$ rpki-client -vvf rpki.apnic.net/member_repository/A91D45A2/A3D2DCAA800711EC908AA967C4F9AE02/HAQwdyQVc864WNlR8CsiBXujluc.mft File: HAQwdyQVc864WNlR8CsiBXujluc.mft (raw, json) Hash identifier: icLy1eQFBQicrAMPwcmCn5zYpJ3qnFQYO+OQBDYjXTc= Subject key identifier: 0D:09:28:09:75:72:A3:60:96:B0:D3:40:90:AB:F1:A2:67:2B:A7:28 Authority key identifier: 1C:04:30:77:24:15:73:CE:B8:58:D9:51:F0:2B:22:05:7B:A3:96:E7 Certificate issuer: /CN=A91D45A2/serialNumber=1C043077241573CEB858D951F02B22057BA396E7 Certificate serial: 0404 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HAQwdyQVc864WNlR8CsiBXujluc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D45A2/A3D2DCAA800711EC908AA967C4F9AE02/HAQwdyQVc864WNlR8CsiBXujluc.mft Manifest number: 03FE Signing time: Mon 21 Jul 2025 00:42:37 +0000 Manifest this update: Mon 21 Jul 2025 00:42:37 +0000 Manifest next update: Mon 28 Jul 2025 00:42:37 +0000 Files and hashes: 1: HAQwdyQVc864WNlR8CsiBXujluc.crl (hash: K5rNcOCFqHeeUEcog1FRPqNhxjHM9GFtcJ0s/K8y4qc=) 2: 4AB730E0800B11EC84B3FA3BC4F9AE02.roa (hash: /pdJUaEubJCV2S3p1KppNWpdc/sERLFGpbX3qSnYD48=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D45A2/A3D2DCAA800711EC908AA967C4F9AE02/HAQwdyQVc864WNlR8CsiBXujluc.crl rsync://rpki.apnic.net/member_repository/A91D45A2/A3D2DCAA800711EC908AA967C4F9AE02/HAQwdyQVc864WNlR8CsiBXujluc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HAQwdyQVc864WNlR8CsiBXujluc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 00:42:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1028 (0x404) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D45A2, serialNumber=1C043077241573CEB858D951F02B22057BA396E7 Validity Not Before: Jul 21 00:42:37 2025 GMT Not After : Jul 28 00:42:37 2025 GMT Subject: CN=687d8cfd-c469 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:f9:d7:71:2e:43:3a:3b:3a:c1:e5:3a:13:4f: 46:1c:e8:66:14:b8:67:bf:1e:4d:40:0f:ba:36:a1: 05:d1:eb:8a:89:22:f4:2b:72:8b:99:3b:c6:29:d5: a4:d3:24:cc:ae:cc:cc:ee:a9:3c:9b:d1:fa:62:f0: 88:04:56:5b:1c:e1:74:b5:1e:bf:3c:0a:4d:8b:09: 13:75:02:b1:38:17:70:4c:a2:d1:83:87:6e:58:95: 2b:0b:5c:1d:be:0d:2d:8e:f6:48:3e:d7:e7:75:b2: b6:a5:f5:e0:fe:08:9c:ae:cb:8f:4d:b7:c0:73:a4: 1c:53:68:5a:6e:7c:0d:7f:18:cb:19:00:76:5b:24: f0:fa:c9:d2:b4:69:e4:e7:1f:da:7f:e3:c6:eb:a5: ee:b9:3d:0e:b9:36:7b:33:a3:53:7c:46:a7:44:75: e6:73:4a:e2:cc:d7:e4:27:1a:c6:a9:cd:96:2a:d9: cf:8c:ed:e4:1d:10:9b:aa:42:69:1d:9d:97:e7:ce: 9f:4e:76:47:7a:c9:56:f3:4e:7d:6a:30:a0:5c:75: 67:b0:34:bb:5e:28:8b:f5:07:55:c8:13:2a:ce:33: 57:23:41:e3:2b:bb:e4:e9:55:27:18:dd:26:77:fc: 1f:f6:5a:39:5e:9b:27:c5:1c:f1:c4:dc:ef:58:6d: b7:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:09:28:09:75:72:A3:60:96:B0:D3:40:90:AB:F1:A2:67:2B:A7:28 X509v3 Authority Key Identifier: keyid:1C:04:30:77:24:15:73:CE:B8:58:D9:51:F0:2B:22:05:7B:A3:96:E7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D45A2/A3D2DCAA800711EC908AA967C4F9AE02/HAQwdyQVc864WNlR8CsiBXujluc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HAQwdyQVc864WNlR8CsiBXujluc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D45A2/A3D2DCAA800711EC908AA967C4F9AE02/HAQwdyQVc864WNlR8CsiBXujluc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 71:44:5e:82:57:93:07:a5:00:9e:13:de:b4:e9:c0:b7:58:47: 8d:57:e8:75:8d:c1:92:0e:7a:74:b4:dc:3d:47:12:7d:0d:e9: de:5e:2c:16:57:22:a3:ab:09:c9:ce:6a:b7:2b:a5:8c:ea:5f: d5:e2:c4:58:8f:0f:e3:5d:7a:aa:a9:d2:be:38:d6:01:ee:50: 66:9d:52:2b:6f:7a:6a:86:59:aa:46:51:93:82:9e:87:0c:f7: f4:b9:4d:a2:10:72:cf:39:54:4c:83:eb:b3:48:b1:05:35:ba: 9c:d5:9d:52:14:59:cb:ff:70:e8:75:4f:fd:b9:e0:18:52:40: 60:aa:bb:27:82:7c:14:4c:42:72:8a:ae:44:65:fa:95:76:6d: 49:0a:ba:ab:66:81:bb:8d:8e:62:9f:e1:70:a2:00:65:88:36: b9:97:4a:04:05:57:9e:5e:dd:68:99:2e:12:8a:7c:27:d7:4b: ba:ff:bd:9c:e9:d3:7a:80:9a:13:7f:cc:5b:c0:eb:ad:bf:72: 5c:56:ac:72:4c:ca:6c:bf:14:c4:dc:4d:22:1e:90:79:d8:a6: ae:c1:a8:14:7e:12:fe:f0:32:ff:69:80:e3:95:cf:c0:60:ff: 55:cb:97:17:78:4f:77:bd:21:a4:e4:84:14:6b:fa:36:ac:a4: 3c:47:19:c6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBAQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDQ1QTIxMTAvBgNVBAUTKDFDMDQzMDc3MjQxNTczQ0VCODU4RDk1MUYwMkIyMjA1 N0JBMzk2RTcwHhcNMjUwNzIxMDA0MjM3WhcNMjUwNzI4MDA0MjM3WjAYMRYwFAYD VQQDEw02ODdkOGNmZC1jNDY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu/nXcS5DOjs6weU6E09GHOhmFLhnvx5NQA+6NqEF0euKiSL0K3KLmTvGKdWk 0yTMrszM7qk8m9H6YvCIBFZbHOF0tR6/PApNiwkTdQKxOBdwTKLRg4duWJUrC1wd vg0tjvZIPtfndbK2pfXg/gicrsuPTbfAc6QcU2habnwNfxjLGQB2WyTw+snStGnk 5x/af+PG66XuuT0OuTZ7M6NTfEanRHXmc0rizNfkJxrGqc2WKtnPjO3kHRCbqkJp HZ2X586fTnZHeslW8059ajCgXHVnsDS7XiiL9QdVyBMqzjNXI0HjK7vk6VUnGN0m d/wf9lo5XpsnxRzxxNzvWG23jQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA0JKAl1 cqNglrDTQJCr8aJnK6coMB8GA1UdIwQYMBaAFBwEMHckFXPOuFjZUfArIgV7o5bn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDVBMi9BM0QyRENBQTgw MDcxMUVDOTA4QUE5NjdDNEY5QUUwMi9IQVF3ZHlRVmM4NjRXTmxSOENzaUJYdWps dWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hBUXdkeVFWYzg2NFdObFI4Q3NpQlh1amx1Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NDVBMi9BM0QyRENBQTgwMDcxMUVDOTA4QUE5NjdDNEY5QUUwMi9IQVF3ZHlRVmM4 NjRXTmxSOENzaUJYdWpsdWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBxRF6CV5MHpQCeE9606cC3WEeNV+h1jcGSDnp0tNw9RxJ9DeneXiwW VyKjqwnJzmq3K6WM6l/V4sRYjw/jXXqqqdK+ONYB7lBmnVIrb3pqhlmqRlGTgp6H DPf0uU2iEHLPOVRMg+uzSLEFNbqc1Z1SFFnL/3DodU/9ueAYUkBgqrsngnwUTEJy iq5EZfqVdm1JCrqrZoG7jY5in+FwogBliDa5l0oEBVeeXt1omS4Sinwn10u6/72c 6dN6gJoTf8xbwOutv3JcVqxyTMpsvxTE3E0iHpB52KauwagUfhL+8DL/aYDjlc/A YP9Vy5cXeE93vSGk5IQUa/o2rKQ8RxnG -----END CERTIFICATE-----Generated at Mon Jul 21 06:28:51 2025 by rpki-client