$ rpki-client -vvf rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft File: hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft (raw, json) Hash identifier: 3vCpZHL160+NEQyyXgWgkT4sHEw7TQAX/TAwfNLck3g= Subject key identifier: 18:94:7B:0D:B7:F0:BA:2A:E0:88:C5:65:E5:AB:DC:29:6D:36:E3:B5 Authority key identifier: 85:9D:18:4F:41:C3:48:98:B7:29:8C:99:10:75:CC:CF:51:67:9A:F1 Certificate issuer: /CN=A91A5BCD/serialNumber=859D184F41C34898B7298C991075CCCF51679AF1 Certificate serial: 0A2C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft Manifest number: 0A1F Signing time: Mon 08 Sep 2025 19:48:37 +0000 Manifest this update: Mon 08 Sep 2025 19:48:37 +0000 Manifest next update: Mon 15 Sep 2025 19:48:37 +0000 Files and hashes: 1: hZ0YT0HDSJi3KYyZEHXMz1FnmvE.crl (hash: 5gAHN/lts3mnERMnEl+GpLnhKb/oyCdwGyAd6l1T3WI=) 2: 5B5A8050DDBC11EC8378E737C4F9AE02.roa (hash: na5Q578rSQBZFcX5/CcksCy+xsZYnJfxZssE9M4rEDg=) 3: 5A3B7CECDDBC11EC8378E737C4F9AE02.roa (hash: lwmo/gkmzYuWybDmK+FVsOggd5dBx+ce2atYLFTNz2E=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.crl rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 15 Sep 2025 19:48:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2604 (0xa2c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A5BCD, serialNumber=859D184F41C34898B7298C991075CCCF51679AF1 Validity Not Before: Sep 8 19:48:37 2025 GMT Not After : Sep 15 19:48:37 2025 GMT Subject: CN=68bf3315-9057 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:e2:ef:35:c8:cb:18:7d:3b:70:8c:67:65:ae: c7:fe:da:c2:ed:fb:27:8c:43:8b:1f:13:e4:35:86: cc:90:23:85:fb:58:da:3a:2e:9b:5f:1b:c4:0e:43: 17:9a:1c:01:e3:04:2f:6e:f6:95:26:fa:89:a6:92: 88:c8:c8:5f:28:ce:73:44:9c:d9:08:f3:83:b2:6e: ed:46:2d:4f:dd:21:3d:bd:7b:72:40:44:8b:32:6e: 5b:e7:76:49:4c:d9:19:42:50:18:79:f5:21:cf:e4: df:c2:6c:96:86:05:e5:7e:c0:ec:5f:5c:28:fd:a1: f0:7d:e1:a8:24:b3:cb:78:4f:77:25:2e:ee:61:0b: 16:f4:e6:e2:ca:60:3c:7b:e6:8c:b5:89:03:9d:d6: a3:9c:d8:51:a7:ff:8f:cc:95:f2:3f:4a:5b:55:0f: 4b:de:73:b3:04:ce:3f:6d:a0:91:52:0d:b8:0b:0f: 1a:cb:94:a8:cf:e7:0f:7d:53:69:ac:5d:47:6d:f9: 27:39:cf:40:d3:99:29:bd:50:e8:3c:50:29:34:ce: aa:d4:45:b9:f6:12:be:8a:0a:c6:2c:53:a9:b7:02: 4d:3b:6d:fc:93:8b:cc:8e:78:7d:d2:e1:e8:47:a5: 32:c4:71:b7:0a:66:12:09:a0:77:6a:21:80:10:9c: db:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:94:7B:0D:B7:F0:BA:2A:E0:88:C5:65:E5:AB:DC:29:6D:36:E3:B5 X509v3 Authority Key Identifier: