$ rpki-client -vvf rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/HhI4RWNx50SJRiLpisHuVbQUXhA.mft File: HhI4RWNx50SJRiLpisHuVbQUXhA.mft (raw, json) Hash identifier: 2uDhZfa/4t8vlryC9FOwqCyX7IyKYa+p10PlB6vcrrM= Subject key identifier: 7A:66:14:5D:80:EB:28:FD:D2:70:34:82:36:02:A4:EC:C7:B5:68:7C Authority key identifier: 1E:12:38:45:63:71:E7:44:89:46:22:E9:8A:C1:EE:55:B4:14:5E:10 Certificate issuer: /CN=A917E678/serialNumber=1E1238456371E744894622E98AC1EE55B4145E10 Certificate serial: 15C5 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HhI4RWNx50SJRiLpisHuVbQUXhA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/HhI4RWNx50SJRiLpisHuVbQUXhA.mft Manifest number: 156E Signing time: Fri 24 Oct 2025 17:16:15 +0000 Manifest this update: Fri 24 Oct 2025 17:16:14 +0000 Manifest next update: Fri 31 Oct 2025 17:16:14 +0000 Files and hashes: 1: HhI4RWNx50SJRiLpisHuVbQUXhA.crl (hash: MBDRoZsv+A7wpvSG4p0xc7sfnm1jmbpC2fMZ12Wsxco=) 2: 1E7AFF46066811ED8098BF45C4F9AE02.roa (hash: DfNj+35duToCe3Gw0TkK/ekaVs5oFQDYwJM0zF6fRx0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/HhI4RWNx50SJRiLpisHuVbQUXhA.crl rsync://rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/HhI4RWNx50SJRiLpisHuVbQUXhA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HhI4RWNx50SJRiLpisHuVbQUXhA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 31 Oct 2025 17:16:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5573 (0x15c5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E678, serialNumber=1E1238456371E744894622E98AC1EE55B4145E10 Validity Not Before: Oct 24 17:16:14 2025 GMT Not After : Oct 31 17:16:14 2025 GMT Subject: CN=68fbb45e-c09b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:b7:4e:77:6e:e0:48:18:b6:af:f6:a1:29:97: 63:3c:5f:51:6d:00:86:86:e3:dc:51:25:e3:d1:bd: d7:34:da:a0:a9:68:e0:6d:c4:be:29:f9:f5:91:46: b9:c9:b2:c4:db:e4:d5:ad:54:8c:ce:2b:2e:e9:3f: d3:57:80:c9:54:01:61:d4:63:65:50:6e:31:0f:86: 37:fc:ef:65:09:d4:dd:5b:8c:10:bf:7b:ef:cd:a7: 95:11:04:c3:b8:43:1d:e1:6c:4b:32:a9:fb:9b:a3: 19:74:28:89:51:18:95:79:3f:e8:9f:ec:5a:5d:92: 80:1c:8e:e3:f8:f2:7f:66:65:50:9e:a3:1d:86:71: b4:a8:99:d1:1b:c3:d3:c0:8c:55:8b:fd:f3:ea:72: a9:90:a1:77:a5:bd:24:3b:86:68:4f:e6:8e:c3:46: 59:33:ee:5e:bc:b0:85:91:7e:f2:bc:ab:f2:e5:21: af:ee:87:c9:87:73:b5:3f:8d:e8:b5:49:9a:77:0f: ed:50:c3:7f:b5:15:3d:34:36:73:db:1f:4f:27:98: a5:60:b4:9c:33:53:28:a5:e8:b4:f8:8b:39:bd:d8: a8:c4:95:cc:7a:a4:5d:e5:e0:e6:b9:01:ee:8a:a8: fd:27:2f:83:c1:d4:4a:67:aa:f3:42:8c:6b:a6:26: fe:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:66:14:5D:80:EB:28:FD:D2:70:34:82:36:02:A4:EC:C7:B5:68:7C X509v3 Authority Key Identifier: keyid:1E:12:38:45:63:71:E7:44:89:46:22:E9:8A:C1:EE:55:B4:14:5E:10 