$ rpki-client -vvf rpki.apnic.net/member_repository/A91C5319/F94D41C88C2C11EF8122EC11C4F9AE02/HdM6aLwLXJMQ__Uq1zlBINECpic.mft File: HdM6aLwLXJMQ__Uq1zlBINECpic.mft (raw, json) Hash identifier: GoyAEKWfZONAAuAsjt3oFmNwnngOYG++CCs7wTE1BM8= Subject key identifier: 58:CB:C0:D4:DE:1B:A8:94:03:06:F4:F0:31:AA:69:48:11:53:81:49 Authority key identifier: 1D:D3:3A:68:BC:0B:5C:93:10:FF:F5:2A:D7:39:41:20:D1:02:A6:27 Certificate issuer: /CN=A91C5319/serialNumber=1DD33A68BC0B5C9310FFF52AD7394120D102A627 Certificate serial: A8 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HdM6aLwLXJMQ__Uq1zlBINECpic.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C5319/F94D41C88C2C11EF8122EC11C4F9AE02/HdM6aLwLXJMQ__Uq1zlBINECpic.mft Manifest number: A7 Signing time: Fri 05 Sep 2025 06:37:35 +0000 Manifest this update: Fri 05 Sep 2025 06:37:35 +0000 Manifest next update: Fri 12 Sep 2025 06:37:35 +0000 Files and hashes: 1: HdM6aLwLXJMQ__Uq1zlBINECpic.crl (hash: ysA4UXEUqK8eNGVsZxlAm1zxe0KnbcrACqr/7GvC6RY=) 2: C7500EC88C2F11EF82B2F55CC4F9AE02.roa (hash: KqwFgUGGWmZ6w/oc9lE/9i1V2X5VufgZVt2vhykEeNg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C5319/F94D41C88C2C11EF8122EC11C4F9AE02/HdM6aLwLXJMQ__Uq1zlBINECpic.crl rsync://rpki.apnic.net/member_repository/A91C5319/F94D41C88C2C11EF8122EC11C4F9AE02/HdM6aLwLXJMQ__Uq1zlBINECpic.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HdM6aLwLXJMQ__Uq1zlBINECpic.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Sep 2025 06:37:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 168 (0xa8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C5319, serialNumber=1DD33A68BC0B5C9310FFF52AD7394120D102A627 Validity Not Before: Sep 5 06:37:35 2025 GMT Not After : Sep 12 06:37:35 2025 GMT Subject: CN=68ba852f-435d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:5e:14:b4:d6:e4:63:79:17:2a:0c:41:4d:5b: 37:8a:cc:f9:69:b1:5a:22:53:0a:46:bd:66:20:8c: 1b:88:30:f1:33:e6:6c:25:43:a6:da:60:ec:4b:9b: ad:3a:12:4e:ef:cb:2a:17:78:72:c0:c4:79:e1:58: 05:66:ce:b8:d3:e0:cd:45:94:ea:89:a9:f9:c4:89: 7e:98:92:bb:4d:4d:14:39:79:b6:b6:4c:8c:f9:33: 18:fe:f0:32:dd:33:3b:bf:2c:3c:cc:70:1e:17:2f: e0:09:b1:1d:cf:9d:72:9e:d9:5c:a0:b0:aa:cd:99: 55:b8:9f:a0:42:e6:7c:32:ae:08:dc:3d:d9:8a:06: 0d:83:94:bf:d9:7e:e2:e0:7d:29:d5:88:4d:e5:b9: 40:8b:a5:eb:52:5c:9f:5c:a7:6d:7e:87:e7:30:04: 14:47:e8:a9:41:63:18:af:9a:07:4c:dd:0b:04:78: 8a:ff:d1:6b:71:9d:bd:e1:e0:30:24:b0:4b:49:ca: 5c:8b:c5:e4:b5:65:6b:2f:d7:3c:15:06:9f:0a:cd: 29:93:e2:56:60:8f:7d:41:43:53:4f:a6:26:a1:b9: ef:39:dc:7c:ed:41:3a:cd:0b:2f:35:48:14:df:22: 9b:e4:07:ff:0e:ed:75:e3:45:a9:a4:b2:eb:c9:fc: dd:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:CB:C0:D4:DE:1B:A8:94:03:06:F4:F0:31:AA:69:48:11:53:81:49 X509v3 Authority Key Identifier: keyid:1D:D3:3A:68:BC:0B:5C:93:10:FF:F5:2A:D7:39:41:20:D1:02:A6:27 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C5319/F94D41C88C2C11EF8122EC11C4F9AE02/HdM6aLwLXJMQ__Uq1zlBINECpic.