$ rpki-client -vvf rpki.apnic.net/member_repository/A918D2CA/09F74EF6354711F08103BE24C4F9AE02/b5HHak90ZkEA3Y3r0XhRQuE3gC0.mft File: b5HHak90ZkEA3Y3r0XhRQuE3gC0.mft (raw, json) Hash identifier: sXtvuWDJCt4DNEXoKY6cuTSC45ctaMDlarrXhKbhBEg= Subject key identifier: 14:C1:08:83:37:3F:53:D7:08:8C:86:1B:94:6C:1F:C1:3C:0F:F6:ED Authority key identifier: 6F:91:C7:6A:4F:74:66:41:00:DD:8D:EB:D1:78:51:42:E1:37:80:2D Certificate issuer: /CN=A918D2CA/serialNumber=6F91C76A4F74664100DD8DEBD1785142E137802D Certificate serial: 45 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b5HHak90ZkEA3Y3r0XhRQuE3gC0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918D2CA/09F74EF6354711F08103BE24C4F9AE02/b5HHak90ZkEA3Y3r0XhRQuE3gC0.mft Manifest number: 43 Signing time: Fri 19 Sep 2025 08:13:23 +0000 Manifest this update: Fri 19 Sep 2025 08:13:22 +0000 Manifest next update: Fri 26 Sep 2025 08:13:22 +0000 Files and hashes: 1: b5HHak90ZkEA3Y3r0XhRQuE3gC0.crl (hash: 9Q/oacQHJKi6A8MgrzwcRX0npVFceWsKZvbpoe/PBAI=) 2: 8C9E2B18354711F09FCEEE25C4F9AE02.roa (hash: Rm2y9XYNOuLaJLPo5EgOIcrmYm6wYWaPwijgwTBKrVM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918D2CA/09F74EF6354711F08103BE24C4F9AE02/b5HHak90ZkEA3Y3r0XhRQuE3gC0.crl rsync://rpki.apnic.net/member_repository/A918D2CA/09F74EF6354711F08103BE24C4F9AE02/b5HHak90ZkEA3Y3r0XhRQuE3gC0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b5HHak90ZkEA3Y3r0XhRQuE3gC0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 26 Sep 2025 08:13:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69 (0x45) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918D2CA, serialNumber=6F91C76A4F74664100DD8DEBD1785142E137802D Validity Not Before: Sep 19 08:13:22 2025 GMT Not After : Sep 26 08:13:22 2025 GMT Subject: CN=68cd10a3-3c46 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:d5:83:25:be:ea:62:06:56:a0:81:d8:3d:12: 26:f5:8d:b1:9e:12:48:c7:a9:fb:8f:42:ec:76:e7: eb:31:08:86:38:29:20:a2:d3:77:2b:f3:c4:cf:ad: f5:0d:e6:8a:d4:95:35:f4:7e:92:da:d7:72:63:5e: bc:67:7b:c5:88:a6:9b:a2:3c:b6:8b:9e:e6:b6:89: 73:60:e3:c1:34:ce:ef:a0:81:7c:3f:89:b3:93:34: ac:90:a9:c4:23:7c:2a:04:81:19:b5:da:b3:f4:f8: 76:72:9d:aa:ed:fb:8e:a2:d1:0b:bf:ea:49:b6:cf: 38:03:ed:11:cc:ad:91:6f:70:4f:42:36:08:84:f3: 98:f1:82:8a:00:4e:26:d8:08:a5:cd:3c:8b:bb:1e: a4:1b:8e:f7:e1:e2:88:d2:0c:86:e0:7e:7f:ef:6d: f7:eb:e1:46:79:93:d7:03:0e:98:c9:65:dc:c8:72: aa:bf:4e:a1:90:a8:a0:6e:85:05:fe:72:b8:a2:7a: d4:18:7a:55:c7:6d:32:44:a0:06:7f:38:e7:e6:0a: a1:a4:2b:ea:67:c4:8a:ee:26:6f:f1:db:13:27:c5: 2a:52:49:59:9a:38:14:8e:08:3f:ca:a2:2e:8f:7f: b7:52:1c:24:09:ee:1c:bb:f5:0f:7a:85:70:6a:ab: 89:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:C1:08:83:37:3F:53:D7:08:8C:86:1B:94:6C:1F:C1:3C:0F:F6:ED X509v3 Authority Key Identifier: