$ rpki-client -vvf rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.mft File: HfNLnj96ONdYmO1LBfntTEAEzrw.mft (raw, json) Hash identifier: r0AIIj4NOF7Da08YaFWzMtdyF8TGLM+JmwPOpgJ4CSA= Subject key identifier: 48:B2:E0:E8:37:BE:D7:C1:4F:06:9A:F4:D4:53:E8:33:B1:9C:DD:D3 Authority key identifier: 1D:F3:4B:9E:3F:7A:38:D7:58:98:ED:4B:05:F9:ED:4C:40:04:CE:BC Certificate issuer: /CN=A91F6227/serialNumber=1DF34B9E3F7A38D75898ED4B05F9ED4C4004CEBC Certificate serial: 0A14 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HfNLnj96ONdYmO1LBfntTEAEzrw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.mft Manifest number: 0A09 Signing time: Sun 20 Jul 2025 19:56:57 +0000 Manifest this update: Sun 20 Jul 2025 19:56:57 +0000 Manifest next update: Sun 27 Jul 2025 19:56:57 +0000 Files and hashes: 1: HfNLnj96ONdYmO1LBfntTEAEzrw.crl (hash: M+WzLcyCxyyH6aRQJag//WIXzL030nkhNyX7xC+e93I=) 2: A23D5DE87A6911EA930EB439C4F9AE02.roa (hash: 0c8vFwsGm0y9J7tirCRPVhjPNwdGg4DZRn3e0fuJjls=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.crl rsync://rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HfNLnj96ONdYmO1LBfntTEAEzrw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 19:56:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2580 (0xa14) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F6227, serialNumber=1DF34B9E3F7A38D75898ED4B05F9ED4C4004CEBC Validity Not Before: Jul 20 19:56:57 2025 GMT Not After : Jul 27 19:56:57 2025 GMT Subject: CN=687d4a09-ed28 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:a8:48:ce:68:54:f4:fd:fb:91:1f:24:a8:96: dd:8b:88:dc:9e:96:4d:3d:6e:36:89:b7:b9:10:68: 76:75:6b:cb:48:86:02:d0:eb:5c:2e:49:9c:4c:7d: 7b:7f:1b:3f:ca:ae:6e:7e:35:5f:04:be:21:48:a5: 03:ba:ae:0c:88:d6:2b:bb:47:6f:28:ff:3d:e6:3d: 5a:20:3a:4c:5b:a4:ec:69:e1:5e:3a:25:b7:0b:70: 21:90:63:19:94:f6:0b:db:d4:d0:86:d8:7f:ad:0a: 7c:9d:44:5c:1a:4c:d9:9e:69:c3:ef:02:1d:f5:d6: e8:12:1d:e9:19:7b:c3:95:87:62:f7:28:ab:71:c7: 8e:e5:6d:cf:34:96:e2:63:dc:9c:0a:28:1f:07:db: fc:7a:22:22:a4:31:a9:fe:45:46:1b:95:44:32:5b: 5f:e9:88:13:ef:da:33:f2:33:f1:17:b2:d4:c3:24: 99:64:24:c4:33:cb:ab:e6:21:21:8c:05:69:fa:9a: 03:b1:9a:a1:1a:e4:4e:94:6e:bc:52:65:71:b7:dd: dc:22:23:6e:53:92:56:d8:e5:b2:cd:f6:e8:3f:7b: 2b:39:9f:b4:10:3b:d6:f3:8c:0e:0f:0d:9e:28:a9: 45:22:d3:63:a9:63:c3:51:7f:14:c0:d2:89:cf:74: b8:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:B2:E0:E8:37:BE:D7:C1:4F:06:9A:F4:D4:53:E8:33:B1:9C:DD:D3 X509v3 Authority Key Identifier: