$ rpki-client -vvf rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.mft File: He-yCnpR7hjdetBq2qxJEePi95Q.mft (raw, json) Hash identifier: JIY+DrrsB7ACKdmIhi0AQXMellkycOURKX1bNLkc03k= Subject key identifier: 61:90:33:47:33:FA:FB:BB:F6:EC:83:DE:7D:EF:A1:5B:8A:34:B3:6C Authority key identifier: 1D:EF:B2:0A:7A:51:EE:18:DD:7A:D0:6A:DA:AC:49:11:E3:E2:F7:94 Certificate issuer: /CN=A91285E3/serialNumber=1DEFB20A7A51EE18DD7AD06ADAAC4911E3E2F794 Certificate serial: 01F7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He-yCnpR7hjdetBq2qxJEePi95Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.mft Manifest number: 01F1 Signing time: Sat 19 Jul 2025 02:44:37 +0000 Manifest this update: Sat 19 Jul 2025 02:44:36 +0000 Manifest next update: Sat 26 Jul 2025 02:44:36 +0000 Files and hashes: 1: He-yCnpR7hjdetBq2qxJEePi95Q.crl (hash: XksH/jIsndaUx8CTo2ZhmKyK0jhtCl3t0zcSEFfvZ2I=) 2: 54365208708411EDA8B14246C4F9AE02.roa (hash: mCCSZ+9WYvhaMFX9tC0Iaz2gMx4GH4ZGb0UPoAirqT8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.crl rsync://rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He-yCnpR7hjdetBq2qxJEePi95Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 02:44:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 503 (0x1f7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91285E3, serialNumber=1DEFB20A7A51EE18DD7AD06ADAAC4911E3E2F794 Validity Not Before: Jul 19 02:44:36 2025 GMT Not After : Jul 26 02:44:36 2025 GMT Subject: CN=687b0695-3e1c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:ea:58:6f:df:ab:9d:5d:59:12:50:06:4b:7c: ee:58:28:48:05:44:76:d1:47:87:96:45:44:8d:e5: 7a:32:84:65:de:a8:43:4f:ab:a3:80:8e:b2:2e:0b: 29:87:3a:fc:90:7d:92:e9:5f:ea:34:95:42:8b:b0: 82:a4:0a:a3:06:30:4c:10:ff:3d:b2:c0:53:be:b6: f3:3d:90:16:7c:ab:9f:82:6b:57:11:69:73:55:3e: d4:57:95:49:b0:a9:71:f5:b3:24:37:4c:44:11:a7: f4:88:9d:26:2d:34:08:2e:69:8b:4e:1c:91:c8:22: be:fa:38:50:1b:66:96:ba:0b:41:84:20:d7:6f:1a: 55:53:21:0a:11:b7:41:c4:0b:95:ee:76:92:df:2c: a8:9d:51:89:25:cd:9c:49:5a:95:2e:90:4a:55:79: 36:6b:f4:59:e0:b0:c9:5e:66:a7:47:f5:92:16:7c: 84:b7:c8:a3:9b:8b:c3:e6:18:5b:37:cf:7f:82:fa: 19:02:67:e1:70:51:58:e8:11:5f:d9:df:2a:1e:bb: 78:3c:75:f1:56:ca:f5:3a:0c:3d:a8:1a:0e:26:95: 88:2d:36:94:1b:e8:7a:1c:e8:97:ca:64:5b:21:31: 33:73:58:4b:ac:84:47:c7:38:23:4b:73:ed:f6:2a: 60:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:90:33:47:33:FA:FB:BB:F6:EC:83:DE:7D:EF:A1:5B:8A:34:B3:6C X509v3 Authority Key Identifier: