$ rpki-client -vvf rpki.apnic.net/member_repository/A9195F49/9D3C749266A211ECBB7A0A3CC4F9AE02/qHH05sNy2xC2TfOZX6FR77OfmYs.mft File: qHH05sNy2xC2TfOZX6FR77OfmYs.mft (raw, json) Hash identifier: V1R4e+y/PG3UrorDt/9jD1ItFHKRNoz6cF+GMxPS8o8= Subject key identifier: 1A:2C:A9:BD:A5:9E:6F:D7:8C:4A:44:67:1F:B7:24:2C:48:A5:2C:33 Authority key identifier: A8:71:F4:E6:C3:72:DB:10:B6:4D:F3:99:5F:A1:51:EF:B3:9F:99:8B Certificate issuer: /CN=A9195F49/serialNumber=A871F4E6C372DB10B64DF3995FA151EFB39F998B Certificate serial: 0449 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qHH05sNy2xC2TfOZX6FR77OfmYs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9195F49/9D3C749266A211ECBB7A0A3CC4F9AE02/qHH05sNy2xC2TfOZX6FR77OfmYs.mft Manifest number: 0442 Signing time: Mon 21 Jul 2025 00:32:56 +0000 Manifest this update: Mon 21 Jul 2025 00:32:56 +0000 Manifest next update: Mon 28 Jul 2025 00:32:56 +0000 Files and hashes: 1: qHH05sNy2xC2TfOZX6FR77OfmYs.crl (hash: CPR+lgeFdgjt6l1p71Hh7Cv40ddVU67o1+0WUEXr2qk=) 2: 5FC75DCC66A511EC9C199341C4F9AE02.roa (hash: jsVFzS1V8/4nPs0LiSJz70mLYAraQYwRrwx0A1zMdZQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9195F49/9D3C749266A211ECBB7A0A3CC4F9AE02/qHH05sNy2xC2TfOZX6FR77OfmYs.crl rsync://rpki.apnic.net/member_repository/A9195F49/9D3C749266A211ECBB7A0A3CC4F9AE02/qHH05sNy2xC2TfOZX6FR77OfmYs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qHH05sNy2xC2TfOZX6FR77OfmYs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 00:32:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1097 (0x449) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9195F49, serialNumber=A871F4E6C372DB10B64DF3995FA151EFB39F998B Validity Not Before: Jul 21 00:32:56 2025 GMT Not After : Jul 28 00:32:56 2025 GMT Subject: CN=687d8ab8-78f1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:78:c4:8d:25:aa:c9:a1:d1:e6:e7:e6:28:64: c6:b7:6e:c3:03:a1:06:23:71:5d:f7:b2:3e:23:ec: 3c:21:73:03:90:cb:50:26:24:18:c2:5c:32:df:8f: 97:b9:5c:d1:ae:3f:13:88:3c:de:bb:fd:32:27:08: f7:54:99:67:c5:f9:0d:4b:a9:e6:a0:d9:c8:b3:33: 17:ac:48:9c:90:16:11:52:b8:8b:e2:0f:d8:a5:ac: ac:26:7e:46:62:aa:3d:7f:05:47:44:6b:4e:1f:61: 07:51:06:48:1b:7c:bd:ca:8c:94:d1:33:22:2a:26: b7:73:4c:6c:52:3a:69:be:5c:7e:a8:73:df:31:b2: 51:28:24:f0:dd:45:d6:1e:b3:45:c0:c4:bb:9a:63: 1b:a3:44:d2:9e:2b:2b:0c:fd:2e:77:23:73:d5:de: 4b:a1:b9:fa:02:e9:bc:01:df:11:15:5d:da:cf:18: f5:cf:aa:ba:c9:3c:21:3c:26:27:41:1d:51:f7:7e: 0e:68:d5:31:36:a5:d3:ca:60:6d:ff:75:d7:15:ca: e8:ce:4f:66:d9:44:66:73:db:42:90:e9:01:d5:54: 96:b6:9d:c2:2e:9d:c7:5f:75:95:1e:5c:18:64:af: c1:ac:bd:bf:9d:16:20:da:e1:53:3b:1f:74:32:d2: 61:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:2C:A9:BD:A5:9E:6F:D7:8C:4A:44:67:1F:B7:24:2C:48:A5:2C:33 X509v3 Authority Key Identifier: keyid:A8:71:F4:E6:C3:72:DB:10:B6:4D:F3:99:5F:A1:51:EF:B3:9F:99:8B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9195F49/9D3C749266A211ECBB7A0A3CC4F9AE02/qHH05sNy2xC2TfOZX6FR77OfmYs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qHH05sNy2xC2TfOZX6FR77OfmYs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9195F49/9D3C749266A211ECBB7A0A3CC4F9AE02/qHH05sNy2xC2TfOZX6FR77OfmYs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a0:66:40:e8:30:ca:33:58:f5:33:69:81:fd:4c:a6:42:18:1c: e6:f2:1e:e1:58:fe:94:1a:80:e6:5d:15:74:d6:02:8d:36:94: 67:0e:37:df:99:f0:fd:1a:2a:8e:fc:2b:9f:7c:f3:df:6d:40: 27:da:d4:1b:1e:91:6e:5a:86:a1:e2:da:d0:85:8e:2f:43:fa: 95:87:fd:36:3c:82:fa:10:94:6e:5c:9c:00:f8:d3:4a:71:a4: 28:60:a2:17:88:68:00:46:c8:0e:52:27:4c:3a:7a:42:94:c9: f5:61:b1:c0:b1:4b:d6:d8:6e:a9:9c:1f:e6:ff:03:40:84:fd: c3:46:35:ea:9c:8b:78:4c:25:eb:a0:89:6c:5a:c9:7f:50:e1: a7:73:2f:c0:a5:0d:46:e3:31:2a:e6:86:53:21:95:6a:af:56: a4:dd:8b:03:d9:a2:2a:a1:9a:68:70:88:e9:2a:fa:75:98:7d: a7:be:28:bf:fe:d3:e6:7d:eb:f2:d8:30:f8:d6:1a:57:e1:43: bf:9b:d8:2d:a6:f6:aa:0b:2a:9c:69:e4:ed:20:18:e1:7b:8d: 4e:ab:d4:14:af:4c:b9:4f:5a:ec:08:e1:24:46:8e:fa:4a:f7: 7b:ea:b1:07:24:c3:5a:f6:f0:08:d4:a9:94:af:d1:fb:5e:15: d5:67:23:3e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBEkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTVGNDkxMTAvBgNVBAUTKEE4NzFGNEU2QzM3MkRCMTBCNjRERjM5OTVGQTE1MUVG QjM5Rjk5OEIwHhcNMjUwNzIxMDAzMjU2WhcNMjUwNzI4MDAzMjU2WjAYMRYwFAYD VQQDEw02ODdkOGFiOC03OGYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtXjEjSWqyaHR5ufmKGTGt27DA6EGI3Fd97I+I+w8IXMDkMtQJiQYwlwy34+X uVzRrj8TiDzeu/0yJwj3VJlnxfkNS6nmoNnIszMXrEickBYRUriL4g/YpaysJn5G Yqo9fwVHRGtOH2EHUQZIG3y9yoyU0TMiKia3c0xsUjppvlx+qHPfMbJRKCTw3UXW HrNFwMS7mmMbo0TSnisrDP0udyNz1d5Lobn6Aum8Ad8RFV3azxj1z6q6yTwhPCYn QR1R934OaNUxNqXTymBt/3XXFcrozk9m2URmc9tCkOkB1VSWtp3CLp3HX3WVHlwY ZK/BrL2/nRYg2uFTOx90MtJhLQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBosqb2l nm/XjEpEZx+3JCxIpSwzMB8GA1UdIwQYMBaAFKhx9ObDctsQtk3zmV+hUe+zn5mL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NUY0OS85RDNDNzQ5MjY2 QTIxMUVDQkI3QTBBM0NDNEY5QUUwMi9xSEgwNXNOeTJ4QzJUZk9aWDZGUjc3T2Zt WXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FISDA1c055MnhDMlRmT1pYNkZSNzdPZm1Zcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NUY0OS85RDNDNzQ5MjY2QTIxMUVDQkI3QTBBM0NDNEY5QUUwMi9xSEgwNXNOeTJ4 QzJUZk9aWDZGUjc3T2ZtWXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCgZkDoMMozWPUzaYH9TKZCGBzm8h7hWP6UGoDmXRV01gKNNpRnDjff mfD9GiqO/CuffPPfbUAn2tQbHpFuWoah4trQhY4vQ/qVh/02PIL6EJRuXJwA+NNK caQoYKIXiGgARsgOUidMOnpClMn1YbHAsUvW2G6pnB/m/wNAhP3DRjXqnIt4TCXr oIlsWsl/UOGncy/ApQ1G4zEq5oZTIZVqr1ak3YsD2aIqoZpocIjpKvp1mH2nvii/ /tPmfevy2DD41hpX4UO/m9gtpvaqCyqcaeTtIBjhe41Oq9QUr0y5T1rsCOEkRo76 Svd76rEHJMNa9vAI1KmUr9H7XhXVZyM+ -----END CERTIFICATE-----Generated at Mon Jul 21 12:49:53 2025 by rpki-client