keyid:1D:F3:4B:9E:3F:7A:38:D7:58:98:ED:4B:05:F9:ED:4C:40:04:CE:BC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HfNLnj96ONdYmO1LBfntTEAEzrw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 00:be:65:00:b7:34:e8:78:25:c3:82:ee:ff:e0:39:30:17:c6: e1:23:dd:5d:6d:af:4e:a4:62:d7:fa:e3:ca:09:e3:80:ab:21: fe:6a:52:59:aa:ff:c5:d8:88:02:a1:45:bf:df:54:01:4b:e7: ba:1e:2e:39:77:99:04:94:24:7f:59:b4:fc:db:d9:aa:7c:2e: dc:6b:9f:fd:9b:44:38:81:82:c8:52:d9:a0:90:3c:3f:e7:01: 13:67:ae:4e:1b:ad:78:6a:0c:aa:d7:8e:68:8f:a9:e8:15:2d: 59:13:da:d3:79:45:72:36:b1:f2:c1:b7:dd:67:88:1f:15:db: 48:2d:b9:7c:b9:ea:21:a7:7f:18:fa:b8:55:6a:ae:24:fc:5c: 41:63:71:06:01:f7:8f:99:48:77:0c:40:18:6f:74:e4:c2:44: d2:4f:89:e0:0a:33:27:25:19:8c:d0:e5:a5:3a:21:c5:1a:74: c0:63:b8:fd:8d:cf:6a:ee:07:31:7a:4b:b1:6e:b1:5c:f0:af: 65:14:26:8f:d5:3d:93:13:c6:d5:87:d6:ca:d2:5c:96:a6:00: a4:f4:66:fe:f7:0a:13:64:97:41:c1:5e:de:bc:1b:29:23:ef: f3:19:73:e7:96:a0:ed:68:8c:7f:fd:c4:25:cc:20:19:c6:14: 05:d2:a4:8b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICChQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjYyMjcxMTAvBgNVBAUTKDFERjM0QjlFM0Y3QTM4RDc1ODk4RUQ0QjA1RjlFRDRD NDAwNENFQkMwHhcNMjUwNzIwMTk1NjU3WhcNMjUwNzI3MTk1NjU3WjAYMRYwFAYD VQQDEw02ODdkNGEwOS1lZDI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2qhIzmhU9P37kR8kqJbdi4jcnpZNPW42ibe5EGh2dWvLSIYC0OtcLkmcTH17 fxs/yq5ufjVfBL4hSKUDuq4MiNYru0dvKP895j1aIDpMW6TsaeFeOiW3C3AhkGMZ lPYL29TQhth/rQp8nURcGkzZnmnD7wId9dboEh3pGXvDlYdi9yircceO5W3PNJbi Y9ycCigfB9v8eiIipDGp/kVGG5VEMltf6YgT79oz8jPxF7LUwySZZCTEM8ur5iEh jAVp+poDsZqhGuROlG68UmVxt93cIiNuU5JW2OWyzfboP3srOZ+0EDvW84wODw2e KKlFItNjqWPDUX8UwNKJz3S4MwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEiy4Og3 vtfBTwaa9NRT6DOxnN3TMB8GA1UdIwQYMBaAFB3zS54/ejjXWJjtSwX57UxABM68 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjIyNy8wRDcyOEEwQTdB M0YxMUVBOEUzRDgwMzVDNEY5QUUwMi9IZk5Mbmo5Nk9OZFltTzFMQmZudFRFQUV6 cncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hmTkxuajk2T05kWW1PMUxCZm50VEVBRXpydy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NjIyNy8wRDcyOEEwQTdBM0YxMUVBOEUzRDgwMzVDNEY5QUUwMi9IZk5Mbmo5Nk9O ZFltTzFMQmZudFRFQUV6cncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAAvmUAtzToeCXDgu7/4DkwF8bhI91dba9OpGLX+uPKCeOAqyH+alJZ qv/F2IgCoUW/31QBS+e6Hi45d5kElCR/WbT829mqfC7ca5/9m0Q4gYLIUtmgkDw/ 5wETZ65OG614agyq145oj6noFS1ZE9rTeUVyNrHywbfdZ4gfFdtILbl8ueohp38Y +rhVaq4k/FxBY3EGAfePmUh3DEAYb3TkwkTST4ngCjMnJRmM0OWlOiHFGnTAY7j9 jc9q7gcxekuxbrFc8K9lFCaP1T2TE8bVh9bK0lyWpgCk9Gb+9woTZJdBwV7evBsp I+/zGXPnlqDtaIx//cQlzCAZxhQF0qSL -----END CERTIFICATE-----Generated at Tue Jul 22 06:00:28 2025 by rpki-client