$ rpki-client -vvf rpki.apnic.net/member_repository/A91BF28F/7DDC5A2E554711EDB47B332BC4F9AE02/hs2LQhipuaG84vrF7m3HhbAKkx0.mft File: hs2LQhipuaG84vrF7m3HhbAKkx0.mft (raw, json) Hash identifier: 2VQ1Z+dKx3fVLG1IqO/8FoS278YiJhlBd3iL8z4dKcg= Subject key identifier: 12:B3:D5:BC:44:22:E2:16:42:05:44:60:2B:AE:E0:94:CE:5A:74:54 Authority key identifier: 86:CD:8B:42:18:A9:B9:A1:BC:E2:FA:C5:EE:6D:C7:85:B0:0A:93:1D Certificate issuer: /CN=A91BF28F/serialNumber=86CD8B4218A9B9A1BCE2FAC5EE6DC785B00A931D Certificate serial: 025C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hs2LQhipuaG84vrF7m3HhbAKkx0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BF28F/7DDC5A2E554711EDB47B332BC4F9AE02/hs2LQhipuaG84vrF7m3HhbAKkx0.mft Manifest number: 023A Signing time: Thu 21 Aug 2025 02:16:02 +0000 Manifest this update: Thu 21 Aug 2025 02:16:01 +0000 Manifest next update: Thu 28 Aug 2025 02:16:01 +0000 Files and hashes: 1: hs2LQhipuaG84vrF7m3HhbAKkx0.crl (hash: wBhlKR4MAh4gTXhbXXn9gckGfvHkaJKNzcvkyRJdXI4=) 2: FB9DB0B8778011EFA197A558C4F9AE02.roa (hash: bOpqrbhh4Bh4AWp/OZ52rop88bWyVMsrGceDfsrfghM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BF28F/7DDC5A2E554711EDB47B332BC4F9AE02/hs2LQhipuaG84vrF7m3HhbAKkx0.crl rsync://rpki.apnic.net/member_repository/A91BF28F/7DDC5A2E554711EDB47B332BC4F9AE02/hs2LQhipuaG84vrF7m3HhbAKkx0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hs2LQhipuaG84vrF7m3HhbAKkx0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Aug 2025 02:16:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 604 (0x25c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BF28F, serialNumber=86CD8B4218A9B9A1BCE2FAC5EE6DC785B00A931D Validity Not Before: Aug 21 02:16:01 2025 GMT Not After : Aug 28 02:16:01 2025 GMT Subject: CN=68a68161-7552 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:2a:f2:f2:0b:cd:35:bd:12:80:53:14:20:ad: bf:b3:65:1b:c5:c4:9c:cb:87:c0:70:f5:3f:48:46: 68:ff:75:1d:38:f2:31:a8:b7:e8:a2:2f:5a:34:d1: e6:d4:67:35:a0:dd:9a:aa:ec:79:db:44:9a:aa:65: 3b:51:59:c1:5d:b6:18:a9:ab:15:c2:e9:6f:ca:b6: 5f:2e:05:ba:15:ec:d2:7a:4b:ef:fc:c6:3b:c0:5c: de:cb:a1:7d:d5:c0:d7:f6:2c:06:d2:9f:0d:c1:d8: a5:44:50:38:c2:0e:1f:fa:ec:a7:b8:81:bb:ce:82: 2e:1f:2c:be:07:4d:fe:d9:9d:40:5e:31:8b:da:56: 18:c8:fd:08:a8:57:64:40:21:4f:d5:b6:9a:86:bc: d6:f4:db:3d:f3:c8:c8:7f:a8:a1:f9:1d:72:29:3e: ab:b6:df:15:e8:96:c9:4d:85:c0:49:b5:ce:89:a8: ed:f7:e3:f6:21:65:eb:a8:08:28:f1:19:c2:ab:38: 09:e8:c9:68:69:73:37:0f:c7:5e:a7:a4:47:8a:47: a4:9f:b8:1f:43:c1:5d:6a:87:84:c8:3a:b1:f1:46: 8f:09:cd:16:52:17:11:e9:a6:08:db:e3:9c:71:5e: ca:99:b6:a5:ad:85:12:fc:f8:27:18:c0:68:cb:f3: 6c:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:B3:D5:BC:44:22:E2:16:42:05:44:60:2B:AE:E0:94:CE:5A:74:54 X509v3 Authority Key Identifier: keyid:86:CD:8B:42:18:A9:B9:A1:BC:E2:FA:C5:EE:6D:C7:85:B0:0A:93:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BF28F/7DDC5A2E554711EDB47B332BC4F9AE02/hs2LQhipuaG84vrF7m3HhbAKkx0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hs2LQhipuaG84vrF7m3HhbAKkx0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BF28F/7DDC5A2E554711EDB47B332BC4F9AE02/hs2LQhipuaG84vrF7m3HhbAKkx0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7b:51:26:a0:0e:0d:ab:9c:17:24:c4:ae:f3:8b:fe:d3:15:22: 0e:71:18:59:69:6e:3b:a3:22:95:9f:23:e4:89:65:54:fe:a8: 91:e8:50:26:47:9e:37:76:a6:f2:a1:65:1f:54:48:d1:5a:9f: 51:7d:90:06:10:65:03:b4:50:56:6d:4e:74:8c:42:14:e1:97: 0f:35:c0:9e:a7:e5:6e:bb:b4:c0:72:8e:da:9f:41:59:42:f1: b3:87:42:3b:16:12:9a:94:3d:c4:0b:67:0f:ae:03:fd:7c:5b: ee:e7:9a:ba:bc:ac:3f:3c:d3:bd:df:17:8b:86:eb:d4:2f:db: c5:b0:22:94:f8:2b:8e:1e:ea:bf:05:8b:81:53:4a:c8:69:e4: a1:a6:70:a5:f8:46:1c:f1:5e:a5:08:63:01:97:cc:8c:80:2b: 09:02:fb:ec:e8:ad:7b:18:b8:6e:6d:bc:78:59:0d:a5:80:79: 3e:d6:c1:68:33:4e:a3:39:fd:4a:11:48:d6:66:29:b2:50:7b: 62:13:9f:fe:ff:70:ce:4c:9f:4c:71:25:73:1f:9f:75:2b:f8: 3f:e7:29:90:4c:44:08:fa:78:0d:5f:96:26:03:f5:d6:23:ac: ff:52:68:56:53:99:13:0e:41:f2:7a:d1:bc:b9:f6:9a:b1:84: 57:ab:c5:da -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAlwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkYyOEYxMTAvBgNVBAUTKDg2Q0Q4QjQyMThBOUI5QTFCQ0UyRkFDNUVFNkRDNzg1 QjAwQTkzMUQwHhcNMjUwODIxMDIxNjAxWhcNMjUwODI4MDIxNjAxWjAYMRYwFAYD VQQDEw02OGE2ODE2MS03NTUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvyry8gvNNb0SgFMUIK2/s2UbxcScy4fAcPU/SEZo/3UdOPIxqLfooi9aNNHm 1Gc1oN2aqux520SaqmU7UVnBXbYYqasVwulvyrZfLgW6FezSekvv/MY7wFzey6F9 1cDX9iwG0p8NwdilRFA4wg4f+uynuIG7zoIuHyy+B03+2Z1AXjGL2lYYyP0IqFdk QCFP1baahrzW9Ns988jIf6ih+R1yKT6rtt8V6JbJTYXASbXOiajt9+P2IWXrqAgo 8RnCqzgJ6MloaXM3D8dep6RHikekn7gfQ8FdaoeEyDqx8UaPCc0WUhcR6aYI2+Oc cV7KmbalrYUS/PgnGMBoy/NsUQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBKz1bxE IuIWQgVEYCuu4JTOWnRUMB8GA1UdIwQYMBaAFIbNi0IYqbmhvOL6xe5tx4WwCpMd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRjI4Ri83RERDNUEyRTU1 NDcxMUVEQjQ3QjMzMkJDNEY5QUUwMi9oczJMUWhpcHVhRzg0dnJGN20zSGhiQUtr eDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hzMkxRaGlwdWFHODR2ckY3bTNIaGJBS2t4MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC RjI4Ri83RERDNUEyRTU1NDcxMUVEQjQ3QjMzMkJDNEY5QUUwMi9oczJMUWhpcHVh Rzg0dnJGN20zSGhiQUtreDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB7USagDg2rnBckxK7zi/7TFSIOcRhZaW47oyKVnyPkiWVU/qiR6FAm R543dqbyoWUfVEjRWp9RfZAGEGUDtFBWbU50jEIU4ZcPNcCep+Vuu7TAco7an0FZ QvGzh0I7FhKalD3EC2cPrgP9fFvu55q6vKw/PNO93xeLhuvUL9vFsCKU+CuOHuq/ BYuBU0rIaeShpnCl+EYc8V6lCGMBl8yMgCsJAvvs6K17GLhubbx4WQ2lgHk+1sFo M06jOf1KEUjWZimyUHtiE5/+/3DOTJ9McSVzH591K/g/5ymQTEQI+ngNX5YmA/XW I6z/UmhWU5kTDkHyetG8ufaasYRXq8Xa -----END CERTIFICATE-----Generated at Fri Aug 22 16:30:40 2025 by rpki-client