keyid:85:9D:18:4F:41:C3:48:98:B7:29:8C:99:10:75:CC:CF:51:67:9A:F1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4d:27:9e:79:09:e9:d8:97:f6:a5:c3:f2:ad:3d:41:62:0d:d4: 4d:2b:4e:80:71:6b:5e:25:55:66:5d:3a:83:e4:f1:3c:f4:06: 46:10:5e:60:d6:fb:cb:e2:5b:3b:fd:6b:f4:94:c2:86:9a:45: 36:09:a4:05:fc:fd:36:64:48:8c:8a:a6:5d:f4:47:7c:99:d5: eb:98:dd:51:6f:c6:db:a1:10:5c:18:2f:28:21:66:21:50:c4: 3f:c0:be:5f:c4:86:89:fe:fa:e1:cb:2c:c7:a7:60:96:46:6c: 6c:fe:d9:1e:0a:d1:28:ee:7f:fe:b4:e1:59:6e:a6:cd:9a:4d: 7b:bc:a3:5a:14:2e:9b:58:7b:2a:73:f8:d1:77:f4:d7:c9:0e: 02:67:b9:f4:97:9a:98:50:d5:5a:e5:a6:59:31:47:b7:d0:37: fd:47:44:0c:c7:90:4d:3e:e6:33:37:91:3d:77:1e:2a:b3:e6: 5a:1c:3e:03:ae:1b:71:b7:25:d1:79:ec:a9:2a:3f:1b:e3:00: 35:a8:5c:bc:38:dc:da:3f:37:a1:8b:b3:ad:7b:5c:86:d2:44: 2e:7d:d9:2e:da:23:e8:fd:fd:1c:79:e3:da:ca:dc:59:73:63: 39:ad:b8:c1:01:66:d8:1d:14:1f:06:21:b9:34:1f:f8:4a:ba: 83:d5:44:19 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCiwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTVCQ0QxMTAvBgNVBAUTKDg1OUQxODRGNDFDMzQ4OThCNzI5OEM5OTEwNzVDQ0NG NTE2NzlBRjEwHhcNMjUwOTA4MTk0ODM3WhcNMjUwOTE1MTk0ODM3WjAYMRYwFAYD VQQDEw02OGJmMzMxNS05MDU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3uLvNcjLGH07cIxnZa7H/trC7fsnjEOLHxPkNYbMkCOF+1jaOi6bXxvEDkMX mhwB4wQvbvaVJvqJppKIyMhfKM5zRJzZCPODsm7tRi1P3SE9vXtyQESLMm5b53ZJ TNkZQlAYefUhz+TfwmyWhgXlfsDsX1wo/aHwfeGoJLPLeE93JS7uYQsW9ObiymA8 e+aMtYkDndajnNhRp/+PzJXyP0pbVQ9L3nOzBM4/baCRUg24Cw8ay5Soz+cPfVNp rF1HbfknOc9A05kpvVDoPFApNM6q1EW59hK+igrGLFOptwJNO238k4vMjnh90uHo R6UyxHG3CmYSCaB3aiGAEJzbOQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBiUew23 8Loq4IjFZeWr3CltNuO1MB8GA1UdIwQYMBaAFIWdGE9Bw0iYtymMmRB1zM9RZ5rx MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNUJDRC82MUQwQzQ4NjdB M0ExMUVBQkY4QjU4MjZDNEY5QUUwMi9oWjBZVDBIRFNKaTNLWXlaRUhYTXoxRm5t dkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2haMFlUMEhEU0ppM0tZeVpFSFhNejFGbm12RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NUJDRC82MUQwQzQ4NjdBM0ExMUVBQkY4QjU4MjZDNEY5QUUwMi9oWjBZVDBIRFNK aTNLWXlaRUhYTXoxRm5tdkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBNJ555CenYl/alw/KtPUFiDdRNK06AcWteJVVmXTqD5PE89AZGEF5g 1vvL4ls7/Wv0lMKGmkU2CaQF/P02ZEiMiqZd9Ed8mdXrmN1Rb8bboRBcGC8oIWYh UMQ/wL5fxIaJ/vrhyyzHp2CWRmxs/tkeCtEo7n/+tOFZbqbNmk17vKNaFC6bWHsq c/jRd/TXyQ4CZ7n0l5qYUNVa5aZZMUe30Df9R0QMx5BNPuYzN5E9dx4qs+ZaHD4D rhtxtyXReeypKj8b4wA1qFy8ONzaPzehi7Ote1yG0kQufdku2iPo/f0ceePaytxZ c2M5rbjBAWbYHRQfBiG5NB/4SrqD1UQZ -----END CERTIFICATE-----Generated at Tue Sep 9 17:28:49 2025 by rpki-client