$ rpki-client -vvf rpki.apnic.net/member_repository/A9142F59/0526D62E623011F0A0207630C4F9AE02/HKNtz8PAQzP4g7g18sjd0CXVQQY.mft File: HKNtz8PAQzP4g7g18sjd0CXVQQY.mft (raw, json) Hash identifier: T51pIRyhVQUG/7fLrZSgZBg5NojLTTZQi2iTAZYmbkU= Subject key identifier: D2:1A:25:BD:69:BA:DB:E9:C2:C5:C2:96:86:B2:14:4C:94:24:BA:1B Authority key identifier: 1C:A3:6D:CF:C3:C0:43:33:F8:83:B8:35:F2:C8:DD:D0:25:D5:41:06 Certificate issuer: /CN=A9142F59/serialNumber=1CA36DCFC3C04333F883B835F2C8DDD025D54106 Certificate serial: 06 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HKNtz8PAQzP4g7g18sjd0CXVQQY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9142F59/0526D62E623011F0A0207630C4F9AE02/HKNtz8PAQzP4g7g18sjd0CXVQQY.mft Manifest number: 05 Signing time: Mon 21 Jul 2025 08:24:56 +0000 Manifest this update: Mon 21 Jul 2025 08:24:56 +0000 Manifest next update: Mon 28 Jul 2025 08:24:56 +0000 Files and hashes: 1: HKNtz8PAQzP4g7g18sjd0CXVQQY.crl (hash: gn9sBcH/4BzMOW00LKXi+20TwXFybxi9cds8UOCaTkk=) 2: 7FD328F0623011F080AE2931C4F9AE02.roa (hash: ONyCk1roWHelbumh8YXUaFO1cjx4c4+1qAe3JKP89I4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9142F59/0526D62E623011F0A0207630C4F9AE02/HKNtz8PAQzP4g7g18sjd0CXVQQY.crl rsync://rpki.apnic.net/member_repository/A9142F59/0526D62E623011F0A0207630C4F9AE02/HKNtz8PAQzP4g7g18sjd0CXVQQY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HKNtz8PAQzP4g7g18sjd0CXVQQY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 08:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6 (0x6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9142F59, serialNumber=1CA36DCFC3C04333F883B835F2C8DDD025D54106 Validity Not Before: Jul 21 08:24:56 2025 GMT Not After : Jul 28 08:24:56 2025 GMT Subject: CN=687df958-4ff0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:d8:11:97:15:c9:65:9e:b2:1b:bd:6c:17:bd: f6:64:6d:33:e6:c3:24:08:15:8c:5b:9b:88:19:ad: 24:56:58:98:d7:7f:65:e9:16:fa:60:ff:1e:a2:5b: 70:db:d0:a4:a3:c6:47:2e:dc:c4:5f:75:67:c8:ca: 1a:31:a7:13:4a:9d:ca:95:e1:94:84:9f:72:5d:83: 96:8e:5a:70:35:94:09:6e:6c:f9:4c:5b:e2:6f:72: 6e:ec:ad:60:91:9f:9a:8e:9c:1d:be:8b:eb:85:cb: 31:6d:af:c7:19:48:9b:e3:6e:1d:36:7e:e5:ca:0f: 8f:9b:71:4c:fd:49:0f:28:c9:d9:89:f3:9b:d6:eb: f9:07:e0:34:b0:36:d0:16:49:b8:e0:42:82:98:99: 37:1c:04:ac:67:cc:03:11:cd:d8:be:f1:fd:da:4c: 66:6a:df:2f:a3:cf:c7:e8:51:85:8f:2a:11:1e:6d: 07:53:88:68:10:11:cc:ef:33:99:20:0a:63:ec:ad: 0e:f1:d0:8e:43:88:94:cd:57:33:f2:14:17:6c:58: 35:43:62:e3:4d:09:dc:5d:0e:7f:97:d0:99:d5:01: d4:e5:70:61:fd:c1:2f:b2:33:3c:14:e2:30:0c:b0: d9:36:29:ea:af:2d:c7:b0:28:78:07:1b:5b:ed:40: 25:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:1A:25:BD:69:BA:DB:E9:C2:C5:C2:96:86:B2:14:4C:94:24:BA:1B X509v3 Authority Key Identifier: keyid:1C:A3:6D:CF:C3:C0:43:33:F8:83:B8:35:F2:C8:DD:D0:25:D5:41:06 