$ rpki-client -vvf rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft File: hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft (raw, json) Hash identifier: rCNYhDOCkzlLeCpN/+kELanKgOlinKPFHjYzlMqcErk= Subject key identifier: 5C:CE:A8:BA:9F:35:80:D1:6C:CA:F7:EC:BD:0C:F7:76:9A:ED:28:D8 Authority key identifier: 84:E4:FF:B6:92:7F:77:F5:C3:F0:A2:52:68:2F:71:DD:B3:77:B1:1D Certificate issuer: /CN=A911C743/serialNumber=84E4FFB6927F77F5C3F0A252682F71DDB377B11D Certificate serial: 0E79 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft Manifest number: 0E6B Signing time: Sun 24 Aug 2025 17:42:07 +0000 Manifest this update: Sun 24 Aug 2025 17:42:06 +0000 Manifest next update: Sun 31 Aug 2025 17:42:06 +0000 Files and hashes: 1: hOT_tpJ_d_XD8KJSaC9x3bN3sR0.crl (hash: uGR39bKEyFKdPXXCO/lS+BPi0MY5m/hZjQQEJutVz/c=) 2: 2B21EC2EE4E111E981365C17C4F9AE02.roa (hash: MmZvnPTLEUK2uOO8LldttqheyhLmSNsa1D7UmikJt9Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.crl rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 31 Aug 2025 17:42:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3705 (0xe79) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911C743, serialNumber=84E4FFB6927F77F5C3F0A252682F71DDB377B11D Validity Not Before: Aug 24 17:42:06 2025 GMT Not After : Aug 31 17:42:06 2025 GMT Subject: CN=68ab4eef-f44f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:7c:a6:80:56:67:9f:a3:41:67:9e:43:cb:95: bc:16:fc:63:83:64:13:6b:dc:8b:63:9f:f6:d3:93: ce:66:51:96:ab:10:da:37:49:66:49:66:7b:ab:84: e2:6d:b8:76:de:84:3d:a8:37:5c:e9:76:d1:38:e1: 90:7d:43:18:f3:9a:bf:98:fc:27:c8:ff:06:0e:2a: 17:46:38:f4:7a:fb:02:8c:6a:f8:0c:9e:ab:fb:b3: 98:bb:ba:cc:fd:e5:02:38:a7:c0:1a:24:79:44:99: d8:34:c9:db:d7:e5:03:21:d6:38:61:67:0f:b8:34: 53:0a:f9:48:f4:86:ed:2b:dc:73:b9:0c:4c:4e:f1: 78:b8:f0:a1:75:27:5c:b1:8b:d6:e3:81:53:4e:fa: 66:ad:8a:97:aa:57:6d:ae:85:5c:3c:90:14:a2:39: bf:54:35:d1:6b:24:0b:5f:ba:f4:35:d9:47:85:33: e8:21:65:c0:3e:3b:6f:04:74:ae:10:79:ea:26:b7: a0:d0:54:75:a1:26:a6:da:d3:e7:d5:cf:a6:7b:67: 27:d2:f8:14:bb:74:fe:c6:b9:46:9d:3d:b3:5d:79: ef:d3:67:8a:19:0a:92:e9:f9:87:56:d4:71:ed:0d: 89:35:ff:11:da:b5:51:cd:49:fd:32:8f:96:4a:9f: 4f:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:CE:A8:BA:9F:35:80:D1:6C:CA:F7:EC:BD:0C:F7:76:9A:ED:28:D8 X509v3 Authority Key Identifier: keyid:84:E4:FF:B6:92:7F:77:F5:C3:F0:A2:52:68:2F:71:DD:B3:77:B1:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 