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/HhI4RWNx50SJRiLpisHuVbQUXhA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HhI4RWNx50SJRiLpisHuVbQUXhA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/HhI4RWNx50SJRiLpisHuVbQUXhA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a9:0c:95:27:a8:8f:5c:4d:a7:1b:46:da:29:71:ae:3e:d9:60: 4f:07:b7:05:48:66:57:a7:b0:26:90:57:e4:75:8d:81:d4:93: 77:49:8f:93:cb:07:ee:30:dc:de:61:c0:22:ff:8d:d1:ad:45: 6d:56:bb:99:b6:34:ba:cd:14:28:6f:7c:3f:73:40:22:5a:1d: 3a:3e:6d:09:b9:c0:2c:8e:1a:44:96:f6:63:82:8f:4c:08:20: 40:f5:db:b6:df:31:2a:25:95:53:fa:56:25:be:3b:f8:72:7c: f2:ad:e3:b4:24:a7:79:55:b8:e8:11:5c:72:cc:45:ee:db:2f: a8:ee:71:b0:e2:34:4e:1e:9e:36:54:ca:52:35:f6:e4:f6:16: d2:3c:37:b1:22:bf:5f:61:e2:63:24:2d:dd:fd:fa:9f:77:1f: d5:15:dd:49:bc:b0:62:2b:7d:8a:72:46:8a:8d:5a:17:23:ac: 33:bd:5d:9b:ae:d6:fa:ad:c9:a0:cf:6d:59:04:b2:dd:ff:78: 77:20:76:c6:39:5b:3c:0c:8c:02:22:aa:9d:a9:00:af:57:3b: 83:cf:3b:34:e1:ee:d8:9b:87:76:3a:a5:89:f1:64:b7:1a:68: 7d:d2:45:27:c1:cf:63:8e:ee:43:17:25:25:d2:ce:28:54:98: 26:43:92:11 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFcUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0U2NzgxMTAvBgNVBAUTKDFFMTIzODQ1NjM3MUU3NDQ4OTQ2MjJFOThBQzFFRTU1 QjQxNDVFMTAwHhcNMjUxMDI0MTcxNjE0WhcNMjUxMDMxMTcxNjE0WjAYMRYwFAYD VQQDEw02OGZiYjQ1ZS1jMDliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAm7dOd27gSBi2r/ahKZdjPF9RbQCGhuPcUSXj0b3XNNqgqWjgbcS+Kfn1kUa5 ybLE2+TVrVSMzisu6T/TV4DJVAFh1GNlUG4xD4Y3/O9lCdTdW4wQv3vvzaeVEQTD uEMd4WxLMqn7m6MZdCiJURiVeT/on+xaXZKAHI7j+PJ/ZmVQnqMdhnG0qJnRG8PT wIxVi/3z6nKpkKF3pb0kO4ZoT+aOw0ZZM+5evLCFkX7yvKvy5SGv7ofJh3O1P43o tUmadw/tUMN/tRU9NDZz2x9PJ5ilYLScM1Mopei0+Is5vdioxJXMeqRd5eDmuQHu iqj9Jy+DwdRKZ6rzQoxrpib+oQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHpmFF2A 6yj90nA0gjYCpOzHtWh8MB8GA1UdIwQYMBaAFB4SOEVjcedEiUYi6YrB7lW0FF4Q MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTY3OC82OTdFMzU2QTY5 NTcxMUU4QTQyQkU2ODBDNEY5QUUwMi9IaEk0UldOeDUwU0pSaUxwaXNIdVZiUVVY aEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0hoSTRSV054NTBTSlJpTHBpc0h1VmJRVVhoQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTY3OC82OTdFMzU2QTY5NTcxMUU4QTQyQkU2ODBDNEY5QUUwMi9IaEk0UldOeDUw U0pSaUxwaXNIdVZiUVVYaEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCpDJUnqI9cTacbRtopca4+2WBPB7cFSGZXp7AmkFfkdY2B1JN3SY+T ywfuMNzeYcAi/43RrUVtVruZtjS6zRQob3w/c0AiWh06Pm0JucAsjhpElvZjgo9M CCBA9du23zEqJZVT+lYlvjv4cnzyreO0JKd5VbjoEVxyzEXu2y+o7nGw4jROHp42 VMpSNfbk9hbSPDexIr9fYeJjJC3d/fqfdx/VFd1JvLBiK32KckaKjVoXI6wzvV2b rtb6rcmgz21ZBLLd/3h3IHbGOVs8DIwCIqqdqQCvVzuDzzs04e7Ym4d2OqWJ8WS3 Gmh90kUnwc9jju5DFyUl0s4oVJgmQ5IR -----END CERTIFICATE-----Generated at Sun Oct 26 10:03:13 2025 by rpki-client