$ rpki-client -vvf rpki.apnic.net/member_repository/A91D83D0/03116312AFBC11EAA961CB86C4F9AE02/HLS_2cCnMryPSmDIaUyR-DTKvBM.mft File: HLS_2cCnMryPSmDIaUyR-DTKvBM.mft (raw, json) Hash identifier: INALv5vCbjXP+wd62b8NS/WAdj89Yn7HWl51q+fi980= Subject key identifier: 72:B0:B4:C5:4B:53:A6:3A:BA:50:F4:AE:84:FE:82:85:16:07:D4:7D Authority key identifier: 1C:B4:BF:D9:C0:A7:32:BC:8F:4A:60:C8:69:4C:91:F8:34:CA:BC:13 Certificate issuer: /CN=A91D83D0/serialNumber=1CB4BFD9C0A732BC8F4A60C8694C91F834CABC13 Certificate serial: 0914 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HLS_2cCnMryPSmDIaUyR-DTKvBM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D83D0/03116312AFBC11EAA961CB86C4F9AE02/HLS_2cCnMryPSmDIaUyR-DTKvBM.mft Manifest number: 090D Signing time: Thu 04 Sep 2025 20:33:31 +0000 Manifest this update: Thu 04 Sep 2025 20:33:31 +0000 Manifest next update: Thu 11 Sep 2025 20:33:31 +0000 Files and hashes: 1: HLS_2cCnMryPSmDIaUyR-DTKvBM.crl (hash: HpsNiYmo6tjTZ3yb7IlApMPcjKknc0aLe0XsvCCNts8=) 2: 3C52563E781F11EE9787607FC4F9AE02.roa (hash: iGx2/OJLyjhg1Fasnl64EO8+YlI70PVJOH1c6PHse0Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D83D0/03116312AFBC11EAA961CB86C4F9AE02/HLS_2cCnMryPSmDIaUyR-DTKvBM.crl rsync://rpki.apnic.net/member_repository/A91D83D0/03116312AFBC11EAA961CB86C4F9AE02/HLS_2cCnMryPSmDIaUyR-DTKvBM.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HLS_2cCnMryPSmDIaUyR-DTKvBM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Sep 2025 20:33:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2324 (0x914) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D83D0, serialNumber=1CB4BFD9C0A732BC8F4A60C8694C91F834CABC13 Validity Not Before: Sep 4 20:33:31 2025 GMT Not After : Sep 11 20:33:31 2025 GMT Subject: CN=68b9f79b-02fb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:d5:d9:34:e2:a8:c5:40:ab:11:b8:ce:35:c6: 0c:8d:eb:de:e2:2a:51:47:d2:23:28:86:49:3f:ec: 59:47:97:d8:6b:6d:69:52:06:d6:ef:33:b4:5a:17: 28:2e:dc:eb:2c:e6:bf:c5:73:7f:e1:ac:d2:1a:19: 80:a0:da:23:e9:0c:c9:5b:71:46:fe:b1:ea:c8:68: 24:13:34:92:6e:34:58:b8:ca:2e:45:1e:8c:33:69: 29:01:22:93:08:41:b0:7e:ed:cd:69:c2:3e:e6:76: d3:2a:b0:3a:56:9f:f5:df:d1:cd:8f:19:0d:09:e6: e0:5d:e5:7e:3e:f9:86:81:9a:5d:31:aa:05:7d:73: b5:2f:3a:12:23:0d:fd:04:06:09:c4:a1:9e:e4:c1: e6:a6:d6:1a:70:0b:7c:08:44:c8:95:f2:cb:5b:4d: b1:a2:b2:c2:05:93:8d:dd:b7:52:bd:cc:e0:51:6a: a3:29:ae:ba:54:67:a1:82:eb:a7:92:af:b8:d0:5a: bc:96:0d:94:a8:39:21:18:20:c1:0f:24:d4:34:8a: 6d:62:33:12:6d:56:6b:c8:14:fe:b3:5d:a7:44:10: 1c:48:df:c1:6c:85:96:b8:56:19:86:5e:2e:b6:c7: 44:13:61:1c:96:b8:ae:03:7b:e7:02:47:ac:77:41: ae:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:B0:B4:C5:4B:53:A6:3A:BA:50:F4:AE:84:FE:82:85:16:07:D4:7D X509v3 Authority Key Identifier: keyid:1C:B4:BF:D9:C0:A7:32:BC:8F:4A:60:C8:69:4C:91:F8:34:CA:BC:13 