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HdM6aLwLXJMQ__Uq1zlBINECpic.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C5319/F94D41C88C2C11EF8122EC11C4F9AE02/HdM6aLwLXJMQ__Uq1zlBINECpic.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a5:0e:75:59:a3:a7:ea:1f:3e:1d:04:6d:38:20:4c:83:4f:bd: 99:ad:cf:8e:ad:01:85:96:96:7b:99:4c:57:b5:1f:b9:d5:0c: 66:bb:2c:c9:47:30:c5:3b:b9:95:9a:5f:a1:70:33:1f:cb:20: e2:bc:dc:f6:f9:85:0d:fb:c2:b8:0d:13:40:84:e9:c8:a3:bd: 33:f6:f4:74:7d:98:04:b2:5c:82:79:f2:1a:6b:9f:2b:59:a1: ba:4b:e9:f5:b1:c7:a0:7c:a2:14:f9:e6:0c:5b:60:57:a0:7b: 6f:b8:c2:d0:95:3f:95:32:19:10:aa:2c:58:0f:87:62:32:9d: fe:ff:ce:3a:77:14:68:9b:0b:d3:29:3f:71:b1:fd:1e:69:39: 77:a3:a7:1c:9f:90:60:19:ac:24:99:ac:24:7d:99:e3:1b:ec: 84:35:c0:f0:d1:df:c4:c4:6a:d9:28:af:e3:01:ac:d7:88:d3: 93:1c:95:aa:c3:2e:fb:e1:ed:34:a4:e1:b7:6f:cf:4d:16:63: 42:b1:93:fa:32:27:65:3f:b2:36:3a:35:0c:23:b5:5d:66:30: 73:56:8d:34:df:36:95:1f:72:b9:6d:18:0b:31:e5:38:1b:fa: 6d:a4:e4:48:c8:b9:69:6a:d6:ae:35:0d:93:12:82:9b:5d:d8: ec:82:88:07 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzUzMTkxMTAvBgNVBAUTKDFERDMzQTY4QkMwQjVDOTMxMEZGRjUyQUQ3Mzk0MTIw RDEwMkE2MjcwHhcNMjUwOTA1MDYzNzM1WhcNMjUwOTEyMDYzNzM1WjAYMRYwFAYD VQQDEw02OGJhODUyZi00MzVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAk14UtNbkY3kXKgxBTVs3isz5abFaIlMKRr1mIIwbiDDxM+ZsJUOm2mDsS5ut OhJO78sqF3hywMR54VgFZs640+DNRZTqian5xIl+mJK7TU0UOXm2tkyM+TMY/vAy 3TM7vyw8zHAeFy/gCbEdz51yntlcoLCqzZlVuJ+gQuZ8Mq4I3D3ZigYNg5S/2X7i 4H0p1YhN5blAi6XrUlyfXKdtfofnMAQUR+ipQWMYr5oHTN0LBHiK/9FrcZ294eAw JLBLScpci8XktWVrL9c8FQafCs0pk+JWYI99QUNTT6YmobnvOdx87UE6zQsvNUgU 3yKb5Af/Du1140WppLLryfzdpwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFjLwNTe G6iUAwb08DGqaUgRU4FJMB8GA1UdIwQYMBaAFB3TOmi8C1yTEP/1Ktc5QSDRAqYn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNTMxOS9GOTRENDFDODhD MkMxMUVGODEyMkVDMTFDNEY5QUUwMi9IZE02YUx3TFhKTVFfX1VxMXpsQklORUNw aWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0hkTTZhTHdMWEpNUV9fVXExemxCSU5FQ3BpYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NTMxOS9GOTRENDFDODhDMkMxMUVGODEyMkVDMTFDNEY5QUUwMi9IZE02YUx3TFhK TVFfX1VxMXpsQklORUNwaWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQClDnVZo6fqHz4dBG04IEyDT72Zrc+OrQGFlpZ7mUxXtR+51QxmuyzJ RzDFO7mVml+hcDMfyyDivNz2+YUN+8K4DRNAhOnIo70z9vR0fZgEslyCefIaa58r WaG6S+n1scegfKIU+eYMW2BXoHtvuMLQlT+VMhkQqixYD4diMp3+/846dxRomwvT KT9xsf0eaTl3o6ccn5BgGawkmawkfZnjG+yENcDw0d/ExGrZKK/jAazXiNOTHJWq wy774e00pOG3b89NFmNCsZP6MidlP7I2OjUMI7VdZjBzVo003zaVH3K5bRgLMeU4 G/ptpORIyLlpatauNQ2TEoKbXdjsgogH -----END CERTIFICATE-----Generated at Sat Sep 6 21:05:06 2025 by rpki-client