76:f0:3c:a5:97:2c:21:f2: 85:db:f9:d5:98:ce:fe:73:2d:1e:0d:80:f2:56:60: 76:9e:cb:49:ef:66:1a:59:43:96:3b:eb:37:9f:f1: 04:b6:78:9f:0f:ab:2c:a9:1f:d2:17:cc:81:5b:a0: 8d:05:4c:1b:f8:2e:49:53:b6:6e:87:78:97:3f:c9: 04:ba:96:f8:b7:5e:cd:8f:d3:3c:c6:9b:51:c8:06: eb:ee:e5:4d:71:a7:0d:6c:8b:b0:40:fa:6c:d0:aa: 8b:1e:9a:2d:c0:a7:76:39:31:0e:d5:1e:c4:0d:ad: c2:6f:0d:b2:ce:8f:f5:bb:1c:aa:64:af:53:59:9e: 79:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:C4:C2:A6:61:10:96:C1:D4:A9:47:C3:C5:C6:4A:6E:CE:79:88:3A X509v3 Authority Key Identifier: keyid:86:4C:51:39:5A:65:D5:DE:70:EC:D3:0A:AD:27:A6:9F:4B:9B:22:BC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9125E1B/749525147D2211EEA7B07460C4F9AE02/hkxROVpl1d5w7NMKrSemn0ubIrw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hkxROVpl1d5w7NMKrSemn0ubIrw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125E1B/749525147D2211EEA7B07460C4F9AE02/hkxROVpl1d5w7NMKrSemn0ubIrw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 12:64:b6:f6:d0:1f:e3:9c:18:63:68:30:61:52:63:7f:40:80: c3:63:a6:15:b2:a9:30:da:2a:58:d2:28:98:fc:bc:ae:45:09: 21:46:3d:88:67:c9:f6:d1:a5:de:9c:84:f3:d5:b5:0c:d9:d8: 1f:d8:2b:3c:fe:b2:0c:7a:22:07:8b:5a:e4:1a:86:54:63:71: 4e:c3:e7:83:4f:2b:e2:19:10:34:52:89:22:83:97:88:38:ed: cb:66:9e:a2:b5:5f:49:75:0b:87:45:00:15:bb:e3:26:85:69: 51:24:07:14:eb:4d:2a:f7:e3:eb:dc:4d:c5:47:02:1c:d9:40: a2:79:50:65:2d:71:1a:29:b1:fa:74:93:0e:5e:2b:36:69:72: 65:d2:8f:46:c7:bf:b2:54:77:66:c2:50:02:77:3b:40:1e:a7: 44:9d:05:be:e4:1d:0e:6a:ca:f0:b0:72:07:b1:8a:cb:62:81: 9d:ab:c3:44:98:01:06:30:63:4f:93:fb:20:3f:f9:4b:f1:9f: 23:01:c5:1f:de:6a:62:cc:4b:14:57:2d:f4:29:41:24:83:fd: b2:f7:de:ed:67:8b:2a:aa:47:8b:9b:80:2a:e5:59:2e:6a:7e: be:85:8e:a5:3e:75:03:fd:16:e0:97:57:ae:d9:b2:02:5f:7c: c3:aa:d1:67 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjVFMUIxMTAvBgNVBAUTKDg2NEM1MTM5NUE2NUQ1REU3MEVDRDMwQUFEMjdBNjlG NEI5QjIyQkMwHhcNMjUwNzIzMDQzNjQyWhcNMjUwNzMwMDQzNjQyWjAYMRYwFAYD VQQDEw02ODgwNjZkYS04NWI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv8h6lfcNCpka/8T9VH5kFYPCIUxJ/+2UanOwYkUjqkyRaMpSTkqIhmFLETbF l0iriJGUFdVlgmdvmmL+Gl87nMHAe2Mdg9mlScdooF8CGaMI2rsb7looFEzbnAV2 hWyYjg2gaHmBcbzwY029P+aoi/3KaxtPsZ4r4ZIulPp0dvA8pZcsIfKF2/nVmM7+ cy0eDYDyVmB2nstJ72YaWUOWO+s3n/EEtnifD6ssqR/SF8yBW6CNBUwb+C5JU7Zu h3iXP8kEupb4t17Nj9M8xptRyAbr7uVNcacNbIuwQPps0KqLHpotwKd2OTEO1R7E Da3Cbw2yzo/1uxyqZK9TWZ55KQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPnEwqZh EJbB1KlHw8XGSm7OeYg6MB8GA1UdIwQYMBaAFIZMUTlaZdXecOzTCq0npp9LmyK8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNUUxQi83NDk1MjUxNDdE MjIxMUVFQTdCMDc0NjBDNEY5QUUwMi9oa3hST1ZwbDFkNXc3Tk1LclNlbW4wdWJJ cncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hreFJPVnBsMWQ1dzdOTUtyU2VtbjB1Yklydy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NUUxQi83NDk1MjUxNDdEMjIxMUVFQTdCMDc0NjBDNEY5QUUwMi9oa3hST1ZwbDFk NXc3Tk1LclNlbW4wdWJJcncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQASZLb20B/jnBhjaDBhUmN/QIDDY6YVsqkw2ipY0iiY/LyuRQkhRj2I Z8n20aXenITz1bUM2dgf2Cs8/rIMeiIHi1rkGoZUY3FOw+eDTyviGRA0Uokig5eI OO3LZp6itV9JdQuHRQAVu+MmhWlRJAcU600q9+Pr3E3FRwIc2UCieVBlLXEaKbH6 dJMOXis2aXJl0o9Gx7+yVHdmwlACdztAHqdEnQW+5B0OasrwsHIHsYrLYoGdq8NE mAEGMGNPk/sgP/lL8Z8jAcUf3mpizEsUVy30KUEkg/2y997tZ4sqqkeLm4Aq5Vku an6+hY6lPnUD/Rbgl1eu2bICX3zDqtFn -----END CERTIFICATE-----Generated at Wed Jul 23 23:30:36 2025 by rpki-client