$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1FA8/E861FD3AAFD911E8B2ED4C7FC4F9AE02/HE6fP4AFBaQLoWW2wCBAWiLGSzs.mft File: HE6fP4AFBaQLoWW2wCBAWiLGSzs.mft (raw, json) Hash identifier: +XWhNSFmz6Ur6rn2MiPGqHp0+L7sEGa2H5y++LLFbNk= Subject key identifier: DF:D2:23:44:8F:14:04:BA:BD:49:20:98:04:A5:6F:62:77:AE:02:98 Authority key identifier: 1C:4E:9F:3F:80:05:05:A4:0B:A1:65:B6:C0:20:40:5A:22:C6:4B:3B Certificate issuer: /CN=A91B1FA8/serialNumber=1C4E9F3F800505A40BA165B6C020405A22C64B3B Certificate serial: 139F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HE6fP4AFBaQLoWW2wCBAWiLGSzs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B1FA8/E861FD3AAFD911E8B2ED4C7FC4F9AE02/HE6fP4AFBaQLoWW2wCBAWiLGSzs.mft Manifest number: 1375 Signing time: Thu 04 Sep 2025 17:09:01 +0000 Manifest this update: Thu 04 Sep 2025 17:09:01 +0000 Manifest next update: Thu 11 Sep 2025 17:09:01 +0000 Files and hashes: 1: HE6fP4AFBaQLoWW2wCBAWiLGSzs.crl (hash: 9GhwT9Ujctdq6qZpJOFTvQ2tszjmkM3pP3484b/kmSE=) 2: 40366CF0F8C811EBB7BFD243C4F9AE02.roa (hash: YO0KSyMg3rhBagYoGztB5o5uMcRrrSiw068DI4yqRmI=) 3: E4A74BE6255211EB96B9B269C4F9AE02.roa (hash: WXuqlnvJ/kQYgmajvkp6WqRXIhVjEPtrsEAuBi7s1vA=) 4: 538F7B12B1D711EBB3C0A24AC4F9AE02.roa (hash: VriM0YGDOfhzo18xUQqToLLJGd+19KKo1Yju23Rp1tg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B1FA8/E861FD3AAFD911E8B2ED4C7FC4F9AE02/HE6fP4AFBaQLoWW2wCBAWiLGSzs.crl rsync://rpki.apnic.net/member_repository/A91B1FA8/E861FD3AAFD911E8B2ED4C7FC4F9AE02/HE6fP4AFBaQLoWW2wCBAWiLGSzs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HE6fP4AFBaQLoWW2wCBAWiLGSzs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Sep 2025 17:09:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5023 (0x139f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B1FA8, serialNumber=1C4E9F3F800505A40BA165B6C020405A22C64B3B Validity Not Before: Sep 4 17:09:01 2025 GMT Not After : Sep 11 17:09:01 2025 GMT Subject: CN=68b9c7ad-1155 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:b2:67:50:c0:af:45:0b:b2:18:b1:ad:6d:0c: 02:e6:eb:58:b5:1a:98:21:ad:1d:88:f2:e1:3d:a9: 08:32:95:f1:0b:68:42:f4:61:a1:ef:14:97:df:71: 6a:c6:0f:ad:22:83:ad:75:7f:da:cf:e5:b6:a0:1b: 18:8e:9d:c8:71:dd:6e:51:0f:3a:93:81:0d:49:8d: 44:a9:dc:ba:da:b2:5c:72:76:82:e2:d2:b1:91:da: 2d:f4:a0:98:03:8a:71:28:15:b1:3c:5d:18:84:74: be:c1:d1:53:c8:7e:4b:0a:52:b3:3d:07:ce:ca:12: cf:70:77:69:cc:f9:e0:b5:bf:13:0f:c3:4a:be:8e: 93:f8:1e:a4:99:9c:69:2c:04:a1:5a:96:f6:0b:cc: 7c:60:58:65:53:2e:49:28:71:04:5a:f3:c9:3a:1d: e3:db:2c:2a:28:aa:d1:a7:77:9a:3f:13:f1:3c:fe: 3a:3f:0c:76:8b:12:84:90:0b:8c:36:f6:05:38:43: 3c:2b:da:ec:e6:d5:c5:42:e4:19:30:a5:d8:54:f2: b7:fa:31:db:61:01:67:ca:e8:52:3d:75:19:73:26: b3:ca:a2:e3:6c:7a:ed:fe:ea:e4:85:2a:22:0a:64: 60:63:6e:02:2d:05:3d:5c:f0:c8:f2:4f:f2:c1:3e: a3:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:D2:23:44:8F:14:04:BA:BD:49:20:98:04:A5:6F:62:77:AE:02:98 