$ rpki-client -vvf rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.mft File: HfNLnj96ONdYmO1LBfntTEAEzrw.mft (raw, json) Hash identifier: 9Gz+pshHgTA3//g/jpSmnOpla9PoUpNK85XOaWV2zjw= Subject key identifier: E1:E0:26:EF:AA:E7:7B:F0:D1:A1:49:25:60:F6:32:83:48:6E:B7:3F Authority key identifier: 1D:F3:4B:9E:3F:7A:38:D7:58:98:ED:4B:05:F9:ED:4C:40:04:CE:BC Certificate issuer: /CN=A91F6227/serialNumber=1DF34B9E3F7A38D75898ED4B05F9ED4C4004CEBC Certificate serial: 0A15 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HfNLnj96ONdYmO1LBfntTEAEzrw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.mft Manifest number: 0A0A Signing time: Tue 22 Jul 2025 20:05:16 +0000 Manifest this update: Tue 22 Jul 2025 20:05:15 +0000 Manifest next update: Tue 29 Jul 2025 20:05:15 +0000 Files and hashes: 1: HfNLnj96ONdYmO1LBfntTEAEzrw.crl (hash: g9KodU9gzAUAYodRNzi98259c8JOnAuNwG3CAvwlZTc=) 2: A23D5DE87A6911EA930EB439C4F9AE02.roa (hash: 0c8vFwsGm0y9J7tirCRPVhjPNwdGg4DZRn3e0fuJjls=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.crl rsync://rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HfNLnj96ONdYmO1LBfntTEAEzrw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Jul 2025 20:05:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2581 (0xa15) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F6227, serialNumber=1DF34B9E3F7A38D75898ED4B05F9ED4C4004CEBC Validity Not Before: Jul 22 20:05:15 2025 GMT Not After : Jul 29 20:05:15 2025 GMT Subject: CN=687feefb-30ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:87:54:49:78:0a:5d:9f:a3:90:d0:0b:c2:ef: a7:8c:2f:e3:31:b8:be:2e:19:b0:0b:49:bc:91:33: 57:22:9a:8b:70:9f:31:f6:0d:23:13:c0:2e:d0:15: f1:f7:9f:6b:01:64:b8:f0:ce:a2:38:69:f0:d4:ff: 07:94:62:a3:ed:66:ac:6f:a3:7e:2c:39:b1:f2:67: 4e:08:b8:22:4c:1f:60:47:e2:6f:6b:f0:fa:92:e6: 8f:43:ec:7d:3c:86:f5:c6:18:9e:a6:c9:94:f7:fb: 1f:3f:c9:ca:8f:23:ff:a8:64:ae:5d:90:d8:e8:e0: 38:89:d8:88:ad:6e:31:c2:fa:ae:99:ab:4a:8a:d6: 40:20:89:9b:65:61:cd:e3:24:c3:c3:39:25:49:67: 47:6c:fa:14:64:90:0b:cb:33:1e:cd:41:77:cd:52: d3:3f:89:e0:01:ea:f2:40:22:43:25:41:83:9f:e3: 38:bc:6b:05:46:28:2f:fb:f9:0b:aa:98:91:55:1b: 5e:32:f8:d5:22:1f:45:d1:e4:93:bc:c5:28:8a:6a: 58:6b:da:a5:39:39:ce:3e:e3:a1:de:3d:7a:92:e7: 33:dc:fa:eb:a9:e0:01:de:43:fe:37:12:cb:dc:8b: 5a:2f:74:0a:f9:f5:29:14:80:d8:5b:f4:ff:ce:7a: a9:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:E0:26:EF:AA:E7:7B:F0:D1:A1:49:25:60:F6:32:83:48:6E:B7:3F X509v3 Authority Key Identifier: