$ rpki-client -vvf rpki.apnic.net/member_repository/A912F387/5F3C849683A311EEA0B4281CC4F9AE02/HQDCg8qhqzzENxoqOE1isc1E-6c.mft File: HQDCg8qhqzzENxoqOE1isc1E-6c.mft (raw, json) Hash identifier: gaSO872H3C5uLGFo6Mk0Qjpov2oRmUxFaKVKMsy2WAI= Subject key identifier: B8:06:E6:77:DA:FA:B4:3E:E4:58:FE:68:08:46:6E:D9:3E:50:14:EE Authority key identifier: 1D:00:C2:83:CA:A1:AB:3C:C4:37:1A:2A:38:4D:62:B1:CD:44:FB:A7 Certificate issuer: /CN=A912F387/serialNumber=1D00C283CAA1AB3CC4371A2A384D62B1CD44FBA7 Certificate serial: 0151 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HQDCg8qhqzzENxoqOE1isc1E-6c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912F387/5F3C849683A311EEA0B4281CC4F9AE02/HQDCg8qhqzzENxoqOE1isc1E-6c.mft Manifest number: 0146 Signing time: Mon 21 Jul 2025 04:30:35 +0000 Manifest this update: Mon 21 Jul 2025 04:30:35 +0000 Manifest next update: Mon 28 Jul 2025 04:30:35 +0000 Files and hashes: 1: HQDCg8qhqzzENxoqOE1isc1E-6c.crl (hash: GZPdEzsu4GHks99rB7GpL6Ku8DODjokWY7YB/j/evA8=) 2: 9556705A2E6111EF9D743040C4F9AE02.roa (hash: RLnLzyrrcNZhWSbOgsksg70plHnwm/0y4IiOT7XePHI=) 3: FC34967C6C8611EFBF35D221C4F9AE02.roa (hash: g3qVGTL6N3Bx7PoU5ChuYFlVdWGCksOpw5qXnk0J/9I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912F387/5F3C849683A311EEA0B4281CC4F9AE02/HQDCg8qhqzzENxoqOE1isc1E-6c.crl rsync://rpki.apnic.net/member_repository/A912F387/5F3C849683A311EEA0B4281CC4F9AE02/HQDCg8qhqzzENxoqOE1isc1E-6c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HQDCg8qhqzzENxoqOE1isc1E-6c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 04:30:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 337 (0x151) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912F387, serialNumber=1D00C283CAA1AB3CC4371A2A384D62B1CD44FBA7 Validity Not Before: Jul 21 04:30:35 2025 GMT Not After : Jul 28 04:30:35 2025 GMT Subject: CN=687dc26b-1f01 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:70:8e:ca:7b:f2:5d:7e:7d:30:ce:18:60:c5: 2b:d2:a0:ef:47:e1:ef:6a:c2:37:b0:35:f4:1c:38: e2:05:0c:45:28:3c:e9:3f:4e:85:30:ae:4f:dc:fc: bf:5c:70:c4:94:1c:42:c4:b7:21:27:6d:b8:35:13: c0:d2:d5:8d:bb:85:86:db:98:77:c2:25:7c:db:60: e0:d0:7d:67:7f:c9:de:ad:d7:f4:19:da:db:ad:19: eb:9a:36:6b:30:27:fe:8b:f4:f0:37:b0:bb:65:dc: 3e:de:dc:0d:ca:74:e0:44:53:f9:d2:5c:1b:48:b2: a8:eb:f9:62:da:4a:52:ed:82:4b:46:ff:70:39:fb: 46:d2:69:fe:d8:06:92:63:a2:31:12:17:95:c6:58: 6c:6d:02:5f:c3:23:40:b9:6d:ce:d2:7f:34:36:68: 25:6a:c5:e6:7b:98:4b:98:ad:53:db:a2:66:91:68: be:30:b3:2f:b9:9c:2c:50:21:82:e0:16:6e:15:5c: 4c:07:ac:a6:a5:b3:6c:d0:da:58:b2:c3:f7:8c:be: 6c:9b:76:45:c5:00:80:74:d6:b7:aa:a8:3d:37:9c: ca:2a:75:cc:9f:67:18:a1:fe:d9:ce:f2:43:98:de: 4b:2e:c0:33:6f:62:b3:fd:83:52:8f:f3:6e:d4:74: af:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:06:E6:77:DA:FA:B4:3E:E4:58:FE:68:08:46:6E:D9:3E:50:14:EE X509v3 Authority Key Identifier: keyid:1D:00:C2:83:CA:A1:AB:3C:C4:37:1A:2A:38:4D:62:B1:CD:44:FB:A7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912F387/5F3C849683A311EEA0B4281CC4F9AE02/HQDCg8qhqzzENxoqOE1isc1E-6c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HQDCg8qhqzzENxoqOE1isc1E-6c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912F387/5F3C849683A311EEA0B4281CC4F9AE02/HQDCg8qhqzzENxoqOE1isc1E-6c.