X509v3 Authority Key Identifier: keyid:1C:4E:9F:3F:80:05:05:A4:0B:A1:65:B6:C0:20:40:5A:22:C6:4B:3B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B1FA8/E861FD3AAFD911E8B2ED4C7FC4F9AE02/HE6fP4AFBaQLoWW2wCBAWiLGSzs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HE6fP4AFBaQLoWW2wCBAWiLGSzs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1FA8/E861FD3AAFD911E8B2ED4C7FC4F9AE02/HE6fP4AFBaQLoWW2wCBAWiLGSzs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 40:1e:32:dd:ee:33:98:8a:11:3a:dc:cf:98:f8:cc:86:2b:02: be:1b:6f:8f:a3:d6:86:9f:f4:5d:40:80:a7:19:d9:bf:00:31: ee:0d:df:e8:71:29:62:84:18:08:3e:09:84:de:1f:86:a7:63: 0e:78:05:63:4f:a8:cf:b6:ca:38:db:2e:2b:41:4b:e9:92:c0: 00:33:99:a6:e4:06:3a:0e:2a:2b:e2:2c:30:7f:34:37:9a:e5: 82:58:77:5b:f7:52:49:5f:92:2b:88:43:38:ab:55:60:71:e8: 17:bb:fc:08:fb:8e:04:73:89:33:bc:0f:e2:66:78:d8:4f:54: e8:0b:e5:11:31:1e:f3:3a:71:9e:33:f8:47:05:e2:65:05:95: e0:06:6e:cf:23:64:6e:5d:61:71:59:9d:65:0a:b6:e0:c9:72: b8:98:e7:f3:89:ea:2e:c4:e9:d8:e4:ca:11:d7:a9:07:11:46: 39:a2:cb:50:97:f9:c7:d8:c2:65:10:9c:0f:0c:b4:6a:ce:3f: 51:8f:60:c0:9e:9c:09:28:87:d5:6c:cc:3d:67:33:29:c8:c3: b9:43:e8:42:b2:71:87:06:1f:dc:8c:f6:19:c9:73:b2:2e:82: 14:ce:fb:21:31:91:0d:fa:3f:cb:b1:dd:95:6f:49:e8:c3:77: 0d:ec:29:92 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICE58wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjFGQTgxMTAvBgNVBAUTKDFDNEU5RjNGODAwNTA1QTQwQkExNjVCNkMwMjA0MDVB MjJDNjRCM0IwHhcNMjUwOTA0MTcwOTAxWhcNMjUwOTExMTcwOTAxWjAYMRYwFAYD VQQDEw02OGI5YzdhZC0xMTU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt7JnUMCvRQuyGLGtbQwC5utYtRqYIa0diPLhPakIMpXxC2hC9GGh7xSX33Fq xg+tIoOtdX/az+W2oBsYjp3Icd1uUQ86k4ENSY1Eqdy62rJccnaC4tKxkdot9KCY A4pxKBWxPF0YhHS+wdFTyH5LClKzPQfOyhLPcHdpzPngtb8TD8NKvo6T+B6kmZxp LAShWpb2C8x8YFhlUy5JKHEEWvPJOh3j2ywqKKrRp3eaPxPxPP46Pwx2ixKEkAuM NvYFOEM8K9rs5tXFQuQZMKXYVPK3+jHbYQFnyuhSPXUZcyazyqLjbHrt/urkhSoi CmRgY24CLQU9XPDI8k/ywT6jbwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN/SI0SP FAS6vUkgmASlb2J3rgKYMB8GA1UdIwQYMBaAFBxOnz+ABQWkC6FltsAgQFoixks7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMUZBOC9FODYxRkQzQUFG RDkxMUU4QjJFRDRDN0ZDNEY5QUUwMi9IRTZmUDRBRkJhUUxvV1cyd0NCQVdpTEdT enMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hFNmZQNEFGQmFRTG9XVzJ3Q0JBV2lMR1N6cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MUZBOC9FODYxRkQzQUFGRDkxMUU4QjJFRDRDN0ZDNEY5QUUwMi9IRTZmUDRBRkJh UUxvV1cyd0NCQVdpTEdTenMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBAHjLd7jOYihE63M+Y+MyGKwK+G2+Po9aGn/RdQICnGdm/ADHuDd/o cSlihBgIPgmE3h+Gp2MOeAVjT6jPtso42y4rQUvpksAAM5mm5AY6Dior4iwwfzQ3 muWCWHdb91JJX5IriEM4q1VgcegXu/wI+44Ec4kzvA/iZnjYT1ToC+URMR7zOnGe M/hHBeJlBZXgBm7PI2RuXWFxWZ1lCrbgyXK4mOfzieouxOnY5MoR16kHEUY5ostQ l/nH2MJlEJwPDLRqzj9Rj2DAnpwJKIfVbMw9ZzMpyMO5Q+hCsnGHBh/cjPYZyXOy LoIUzvshMZEN+j/Lsd2Vb0now3cN7CmS -----END CERTIFICATE-----Generated at Fri Sep 5 19:31:33 2025 by rpki-client