keyid:1D:F3:4B:9E:3F:7A:38:D7:58:98:ED:4B:05:F9:ED:4C:40:04:CE:BC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HfNLnj96ONdYmO1LBfntTEAEzrw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption d0:9e:00:e7:84:33:f2:63:ce:3e:92:6f:bb:0a:1e:29:27:79: ff:54:eb:37:fa:41:1b:f1:31:5c:17:f9:dc:8d:3e:8d:a8:f6: 79:b9:2a:12:76:da:96:21:14:66:f8:1d:dd:9e:e1:1a:7e:6d: 9c:86:bc:16:8c:98:02:6c:11:e6:8b:8e:d8:7a:40:98:e1:47: 12:72:16:c9:7e:39:5e:95:7b:5b:1b:52:08:c3:1e:21:47:6b: bf:8e:91:e9:f9:cb:f9:01:6b:59:c6:31:0a:9d:12:b9:13:64: eb:10:f7:59:b9:6d:d7:87:f3:15:1a:6a:ea:6f:f0:c1:b4:ca: 4c:50:d6:68:ca:67:e7:5b:b6:63:88:38:18:b6:e3:44:1b:72: 09:72:3d:66:6c:08:d9:ec:2d:81:34:de:e4:ce:d7:58:d2:8f: 1a:2f:ee:6c:af:fa:24:38:ba:ff:ea:ab:31:84:42:e5:6d:10: 34:63:00:41:dd:fe:e7:35:5b:15:10:c9:b7:75:dc:2c:ce:d7: 6a:05:fa:55:40:4f:49:2b:71:1b:69:2a:d5:e6:a7:3d:43:29: ab:8f:6a:aa:bb:60:9b:3b:77:b5:da:30:eb:ae:47:e5:c0:c7: c7:5f:46:23:1c:77:30:89:d7:79:d9:bb:27:7e:14:f8:1d:ba: 23:13:17:85 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICChUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjYyMjcxMTAvBgNVBAUTKDFERjM0QjlFM0Y3QTM4RDc1ODk4RUQ0QjA1RjlFRDRD NDAwNENFQkMwHhcNMjUwNzIyMjAwNTE1WhcNMjUwNzI5MjAwNTE1WjAYMRYwFAYD VQQDEw02ODdmZWVmYi0zMGVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3IdUSXgKXZ+jkNALwu+njC/jMbi+LhmwC0m8kTNXIpqLcJ8x9g0jE8Au0BXx 959rAWS48M6iOGnw1P8HlGKj7Wasb6N+LDmx8mdOCLgiTB9gR+Jva/D6kuaPQ+x9 PIb1xhiepsmU9/sfP8nKjyP/qGSuXZDY6OA4idiIrW4xwvqumatKitZAIImbZWHN 4yTDwzklSWdHbPoUZJALyzMezUF3zVLTP4ngAeryQCJDJUGDn+M4vGsFRigv+/kL qpiRVRteMvjVIh9F0eSTvMUoimpYa9qlOTnOPuOh3j16kucz3PrrqeAB3kP+NxLL 3ItaL3QK+fUpFIDYW/T/znqpEQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOHgJu+q 53vw0aFJJWD2MoNIbrc/MB8GA1UdIwQYMBaAFB3zS54/ejjXWJjtSwX57UxABM68 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjIyNy8wRDcyOEEwQTdB M0YxMUVBOEUzRDgwMzVDNEY5QUUwMi9IZk5Mbmo5Nk9OZFltTzFMQmZudFRFQUV6 cncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hmTkxuajk2T05kWW1PMUxCZm50VEVBRXpydy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NjIyNy8wRDcyOEEwQTdBM0YxMUVBOEUzRDgwMzVDNEY5QUUwMi9IZk5Mbmo5Nk9O ZFltTzFMQmZudFRFQUV6cncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDQngDnhDPyY84+km+7Ch4pJ3n/VOs3+kEb8TFcF/ncjT6NqPZ5uSoS dtqWIRRm+B3dnuEafm2chrwWjJgCbBHmi47YekCY4UcSchbJfjlelXtbG1IIwx4h R2u/jpHp+cv5AWtZxjEKnRK5E2TrEPdZuW3Xh/MVGmrqb/DBtMpMUNZoymfnW7Zj iDgYtuNEG3IJcj1mbAjZ7C2BNN7kztdY0o8aL+5sr/okOLr/6qsxhELlbRA0YwBB 3f7nNVsVEMm3ddwsztdqBfpVQE9JK3EbaSrV5qc9Qymrj2qqu2CbO3e12jDrrkfl wMfHX0YjHHcwidd52bsnfhT4HbojExeF -----END CERTIFICATE-----Generated at Thu Jul 24 04:01:56 2025 by rpki-client