$ rpki-client -vvf rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.mft File: hfK68bffHaqMiKtsXnjB_MP3jQg.mft (raw, json) Hash identifier: 577kBalkHoghk+uc8z7rBWBx+HwvXHX5lTa46VmXA8I= Subject key identifier: 84:F3:24:5D:DC:EF:C1:9B:96:FC:30:0A:57:66:63:F9:8B:19:E6:78 Authority key identifier: 85:F2:BA:F1:B7:DF:1D:AA:8C:88:AB:6C:5E:78:C1:FC:C3:F7:8D:08 Certificate issuer: /CN=A91342C5/serialNumber=85F2BAF1B7DF1DAA8C88AB6C5E78C1FCC3F78D08 Certificate serial: 03DC Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hfK68bffHaqMiKtsXnjB_MP3jQg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.mft Manifest number: 03CA Signing time: Wed 03 Sep 2025 01:05:29 +0000 Manifest this update: Wed 03 Sep 2025 01:05:29 +0000 Manifest next update: Wed 10 Sep 2025 01:05:29 +0000 Files and hashes: 1: hfK68bffHaqMiKtsXnjB_MP3jQg.crl (hash: l7KCNX8bOktCEP3FVUtaM/3uJB7l4/ft9nZt2AuTSoQ=) 2: A7FBA00E778811EDAE39280CC4F9AE02.roa (hash: A66Rcwdstkb/5EinIJWrWOuekP0qJLH5hk4F7NZimSw=) 3: 06FA5A64774011F0BE2D3736C4F9AE02.roa (hash: kpBK3OXshYOskuLSoO3uUhN6W4dairHEsqEKAKksIS4=) 4: F570D764773F11F09FC02036C4F9AE02.roa (hash: zmJ243eRg2Ohq2gJwqhBcxhyjwkk5xLJsekeFyx7Ld0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.crl rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hfK68bffHaqMiKtsXnjB_MP3jQg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Sep 2025 01:05:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 988 (0x3dc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91342C5, serialNumber=85F2BAF1B7DF1DAA8C88AB6C5E78C1FCC3F78D08 Validity Not Before: Sep 3 01:05:29 2025 GMT Not After : Sep 10 01:05:29 2025 GMT Subject: CN=68b79459-dc13 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:fa:e6:ed:0d:55:38:2b:10:7a:99:36:fa:2b: fb:e4:68:d3:db:f1:7d:17:8b:23:5d:de:d3:4c:de: 09:47:5f:14:f2:33:14:cf:31:cf:02:77:c1:95:33: 97:92:b5:47:b4:e0:a4:fc:05:da:4b:31:59:d4:f0: de:76:72:37:40:8d:ca:f1:84:11:f9:b1:48:3a:75: 1c:0f:81:8e:a4:ac:88:5b:ac:73:a9:26:73:06:c9: 1d:f9:2c:98:10:00:b1:45:26:79:7d:f9:85:c7:3e: 0f:e5:a6:fd:d2:d3:05:2e:95:f0:db:76:b4:22:1a: bb:d3:e3:2d:53:b3:c9:da:af:2d:d3:10:86:cb:55: ec:14:2a:37:9d:7d:15:08:11:45:ae:54:96:9e:9d: b6:c5:18:fa:ba:5b:83:3f:dc:cd:e1:3c:e0:f7:70: 06:56:e4:07:d0:40:ef:e3:ab:89:24:b1:54:83:91: 03:45:c2:ec:e7:66:33:4d:fa:c3:b0:ea:45:b0:40: 1c:65:64:bd:fd:18:2c:50:e4:4c:53:62:8e:ac:4c: 26:ac:e4:f8:c3:17:11:2a:10:3e:1b:7d:cb:84:60: 2d:d0:4e:11:38:12:a0:72:0f:d7:fe:38:c0:07:98: 17:de:7b:9b:b5:38:81:fd:bb:a6:3d:68:5e:21:fd: 4e:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:F3:24:5D:DC:EF:C1:9B:96:FC:30:0A:57:66:63:F9:8B:19:E6:78 X509v3 Authority Key