$ rpki-client -vvf rpki.apnic.net/member_repository/A91C8BB4/D954BABE69B711EA88E72E59C4F9AE02/HRIX74_oS1glUWcbyjXmhEhpJJc.mft File: HRIX74_oS1glUWcbyjXmhEhpJJc.mft (raw, json) Hash identifier: 9mSx7ytjJYtwcRlNKzTM1zoaYyQfDpzjRmGgbbl0JII= Subject key identifier: FA:11:20:8B:B4:7E:4F:09:56:1C:BA:04:0C:07:B1:96:02:20:E8:57 Authority key identifier: 1D:12:17:EF:8F:E8:4B:58:25:51:67:1B:CA:35:E6:84:48:69:24:97 Certificate issuer: /CN=A91C8BB4/serialNumber=1D1217EF8FE84B582551671BCA35E68448692497 Certificate serial: 0A75 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HRIX74_oS1glUWcbyjXmhEhpJJc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C8BB4/D954BABE69B711EA88E72E59C4F9AE02/HRIX74_oS1glUWcbyjXmhEhpJJc.mft Manifest number: 0A6D Signing time: Fri 22 Aug 2025 19:46:59 +0000 Manifest this update: Fri 22 Aug 2025 19:46:59 +0000 Manifest next update: Fri 29 Aug 2025 19:46:59 +0000 Files and hashes: 1: HRIX74_oS1glUWcbyjXmhEhpJJc.crl (hash: mOnlEYBin+3qrV5AynQGl5KAXr9svBiFbFixf25hmwg=) 2: 9261E554464611EE84B7C534C4F9AE02.roa (hash: lLxl/sSYgP6ZriIWkj+AWN6PJcQcpVbRmAe2Y2lbT3s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C8BB4/D954BABE69B711EA88E72E59C4F9AE02/HRIX74_oS1glUWcbyjXmhEhpJJc.crl rsync://rpki.apnic.net/member_repository/A91C8BB4/D954BABE69B711EA88E72E59C4F9AE02/HRIX74_oS1glUWcbyjXmhEhpJJc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HRIX74_oS1glUWcbyjXmhEhpJJc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 19:46:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2677 (0xa75) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C8BB4, serialNumber=1D1217EF8FE84B582551671BCA35E68448692497 Validity Not Before: Aug 22 19:46:59 2025 GMT Not After : Aug 29 19:46:59 2025 GMT Subject: CN=68a8c933-b0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:c3:85:4e:bd:15:89:38:ff:8d:6b:1e:5d:7c: e6:b4:ed:71:da:63:5d:a8:6c:c6:0d:64:3a:46:a2: 5d:d1:fa:ef:90:89:e9:e0:c2:bf:40:15:32:47:12: 99:85:f1:af:41:84:40:0c:e5:8c:4d:e1:c4:a1:1f: 8c:c1:66:7e:a7:6a:a0:d4:72:81:48:06:8b:0d:51: 49:24:d0:63:c7:03:6b:5b:f9:a5:4e:83:c7:b9:ed: b2:f0:8d:4f:7f:21:a8:90:d6:b0:37:ca:57:32:fc: ca:ba:2b:cb:28:33:d4:cd:81:5e:9b:03:cc:2d:44: 1e:c7:34:43:5a:1d:26:17:96:02:64:4a:44:ef:23: 0c:4e:2a:13:c5:76:2c:72:04:3c:7c:e9:58:58:8d: 35:ec:3e:0c:9c:87:9d:95:4a:36:9b:14:ea:1a:8d: 5e:98:6e:c8:f8:25:26:49:41:fd:3d:2c:1e:27:06: a0:07:aa:1c:8b:8f:9e:4d:9f:d7:71:91:c3:84:a5: 70:27:e2:46:ca:cf:61:53:19:25:3c:c8:15:59:0f: 25:1c:0c:d8:fa:34:97:fa:17:24:96:a9:77:42:d1: 29:59:3d:c1:ec:29:5f:ff:1f:1c:10:52:3b:ac:87: 8f:9b:a2:e4:69:2b:ee:5c:4a:36:16:41:88:96:6e: f5:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:11:20:8B:B4:7E:4F:09:56:1C:BA:04:0C:07:B1:96:02:20:E8:57 X509v3 Authority Key Identifier: keyid:1D:12:17:EF:8F:E8:4B:58:25:51:67:1B:CA:35:E6:84:48:69:24:97 