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D83D0/03116312AFBC11EAA961CB86C4F9AE02/HLS_2cCnMryPSmDIaUyR-DTKvBM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HLS_2cCnMryPSmDIaUyR-DTKvBM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D83D0/03116312AFBC11EAA961CB86C4F9AE02/HLS_2cCnMryPSmDIaUyR-DTKvBM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 42:f1:94:1e:70:44:d4:6f:e1:49:5e:02:c1:5d:1c:a0:c1:dd: 51:03:81:ff:2e:ab:cc:76:10:27:50:94:51:48:86:57:44:f9: 64:83:0a:c0:34:3d:4a:ab:3c:15:ea:ae:9c:35:52:b5:bd:f7: 0e:c9:90:64:d7:ce:04:28:c6:d9:0e:3a:7e:94:0a:a0:33:b0: e8:25:f7:8a:60:20:0f:fc:ab:22:0a:63:66:a7:19:04:a3:12: 8a:53:d6:00:b3:cf:b5:72:01:d3:d6:7c:bb:b2:c2:c4:34:74: 70:db:2d:83:cc:bb:ed:ae:fa:c8:38:c0:fb:9c:a8:13:7a:76: d3:c9:20:58:d3:a4:53:bc:5d:69:d8:a4:59:76:b2:a9:9f:fe: 95:be:0f:6a:42:c7:c4:29:7f:20:69:c5:31:c3:64:9c:23:fe: 64:4c:bd:5d:2b:fb:14:03:fd:af:94:f8:d3:d0:63:f3:77:f1: 4b:a5:17:8d:cd:44:af:b4:47:81:6b:9e:6e:42:cc:1d:c7:8d: 9e:2c:e5:62:c6:3e:f8:9c:12:37:0a:e6:d5:4e:d4:0f:c0:80: 84:d4:95:f3:6e:60:17:d9:96:3b:90:b4:b2:1d:15:a1:eb:f5: 79:1d:ce:ff:ae:90:fe:d3:aa:c9:41:88:5a:98:36:9f:f4:1a: e1:11:bc:43 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCRQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDgzRDAxMTAvBgNVBAUTKDFDQjRCRkQ5QzBBNzMyQkM4RjRBNjBDODY5NEM5MUY4 MzRDQUJDMTMwHhcNMjUwOTA0MjAzMzMxWhcNMjUwOTExMjAzMzMxWjAYMRYwFAYD VQQDEw02OGI5Zjc5Yi0wMmZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3NXZNOKoxUCrEbjONcYMjeve4ipRR9IjKIZJP+xZR5fYa21pUgbW7zO0Whco LtzrLOa/xXN/4azSGhmAoNoj6QzJW3FG/rHqyGgkEzSSbjRYuMouRR6MM2kpASKT CEGwfu3NacI+5nbTKrA6Vp/139HNjxkNCebgXeV+PvmGgZpdMaoFfXO1LzoSIw39 BAYJxKGe5MHmptYacAt8CETIlfLLW02xorLCBZON3bdSvczgUWqjKa66VGehguun kq+40Fq8lg2UqDkhGCDBDyTUNIptYjMSbVZryBT+s12nRBAcSN/BbIWWuFYZhl4u tsdEE2EclriuA3vnAkesd0Gu1wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHKwtMVL U6Y6ulD0roT+goUWB9R9MB8GA1UdIwQYMBaAFBy0v9nApzK8j0pgyGlMkfg0yrwT MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEODNEMC8wMzExNjMxMkFG QkMxMUVBQTk2MUNCODZDNEY5QUUwMi9ITFNfMmNDbk1yeVBTbURJYVV5Ui1EVEt2 Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0hMU18yY0NuTXJ5UFNtRElhVXlSLURUS3ZCTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE ODNEMC8wMzExNjMxMkFGQkMxMUVBQTk2MUNCODZDNEY5QUUwMi9ITFNfMmNDbk1y eVBTbURJYVV5Ui1EVEt2Qk0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBC8ZQecETUb+FJXgLBXRygwd1RA4H/LqvMdhAnUJRRSIZXRPlkgwrA ND1KqzwV6q6cNVK1vfcOyZBk184EKMbZDjp+lAqgM7DoJfeKYCAP/KsiCmNmpxkE oxKKU9YAs8+1cgHT1ny7ssLENHRw2y2DzLvtrvrIOMD7nKgTenbTySBY06RTvF1p 2KRZdrKpn/6Vvg9qQsfEKX8gacUxw2ScI/5kTL1dK/sUA/2vlPjT0GPzd/FLpReN zUSvtEeBa55uQswdx42eLOVixj74nBI3CubVTtQPwICE1JXzbmAX2ZY7kLSyHRWh 6/V5Hc7/rpD+06rJQYhamDaf9BrhEbxD -----END CERTIFICATE-----Generated at Sat Sep 6 20:56:57 2025 by rpki-client