$ rpki-client -vvf rpki.apnic.net/member_repository/A917B540/D97A95BCF88011EDB9ABFC56C4F9AE02/cC-hrpaCsrIuzdmlMBLw5vG6G5w.mft File: cC-hrpaCsrIuzdmlMBLw5vG6G5w.mft (raw, json) Hash identifier: PnOCTa+t2+CCQGBzj4MfnDvanNcw3439zN+mRZ+uMuI= Subject key identifier: 9B:32:64:02:2D:D6:8F:84:46:D2:F5:20:3E:61:69:15:0A:F0:CE:B7 Authority key identifier: 70:2F:A1:AE:96:82:B2:B2:2E:CD:D9:A5:30:12:F0:E6:F1:BA:1B:9C Certificate issuer: /CN=A917B540/serialNumber=702FA1AE9682B2B22ECDD9A53012F0E6F1BA1B9C Certificate serial: 01BE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cC-hrpaCsrIuzdmlMBLw5vG6G5w.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917B540/D97A95BCF88011EDB9ABFC56C4F9AE02/cC-hrpaCsrIuzdmlMBLw5vG6G5w.mft Manifest number: 01B9 Signing time: Wed 17 Sep 2025 03:36:41 +0000 Manifest this update: Wed 17 Sep 2025 03:36:40 +0000 Manifest next update: Wed 24 Sep 2025 03:36:40 +0000 Files and hashes: 1: cC-hrpaCsrIuzdmlMBLw5vG6G5w.crl (hash: G8yLP6f5D6riHLanzhXr3vGk9BBWes68GTw5gRCvio8=) 2: 1966C856FB9E11ED8309FC1DC4F9AE02.roa (hash: UaxkzwEU7Uh70PtMMkf/dHGEWq655rIu4QsEPhurB3I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917B540/D97A95BCF88011EDB9ABFC56C4F9AE02/cC-hrpaCsrIuzdmlMBLw5vG6G5w.crl rsync://rpki.apnic.net/member_repository/A917B540/D97A95BCF88011EDB9ABFC56C4F9AE02/cC-hrpaCsrIuzdmlMBLw5vG6G5w.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cC-hrpaCsrIuzdmlMBLw5vG6G5w.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Sep 2025 03:36:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 446 (0x1be) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917B540, serialNumber=702FA1AE9682B2B22ECDD9A53012F0E6F1BA1B9C Validity Not Before: Sep 17 03:36:40 2025 GMT Not After : Sep 24 03:36:40 2025 GMT Subject: CN=68ca2cc8-aba0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:9b:aa:19:8d:4f:54:b5:46:a8:b5:c1:3e:3b: 35:08:b3:cd:f4:32:27:0b:88:ba:74:87:b0:e7:f6: 9f:5b:88:7f:d3:51:53:33:26:b2:a2:bd:6a:e6:d6: fe:9c:b6:b7:d3:4c:bf:4b:00:05:fc:79:b1:78:37: 88:fc:20:b4:ba:0b:89:cf:ee:f9:78:03:8b:ec:66: 5c:06:6d:04:9f:85:51:63:64:05:a1:ba:d5:20:b0: 79:51:ff:f5:47:34:35:1b:5d:30:22:ed:d8:e8:aa: a8:a2:10:c6:b2:52:ae:12:ca:cd:b7:13:ee:3e:16: e4:92:3e:db:9d:94:8b:9f:66:c8:e7:93:f9:42:87: 59:f2:fc:d0:d1:b2:af:20:d9:68:48:ee:7e:2c:1a: 4a:d4:fd:27:ce:08:6a:6a:f1:cc:c4:08:ea:55:cd: 0d:eb:f9:12:fb:85:c7:ef:66:e6:a5:49:1d:d8:5f: f4:40:1f:31:6d:38:60:3c:64:04:84:0a:e1:44:29: 48:76:a8:66:70:0b:10:da:cb:9f:37:90:74:ae:09: 3a:e9:2f:26:7e:e1:03:22:45:3b:ea:dd:2a:bc:bd: ba:6a:fa:57:31:97:78:79:70:44:84:7a:7d:79:de: 41:4a:6b:b1:10:40:47:fa:7d:a6:90:58:35:f2:a9: 34:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:32:64:02:2D:D6:8F:84:46:D2:F5:20:3E:61:69:15:0A:F0:CE:B7 X509v3 Authority Key Identifier: keyid:70:2F:A1:AE:96:82:B2:B2:2E:CD:D9:A5:30:12:F0:E6:F1:BA:1B:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917B540/D97A95BCF88011EDB9ABFC56C4F9AE02/cC-hrpaCsrIuzdmlMBLw5vG6G5w.