Identifier: keyid:85:F2:BA:F1:B7:DF:1D:AA:8C:88:AB:6C:5E:78:C1:FC:C3:F7:8D:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hfK68bffHaqMiKtsXnjB_MP3jQg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0e:6e:f1:0b:de:e0:cb:75:b1:6b:00:20:d8:e9:6e:d7:08:86: b6:f2:84:4e:e4:07:cc:42:eb:a4:3e:77:52:a7:b9:81:27:28: 3b:c6:37:9d:ac:11:63:06:29:7c:b4:bd:76:08:41:a6:3c:ee: 9e:bb:04:19:48:0a:6e:97:b3:78:3e:0b:d7:f1:e0:85:62:92: 19:2e:bc:42:5c:2b:0d:9f:ec:d6:2f:c1:c3:3d:32:6c:6d:6e: f1:45:1a:5f:7e:98:d2:f8:ce:d6:fe:4f:20:03:32:51:32:76: 22:b4:f6:2e:5e:21:f1:10:6e:ac:df:80:e4:bd:cd:4c:0e:53: 86:45:a2:fc:87:6d:90:d5:97:e6:1c:0a:36:6d:a6:47:54:c2: 3d:1c:8a:1f:a7:bf:e2:1b:ad:92:f7:19:25:fe:82:c1:76:7f: 19:82:03:1d:23:76:80:32:78:67:6f:d2:32:db:ba:1c:fe:48: b9:f2:1a:46:b9:4d:55:f9:9f:c6:8c:0b:e0:67:30:1c:88:c9: d8:90:cb:2c:78:49:e4:3f:fd:cf:49:94:79:f3:b5:ba:2e:54: 16:4b:25:43:cf:61:01:a3:d2:a1:c3:76:bd:3e:a2:48:53:62: f2:21:31:e4:9d:13:d4:3a:30:b0:c1:ec:aa:35:fb:a1:9b:38: 23:76:53:49 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA9wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzQyQzUxMTAvBgNVBAUTKDg1RjJCQUYxQjdERjFEQUE4Qzg4QUI2QzVFNzhDMUZD QzNGNzhEMDgwHhcNMjUwOTAzMDEwNTI5WhcNMjUwOTEwMDEwNTI5WjAYMRYwFAYD VQQDEw02OGI3OTQ1OS1kYzEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAufrm7Q1VOCsQepk2+iv75GjT2/F9F4sjXd7TTN4JR18U8jMUzzHPAnfBlTOX krVHtOCk/AXaSzFZ1PDednI3QI3K8YQR+bFIOnUcD4GOpKyIW6xzqSZzBskd+SyY EACxRSZ5ffmFxz4P5ab90tMFLpXw23a0Ihq70+MtU7PJ2q8t0xCGy1XsFCo3nX0V CBFFrlSWnp22xRj6uluDP9zN4Tzg93AGVuQH0EDv46uJJLFUg5EDRcLs52YzTfrD sOpFsEAcZWS9/RgsUORMU2KOrEwmrOT4wxcRKhA+G33LhGAt0E4ROBKgcg/X/jjA B5gX3nubtTiB/bumPWheIf1OjQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFITzJF3c 78GblvwwCldmY/mLGeZ4MB8GA1UdIwQYMBaAFIXyuvG33x2qjIirbF54wfzD940I MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNDJDNS8xRjQwNEUzMEE0 RTkxMUVDQUYzRkIxNTJDNEY5QUUwMi9oZks2OGJmZkhhcU1pS3RzWG5qQl9NUDNq UWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2hmSzY4YmZmSGFxTWlLdHNYbmpCX01QM2pRZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NDJDNS8xRjQwNEUzMEE0RTkxMUVDQUYzRkIxNTJDNEY5QUUwMi9oZks2OGJmZkhh cU1pS3RzWG5qQl9NUDNqUWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAObvEL3uDLdbFrACDY6W7XCIa28oRO5AfMQuukPndSp7mBJyg7xjed rBFjBil8tL12CEGmPO6euwQZSApul7N4PgvX8eCFYpIZLrxCXCsNn+zWL8HDPTJs bW7xRRpffpjS+M7W/k8gAzJRMnYitPYuXiHxEG6s34Dkvc1MDlOGRaL8h22Q1Zfm HAo2baZHVMI9HIofp7/iG62S9xkl/oLBdn8ZggMdI3aAMnhnb9Iy27oc/ki58hpG uU1V+Z/GjAvgZzAciMnYkMsseEnkP/3PSZR587W6LlQWSyVDz2EBo9Khw3a9PqJI U2LyITHknRPUOjCwweyqNfuhmzgjdlNJ -----END CERTIFICATE-----Generated at Thu Sep 4 14:22:40 2025 by rpki-client