$ rpki-client -vvf rpki.apnic.net/member_repository/A9138D0E/8E714984A35E11E8B41A5878C4F9AE02/hnHJZ--Azj0S3OowSRuUb9cGh8A.mft File: hnHJZ--Azj0S3OowSRuUb9cGh8A.mft (raw, json) Hash identifier: yLwYSECQEQbmoiNFHNXl9Rz7pKKR/QVLt031rrBCE1E= Subject key identifier: 12:0E:0B:A4:0C:63:44:DF:1A:B3:9E:AC:FF:23:DC:61:2A:07:60:D2 Authority key identifier: 86:71:C9:67:EF:80:CE:3D:12:DC:EA:30:49:1B:94:6F:D7:06:87:C0 Certificate issuer: /CN=A9138D0E/serialNumber=8671C967EF80CE3D12DCEA30491B946FD70687C0 Certificate serial: 13D1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hnHJZ--Azj0S3OowSRuUb9cGh8A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9138D0E/8E714984A35E11E8B41A5878C4F9AE02/hnHJZ--Azj0S3OowSRuUb9cGh8A.mft Manifest number: 13A0 Signing time: Mon 21 Jul 2025 01:55:46 +0000 Manifest this update: Mon 21 Jul 2025 01:55:46 +0000 Manifest next update: Mon 28 Jul 2025 01:55:46 +0000 Files and hashes: 1: hnHJZ--Azj0S3OowSRuUb9cGh8A.crl (hash: ix601PRxmjaDTigaPi0hmfzsscY5DNGxP/COR5NkLoM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9138D0E/8E714984A35E11E8B41A5878C4F9AE02/hnHJZ--Azj0S3OowSRuUb9cGh8A.crl rsync://rpki.apnic.net/member_repository/A9138D0E/8E714984A35E11E8B41A5878C4F9AE02/hnHJZ--Azj0S3OowSRuUb9cGh8A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hnHJZ--Azj0S3OowSRuUb9cGh8A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 01:55:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5073 (0x13d1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9138D0E, serialNumber=8671C967EF80CE3D12DCEA30491B946FD70687C0 Validity Not Before: Jul 21 01:55:46 2025 GMT Not After : Jul 28 01:55:46 2025 GMT Subject: CN=687d9e22-1489 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:dc:44:1f:8b:82:92:5f:19:71:2f:de:c3:88: 99:8d:a0:a9:c7:80:7d:89:d3:46:e2:93:12:af:c7: b5:25:63:32:ed:b6:00:bf:ea:a1:87:3a:f2:06:e7: 3c:df:90:6c:d6:94:90:e8:37:2b:71:de:50:fc:9d: 17:bc:1d:95:4c:d1:1f:10:c7:02:a6:69:67:a7:c9: 30:ed:c4:16:e4:24:6d:de:fd:74:d1:98:50:f4:ed: 4f:a5:24:65:99:1e:db:22:4f:6f:5b:5c:1b:28:22: 5f:87:31:c4:1d:5f:04:d8:6a:22:4a:c8:22:1e:e5: 0b:34:85:dd:a6:a5:26:d5:65:99:41:f6:cb:51:b1: cb:6b:cd:3b:5f:6c:67:dc:20:44:5d:19:1f:4c:a8: 39:01:e8:c7:14:23:e5:80:94:b6:59:f1:b3:72:74: 01:a1:f7:86:ed:bf:73:07:dd:1b:0b:df:2f:ff:4f: 1b:b5:52:41:88:3e:55:67:ea:17:27:72:7c:0a:7f: 0f:cc:af:86:cf:ed:02:b8:f0:83:52:3e:87:73:43: e4:5e:27:ad:8d:7e:de:14:bf:39:1b:c5:6b:bc:0d: ee:6b:4f:06:28:cb:ff:2a:b1:8e:3a:64:c4:df:a9: b8:64:6d:6a:81:84:d8:b8:f4:7e:ba:71:b3:84:81: d6:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:0E:0B:A4:0C:63:44:DF:1A:B3:9E:AC:FF:23:DC:61:2A:07:60:D2 X509v3 Authority Key Identifier: keyid:86:71:C9:67:EF:80:CE:3D:12:DC:EA:30:49:1B:94:6F:D7:06:87:C0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9138D0E/8E714984A35E11E8B41A5878C4F9AE02/hnHJZ--Azj0S3OowSRuUb9cGh8A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hnHJZ--Azj0S3OowSRuUb9cGh8A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9138D0E/8E714984A35E11E8B41A5878C4F9AE02/hnHJZ--Azj0S3OowSRuUb9cGh8A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a1:95:f8:ab:77:9b:c9:cc:3b:b2:1b:cc:90:62:f0:10:98:f0: a1:4c:1e:d6:60:33:36:05:4d:02:fe:39:e2:03:49:cf:0d:be: 70:92:99:e8:cf:4c:d9:d4:63:9f:bf:66:c4:33:81:9f:ca:a2: 74:f2:78:ed:de:24:a2:a5:7f:7c:8d:8f:e3:ad:3c:9f:b8:2b: 93:e3:6a:0e:d2:f5:1b:93:c9:60:5d:3c:03:b0:99:f8:87:3d: 2b:b1:f1:2f:2c:49:6c:17:ef:a9:b8:55:dc:92:a8:5a:88:46: c5:8e:e0:8f:12:77:96:ef:2a:7d:b7:eb:6a:1b:17:14:50:34: bc:a5:ea:67:7e:b8:81:1b:39:28:fa:9a:14:18:5b:3d:3b:12: fc:ba:ba:20:35:da:26:e3:c0:e8:0f:3e:a5:31:50:42:8d:75: 49:12:cd:29:73:f8:1f:93:79:a3:99:00:5e:a4:64:5e:6a:30: b2:e8:d5:40:cb:85:9e:0a:9d:a5:53:ac:34:c7:07:d0:d8:9c: 2a:30:d4:50:0f:71:30:8e:5b:fb:70:90:54:f0:da:59:0c:0c: cc:3b:42:ee:9b:d9:72:eb:dc:1a:6c:52:cb:cc:10:ba:0b:98: ea:eb:30:26:e3:33:50:41:bb:19:4f:fb:e1:7e:5b:3c:39:c1: 93:bc:e8:53 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICE9EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzhEMEUxMTAvBgNVBAUTKDg2NzFDOTY3RUY4MENFM0QxMkRDRUEzMDQ5MUI5NDZG RDcwNjg3QzAwHhcNMjUwNzIxMDE1NTQ2WhcNMjUwNzI4MDE1NTQ2WjAYMRYwFAYD VQQDEw02ODdkOWUyMi0xNDg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz9xEH4uCkl8ZcS/ew4iZjaCpx4B9idNG4pMSr8e1JWMy7bYAv+qhhzryBuc8 35Bs1pSQ6Dcrcd5Q/J0XvB2VTNEfEMcCpmlnp8kw7cQW5CRt3v100ZhQ9O1PpSRl mR7bIk9vW1wbKCJfhzHEHV8E2GoiSsgiHuULNIXdpqUm1WWZQfbLUbHLa807X2xn 3CBEXRkfTKg5AejHFCPlgJS2WfGzcnQBofeG7b9zB90bC98v/08btVJBiD5VZ+oX J3J8Cn8PzK+Gz+0CuPCDUj6Hc0PkXietjX7eFL85G8VrvA3ua08GKMv/KrGOOmTE 36m4ZG1qgYTYuPR+unGzhIHW8wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBIOC6QM Y0TfGrOerP8j3GEqB2DSMB8GA1UdIwQYMBaAFIZxyWfvgM49EtzqMEkblG/XBofA MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOEQwRS84RTcxNDk4NEEz NUUxMUU4QjQxQTU4NzhDNEY5QUUwMi9obkhKWi0tQXpqMFMzT293U1J1VWI5Y0do OEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2huSEpaLS1BemowUzNPb3dTUnVVYjljR2g4QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz OEQwRS84RTcxNDk4NEEzNUUxMUU4QjQxQTU4NzhDNEY5QUUwMi9obkhKWi0tQXpq MFMzT293U1J1VWI5Y0doOEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQChlfird5vJzDuyG8yQYvAQmPChTB7WYDM2BU0C/jniA0nPDb5wkpno z0zZ1GOfv2bEM4GfyqJ08njt3iSipX98jY/jrTyfuCuT42oO0vUbk8lgXTwDsJn4 hz0rsfEvLElsF++puFXckqhaiEbFjuCPEneW7yp9t+tqGxcUUDS8pepnfriBGzko +poUGFs9OxL8urogNdom48DoDz6lMVBCjXVJEs0pc/gfk3mjmQBepGReajCy6NVA y4WeCp2lU6w0xwfQ2JwqMNRQD3Ewjlv7cJBU8NpZDAzMO0Lum9ly69wabFLLzBC6 C5jq6zAm4zNQQbsZT/vhfls8OcGTvOhT -----END CERTIFICATE-----Generated at Mon Jul 21 12:48:07 2025 by rpki-client