80:35:27:df:55:ac:52:b1:0a:d3:cd:fb:ec:24:2f:a4:6c:9e: 09:41:44:4d:9c:bf:2c:5a:b4:cf:6d:c8:9c:2a:58:06:1c:b3: 5c:5f:55:0c:34:d7:1e:41:75:7c:1c:16:87:62:bd:5b:31:f6: 2f:12:52:4d:eb:cf:3c:be:77:80:e6:fc:46:56:35:b3:54:b1: f4:31:77:43:64:d3:7f:4b:e2:75:0f:dd:5b:65:91:56:d8:b6: d4:3e:b3:db:e5:9c:fd:e4:6c:f5:44:12:80:d1:6b:7f:1d:df: b9:51:06:89:5c:bc:f5:72:8a:63:3f:94:8f:07:e6:6f:e2:fc: 72:77:db:0c:75:6a:4c:d3:51:7e:1c:74:bd:84:76:61:7b:9a: a6:ac:28:72:35:9c:ce:c0:58:5e:3c:c8:d7:f2:a1:84:41:d8: 08:1a:74:11:57:ec:00:ad:0f:32:fd:b1:3e:a5:6b:b5:e1:bd: cd:e4:11:0a:a6:dc:b7:a2:4b:08:d0:3a:91:0e:2a:eb:8f:20: 8d:9e:ab:70:ad:ed:01:12:1d:47:d3:7c:b6:23:46:af:62:5e: a0:13:e9:22:ad:66:e7:86:29:ec:be:71:a4:1a:f0:46:38:1f: cb:d2:e7:1a:f8:67:c4:fe:82:ad:4e:67:f6:6a:e7:e8:51:19: e3:0f:2b:fa -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDnkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUM3NDMxMTAvBgNVBAUTKDg0RTRGRkI2OTI3Rjc3RjVDM0YwQTI1MjY4MkY3MURE QjM3N0IxMUQwHhcNMjUwODI0MTc0MjA2WhcNMjUwODMxMTc0MjA2WjAYMRYwFAYD VQQDEw02OGFiNGVlZi1mNDRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuHymgFZnn6NBZ55Dy5W8Fvxjg2QTa9yLY5/205POZlGWqxDaN0lmSWZ7q4Ti bbh23oQ9qDdc6XbROOGQfUMY85q/mPwnyP8GDioXRjj0evsCjGr4DJ6r+7OYu7rM /eUCOKfAGiR5RJnYNMnb1+UDIdY4YWcPuDRTCvlI9IbtK9xzuQxMTvF4uPChdSdc sYvW44FTTvpmrYqXqldtroVcPJAUojm/VDXRayQLX7r0NdlHhTPoIWXAPjtvBHSu EHnqJreg0FR1oSam2tPn1c+me2cn0vgUu3T+xrlGnT2zXXnv02eKGQqS6fmHVtRx 7Q2JNf8R2rVRzUn9Mo+WSp9PzwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFzOqLqf NYDRbMr37L0M93aa7SjYMB8GA1UdIwQYMBaAFITk/7aSf3f1w/CiUmgvcd2zd7Ed MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzc0My9GOEFFMjg4MEEy MUQxMUU5ODI0MkFEODFDNEY5QUUwMi9oT1RfdHBKX2RfWEQ4S0pTYUM5eDNiTjNz UjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hPVF90cEpfZF9YRDhLSlNhQzl4M2JOM3NSMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx Qzc0My9GOEFFMjg4MEEyMUQxMUU5ODI0MkFEODFDNEY5QUUwMi9oT1RfdHBKX2Rf WEQ4S0pTYUM5eDNiTjNzUjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCANSffVaxSsQrTzfvsJC+kbJ4JQURNnL8sWrTPbcicKlgGHLNcX1UM NNceQXV8HBaHYr1bMfYvElJN6888vneA5vxGVjWzVLH0MXdDZNN/S+J1D91bZZFW 2LbUPrPb5Zz95Gz1RBKA0Wt/Hd+5UQaJXLz1copjP5SPB+Zv4vxyd9sMdWpM01F+ HHS9hHZhe5qmrChyNZzOwFhePMjX8qGEQdgIGnQRV+wArQ8y/bE+pWu14b3N5BEK pty3oksI0DqRDirrjyCNnqtwre0BEh1H03y2I0avYl6gE+kirWbnhinsvnGkGvBG OB/L0uca+GfE/oKtTmf2aufoURnjDyv6 -----END CERTIFICATE-----Generated at Sun Aug 24 21:48:16 2025 by rpki-client