$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8534/6E6A462CFEDD11E5B4905D7CC4F9AE02/_h1b-QL6kS1-C16YDPkdvf0rtk8.mft File: _h1b-QL6kS1-C16YDPkdvf0rtk8.mft (raw, json) Hash identifier: 5a4fDo13TalzZ+FmJNu8SY97rbE0CvFT7F3K74o0RiA= Subject key identifier: 70:7A:4B:1E:A9:FF:BF:45:51:65:B0:A4:30:B3:5E:AE:8E:6A:FC:B1 Authority key identifier: FE:1D:5B:F9:02:FA:91:2D:7E:0B:5E:98:0C:F9:1D:BD:FD:2B:B6:4F Certificate issuer: /CN=A91F8534/serialNumber=FE1D5BF902FA912D7E0B5E980CF91DBDFD2BB64F Certificate serial: 2103 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_h1b-QL6kS1-C16YDPkdvf0rtk8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F8534/6E6A462CFEDD11E5B4905D7CC4F9AE02/_h1b-QL6kS1-C16YDPkdvf0rtk8.mft Manifest number: 20F1 Signing time: Tue 22 Jul 2025 16:02:48 +0000 Manifest this update: Tue 22 Jul 2025 16:02:48 +0000 Manifest next update: Tue 29 Jul 2025 16:02:48 +0000 Files and hashes: 1: _h1b-QL6kS1-C16YDPkdvf0rtk8.crl (hash: pKg2cjGeKWyBQ9NhiQiyoUBjmySB4Yn6GvqJaeFQNfw=) 2: 173CA1AABCA011ED914D176DC4F9AE02.roa (hash: hUdH/uVzYkF0LtRZr5OEyKuVBZZQ6yEh3YtiBoLV0Iw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F8534/6E6A462CFEDD11E5B4905D7CC4F9AE02/_h1b-QL6kS1-C16YDPkdvf0rtk8.crl rsync://rpki.apnic.net/member_repository/A91F8534/6E6A462CFEDD11E5B4905D7CC4F9AE02/_h1b-QL6kS1-C16YDPkdvf0rtk8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_h1b-QL6kS1-C16YDPkdvf0rtk8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Jul 2025 16:02:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8451 (0x2103) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F8534, serialNumber=FE1D5BF902FA912D7E0B5E980CF91DBDFD2BB64F Validity Not Before: Jul 22 16:02:48 2025 GMT Not After : Jul 29 16:02:48 2025 GMT Subject: CN=687fb628-ab0b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:6c:0b:cb:e1:9b:34:65:f6:18:1a:65:08:ad: 3d:12:23:09:2b:4d:82:0e:a0:f7:20:ab:58:64:a5: ac:2b:54:6b:b3:27:20:27:5d:81:8a:72:64:8d:07: 99:61:fb:7a:20:e6:2b:6a:46:b8:82:5a:5a:ba:82: d7:01:8d:e6:3c:81:39:cc:26:50:7b:0b:65:41:57: 3f:73:45:c1:55:34:0d:bc:08:83:d0:1e:e7:d5:14: 9e:f9:3c:a3:dc:7d:de:5b:c9:23:21:a5:7c:57:dd: 75:9a:9c:8f:f6:80:a4:97:a0:a5:2e:6a:9a:53:99: eb:72:c3:6d:a1:c3:89:8c:3b:b7:22:16:ca:71:60: 35:86:f6:28:99:40:2b:05:77:6b:a8:d9:c1:54:81: f9:1a:08:9e:1a:e0:c3:2e:98:13:34:c0:08:6e:f9: 31:1e:6d:eb:05:9e:af:81:4f:7a:8b:01:41:20:72: eb:98:42:99:9b:8d:4b:cc:e9:0a:25:a7:b9:a7:1a: b3:39:f7:9d:6a:3a:67:c8:5e:30:2b:b9:32:84:1b: 36:c2:8c:f8:0e:71:f4:00:81:9e:1e:14:57:f9:06: f5:d8:18:0b:8f:dd:a0:a1:41:c0:7c:c6:c3:8b:c4: 99:3e:5a:4f:96:94:74:1f:7e:a3:06:d9:5c:dd:82: 76:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:7A:4B:1E:A9:FF:BF:45:51:65:B0:A4:30:B3:5E:AE:8E:6A:FC:B1 X509v3 Authority Key Identifier: