$ rpki-client -vvf rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.mft File: H8Tf0A2sNKjrhGPTlRwio0WDesk.mft (raw, json) Hash identifier: Qws4q6LNMm1wyf3IibYBnW0mE1BPK6NyiVHpB6Lnue4= Subject key identifier: C5:8E:66:22:6F:63:95:31:E5:90:49:71:65:15:98:98:A1:E3:AD:6F Authority key identifier: 1F:C4:DF:D0:0D:AC:34:A8:EB:84:63:D3:95:1C:22:A3:45:83:7A:C9 Certificate issuer: /CN=A91B477B/serialNumber=1FC4DFD00DAC34A8EB8463D3951C22A345837AC9 Certificate serial: 06BE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H8Tf0A2sNKjrhGPTlRwio0WDesk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.mft Manifest number: 06B0 Signing time: Sun 20 Jul 2025 22:18:55 +0000 Manifest this update: Sun 20 Jul 2025 22:18:54 +0000 Manifest next update: Sun 27 Jul 2025 22:18:54 +0000 Files and hashes: 1: H8Tf0A2sNKjrhGPTlRwio0WDesk.crl (hash: vj5Qtbk6iSs1kv8CRdA/Msh1CUeEnW1eG0kguclNi9A=) 2: 22F72E28725311EBA9C51756C4F9AE02.roa (hash: Td9ZRXmDLCaOWu5C2VPY0G2nu6GZr9orup/Cn82OpN4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.crl rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H8Tf0A2sNKjrhGPTlRwio0WDesk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 22:18:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1726 (0x6be) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B477B, serialNumber=1FC4DFD00DAC34A8EB8463D3951C22A345837AC9 Validity Not Before: Jul 20 22:18:54 2025 GMT Not After : Jul 27 22:18:54 2025 GMT Subject: CN=687d6b4e-1a8c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:87:3d:ab:b7:1a:a0:e5:65:07:8b:86:94:e0: 5c:36:c5:00:a9:27:5a:94:64:96:fd:27:d3:25:73: bb:ba:52:c8:c0:fe:2a:68:67:06:8a:02:62:68:4a: 37:5a:53:33:c8:ce:fb:9f:e9:3c:ef:4c:be:31:a9: 61:7a:e4:bb:bc:d1:57:ba:ff:ea:1d:ed:2d:96:c2: 4d:ae:b2:09:c4:db:43:07:8d:ce:38:91:ca:ae:eb: 12:12:8c:3f:24:85:d7:1b:1d:d9:c5:f6:41:24:5e: d7:63:05:15:1e:4d:d4:15:98:e8:e2:16:1e:6e:18: 35:1f:e9:22:4b:fa:29:10:cc:b8:02:6a:c5:ca:73: 78:0e:92:da:28:07:06:64:ce:46:b4:91:6a:ed:d0: a2:72:57:c9:56:3a:4a:d1:04:d6:98:98:43:5b:f4: 31:fc:44:9f:2e:3b:ca:e2:a6:d2:b2:87:1b:ef:e9: b7:4c:e1:ad:64:93:b4:1b:76:d5:5b:93:47:36:3a: f7:78:20:58:6c:ed:19:91:c5:88:a5:45:10:60:2e: 35:76:1b:2f:93:a5:b3:3f:da:24:a9:4d:7d:2e:24: 40:24:af:64:d5:b1:cb:f8:05:18:d2:43:4c:05:56: 86:ba:c7:fd:e1:49:a6:fc:ed:7a:c6:fd:1d:3f:7f: c1:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:8E:66:22:6F:63:95:31:E5:90:49:71:65:15:98:98:A1:E3:AD:6F X509v3 Authority Key Identifier: keyid:1F:C4:DF:D0:0D:AC:34:A8:EB:84:63:D3:95:1C:22:A3:45:83:7A:C9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H8Tf0A2sNKjrhGPTlRwio0WDesk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1c:96:32:93:5e:5a:88:7c:6c:f5:2f:25:9d:68:5c:0a:70:84: c6:63:66:96:f8:44:40:46:d7:a3:af:0e:6a:a8:09:a3:0b:7d: 31:2d:26:9e:40:23:76:00:83:d3:c3:66:75:5b:aa:1d:ed:0f: c8:4b:51:12:52:4e:dc:a6:a5:3d:6c:a1:33:aa:51:27:e1:ad: 09:2a:4c:dd:55:b2:2a:cf:7f:85:df:e0:56:c9:e3:59:87:36: 22:2a:87:9b:bc:0a:db:0b:5b:91:1b:eb:94:5c:ee:4a:1b:fa: 70:97:40:b8:8a:d6:65:56:ed:7e:bf:f3:27:03:a1:ff:ed:7f: 89:6e:9e:99:21:22:0a:85:d4:bf:92:0a:f9:9f:8c:81:8c:55: ec:82:63:84:39:9e:3a:61:80:19:88:c7:0b:b4:cd:6d:56:4a: 9d:97:13:0c:cf:03:58:93:df:87:5a:20:dc:ec:1c:0b:23:50: 2f:df:8c:13:6c:8c:10:02:a4:22:7a:a3:53:bb:1c:d1:cc:db: 90:a0:fd:8f:f5:a4:55:ce:1d:5d:6d:dd:fb:53:99:41:e5:fa: 87:84:23:f0:34:6d:b2:7b:47:21:9a:e6:e5:2e:85:10:69:0c: 17:c9:be:2c:15:f9:eb:ab:a3:21:ee:1a:ec:4a:00:22:b7:37: b2:ac:a6:64 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBr4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjQ3N0IxMTAvBgNVBAUTKDFGQzRERkQwMERBQzM0QThFQjg0NjNEMzk1MUMyMkEz NDU4MzdBQzkwHhcNMjUwNzIwMjIxODU0WhcNMjUwNzI3MjIxODU0WjAYMRYwFAYD VQQDEw02ODdkNmI0ZS0xYThjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyIc9q7caoOVlB4uGlOBcNsUAqSdalGSW/SfTJXO7ulLIwP4qaGcGigJiaEo3 WlMzyM77n+k870y+MalheuS7vNFXuv/qHe0tlsJNrrIJxNtDB43OOJHKrusSEow/ JIXXGx3ZxfZBJF7XYwUVHk3UFZjo4hYebhg1H+kiS/opEMy4AmrFynN4DpLaKAcG ZM5GtJFq7dCiclfJVjpK0QTWmJhDW/Qx/ESfLjvK4qbSsocb7+m3TOGtZJO0G3bV W5NHNjr3eCBYbO0ZkcWIpUUQYC41dhsvk6WzP9okqU19LiRAJK9k1bHL+AUY0kNM BVaGusf94Umm/O16xv0dP3/BMQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMWOZiJv Y5Ux5ZBJcWUVmJih461vMB8GA1UdIwQYMBaAFB/E39ANrDSo64Rj05UcIqNFg3rJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDc3Qi8xQzI1NjI3MDcy NTAxMUVCQjY0OEY4NEVDNEY5QUUwMi9IOFRmMEEyc05LanJoR1BUbFJ3aW8wV0Rl c2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0g4VGYwQTJzTktqcmhHUFRsUndpbzBXRGVzay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NDc3Qi8xQzI1NjI3MDcyNTAxMUVCQjY0OEY4NEVDNEY5QUUwMi9IOFRmMEEyc05L anJoR1BUbFJ3aW8wV0Rlc2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAcljKTXlqIfGz1LyWdaFwKcITGY2aW+ERARtejrw5qqAmjC30xLSae QCN2AIPTw2Z1W6od7Q/IS1ESUk7cpqU9bKEzqlEn4a0JKkzdVbIqz3+F3+BWyeNZ hzYiKoebvArbC1uRG+uUXO5KG/pwl0C4itZlVu1+v/MnA6H/7X+Jbp6ZISIKhdS/ kgr5n4yBjFXsgmOEOZ46YYAZiMcLtM1tVkqdlxMMzwNYk9+HWiDc7BwLI1Av34wT bIwQAqQieqNTuxzRzNuQoP2P9aRVzh1dbd37U5lB5fqHhCPwNG2ye0chmublLoUQ aQwXyb4sFfnrq6Mh7hrsSgAitzeyrKZk -----END CERTIFICATE-----Generated at Mon Jul 21 06:56:13 2025 by rpki-client