$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.mft File: hpBNLQLbigWb7ZOPL46u88Qgb9A.mft (raw, json) Hash identifier: UQDjEFkqT+0fUSzeusiEZjqMSHDZzcXQQNrrZP3IKrY= Subject key identifier: 0A:6D:39:BA:92:61:7C:AE:39:C1:B3:58:5F:72:EB:FC:CB:61:CB:5F Authority key identifier: 86:90:4D:2D:02:DB:8A:05:9B:ED:93:8F:2F:8E:AE:F3:C4:20:6F:D0 Certificate issuer: /CN=A91D4ACD/serialNumber=86904D2D02DB8A059BED938F2F8EAEF3C4206FD0 Certificate serial: A0 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hpBNLQLbigWb7ZOPL46u88Qgb9A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.mft Manifest number: 9F Signing time: Sat 19 Jul 2025 06:31:23 +0000 Manifest this update: Sat 19 Jul 2025 06:31:22 +0000 Manifest next update: Sat 26 Jul 2025 06:31:22 +0000 Files and hashes: 1: hpBNLQLbigWb7ZOPL46u88Qgb9A.crl (hash: LBu4Qh5SFY7RK8HuOVzJogM6lWIC6VdNxu5OVYhGLK8=) 2: 388D7E38797D11EF8CA64711C4F9AE02.roa (hash: psVpSVTIe8+AZiKNpgFs07aLN6Bb1+TjrtoRE57p52A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.crl rsync://rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hpBNLQLbigWb7ZOPL46u88Qgb9A.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 06:31:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 160 (0xa0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D4ACD, serialNumber=86904D2D02DB8A059BED938F2F8EAEF3C4206FD0 Validity Not Before: Jul 19 06:31:22 2025 GMT Not After : Jul 26 06:31:22 2025 GMT Subject: CN=687b3bba-ded3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:c5:56:44:e1:35:79:70:6b:c9:a0:73:40:af: ec:26:9a:d2:a2:f0:d5:dc:27:2f:b8:bb:d3:31:6d: 42:54:ef:a4:41:a6:c6:66:cc:6b:49:bc:7d:64:4b: 58:cd:b5:d9:cb:ec:b8:63:2a:ba:44:4b:d3:2f:82: ab:0d:3c:e5:12:86:46:f1:e3:4f:72:ea:c5:4d:f6: 13:68:d1:bf:eb:e4:e2:5e:79:07:c7:4c:a5:6a:fb: 35:a6:6b:90:bf:2f:17:5d:f5:ad:77:e5:d0:10:7a: aa:f4:b2:0e:e0:8f:b9:9f:bc:42:aa:91:40:10:94: b7:cd:a9:6d:7a:34:e6:5b:15:6d:33:76:d3:31:e2: 9d:68:a3:2c:c5:b0:ab:35:89:9d:b7:26:64:ec:a4: ad:12:d5:b8:e6:65:94:31:d6:9c:ef:ed:92:f5:50: 01:67:c5:ff:cc:1f:21:d5:b1:39:55:a3:38:66:11: 6a:b9:bf:ff:d6:d6:80:ba:6b:fb:df:d2:67:bc:68: a2:c1:bc:a6:53:8a:eb:0f:60:ef:c3:de:a9:c1:dc: ac:cb:77:f5:28:e8:2e:8a:be:7f:74:7c:8e:de:b5: 00:22:ba:be:60:2f:d1:95:03:8e:1d:5c:59:6d:6e: 92:d8:3f:1b:c3:4d:6f:53:34:dd:45:e3:da:28:59: d9:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:6D:39:BA:92:61:7C:AE:39:C1:B3:58:5F:72:EB:FC:CB:61:CB:5F X509v3 Authority Key Identifier: keyid:86:90:4D:2D:02:DB:8A:05:9B:ED:93:8F:2F:8E:AE:F3:C4:20:6F:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hpBNLQLbigWb7ZOPL46u88Qgb9A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b9:11:ee:db:b0:f9:71:5a:a7:81:33:f1:aa:af:2d:14:82:17: de:05:33:0d:a9:ab:12:7d:b1:33:97:5d:0d:f5:a7:47:5b:26: e2:dd:8b:9c:55:b6:bd:91:41:6c:1e:07:6a:bd:2d:17:9c:8c: 01:8d:f9:7f:19:b2:88:45:af:f8:ae:56:1e:15:80:ba:da:9b: c3:ab:b1:7f:bf:da:8b:17:bf:59:3c:72:c7:2f:7f:32:a2:f9: 01:27:26:ce:5b:01:ce:31:74:d3:2c:2c:3b:fd:15:c4:4c:6c: ee:b4:9d:a4:b9:c6:25:a5:d6:e4:89:01:94:8d:e8:47:89:15: b4:a3:60:34:b3:dc:c8:49:94:d4:b8:96:8a:36:4b:c8:9e:d6: 34:6f:c4:30:ac:f5:be:45:ca:c7:fb:ee:05:3f:3e:33:02:37: 81:91:14:b0:07:1f:50:6b:54:0b:30:84:e8:f9:40:17:64:c8: 5d:64:f6:13:fb:30:44:4b:df:75:82:b8:04:6a:f7:45:a0:34: 4c:3f:a3:3c:f1:c0:1e:d4:51:5e:6f:0d:16:2c:a7:73:0f:f7: 6d:07:be:ff:32:5e:7f:11:dd:b8:93:c0:af:33:c8:05:1a:5a: 56:49:8c:47:9d:cd:f5:a3:70:f3:bf:c3:d2:8f:80:7a:57:05: c5:f2:e6:38 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDRBQ0QxMTAvBgNVBAUTKDg2OTA0RDJEMDJEQjhBMDU5QkVEOTM4RjJGOEVBRUYz QzQyMDZGRDAwHhcNMjUwNzE5MDYzMTIyWhcNMjUwNzI2MDYzMTIyWjAYMRYwFAYD VQQDEw02ODdiM2JiYS1kZWQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3cVWROE1eXBryaBzQK/sJprSovDV3CcvuLvTMW1CVO+kQabGZsxrSbx9ZEtY zbXZy+y4Yyq6REvTL4KrDTzlEoZG8eNPcurFTfYTaNG/6+TiXnkHx0ylavs1pmuQ vy8XXfWtd+XQEHqq9LIO4I+5n7xCqpFAEJS3zaltejTmWxVtM3bTMeKdaKMsxbCr NYmdtyZk7KStEtW45mWUMdac7+2S9VABZ8X/zB8h1bE5VaM4ZhFqub//1taAumv7 39JnvGiiwbymU4rrD2Dvw96pwdysy3f1KOguir5/dHyO3rUAIrq+YC/RlQOOHVxZ bW6S2D8bw01vUzTdRePaKFnZCwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAptObqS YXyuOcGzWF9y6/zLYctfMB8GA1UdIwQYMBaAFIaQTS0C24oFm+2Tjy+OrvPEIG/Q MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENEFDRC8xRjUzNTY5RTc1 NkUxMUVGOUNBNDZFNTFDNEY5QUUwMi9ocEJOTFFMYmlnV2I3Wk9QTDQ2dTg4UWdi OUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2hwQk5MUUxiaWdXYjdaT1BMNDZ1ODhRZ2I5QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NEFDRC8xRjUzNTY5RTc1NkUxMUVGOUNBNDZFNTFDNEY5QUUwMi9ocEJOTFFMYmln V2I3Wk9QTDQ2dTg4UWdiOUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC5Ee7bsPlxWqeBM/Gqry0UghfeBTMNqasSfbEzl10N9adHWybi3Yuc Vba9kUFsHgdqvS0XnIwBjfl/GbKIRa/4rlYeFYC62pvDq7F/v9qLF79ZPHLHL38y ovkBJybOWwHOMXTTLCw7/RXETGzutJ2kucYlpdbkiQGUjehHiRW0o2A0s9zISZTU uJaKNkvIntY0b8QwrPW+RcrH++4FPz4zAjeBkRSwBx9Qa1QLMITo+UAXZMhdZPYT +zBES991grgEavdFoDRMP6M88cAe1FFebw0WLKdzD/dtB77/Ml5/Ed24k8CvM8gF GlpWSYxHnc31o3Dzv8PSj4B6VwXF8uY4 -----END CERTIFICATE-----Generated at Sun Jul 20 18:44:08 2025 by rpki-client