keyid:FE:1D:5B:F9:02:FA:91:2D:7E:0B:5E:98:0C:F9:1D:BD:FD:2B:B6:4F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F8534/6E6A462CFEDD11E5B4905D7CC4F9AE02/_h1b-QL6kS1-C16YDPkdvf0rtk8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_h1b-QL6kS1-C16YDPkdvf0rtk8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8534/6E6A462CFEDD11E5B4905D7CC4F9AE02/_h1b-QL6kS1-C16YDPkdvf0rtk8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 28:3d:bd:bc:d7:5a:c0:fe:9d:3b:24:2f:68:03:57:0f:96:45: f7:3c:5f:a2:0f:c0:6c:32:8c:93:71:f4:d9:c9:c4:70:c7:cd: e2:f8:d0:91:dc:5f:7a:d2:1d:93:53:d3:57:09:f2:7c:03:9d: d1:75:de:21:a8:c0:ab:09:00:1b:f0:c3:47:dd:b8:d3:10:e0: ee:4e:37:f2:ff:b0:10:9a:54:d8:f6:a2:be:27:90:21:90:69: c0:e5:38:a2:4c:20:c5:85:0f:0f:02:62:af:80:1f:e9:28:57: a6:bc:cb:28:1f:a5:d9:78:2c:9b:85:11:72:d3:4e:08:d6:61: 62:1c:d6:09:78:ad:d1:1c:11:9b:67:13:10:0b:11:fb:d7:10: 95:a1:8f:c9:85:90:b5:68:16:38:fc:b7:ca:a9:5b:25:c5:ae: 56:bd:29:2b:d3:d7:35:34:f3:25:fa:61:de:19:c8:3b:1d:b3: 13:29:85:70:c3:0b:ef:d5:bc:87:36:07:2c:7c:46:a3:c9:d3: 8a:ba:dd:3d:9e:4d:a8:6d:74:3b:cc:83:cf:09:08:2c:1f:84: b9:30:81:a0:eb:dc:04:70:54:27:fa:b8:ba:f8:df:6d:98:f5: c9:57:38:97:56:95:0e:f3:cb:27:5a:e9:92:e0:60:cf:01:bc: 07:a5:c8:94 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICIQMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Rjg1MzQxMTAvBgNVBAUTKEZFMUQ1QkY5MDJGQTkxMkQ3RTBCNUU5ODBDRjkxREJE RkQyQkI2NEYwHhcNMjUwNzIyMTYwMjQ4WhcNMjUwNzI5MTYwMjQ4WjAYMRYwFAYD VQQDEw02ODdmYjYyOC1hYjBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt2wLy+GbNGX2GBplCK09EiMJK02CDqD3IKtYZKWsK1RrsycgJ12BinJkjQeZ Yft6IOYraka4glpauoLXAY3mPIE5zCZQewtlQVc/c0XBVTQNvAiD0B7n1RSe+Tyj 3H3eW8kjIaV8V911mpyP9oCkl6ClLmqaU5nrcsNtocOJjDu3IhbKcWA1hvYomUAr BXdrqNnBVIH5GgieGuDDLpgTNMAIbvkxHm3rBZ6vgU96iwFBIHLrmEKZm41LzOkK Jae5pxqzOfedajpnyF4wK7kyhBs2woz4DnH0AIGeHhRX+Qb12BgLj92goUHAfMbD i8SZPlpPlpR0H36jBtlc3YJ2AwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHB6Sx6p /79FUWWwpDCzXq6OavyxMB8GA1UdIwQYMBaAFP4dW/kC+pEtfgtemAz5Hb39K7ZP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGODUzNC82RTZBNDYyQ0ZF REQxMUU1QjQ5MDVEN0NDNEY5QUUwMi9faDFiLVFMNmtTMS1DMTZZRFBrZHZmMHJ0 azguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL19oMWItUUw2a1MxLUMxNllEUGtkdmYwcnRrOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG ODUzNC82RTZBNDYyQ0ZFREQxMUU1QjQ5MDVEN0NDNEY5QUUwMi9faDFiLVFMNmtT MS1DMTZZRFBrZHZmMHJ0azgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAoPb2811rA/p07JC9oA1cPlkX3PF+iD8BsMoyTcfTZycRwx83i+NCR 3F960h2TU9NXCfJ8A53Rdd4hqMCrCQAb8MNH3bjTEODuTjfy/7AQmlTY9qK+J5Ah kGnA5TiiTCDFhQ8PAmKvgB/pKFemvMsoH6XZeCybhRFy004I1mFiHNYJeK3RHBGb ZxMQCxH71xCVoY/JhZC1aBY4/LfKqVslxa5WvSkr09c1NPMl+mHeGcg7HbMTKYVw wwvv1byHNgcsfEajydOKut09nk2obXQ7zIPPCQgsH4S5MIGg69wEcFQn+ri6+N9t mPXJVziXVpUO88snWumS4GDPAbwHpciU -----END CERTIFICATE-----Generated at Wed Jul 23 02:11:13 2025 by rpki-client