$ rpki-client -vvf rpki.apnic.net/member_repository/A914D9C3/45CC82CC806911EF82C9773CC4F9AE02/HlwQfv0DzxPSFKOaaizo3a0wRw4.mft File: HlwQfv0DzxPSFKOaaizo3a0wRw4.mft (raw, json) Hash identifier: TnYewsUvrkZzMEvfnBaJSkj4JCueSyfp3GxxnTt4CpY= Subject key identifier: 9B:53:58:25:23:26:E3:47:00:AB:D7:EE:C7:4C:22:30:F4:8A:1C:C7 Authority key identifier: 1E:5C:10:7E:FD:03:CF:13:D2:14:A3:9A:6A:2C:E8:DD:AD:30:47:0E Certificate issuer: /CN=A914D9C3/serialNumber=1E5C107EFD03CF13D214A39A6A2CE8DDAD30470E Certificate serial: AD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HlwQfv0DzxPSFKOaaizo3a0wRw4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914D9C3/45CC82CC806911EF82C9773CC4F9AE02/HlwQfv0DzxPSFKOaaizo3a0wRw4.mft Manifest number: AA Signing time: Thu 21 Aug 2025 06:22:13 +0000 Manifest this update: Thu 21 Aug 2025 06:22:12 +0000 Manifest next update: Thu 28 Aug 2025 06:22:12 +0000 Files and hashes: 1: HlwQfv0DzxPSFKOaaizo3a0wRw4.crl (hash: 1OgoYzdCpao3j5Z0nLXy5UDNRDxUg5QkaPQq0pA/Ls4=) 2: F7B3707C806911EF8C30A03DC4F9AE02.roa (hash: 9WzRWZ39qEL+BS0hCUtMSeDhBI46JI/Ih27Az+Uy8VI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914D9C3/45CC82CC806911EF82C9773CC4F9AE02/HlwQfv0DzxPSFKOaaizo3a0wRw4.crl rsync://rpki.apnic.net/member_repository/A914D9C3/45CC82CC806911EF82C9773CC4F9AE02/HlwQfv0DzxPSFKOaaizo3a0wRw4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HlwQfv0DzxPSFKOaaizo3a0wRw4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Aug 2025 06:22:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 173 (0xad) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914D9C3, serialNumber=1E5C107EFD03CF13D214A39A6A2CE8DDAD30470E Validity Not Before: Aug 21 06:22:12 2025 GMT Not After : Aug 28 06:22:12 2025 GMT Subject: CN=68a6bb14-58db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:88:18:89:1e:f8:85:a5:30:30:13:36:ac:c3: 4d:eb:14:6b:c8:49:84:18:3a:f3:7e:28:d7:fb:27: 1f:ad:fc:db:1c:f0:15:7b:66:9d:fe:2c:5c:83:7a: f7:4e:bd:95:d1:84:00:07:e6:a7:6c:95:69:c1:56: fa:79:98:63:3e:f4:97:cc:d5:c8:1c:e2:cc:8b:39: 1b:7a:2f:b1:6e:c7:57:24:da:80:dd:35:7c:48:04: e6:2d:a4:47:9a:8a:3a:a1:76:1a:4d:be:10:2c:2b: d7:0c:77:1b:ec:cf:ff:37:96:68:a3:a9:cc:e8:08: ff:46:3d:a8:99:6d:8a:38:a2:49:89:52:ca:66:ce: 76:be:64:40:bf:ea:c7:31:23:42:dd:f4:2b:83:69: 14:85:a3:e1:2d:99:27:10:21:95:07:b1:1c:72:9d: 88:6e:85:16:04:78:5a:76:84:30:83:e2:34:de:eb: 6a:89:96:7e:d2:a9:1f:f9:b9:ee:f2:a3:5e:fd:05: db:ef:18:6d:ac:25:47:ef:78:63:e7:4e:f4:5d:25: a3:5a:84:70:8b:06:0d:97:25:01:d4:cf:7b:59:d9: 04:33:95:e2:ef:8f:0e:4d:91:f6:b2:fb:38:02:ba: 87:05:f3:e1:ad:fa:bf:06:07:27:bf:6a:11:0a:a1: 4f:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:53:58:25:23:26:E3:47:00:AB:D7:EE:C7:4C:22:30:F4:8A:1C:C7 X509v3 Authority Key Identifier: keyid:1E:5C:10:7E:FD:03:CF:13:D2:14:A3:9A:6A:2C:E8:DD:AD:30:47:0E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914D9C3/45CC82CC806911EF82C9773CC4F9AE02/HlwQfv0DzxPSFKOaaizo3a0wRw4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HlwQfv0DzxPSFKOaaizo3a0wRw4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914D9C3/45CC82CC806911EF82C9773CC4F9AE02/HlwQfv0DzxPSFKOaaizo3a0wRw4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3e:98:6a:5e:be:9a:e0:7c:55:f1:a7:d0:2b:a9:99:f8:ba:c2: 65:36:04:4e:2a:2f:a3:a2:4b:f2:d5:43:34:22:14:7f:9a:30: ef:2f:ec:c5:92:1a:26:56:10:50:5f:a9:af:75:df:25:cd:83: 0b:5a:f2:7e:a9:60:71:9f:d9:19:c3:b1:ed:4d:ab:37:fc:f6: 3f:96:d4:6b:b2:61:82:fe:67:db:2e:eb:e5:8e:39:f4:4f:d6: 6e:63:1c:52:6c:65:01:c1:d6:1f:ef:08:4f:ed:3e:11:5a:aa: a0:53:05:ce:10:a5:51:99:e3:94:d1:84:f8:8d:34:7a:82:e3: 20:46:07:43:28:dc:07:46:54:c5:6c:92:90:e7:53:a0:bc:92: b3:ed:81:e2:36:12:ce:9c:01:dd:4c:8f:df:fe:0a:7e:ad:1f: c1:61:4a:85:52:82:16:0a:44:87:96:02:b8:d9:f2:71:a0:27: a9:36:45:20:ba:32:db:26:d7:90:3c:28:bf:c6:bc:61:c8:44: 2f:bd:e9:96:69:da:92:eb:aa:d0:85:13:c4:24:08:af:35:04: f9:d5:9e:cb:6f:56:d6:4c:d4:09:0b:d9:cc:23:f4:a7:11:3d: 5d:06:bc:a4:60:2f:d4:c8:b0:19:a9:51:3d:7c:46:63:8f:9a: b9:ff:09:a7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAK0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEQ5QzMxMTAvBgNVBAUTKDFFNUMxMDdFRkQwM0NGMTNEMjE0QTM5QTZBMkNFOERE QUQzMDQ3MEUwHhcNMjUwODIxMDYyMjEyWhcNMjUwODI4MDYyMjEyWjAYMRYwFAYD VQQDEw02OGE2YmIxNC01OGRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsogYiR74haUwMBM2rMNN6xRryEmEGDrzfijX+ycfrfzbHPAVe2ad/ixcg3r3 Tr2V0YQAB+anbJVpwVb6eZhjPvSXzNXIHOLMizkbei+xbsdXJNqA3TV8SATmLaRH moo6oXYaTb4QLCvXDHcb7M//N5Zoo6nM6Aj/Rj2omW2KOKJJiVLKZs52vmRAv+rH MSNC3fQrg2kUhaPhLZknECGVB7Eccp2IboUWBHhadoQwg+I03utqiZZ+0qkf+bnu 8qNe/QXb7xhtrCVH73hj5070XSWjWoRwiwYNlyUB1M97WdkEM5Xi748OTZH2svs4 ArqHBfPhrfq/Bgcnv2oRCqFPXQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJtTWCUj JuNHAKvX7sdMIjD0ihzHMB8GA1UdIwQYMBaAFB5cEH79A88T0hSjmmos6N2tMEcO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RDlDMy80NUNDODJDQzgw NjkxMUVGODJDOTc3M0NDNEY5QUUwMi9IbHdRZnYwRHp4UFNGS09hYWl6bzNhMHdS dzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hsd1FmdjBEenhQU0ZLT2FhaXpvM2Ewd1J3NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RDlDMy80NUNDODJDQzgwNjkxMUVGODJDOTc3M0NDNEY5QUUwMi9IbHdRZnYwRHp4 UFNGS09hYWl6bzNhMHdSdzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA+mGpevprgfFXxp9ArqZn4usJlNgROKi+jokvy1UM0IhR/mjDvL+zF khomVhBQX6mvdd8lzYMLWvJ+qWBxn9kZw7HtTas3/PY/ltRrsmGC/mfbLuvljjn0 T9ZuYxxSbGUBwdYf7whP7T4RWqqgUwXOEKVRmeOU0YT4jTR6guMgRgdDKNwHRlTF bJKQ51OgvJKz7YHiNhLOnAHdTI/f/gp+rR/BYUqFUoIWCkSHlgK42fJxoCepNkUg ujLbJteQPCi/xrxhyEQvvemWadqS66rQhRPEJAivNQT51Z7Lb1bWTNQJC9nMI/Sn ET1dBrykYC/UyLAZqVE9fEZjj5q5/wmn -----END CERTIFICATE-----Generated at Fri Aug 22 08:16:32 2025 by rpki-client