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9142F59/0526D62E623011F0A0207630C4F9AE02/HKNtz8PAQzP4g7g18sjd0CXVQQY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HKNtz8PAQzP4g7g18sjd0CXVQQY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9142F59/0526D62E623011F0A0207630C4F9AE02/HKNtz8PAQzP4g7g18sjd0CXVQQY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 14:c1:d0:7c:50:33:4c:f0:8c:b9:90:70:ea:3f:7b:86:6b:e9: c9:13:ca:a7:41:62:23:74:a5:dc:33:26:7d:f0:de:f8:fe:ec: cc:f2:e1:50:78:38:61:4b:0f:9c:d5:49:2f:02:35:ac:e9:57: c6:61:11:3a:2c:06:58:b7:c1:b8:9f:18:83:c8:53:2a:ff:8e: a1:8f:f7:69:a2:2e:8e:32:57:52:c5:e8:25:50:ea:c5:55:d5: b2:a8:fd:69:33:e9:c5:61:24:25:ad:7e:14:63:17:13:64:dc: e9:95:52:4b:44:09:15:1f:1b:2d:3b:ec:73:c7:6f:26:90:c3: b8:63:a6:8b:dd:2d:0d:1c:0d:fb:b9:10:03:9f:d4:e9:41:cc: 0c:69:89:7b:c4:5a:07:d9:fa:37:c5:f7:78:67:52:22:f0:c7: b5:f0:54:48:1e:47:75:f7:61:02:1d:5f:5d:13:f4:8c:00:da: a0:78:62:d5:d6:4a:71:f0:60:74:bb:98:6e:cd:a6:da:53:19: f7:24:3a:f3:37:a5:86:9b:1e:d8:8c:21:30:f6:ba:ad:27:11: 9b:8c:e0:e7:ab:ba:12:3d:e6:ad:d6:8a:ca:43:bc:37:17:5d: 0f:a6:56:e1:8e:2d:9e:50:45:af:5f:45:29:3c:95:dc:3b:ce: 98:74:c1:90 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 MkY1OTExMC8GA1UEBRMoMUNBMzZEQ0ZDM0MwNDMzM0Y4ODNCODM1RjJDOERERDAy NUQ1NDEwNjAeFw0yNTA3MjEwODI0NTZaFw0yNTA3MjgwODI0NTZaMBgxFjAUBgNV BAMTDTY4N2RmOTU4LTRmZjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCy2BGXFcllnrIbvWwXvfZkbTPmwyQIFYxbm4gZrSRWWJjXf2XpFvpg/x6iW3Db 0KSjxkcu3MRfdWfIyhoxpxNKncqV4ZSEn3Jdg5aOWnA1lAlubPlMW+Jvcm7srWCR n5qOnB2+i+uFyzFtr8cZSJvjbh02fuXKD4+bcUz9SQ8oydmJ85vW6/kH4DSwNtAW SbjgQoKYmTccBKxnzAMRzdi+8f3aTGZq3y+jz8foUYWPKhEebQdTiGgQEczvM5kg CmPsrQ7x0I5DiJTNVzPyFBdsWDVDYuNNCdxdDn+X0JnVAdTlcGH9wS+yMzwU4jAM sNk2KeqvLcewKHgHG1vtQCW3AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU0holvWm6 2+nCxcKWhrIUTJQkuhswHwYDVR0jBBgwFoAUHKNtz8PAQzP4g7g18sjd0CXVQQYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQyRjU5LzA1MjZENjJFNjIz MDExRjBBMDIwNzYzMEM0RjlBRTAyL0hLTnR6OFBBUXpQNGc3ZzE4c2pkMENYVlFR WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvSEtOdHo4UEFRelA0ZzdnMThzamQwQ1hWUVFZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQy RjU5LzA1MjZENjJFNjIzMDExRjBBMDIwNzYzMEM0RjlBRTAyL0hLTnR6OFBBUXpQ NGc3ZzE4c2pkMENYVlFRWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABTB0HxQM0zwjLmQcOo/e4Zr6ckTyqdBYiN0pdwzJn3w3vj+7Mzy4VB4 OGFLD5zVSS8CNazpV8ZhETosBli3wbifGIPIUyr/jqGP92miLo4yV1LF6CVQ6sVV 1bKo/Wkz6cVhJCWtfhRjFxNk3OmVUktECRUfGy077HPHbyaQw7hjpovdLQ0cDfu5 EAOf1OlBzAxpiXvEWgfZ+jfF93hnUiLwx7XwVEgeR3X3YQIdX10T9IwA2qB4YtXW SnHwYHS7mG7NptpTGfckOvM3pYabHtiMITD2uq0nEZuM4OeruhI95q3WispDvDcX XQ+mVuGOLZ5QRa9fRSk8ldw7zph0wZA= -----END CERTIFICATE-----Generated at Mon Jul 21 13:26:20 2025 by rpki-client