$ rpki-client -vvf rpki.apnic.net/member_repository/A916B02F/D7C33AB87FBB11EEA6983925C4F9AE02/h_MbIBvdGHWBVAxbi4ZEOMKZkLk.mft File: h_MbIBvdGHWBVAxbi4ZEOMKZkLk.mft (raw, json) Hash identifier: XWkQ6QRyMB/UXZ3GUCYbrMLSkRD+bNPM5Kck7pnSYJI= Subject key identifier: 75:3B:F1:B1:76:33:26:78:74:E3:11:04:3F:D8:F8:D4:C8:EB:D9:6A Authority key identifier: 87:F3:1B:20:1B:DD:18:75:81:54:0C:5B:8B:86:44:38:C2:99:90:B9 Certificate issuer: /CN=A916B02F/serialNumber=87F31B201BDD187581540C5B8B864438C29990B9 Certificate serial: 0146 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h_MbIBvdGHWBVAxbi4ZEOMKZkLk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916B02F/D7C33AB87FBB11EEA6983925C4F9AE02/h_MbIBvdGHWBVAxbi4ZEOMKZkLk.mft Manifest number: 0142 Signing time: Fri 25 Jul 2025 04:35:48 +0000 Manifest this update: Fri 25 Jul 2025 04:35:48 +0000 Manifest next update: Fri 01 Aug 2025 04:35:48 +0000 Files and hashes: 1: h_MbIBvdGHWBVAxbi4ZEOMKZkLk.crl (hash: a3fMWRezeLn56Refmg9A+hnY0ph6cT9r7zXBZtpTfsI=) 2: 27178D9E7FBC11EEAF80B825C4F9AE02.roa (hash: lQYmsDBc3UpFQI5bvRZLM1pLBA2w7erJcueIAfvmPc0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916B02F/D7C33AB87FBB11EEA6983925C4F9AE02/h_MbIBvdGHWBVAxbi4ZEOMKZkLk.crl rsync://rpki.apnic.net/member_repository/A916B02F/D7C33AB87FBB11EEA6983925C4F9AE02/h_MbIBvdGHWBVAxbi4ZEOMKZkLk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h_MbIBvdGHWBVAxbi4ZEOMKZkLk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 01 Aug 2025 04:35:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 326 (0x146) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916B02F, serialNumber=87F31B201BDD187581540C5B8B864438C29990B9 Validity Not Before: Jul 25 04:35:48 2025 GMT Not After : Aug 1 04:35:48 2025 GMT Subject: CN=688309a4-43f9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:29:01:18:1d:dd:20:0e:4d:e5:ba:e6:6a:31: 05:63:73:b3:1c:0c:49:16:72:5d:69:a4:a5:66:e0: 26:b6:bc:81:63:76:4f:fa:e2:2d:6b:2e:e0:b6:5d: 4a:db:67:62:cb:7c:ae:33:a5:99:80:24:cc:3b:82: 2b:55:5b:2e:67:11:42:ba:2d:76:95:00:34:9c:60: 0b:ec:e2:df:6d:e1:e5:ce:1d:c9:21:69:ba:38:50: 03:5b:6c:40:7c:41:7d:43:1a:5f:35:e1:8c:04:26: 7a:7d:88:75:32:bb:34:f0:e4:01:b6:20:8a:01:5c: ae:51:72:74:cf:5e:02:c5:40:d1:5e:a0:32:39:23: bc:c2:b0:c3:a9:3a:0d:79:72:73:9d:04:80:84:86: 03:d9:59:93:98:b5:6b:57:9c:3a:46:82:18:0a:de: d1:35:22:5e:9c:ae:88:5e:38:21:99:33:7c:38:c4: 2a:33:75:84:99:1a:d5:b4:57:5b:a3:66:85:c2:92: 4b:c8:ad:e7:6c:b4:02:53:08:31:c8:da:cc:ce:8b: 5b:91:44:30:0d:b5:45:aa:a6:d4:6d:7a:23:3b:a8: 31:91:97:35:75:bd:bb:80:e6:76:13:6c:de:a5:a7: 77:87:a1:e6:37:f7:77:d1:6b:0b:90:fa:24:a4:ef: 4f:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:3B:F1:B1:76:33:26:78:74:E3:11:04:3F:D8:F8:D4:C8:EB:D9:6A X509v3 Authority Key Identifier: keyid:87:F3:1B:20:1B:DD:18:75:81:54:0C:5B:8B:86:44:38:C2:99:90:B9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916B02F/D7C33AB87FBB11EEA6983925C4F9AE02/h_MbIBvdGHWBVAxbi4ZEOMKZkLk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h_MbIBvdGHWBVAxbi4ZEOMKZkLk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916B02F/D7C33AB87FBB11EEA6983925C4F9AE02/h_MbIBvdGHWBVAxbi4ZEOMKZkLk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3c:3a:b7:97:b1:9b:52:28:40:ac:cc:f2:dc:1c:db:cc:a9:9f: 61:dc:cf:09:01:6e:87:c0:00:5b:e1:e6:42:34:57:11:d7:71: 2f:c2:ac:89:29:b8:e7:c2:87:eb:d2:42:14:29:30:ee:ca:8b: 02:b7:81:3d:20:8b:35:e2:a1:51:8a:88:41:ed:5d:fb:cf:c3: 70:c8:7d:d5:41:4b:03:9d:b4:59:2a:5f:01:3c:77:e5:f6:df: c6:f0:a6:ea:73:ae:82:13:cb:2b:72:18:e1:d1:8d:e7:8c:56: 52:2b:e4:e8:fe:dd:7d:dd:8f:cd:af:ee:2c:b0:30:a3:17:66: 9d:62:a1:fe:a3:07:ff:1c:ec:77:b7:55:85:60:0c:08:b1:c8: 42:e0:66:77:55:ba:7e:e1:26:a2:f4:50:13:16:e0:9a:4f:d4: f9:14:0b:9d:4f:b1:65:3a:72:4b:fd:f7:ee:02:b3:06:61:59: 0a:c8:d9:43:b5:c8:39:cd:0c:13:58:51:f2:06:59:2a:00:b1: 1f:92:5f:12:c7:65:51:b0:ef:d7:7c:98:9e:4b:fc:42:9f:85: f9:22:7a:42:cb:47:4b:9f:48:e4:be:92:2f:99:79:65:64:05: 06:c6:e8:41:26:28:76:8c:b9:55:81:aa:ec:0d:76:d7:f4:9e: 78:5b:ba:ef -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkIwMkYxMTAvBgNVBAUTKDg3RjMxQjIwMUJERDE4NzU4MTU0MEM1QjhCODY0NDM4 QzI5OTkwQjkwHhcNMjUwNzI1MDQzNTQ4WhcNMjUwODAxMDQzNTQ4WjAYMRYwFAYD VQQDEw02ODgzMDlhNC00M2Y5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsSkBGB3dIA5N5brmajEFY3OzHAxJFnJdaaSlZuAmtryBY3ZP+uItay7gtl1K 22diy3yuM6WZgCTMO4IrVVsuZxFCui12lQA0nGAL7OLfbeHlzh3JIWm6OFADW2xA fEF9QxpfNeGMBCZ6fYh1Mrs08OQBtiCKAVyuUXJ0z14CxUDRXqAyOSO8wrDDqToN eXJznQSAhIYD2VmTmLVrV5w6RoIYCt7RNSJenK6IXjghmTN8OMQqM3WEmRrVtFdb o2aFwpJLyK3nbLQCUwgxyNrMzotbkUQwDbVFqqbUbXojO6gxkZc1db27gOZ2E2ze pad3h6HmN/d30WsLkPokpO9PCwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHU78bF2 MyZ4dOMRBD/Y+NTI69lqMB8GA1UdIwQYMBaAFIfzGyAb3Rh1gVQMW4uGRDjCmZC5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QjAyRi9EN0MzM0FCODdG QkIxMUVFQTY5ODM5MjVDNEY5QUUwMi9oX01iSUJ2ZEdIV0JWQXhiaTRaRU9NS1pr TGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hfTWJJQnZkR0hXQlZBeGJpNFpFT01LWmtMay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 QjAyRi9EN0MzM0FCODdGQkIxMUVFQTY5ODM5MjVDNEY5QUUwMi9oX01iSUJ2ZEdI V0JWQXhiaTRaRU9NS1prTGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA8OreXsZtSKECszPLcHNvMqZ9h3M8JAW6HwABb4eZCNFcR13EvwqyJ Kbjnwofr0kIUKTDuyosCt4E9IIs14qFRiohB7V37z8NwyH3VQUsDnbRZKl8BPHfl 9t/G8Kbqc66CE8srchjh0Y3njFZSK+To/t193Y/Nr+4ssDCjF2adYqH+owf/HOx3 t1WFYAwIschC4GZ3Vbp+4Sai9FATFuCaT9T5FAudT7FlOnJL/ffuArMGYVkKyNlD tcg5zQwTWFHyBlkqALEfkl8Sx2VRsO/XfJieS/xCn4X5InpCy0dLn0jkvpIvmXll ZAUGxuhBJih2jLlVgarsDXbX9J54W7rv -----END CERTIFICATE-----Generated at Sat Jul 26 02:01:24 2025 by rpki-client