$ rpki-client -vvf rpki.apnic.net/member_repository/A9142F59/0526D62E623011F0A0207630C4F9AE02/HKNtz8PAQzP4g7g18sjd0CXVQQY.mft File: HKNtz8PAQzP4g7g18sjd0CXVQQY.mft (raw, json) Hash identifier: N+yeDsDsuGvT4c+UwMV2bZTp4avB19Pq5tk5RVwmnTc= Subject key identifier: 63:32:58:EB:53:AE:4A:3A:EF:90:3C:FD:B1:B6:BF:3E:A7:B2:34:A1 Authority key identifier: 1C:A3:6D:CF:C3:C0:43:33:F8:83:B8:35:F2:C8:DD:D0:25:D5:41:06 Certificate issuer: /CN=A9142F59/serialNumber=1CA36DCFC3C04333F883B835F2C8DDD025D54106 Certificate serial: 2C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HKNtz8PAQzP4g7g18sjd0CXVQQY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9142F59/0526D62E623011F0A0207630C4F9AE02/HKNtz8PAQzP4g7g18sjd0CXVQQY.mft Manifest number: 27 Signing time: Wed 17 Sep 2025 08:37:25 +0000 Manifest this update: Wed 17 Sep 2025 08:37:25 +0000 Manifest next update: Wed 24 Sep 2025 08:37:25 +0000 Files and hashes: 1: HKNtz8PAQzP4g7g18sjd0CXVQQY.crl (hash: FlLsyQnnEy1ZjcY7ppVVCtu7XWTB12YZCLqnOkMnEto=) 2: F363BF8080D211F08AE15D79C4F9AE02.roa (hash: eS0zUpgRRL7WaF+GRsM285txsIcDMktwxJHl0wWBxi4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9142F59/0526D62E623011F0A0207630C4F9AE02/HKNtz8PAQzP4g7g18sjd0CXVQQY.crl rsync://rpki.apnic.net/member_repository/A9142F59/0526D62E623011F0A0207630C4F9AE02/HKNtz8PAQzP4g7g18sjd0CXVQQY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HKNtz8PAQzP4g7g18sjd0CXVQQY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Sep 2025 08:37:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44 (0x2c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9142F59, serialNumber=1CA36DCFC3C04333F883B835F2C8DDD025D54106 Validity Not Before: Sep 17 08:37:25 2025 GMT Not After : Sep 24 08:37:25 2025 GMT Subject: CN=68ca7345-1853 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:00:d0:c3:96:9e:f7:01:d0:c4:c5:05:fe:3f: ea:a3:34:b4:8d:9b:8b:be:a3:30:d3:8c:b5:73:96: 90:ad:a2:18:c1:b3:9f:0d:a3:84:8a:b5:c7:75:8a: af:25:ca:3e:3e:8d:1c:9e:1b:cf:e8:18:43:b5:04: 62:6d:48:06:43:01:26:14:6a:66:96:51:a7:c9:53: b8:9e:ec:4f:0e:05:f1:ff:d1:cb:ee:ae:e3:97:3b: ae:37:f0:ab:28:03:f4:a4:5a:8b:33:aa:c9:80:f3: 5a:fe:1d:f6:7c:88:ff:5f:8d:fb:83:4f:58:8c:68: 24:8f:db:f1:0a:d5:57:59:f0:dc:a9:aa:8a:61:c7: 70:7e:9b:12:2e:78:5d:08:72:bd:a9:b8:b8:26:69: 8e:80:10:9a:d6:06:27:12:a2:ec:0f:31:05:67:a4: 84:8f:81:87:6a:2b:71:21:45:05:9f:91:66:e2:49: 38:6f:70:cc:9e:32:cd:54:4d:c7:69:51:df:4f:9d: 17:9f:1e:02:56:2e:b6:9b:dc:41:2c:d2:ef:3c:0f: 83:d0:1c:5b:e3:7e:65:38:22:32:11:6e:ae:fe:37: d3:2b:de:03:23:d8:2a:e7:d3:86:af:e4:e5:08:98: 12:0f:a8:c2:de:f6:62:10:32:98:10:35:f7:04:4e: 71:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:32:58:EB:53:AE:4A:3A:EF:90:3C:FD:B1:B6:BF:3E:A7:B2:34:A1 X509v3 Authority Key Identifier: keyid:1C:A3:6D:CF:C3:C0:43:33:F8:83:B8:35:F2:C8:DD:D0:25:D5:41:06 