$ rpki-client -vvf rpki.apnic.net/member_repository/A919BEDB/5D867EBC1F8311E7B57E6053C4F9AE02/Ht5cbgCAKLzSrjNlE4G94f0HxdQ.mft File: Ht5cbgCAKLzSrjNlE4G94f0HxdQ.mft (raw, json) Hash identifier: md85O9a8drJA9WvdMdddPm5ppUigFvi523P9aVfQ/gk= Subject key identifier: 2F:02:7E:EC:CA:44:F8:EF:0F:C2:00:DF:26:5F:7E:B7:A5:12:73:66 Authority key identifier: 1E:DE:5C:6E:00:80:28:BC:D2:AE:33:65:13:81:BD:E1:FD:07:C5:D4 Certificate issuer: /CN=A919BEDB/serialNumber=1EDE5C6E008028BCD2AE33651381BDE1FD07C5D4 Certificate serial: 1B75 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ht5cbgCAKLzSrjNlE4G94f0HxdQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919BEDB/5D867EBC1F8311E7B57E6053C4F9AE02/Ht5cbgCAKLzSrjNlE4G94f0HxdQ.mft Manifest number: 1B33 Signing time: Tue 22 Jul 2025 16:25:25 +0000 Manifest this update: Tue 22 Jul 2025 16:25:24 +0000 Manifest next update: Tue 29 Jul 2025 16:25:24 +0000 Files and hashes: 1: Ht5cbgCAKLzSrjNlE4G94f0HxdQ.crl (hash: 8Vryb0KvN7k3sG750v0rC38hGbiHmUCBG9eXDrHIK0w=) 2: 65486DA81F8411E79BCB6D54C4F9AE02.roa (hash: 4xV+J3CmmdCpDaEFPGjRsDGwUIL2Vy4kSy5m15MGfXg=) 3: 634556A61F8411E79BCB6D54C4F9AE02.roa (hash: 4IDng3Lrs8lhaOUdN7yvdIjmCJWMny3fPwZTXINqHBU=) 4: AA54657A880E11ED9BE52B17C4F9AE02.roa (hash: UVvEuCytrfCrphts5UpSNqcuRE3wm/rQR1W1CXxy/Rw=) 5: A842EEAA880E11ED9BE52B17C4F9AE02.roa (hash: 4Q6EmcPQKZH/+9z09btDyZRmVTuV1a4n3djNOV7Om64=) 6: A93E93C2880E11ED9BE52B17C4F9AE02.roa (hash: KB78mB/+BtWr5xn0d2YgdyzOTI8fLFM20j2nckGLtwU=) 7: 66914122CEAB11E796AC671AC4F9AE02.roa (hash: 9nJsdnxbQLzrLx2EZCka7q5S0FAqMVpfxB+cnZiwYyk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919BEDB/5D867EBC1F8311E7B57E6053C4F9AE02/Ht5cbgCAKLzSrjNlE4G94f0HxdQ.crl rsync://rpki.apnic.net/member_repository/A919BEDB/5D867EBC1F8311E7B57E6053C4F9AE02/Ht5cbgCAKLzSrjNlE4G94f0HxdQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ht5cbgCAKLzSrjNlE4G94f0HxdQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Jul 2025 16:25:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7029 (0x1b75) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919BEDB, serialNumber=1EDE5C6E008028BCD2AE33651381BDE1FD07C5D4 Validity Not Before: Jul 22 16:25:24 2025 GMT Not After : Jul 29 16:25:24 2025 GMT Subject: CN=687fbb75-1f50 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:27:1f:8f:80:79:54:ea:0d:03:b5:6e:ca:ee: 22:f3:c2:eb:32:a0:50:47:1e:0b:ee:f3:6c:68:af: 8e:e8:a8:36:ff:eb:c2:51:dc:d7:63:d2:4a:fe:d0: 12:e3:36:a7:36:cb:65:64:2c:de:ad:7c:5c:f0:dd: 14:d3:16:94:39:e4:7f:cd:78:2b:8f:04:9c:7d:33: 76:cd:3a:f7:50:aa:bd:e5:88:c1:c0:4b:e7:58:c8: 9d:08:90:3f:85:b8:a3:25:8c:cc:09:27:b4:a7:41: dc:c3:9e:36:66:ff:53:3d:2a:d9:57:92:c9:d5:cc: 14:5a:ba:d3:4f:58:32:68:3b:42:00:c2:f4:58:a0: 33:96:f0:91:b7:e0:0a:0c:94:82:72:f8:fc:a6:a3: 00:b0:40:3f:98:a4:1c:f7:a1:4f:81:b1:9a:17:3e: d3:dc:34:34:fc:56:4f:7b:a9:b5:0e:f5:4a:47:c4: 47:b0:91:92:9d:bc:03:45:22:42:b2:3a:f9:95:c6: 8f:4a:e2:ab:f0:ad:4b:ec:51:72:ac:d8:58:96:e8: 6e:d9:64:df:e1:23:6c:53:65:85:42:7f:dc:dd:70: 81:e2:d5:7c:fe:90:34:b1:3e:11:6d:a0:57:d8:bc: 