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 72:5f:4f:b2:00:2a:19:d4:fa:4d:05:8d:53:f1:c0:6c:6e:0e: 03:2b:2d:f2:a9:b6:69:d1:e9:56:9b:9f:ca:a5:4c:65:02:3e: 2d:13:c5:f1:91:a0:47:be:bf:1f:4c:d9:2e:6f:7b:2d:78:6c: f2:32:37:33:0c:98:8d:fc:a8:00:b6:f5:9d:3f:2d:37:d0:45: a5:ef:c5:b3:e9:80:16:13:f3:8f:ac:29:a3:03:a1:10:ec:63: a5:fa:fb:6e:b0:ee:e1:b8:44:b2:98:80:dc:b9:77:2d:46:2e: 40:02:7e:e6:fe:5d:1d:12:6d:38:df:6e:ec:64:e1:4b:a5:a5: 6a:f2:6a:cb:19:62:dc:84:2c:c8:e7:a3:bf:d0:f9:54:82:69: d2:36:5b:20:aa:68:50:6b:bd:ae:09:6c:01:fd:5e:c5:1b:f5: b6:10:87:e3:43:75:d8:47:29:9d:6f:e5:90:7e:f1:5c:84:e7: bc:98:c8:94:06:14:18:b6:a9:df:78:90:33:42:98:bb:39:7f: ac:af:eb:10:45:11:97:5a:76:c5:ce:06:13:d6:e8:eb:02:34: 1c:75:be:81:72:de:b9:eb:39:39:59:8b:f3:71:03:d1:df:52: a6:26:c7:a9:bf:af:5e:13:ea:35:e6:e4:1f:2c:6e:e3:68:02: f7:76:94:cc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAVEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkYzODcxMTAvBgNVBAUTKDFEMDBDMjgzQ0FBMUFCM0NDNDM3MUEyQTM4NEQ2MkIx Q0Q0NEZCQTcwHhcNMjUwNzIxMDQzMDM1WhcNMjUwNzI4MDQzMDM1WjAYMRYwFAYD VQQDEw02ODdkYzI2Yi0xZjAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx3COynvyXX59MM4YYMUr0qDvR+HvasI3sDX0HDjiBQxFKDzpP06FMK5P3Py/ XHDElBxCxLchJ224NRPA0tWNu4WG25h3wiV822Dg0H1nf8nerdf0GdrbrRnrmjZr MCf+i/TwN7C7Zdw+3twNynTgRFP50lwbSLKo6/li2kpS7YJLRv9wOftG0mn+2AaS Y6IxEheVxlhsbQJfwyNAuW3O0n80NmglasXme5hLmK1T26JmkWi+MLMvuZwsUCGC 4BZuFVxMB6ympbNs0NpYssP3jL5sm3ZFxQCAdNa3qqg9N5zKKnXMn2cYof7ZzvJD mN5LLsAzb2Kz/YNSj/Nu1HSvBQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLgG5nfa +rQ+5Fj+aAhGbtk+UBTuMB8GA1UdIwQYMBaAFB0AwoPKoas8xDcaKjhNYrHNRPun MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRjM4Ny81RjNDODQ5Njgz QTMxMUVFQTBCNDI4MUNDNEY5QUUwMi9IUURDZzhxaHF6ekVOeG9xT0UxaXNjMUUt NmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hRRENnOHFocXp6RU54b3FPRTFpc2MxRS02Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy RjM4Ny81RjNDODQ5NjgzQTMxMUVFQTBCNDI4MUNDNEY5QUUwMi9IUURDZzhxaHF6 ekVOeG9xT0UxaXNjMUUtNmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQByX0+yACoZ1PpNBY1T8cBsbg4DKy3yqbZp0elWm5/KpUxlAj4tE8Xx kaBHvr8fTNkub3steGzyMjczDJiN/KgAtvWdPy030EWl78Wz6YAWE/OPrCmjA6EQ 7GOl+vtusO7huESymIDcuXctRi5AAn7m/l0dEm04327sZOFLpaVq8mrLGWLchCzI 56O/0PlUgmnSNlsgqmhQa72uCWwB/V7FG/W2EIfjQ3XYRymdb+WQfvFchOe8mMiU BhQYtqnfeJAzQpi7OX+sr+sQRRGXWnbFzgYT1ujrAjQcdb6Bct656zk5WYvzcQPR 31KmJsepv69eE+o15uQfLG7jaAL3dpTM -----END CERTIFICATE-----Generated at Wed Jul 23 02:34:17 2025 by rpki-client