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cC-hrpaCsrIuzdmlMBLw5vG6G5w.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917B540/D97A95BCF88011EDB9ABFC56C4F9AE02/cC-hrpaCsrIuzdmlMBLw5vG6G5w.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0f:37:5b:27:00:7b:e8:61:d5:8c:b0:42:fc:f0:c2:ed:7b:ab: 59:4d:ba:4a:33:2b:01:0e:b7:35:6a:b1:60:01:20:18:b6:ff: 42:fa:38:e8:d9:6a:9e:8a:ea:7a:77:39:53:cf:02:dc:a2:52: 4e:a6:84:7f:be:92:1d:b0:9a:4f:7a:be:b7:2f:6e:a2:25:2f: bf:70:94:90:03:1a:d1:a1:91:50:bb:ee:1c:76:a8:54:0b:bb: 23:0d:b4:b7:fd:3f:36:d1:b0:9c:d7:67:98:22:ec:db:e3:25: 76:51:be:99:4c:15:c3:91:df:42:ce:d4:55:5c:d2:5b:0e:3f: 13:3c:3a:e3:3d:be:27:52:20:ce:71:d8:46:9a:a0:cf:3a:53: 55:6a:af:9f:b8:48:83:03:4f:89:52:2d:d8:f5:d0:37:77:a7: a4:42:10:3c:0f:41:ec:4b:14:b2:d5:f8:25:ac:98:04:5a:5c: c4:6f:85:50:53:63:e3:7f:50:89:53:b2:bb:70:03:b6:7b:7b: 1a:92:4c:e0:64:8e:97:52:97:82:3c:fc:f2:54:4e:8c:00:49: c1:dc:0d:44:5b:d2:a6:b9:20:27:9a:34:1b:89:e7:93:10:ad: 08:4a:0e:ba:b9:6e:e3:bb:b3:25:75:45:dc:67:62:b7:68:dd: d9:7b:b8:ab -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAb4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0I1NDAxMTAvBgNVBAUTKDcwMkZBMUFFOTY4MkIyQjIyRUNERDlBNTMwMTJGMEU2 RjFCQTFCOUMwHhcNMjUwOTE3MDMzNjQwWhcNMjUwOTI0MDMzNjQwWjAYMRYwFAYD VQQDEw02OGNhMmNjOC1hYmEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyZuqGY1PVLVGqLXBPjs1CLPN9DInC4i6dIew5/afW4h/01FTMyayor1q5tb+ nLa300y/SwAF/HmxeDeI/CC0uguJz+75eAOL7GZcBm0En4VRY2QFobrVILB5Uf/1 RzQ1G10wIu3Y6KqoohDGslKuEsrNtxPuPhbkkj7bnZSLn2bI55P5QodZ8vzQ0bKv INloSO5+LBpK1P0nzghqavHMxAjqVc0N6/kS+4XH72bmpUkd2F/0QB8xbThgPGQE hArhRClIdqhmcAsQ2sufN5B0rgk66S8mfuEDIkU76t0qvL26avpXMZd4eXBEhHp9 ed5BSmuxEEBH+n2mkFg18qk0JQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJsyZAIt 1o+ERtL1ID5haRUK8M63MB8GA1UdIwQYMBaAFHAvoa6WgrKyLs3ZpTAS8Obxuhuc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QjU0MC9EOTdBOTVCQ0Y4 ODAxMUVEQjlBQkZDNTZDNEY5QUUwMi9jQy1ocnBhQ3NySXV6ZG1sTUJMdzV2RzZH NXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NDLWhycGFDc3JJdXpkbWxNQkx3NXZHNkc1dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QjU0MC9EOTdBOTVCQ0Y4ODAxMUVEQjlBQkZDNTZDNEY5QUUwMi9jQy1ocnBhQ3Ny SXV6ZG1sTUJMdzV2RzZHNXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAPN1snAHvoYdWMsEL88MLte6tZTbpKMysBDrc1arFgASAYtv9C+jjo 2Wqeiup6dzlTzwLcolJOpoR/vpIdsJpPer63L26iJS+/cJSQAxrRoZFQu+4cdqhU C7sjDbS3/T820bCc12eYIuzb4yV2Ub6ZTBXDkd9CztRVXNJbDj8TPDrjPb4nUiDO cdhGmqDPOlNVaq+fuEiDA0+JUi3Y9dA3d6ekQhA8D0HsSxSy1fglrJgEWlzEb4VQ U2Pjf1CJU7K7cAO2e3sakkzgZI6XUpeCPPzyVE6MAEnB3A1EW9KmuSAnmjQbieeT EK0ISg66uW7ju7MldUXcZ2K3aN3Ze7ir -----END CERTIFICATE-----Generated at Fri Sep 19 02:30:20 2025 by rpki-client