$ rpki-client -vvf rpki.apnic.net/member_repository/A9189218/D857A13EDEBF11EB9AA63B6AC4F9AE02/he9PUr5sDQk3OGmpACI4YoIz6-8.mft File: he9PUr5sDQk3OGmpACI4YoIz6-8.mft (raw, json) Hash identifier: GvxYe7mD7bMlAqP5EME+IF/lUmKAP4FnTatrlHAonOk= Subject key identifier: 21:37:05:9D:15:F7:89:8B:5D:0C:D6:5D:2B:76:E0:9A:50:3F:65:2B Authority key identifier: 85:EF:4F:52:BE:6C:0D:09:37:38:69:A9:00:22:38:62:82:33:EB:EF Certificate issuer: /CN=A9189218/serialNumber=85EF4F52BE6C0D09373869A9002238628233EBEF Certificate serial: 0590 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/he9PUr5sDQk3OGmpACI4YoIz6-8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9189218/D857A13EDEBF11EB9AA63B6AC4F9AE02/he9PUr5sDQk3OGmpACI4YoIz6-8.mft Manifest number: 058C Signing time: Fri 18 Jul 2025 23:34:36 +0000 Manifest this update: Fri 18 Jul 2025 23:34:36 +0000 Manifest next update: Fri 25 Jul 2025 23:34:36 +0000 Files and hashes: 1: he9PUr5sDQk3OGmpACI4YoIz6-8.crl (hash: QaVGMkImj29nMeBxwa9xC1uQkzaNJR5Em9S6Tt/Y9Zs=) 2: 82A9E362DEC111EB9010BE6AC4F9AE02.roa (hash: a7GzfQZpHB/FDQX8t11/W+Jq7q9b14r9hyier7paZ38=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9189218/D857A13EDEBF11EB9AA63B6AC4F9AE02/he9PUr5sDQk3OGmpACI4YoIz6-8.crl rsync://rpki.apnic.net/member_repository/A9189218/D857A13EDEBF11EB9AA63B6AC4F9AE02/he9PUr5sDQk3OGmpACI4YoIz6-8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/he9PUr5sDQk3OGmpACI4YoIz6-8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 23:34:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1424 (0x590) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9189218, serialNumber=85EF4F52BE6C0D09373869A9002238628233EBEF Validity Not Before: Jul 18 23:34:36 2025 GMT Not After : Jul 25 23:34:36 2025 GMT Subject: CN=687ada0c-ca98 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:bb:e8:01:d2:90:f9:1d:aa:97:7d:d4:ba:ad: 40:16:1d:15:63:b7:58:c6:fb:58:21:6c:69:a2:31: 95:a0:4b:04:bb:de:8c:27:57:5a:12:b0:33:68:8c: 1e:4b:66:2e:84:be:21:28:fb:04:de:7d:46:bb:f5: 7d:0b:b7:a3:70:f6:76:bb:d0:10:4f:ad:a9:e5:a9: 3d:e9:92:98:83:09:7c:ea:12:5c:08:db:21:b2:86: ea:e8:a9:e4:88:a3:a9:e2:95:12:38:f4:fc:0a:8d: 81:b1:f0:b7:34:be:80:75:e5:c3:8c:dc:8a:56:1e: 1c:ce:87:b4:32:a0:6a:2a:ac:70:ad:8a:66:8c:0c: ac:36:5b:60:ff:0c:8e:d7:a5:ae:4c:d4:ed:6f:03: 02:5e:ca:7c:5a:61:0e:11:8e:3a:eb:1c:86:4f:de: 8f:c0:3f:10:55:e5:a9:d3:41:c6:8b:33:23:51:be: e7:1e:c2:31:11:15:62:8e:60:58:f4:47:95:8c:76: bf:3e:1c:a1:9b:13:2c:31:a1:1f:ea:31:69:e3:b8: 58:04:67:7d:10:ef:09:ac:19:10:d8:1f:dd:b8:7c: 0c:63:93:6c:e3:3e:a4:b5:8c:1f:e1:3b:cf:3a:16: 4f:ac:c3:98:e1:28:f0:5f:9c:6c:8c:0f:3b:cd:f9: dd:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:37:05:9D:15:F7:89:8B:5D:0C:D6:5D:2B:76:E0:9A:50:3F:65:2B X509v3 Authority Key Identifier: keyid:85:EF:4F:52:BE:6C:0D:09:37:38:69:A9:00:22:38:62:82:33:EB:EF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9189218/D857A13EDEBF11EB9AA63B6AC4F9AE02/he9PUr5sDQk3OGmpACI4YoIz6-8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/he9PUr5sDQk3OGmpACI4YoIz6-8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9189218/D857A13EDEBF11EB9AA63B6AC4F9AE02/he9PUr5sDQk3OGmpACI4YoIz6-8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 42:a1:d8:5e:85:7a:40:88:7e:48:02:4e:c9:82:f2:02:b7:8f: e5:f6:da:72:18:59:94:ef:c1:4c:26:e0:84:49:76:0e:fa:76: e3:fe:93:b9:85:8f:88:30:01:d5:85:73:0d:eb:48:7b:0d:3b: b9:46:83:f2:24:27:a0:a0:d6:96:aa:6c:98:01:73:14:9e:56: 98:37:a8:b6:fb:dc:34:c9:b7:22:66:2f:b6:a9:2f:93:e5:57: c6:a0:eb:95:47:45:17:66:36:70:c8:71:b7:74:19:68:14:b9: d3:3a:cc:21:14:3e:47:99:35:2b:cd:1a:39:b9:1b:25:32:75: 19:d7:e1:c2:c7:78:41:89:dc:cd:ca:a6:40:3d:ae:c1:bc:0f: ab:f9:1c:11:37:c9:fe:d0:ab:ca:01:71:29:38:06:e4:e2:dd: dd:c8:ae:3b:13:10:53:d2:9e:2a:f3:43:5b:bb:fe:81:41:c4: d3:37:09:0b:7d:2f:42:e3:fe:49:27:3f:74:fd:f7:02:b8:fd: b7:d2:46:fe:56:b1:ce:39:d4:4a:e1:76:06:5d:d7:a5:bf:3a: 30:54:26:47:0d:26:a5:9f:e1:80:33:b6:40:c2:5f:4a:65:d5: ee:df:b0:ea:ff:57:73:83:d3:ef:1c:6c:b7:9f:83:eb:d8:01: 09:84:89:9b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBZAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODkyMTgxMTAvBgNVBAUTKDg1RUY0RjUyQkU2QzBEMDkzNzM4NjlBOTAwMjIzODYy ODIzM0VCRUYwHhcNMjUwNzE4MjMzNDM2WhcNMjUwNzI1MjMzNDM2WjAYMRYwFAYD VQQDEw02ODdhZGEwYy1jYTk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArrvoAdKQ+R2ql33Uuq1AFh0VY7dYxvtYIWxpojGVoEsEu96MJ1daErAzaIwe S2YuhL4hKPsE3n1Gu/V9C7ejcPZ2u9AQT62p5ak96ZKYgwl86hJcCNshsobq6Knk iKOp4pUSOPT8Co2BsfC3NL6AdeXDjNyKVh4czoe0MqBqKqxwrYpmjAysNltg/wyO 16WuTNTtbwMCXsp8WmEOEY466xyGT96PwD8QVeWp00HGizMjUb7nHsIxERVijmBY 9EeVjHa/PhyhmxMsMaEf6jFp47hYBGd9EO8JrBkQ2B/duHwMY5Ns4z6ktYwf4TvP OhZPrMOY4SjwX5xsjA87zfndIQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCE3BZ0V 94mLXQzWXSt24JpQP2UrMB8GA1UdIwQYMBaAFIXvT1K+bA0JNzhpqQAiOGKCM+vv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4OTIxOC9EODU3QTEzRURF QkYxMUVCOUFBNjNCNkFDNEY5QUUwMi9oZTlQVXI1c0RRazNPR21wQUNJNFlvSXo2 LTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hlOVBVcjVzRFFrM09HbXBBQ0k0WW9JejYtOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 OTIxOC9EODU3QTEzRURFQkYxMUVCOUFBNjNCNkFDNEY5QUUwMi9oZTlQVXI1c0RR azNPR21wQUNJNFlvSXo2LTgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBCodhehXpAiH5IAk7JgvICt4/l9tpyGFmU78FMJuCESXYO+nbj/pO5 hY+IMAHVhXMN60h7DTu5RoPyJCegoNaWqmyYAXMUnlaYN6i2+9w0ybciZi+2qS+T 5VfGoOuVR0UXZjZwyHG3dBloFLnTOswhFD5HmTUrzRo5uRslMnUZ1+HCx3hBidzN yqZAPa7BvA+r+RwRN8n+0KvKAXEpOAbk4t3dyK47ExBT0p4q80Nbu/6BQcTTNwkL fS9C4/5JJz90/fcCuP230kb+VrHOOdRK4XYGXdelvzowVCZHDSaln+GAM7ZAwl9K ZdXu37Dq/1dzg9PvHGy3n4Pr2AEJhImb -----END CERTIFICATE-----Generated at Sun Jul 20 19:02:19 2025 by rpki-client