76:b0:fc:13:8a:bc:ae:b6:c0:ad:df:c0:a7:66:27: e6:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:02:7E:EC:CA:44:F8:EF:0F:C2:00:DF:26:5F:7E:B7:A5:12:73:66 X509v3 Authority Key Identifier: keyid:1E:DE:5C:6E:00:80:28:BC:D2:AE:33:65:13:81:BD:E1:FD:07:C5:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919BEDB/5D867EBC1F8311E7B57E6053C4F9AE02/Ht5cbgCAKLzSrjNlE4G94f0HxdQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ht5cbgCAKLzSrjNlE4G94f0HxdQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919BEDB/5D867EBC1F8311E7B57E6053C4F9AE02/Ht5cbgCAKLzSrjNlE4G94f0HxdQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a5:48:94:07:8e:75:c3:0b:e7:9c:ed:64:c0:00:f8:15:15:d7: bb:e3:fc:f4:e4:08:d8:02:e8:1e:48:2f:47:79:6b:6b:25:52: 51:63:b8:dd:a4:67:cb:c6:9e:12:57:31:f3:39:ce:67:38:ed: 35:ed:42:01:96:2d:40:67:8d:46:ec:0a:dc:83:bd:4e:44:91: f6:ce:f2:b6:9f:3d:71:e9:ef:1d:8e:3c:d3:34:10:35:4a:5e: 1a:3e:d0:b3:06:5f:ab:ec:3c:c1:77:b0:4b:2a:76:9d:3e:6b: 24:5e:6f:55:3d:52:a0:db:53:aa:ff:79:46:0b:cd:16:b3:fa: a9:c3:aa:57:ac:6d:63:77:d8:f5:6a:42:72:5d:1f:22:d1:fb: 2d:dc:f8:37:fd:cf:99:b1:8d:fa:0e:f5:de:90:e2:ce:02:26: dd:de:18:b4:d7:8f:99:89:0d:de:f0:12:e9:0d:12:cd:c5:09: 3c:38:82:5d:24:51:82:4d:1b:f2:28:35:f2:c3:fa:9f:56:d1: 38:1e:a6:7c:2c:a8:1e:5e:ef:31:b7:2a:b2:55:64:32:38:1a: 50:d9:bf:41:e9:76:e5:f6:40:2d:b7:93:da:2d:32:b8:82:f7: 0a:71:67:54:bc:c7:18:4a:59:67:1e:d3:b8:91:af:a2:bc:c8: e1:bb:f1:84 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICG3UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUJFREIxMTAvBgNVBAUTKDFFREU1QzZFMDA4MDI4QkNEMkFFMzM2NTEzODFCREUx RkQwN0M1RDQwHhcNMjUwNzIyMTYyNTI0WhcNMjUwNzI5MTYyNTI0WjAYMRYwFAYD VQQDEw02ODdmYmI3NS0xZjUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0Ccfj4B5VOoNA7Vuyu4i88LrMqBQRx4L7vNsaK+O6Kg2/+vCUdzXY9JK/tAS 4zanNstlZCzerXxc8N0U0xaUOeR/zXgrjwScfTN2zTr3UKq95YjBwEvnWMidCJA/ hbijJYzMCSe0p0Hcw542Zv9TPSrZV5LJ1cwUWrrTT1gyaDtCAML0WKAzlvCRt+AK DJSCcvj8pqMAsEA/mKQc96FPgbGaFz7T3DQ0/FZPe6m1DvVKR8RHsJGSnbwDRSJC sjr5lcaPSuKr8K1L7FFyrNhYluhu2WTf4SNsU2WFQn/c3XCB4tV8/pA0sT4RbaBX 2Lx2sPwTiryutsCt38CnZifmDQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC8CfuzK RPjvD8IA3yZffrelEnNmMB8GA1UdIwQYMBaAFB7eXG4AgCi80q4zZROBveH9B8XU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QkVEQi81RDg2N0VCQzFG ODMxMUU3QjU3RTYwNTNDNEY5QUUwMi9IdDVjYmdDQUtMelNyak5sRTRHOTRmMEh4 ZFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0h0NWNiZ0NBS0x6U3JqTmxFNEc5NGYwSHhkUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 QkVEQi81RDg2N0VCQzFGODMxMUU3QjU3RTYwNTNDNEY5QUUwMi9IdDVjYmdDQUtM elNyak5sRTRHOTRmMEh4ZFEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQClSJQHjnXDC+ec7WTAAPgVFde74/z05AjYAugeSC9HeWtrJVJRY7jd pGfLxp4SVzHzOc5nOO017UIBli1AZ41G7Arcg71ORJH2zvK2nz1x6e8djjzTNBA1 Sl4aPtCzBl+r7DzBd7BLKnadPmskXm9VPVKg21Oq/3lGC80Ws/qpw6pXrG1jd9j1 akJyXR8i0fst3Pg3/c+ZsY36DvXekOLOAibd3hi014+ZiQ3e8BLpDRLNxQk8OIJd JFGCTRvyKDXyw/qfVtE4HqZ8LKgeXu8xtyqyVWQyOBpQ2b9B6Xbl9kAtt5PaLTK4 gvcKcWdUvMcYSllnHtO4ka+ivMjhu/GE -----END CERTIFICATE-----Generated at Wed Jul 23 02:29:34 2025 by rpki-client