keyid:1D:EF:B2:0A:7A:51:EE:18:DD:7A:D0:6A:DA:AC:49:11:E3:E2:F7:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He-yCnpR7hjdetBq2qxJEePi95Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 94:98:53:74:aa:8d:25:79:88:0a:07:84:fe:a3:65:a0:ae:67: f1:08:6e:50:d4:23:77:e3:36:d5:18:32:d0:7b:b2:0c:2f:b0: c1:93:45:65:01:e5:05:02:bd:e5:e1:4d:75:79:f1:08:2d:ca: 8a:30:76:ba:c5:04:66:e1:f8:3b:e1:e3:2d:05:dc:4d:71:62: ef:71:c8:a3:a0:08:d0:e9:3a:f7:45:82:f3:7c:e9:27:f7:32: f8:ea:56:5b:56:60:b0:f6:d6:3f:81:44:d8:83:cd:0c:a4:e5: 6c:28:72:ce:00:62:32:c6:85:cc:f6:ee:26:c2:1a:35:5f:5d: 29:77:ab:3c:c0:d6:bb:b1:d2:58:0a:a9:f2:8e:3c:cb:4e:23: e1:89:21:7c:1e:cd:84:30:e6:f9:c9:6c:40:8a:7b:08:5c:d0: 23:81:f8:eb:5c:7e:d3:63:22:72:ac:73:89:6c:1e:d6:ac:db: 08:b8:8a:13:d7:3a:5d:4e:9d:9e:64:42:53:d3:4d:4b:fc:56: 16:d8:ff:4b:17:dd:4b:32:06:77:7a:fc:9e:93:70:bf:98:b8: 55:e1:32:d5:71:55:df:60:67:19:0c:e6:f5:ad:b4:14:4e:e4: c1:42:47:d2:07:8d:6c:2b:d5:52:27:33:bd:50:a2:fb:6c:23: c2:e4:11:46 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAfcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mjg1RTMxMTAvBgNVBAUTKDFERUZCMjBBN0E1MUVFMThERDdBRDA2QURBQUM0OTEx RTNFMkY3OTQwHhcNMjUwNzE5MDI0NDM2WhcNMjUwNzI2MDI0NDM2WjAYMRYwFAYD VQQDEw02ODdiMDY5NS0zZTFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtepYb9+rnV1ZElAGS3zuWChIBUR20UeHlkVEjeV6MoRl3qhDT6ujgI6yLgsp hzr8kH2S6V/qNJVCi7CCpAqjBjBMEP89ssBTvrbzPZAWfKufgmtXEWlzVT7UV5VJ sKlx9bMkN0xEEaf0iJ0mLTQILmmLThyRyCK++jhQG2aWugtBhCDXbxpVUyEKEbdB xAuV7naS3yyonVGJJc2cSVqVLpBKVXk2a/RZ4LDJXmanR/WSFnyEt8ijm4vD5hhb N89/gvoZAmfhcFFY6BFf2d8qHrt4PHXxVsr1Ogw9qBoOJpWILTaUG+h6HOiXymRb ITEzc1hLrIRHxzgjS3Pt9ipg3wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGGQM0cz +vu79uyD3n3voVuKNLNsMB8GA1UdIwQYMBaAFB3vsgp6Ue4Y3XrQatqsSRHj4veU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyODVFMy8xQjEyQTgyNDcw NzkxMUVEQkFBN0NEMjZDNEY5QUUwMi9IZS15Q25wUjdoamRldEJxMnF4SkVlUGk5 NVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hlLXlDbnBSN2hqZGV0QnEycXhKRWVQaTk1US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy ODVFMy8xQjEyQTgyNDcwNzkxMUVEQkFBN0NEMjZDNEY5QUUwMi9IZS15Q25wUjdo amRldEJxMnF4SkVlUGk5NVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCUmFN0qo0leYgKB4T+o2WgrmfxCG5Q1CN34zbVGDLQe7IML7DBk0Vl AeUFAr3l4U11efEILcqKMHa6xQRm4fg74eMtBdxNcWLvccijoAjQ6Tr3RYLzfOkn 9zL46lZbVmCw9tY/gUTYg80MpOVsKHLOAGIyxoXM9u4mwho1X10pd6s8wNa7sdJY CqnyjjzLTiPhiSF8Hs2EMOb5yWxAinsIXNAjgfjrXH7TYyJyrHOJbB7WrNsIuIoT 1zpdTp2eZEJT001L/FYW2P9LF91LMgZ3evyek3C/mLhV4TLVcVXfYGcZDOb1rbQU TuTBQkfSB41sK9VSJzO9UKL7bCPC5BFG -----END CERTIFICATE-----Generated at Sun Jul 20 06:18:36 2025 by rpki-client