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9142F59/0526D62E623011F0A0207630C4F9AE02/HKNtz8PAQzP4g7g18sjd0CXVQQY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HKNtz8PAQzP4g7g18sjd0CXVQQY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9142F59/0526D62E623011F0A0207630C4F9AE02/HKNtz8PAQzP4g7g18sjd0CXVQQY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1e:34:9c:7b:c4:c4:7a:cc:b0:92:75:69:b6:1b:66:96:d6:c6: 3c:38:c7:2b:db:3c:d4:9f:b6:7e:ec:ca:b0:4e:47:b0:b0:bf: bc:41:55:b2:eb:2e:07:b2:d9:7d:9d:6d:85:2d:ba:75:69:e3: ae:6e:a6:a6:d7:16:23:60:5b:e1:a0:57:42:21:0b:62:4c:0c: 1d:f7:8b:a3:77:05:85:f5:6f:74:2e:2d:6e:c0:27:10:30:89: 63:c4:6a:9e:be:3c:8f:58:f8:b9:61:0c:9b:b8:2f:05:bb:c1: 1f:6b:84:5c:ae:fd:16:d9:6b:0e:cf:74:5c:16:d0:8a:d4:45: 01:1a:f7:7d:31:13:59:77:7c:02:2b:10:2c:13:46:44:8c:59: 72:43:20:34:5b:47:dd:50:f3:b5:17:d1:d8:50:32:b5:8a:a2: ec:aa:5f:45:a7:b6:f9:29:df:c8:02:cb:15:18:a7:02:71:9f: 15:9c:5a:ed:49:e6:4a:49:08:ad:2e:9d:ef:b9:4e:bd:2d:f9: 81:21:36:92:04:65:9d:3c:36:47:a1:7a:af:86:3a:60:ed:71: 26:f0:9b:b1:c1:ab:c7:e0:d2:ab:2a:3d:b6:63:ca:d1:63:e1: 1e:05:2a:f3:37:c7:fc:a1:1a:12:40:f5:78:f6:58:c3:fc:0c: d6:33:74:35 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBLDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 MkY1OTExMC8GA1UEBRMoMUNBMzZEQ0ZDM0MwNDMzM0Y4ODNCODM1RjJDOERERDAy NUQ1NDEwNjAeFw0yNTA5MTcwODM3MjVaFw0yNTA5MjQwODM3MjVaMBgxFjAUBgNV BAMTDTY4Y2E3MzQ1LTE4NTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC8ANDDlp73AdDExQX+P+qjNLSNm4u+ozDTjLVzlpCtohjBs58No4SKtcd1iq8l yj4+jRyeG8/oGEO1BGJtSAZDASYUamaWUafJU7ie7E8OBfH/0cvuruOXO6438Kso A/SkWoszqsmA81r+HfZ8iP9fjfuDT1iMaCSP2/EK1VdZ8Nypqophx3B+mxIueF0I cr2puLgmaY6AEJrWBicSouwPMQVnpISPgYdqK3EhRQWfkWbiSThvcMyeMs1UTcdp Ud9PnRefHgJWLrab3EEs0u88D4PQHFvjfmU4IjIRbq7+N9Mr3gMj2Crn04av5OUI mBIPqMLe9mIQMpgQNfcETnFDAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUYzJY61Ou SjrvkDz9sba/PqeyNKEwHwYDVR0jBBgwFoAUHKNtz8PAQzP4g7g18sjd0CXVQQYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQyRjU5LzA1MjZENjJFNjIz MDExRjBBMDIwNzYzMEM0RjlBRTAyL0hLTnR6OFBBUXpQNGc3ZzE4c2pkMENYVlFR WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvSEtOdHo4UEFRelA0ZzdnMThzamQwQ1hWUVFZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQy RjU5LzA1MjZENjJFNjIzMDExRjBBMDIwNzYzMEM0RjlBRTAyL0hLTnR6OFBBUXpQ NGc3ZzE4c2pkMENYVlFRWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAB40nHvExHrMsJJ1abYbZpbWxjw4xyvbPNSftn7syrBOR7Cwv7xBVbLr Lgey2X2dbYUtunVp465upqbXFiNgW+GgV0IhC2JMDB33i6N3BYX1b3QuLW7AJxAw iWPEap6+PI9Y+LlhDJu4LwW7wR9rhFyu/RbZaw7PdFwW0IrURQEa930xE1l3fAIr ECwTRkSMWXJDIDRbR91Q87UX0dhQMrWKouyqX0Wntvkp38gCyxUYpwJxnxWcWu1J 5kpJCK0une+5Tr0t+YEhNpIEZZ08Nkeheq+GOmDtcSbwm7HBq8fg0qsqPbZjytFj 4R4FKvM3x/yhGhJA9Xj2WMP8DNYzdDU= -----END CERTIFICATE-----Generated at Thu Sep 18 21:55:47 2025 by rpki-client