keyid:6F:91:C7:6A:4F:74:66:41:00:DD:8D:EB:D1:78:51:42:E1:37:80:2D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918D2CA/09F74EF6354711F08103BE24C4F9AE02/b5HHak90ZkEA3Y3r0XhRQuE3gC0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b5HHak90ZkEA3Y3r0XhRQuE3gC0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D2CA/09F74EF6354711F08103BE24C4F9AE02/b5HHak90ZkEA3Y3r0XhRQuE3gC0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 21:b1:4d:2a:a9:05:4d:3a:58:42:ac:1d:73:9e:f8:82:ae:df: fb:46:0d:71:63:ee:7e:e6:79:8c:7d:e1:ac:61:36:12:9a:33: 9e:a6:39:14:1d:f9:2d:aa:f8:a7:e5:5f:75:9d:3c:33:2a:a1: 47:bf:bb:16:3d:f4:62:1f:e0:e6:97:a1:44:78:c4:d6:c3:fa: 2d:19:11:17:8b:22:09:74:9c:d6:d3:e2:98:67:0a:1a:a7:42: fa:6f:f5:86:3b:cc:e4:93:23:2f:09:d8:2d:e5:4d:47:15:b9: d0:98:85:1d:30:f2:d7:db:ab:3b:89:f6:c4:b3:aa:d7:84:2e: 22:ff:a3:f4:7a:62:a0:af:cc:e1:14:00:e8:35:60:3e:2c:9f: 25:df:ce:b2:3b:fa:5a:d0:d4:6b:38:8f:7e:bc:83:7e:0e:d0: f7:a8:7a:1a:20:c5:53:95:de:93:1e:46:65:94:e8:c9:16:65: 93:74:5e:2f:a9:cd:70:08:aa:f9:4b:74:a4:3b:e0:f6:96:d6: a6:d1:18:e8:d7:c0:b9:52:4c:55:2d:02:fa:a8:41:23:bf:77: c2:35:67:23:b4:99:06:4b:43:66:bc:c9:36:63:29:e6:1e:30: ef:11:65:5a:fd:20:b8:be:20:1d:a7:8a:fa:8d:16:76:9a:80: e7:6b:b4:4c -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBRTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4 RDJDQTExMC8GA1UEBRMoNkY5MUM3NkE0Rjc0NjY0MTAwREQ4REVCRDE3ODUxNDJF MTM3ODAyRDAeFw0yNTA5MTkwODEzMjJaFw0yNTA5MjYwODEzMjJaMBgxFjAUBgNV BAMTDTY4Y2QxMGEzLTNjNDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDZ1YMlvupiBlaggdg9Eib1jbGeEkjHqfuPQux25+sxCIY4KSCi03cr88TPrfUN 5orUlTX0fpLa13JjXrxne8WIppuiPLaLnua2iXNg48E0zu+ggXw/ibOTNKyQqcQj fCoEgRm12rP0+HZynart+46i0Qu/6km2zzgD7RHMrZFvcE9CNgiE85jxgooATibY CKXNPIu7HqQbjvfh4ojSDIbgfn/vbffr4UZ5k9cDDpjJZdzIcqq/TqGQqKBuhQX+ criietQYelXHbTJEoAZ/OOfmCqGkK+pnxIruJm/x2xMnxSpSSVmaOBSOCD/Koi6P f7dSHCQJ7hy79Q96hXBqq4ndAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUFMEIgzc/ U9cIjIYblGwfwTwP9u0wHwYDVR0jBBgwFoAUb5HHak90ZkEA3Y3r0XhRQuE3gC0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThEMkNBLzA5Rjc0RUY2MzU0 NzExRjA4MTAzQkUyNEM0RjlBRTAyL2I1SEhhazkwWmtFQTNZM3IwWGhSUXVFM2dD MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvYjVISGFrOTBaa0VBM1kzcjBYaFJRdUUzZ0MwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThE MkNBLzA5Rjc0RUY2MzU0NzExRjA4MTAzQkUyNEM0RjlBRTAyL2I1SEhhazkwWmtF QTNZM3IwWGhSUXVFM2dDMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBACGxTSqpBU06WEKsHXOe+IKu3/tGDXFj7n7meYx94axhNhKaM56mORQd +S2q+KflX3WdPDMqoUe/uxY99GIf4OaXoUR4xNbD+i0ZEReLIgl0nNbT4phnChqn Qvpv9YY7zOSTIy8J2C3lTUcVudCYhR0w8tfbqzuJ9sSzqteELiL/o/R6YqCvzOEU AOg1YD4snyXfzrI7+lrQ1Gs4j368g34O0PeoehogxVOV3pMeRmWU6MkWZZN0Xi+p zXAIqvlLdKQ74PaW1qbRGOjXwLlSTFUtAvqoQSO/d8I1ZyO0mQZLQ2a8yTZjKeYe MO8RZVr9ILi+IB2nivqNFnaagOdrtEw= -----END CERTIFICATE-----Generated at Sat Sep 20 05:06:28 2025 by rpki-client