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C8BB4/D954BABE69B711EA88E72E59C4F9AE02/HRIX74_oS1glUWcbyjXmhEhpJJc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HRIX74_oS1glUWcbyjXmhEhpJJc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C8BB4/D954BABE69B711EA88E72E59C4F9AE02/HRIX74_oS1glUWcbyjXmhEhpJJc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0d:d5:3f:b3:15:23:ea:c3:75:18:58:76:c8:68:b6:cb:db:78: 18:9b:ee:bc:f5:3c:af:7a:70:37:eb:c7:85:7b:3c:d8:7e:0f: bd:7a:15:67:02:49:1b:4c:16:cf:64:a3:5f:36:f5:9c:12:71: 3b:c3:30:21:6b:62:5e:d4:c0:84:2d:6e:ef:b3:d0:47:ad:1e: f0:dd:8f:96:89:69:b6:8c:a2:f5:82:3f:e2:1b:3b:cc:f8:67: 97:11:a9:e4:62:a8:2e:79:fa:b9:63:1a:04:8a:25:65:69:1b: d3:28:90:ad:99:d7:18:f3:62:c4:ab:fd:44:11:be:b3:28:04: 03:bc:15:4f:63:e9:f7:ea:d2:f8:25:db:73:f5:7a:87:0c:8c: 30:93:61:0c:0a:99:cd:eb:01:a3:9b:43:85:42:0f:a4:04:ed: 3a:41:67:f0:66:0c:29:55:9b:23:58:7c:81:f7:32:bf:03:98: 31:c0:b8:63:46:69:d4:9f:d3:9d:a4:1c:db:b0:65:ac:25:d5: 12:ea:5d:f3:c7:88:a4:44:26:73:7b:d8:38:1a:02:89:ae:03: 3f:50:f5:04:ac:27:5f:c2:46:21:d4:5c:df:13:ed:f0:83:19: 23:e0:52:5f:78:07:0e:02:2e:5f:19:f3:49:9b:f7:12:72:bb: 17:c9:f3:c4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCnUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzhCQjQxMTAvBgNVBAUTKDFEMTIxN0VGOEZFODRCNTgyNTUxNjcxQkNBMzVFNjg0 NDg2OTI0OTcwHhcNMjUwODIyMTk0NjU5WhcNMjUwODI5MTk0NjU5WjAYMRYwFAYD VQQDEw02OGE4YzkzMy1iMGZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAysOFTr0ViTj/jWseXXzmtO1x2mNdqGzGDWQ6RqJd0frvkInp4MK/QBUyRxKZ hfGvQYRADOWMTeHEoR+MwWZ+p2qg1HKBSAaLDVFJJNBjxwNrW/mlToPHue2y8I1P fyGokNawN8pXMvzKuivLKDPUzYFemwPMLUQexzRDWh0mF5YCZEpE7yMMTioTxXYs cgQ8fOlYWI017D4MnIedlUo2mxTqGo1emG7I+CUmSUH9PSweJwagB6oci4+eTZ/X cZHDhKVwJ+JGys9hUxklPMgVWQ8lHAzY+jSX+hcklql3QtEpWT3B7Clf/x8cEFI7 rIePm6LkaSvuXEo2FkGIlm71DwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPoRIIu0 fk8JVhy6BAwHsZYCIOhXMB8GA1UdIwQYMBaAFB0SF++P6EtYJVFnG8o15oRIaSSX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOEJCNC9EOTU0QkFCRTY5 QjcxMUVBODhFNzJFNTlDNEY5QUUwMi9IUklYNzRfb1MxZ2xVV2NieWpYbWhFaHBK SmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hSSVg3NF9vUzFnbFVXY2J5alhtaEVocEpKYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD OEJCNC9EOTU0QkFCRTY5QjcxMUVBODhFNzJFNTlDNEY5QUUwMi9IUklYNzRfb1Mx Z2xVV2NieWpYbWhFaHBKSmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAN1T+zFSPqw3UYWHbIaLbL23gYm+689TyvenA368eFezzYfg+9ehVn AkkbTBbPZKNfNvWcEnE7wzAha2Je1MCELW7vs9BHrR7w3Y+WiWm2jKL1gj/iGzvM +GeXEankYqguefq5YxoEiiVlaRvTKJCtmdcY82LEq/1EEb6zKAQDvBVPY+n36tL4 Jdtz9XqHDIwwk2EMCpnN6wGjm0OFQg+kBO06QWfwZgwpVZsjWHyB9zK/A5gxwLhj RmnUn9OdpBzbsGWsJdUS6l3zx4ikRCZze9g4GgKJrgM/UPUErCdfwkYh1FzfE+3w gxkj4FJfeAcOAi5fGfNJm/cScrsXyfPE -----END CERTIFICATE-----Generated at Sat Aug 23 03:25:44 2025 by rpki-client