$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA9C0/5AFB148E388211F08CCB1866C4F9AE02/HQ2sEe2C41wjsMvv--4AYmOwmVc.mft File: HQ2sEe2C41wjsMvv--4AYmOwmVc.mft (raw, json) Hash identifier: vfISqN42fdJ86ygdnOzWYuWfvwqK6xI2nCscQyUs7Gk= Subject key identifier: F2:F1:40:02:1C:8E:13:B7:D8:1C:97:D2:AA:6D:B3:87:5A:9F:B9:9D Authority key identifier: 1D:0D:AC:11:ED:82:E3:5C:23:B0:CB:EF:FB:EE:00:62:63:B0:99:57 Certificate issuer: /CN=A91EA9C0/serialNumber=1D0DAC11ED82E35C23B0CBEFFBEE006263B09957 Certificate serial: 3D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HQ2sEe2C41wjsMvv--4AYmOwmVc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA9C0/5AFB148E388211F08CCB1866C4F9AE02/HQ2sEe2C41wjsMvv--4AYmOwmVc.mft Manifest number: 3D Signing time: Wed 17 Sep 2025 08:15:16 +0000 Manifest this update: Wed 17 Sep 2025 08:15:15 +0000 Manifest next update: Wed 24 Sep 2025 08:15:15 +0000 Files and hashes: 1: HQ2sEe2C41wjsMvv--4AYmOwmVc.crl (hash: nq7jB3SSwSLc68AKdITn/xmCgQjc7j4hP+13vBaSa3Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA9C0/5AFB148E388211F08CCB1866C4F9AE02/HQ2sEe2C41wjsMvv--4AYmOwmVc.crl rsync://rpki.apnic.net/member_repository/A91EA9C0/5AFB148E388211F08CCB1866C4F9AE02/HQ2sEe2C41wjsMvv--4AYmOwmVc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HQ2sEe2C41wjsMvv--4AYmOwmVc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Sep 2025 08:15:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61 (0x3d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA9C0, serialNumber=1D0DAC11ED82E35C23B0CBEFFBEE006263B09957 Validity Not Before: Sep 17 08:15:15 2025 GMT Not After : Sep 24 08:15:15 2025 GMT Subject: CN=68ca6e13-bb77 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:70:41:65:48:b9:14:7d:ab:04:d6:5c:3c:fc: 09:fd:f0:1c:2e:c7:39:b7:ac:b8:13:57:e5:b5:dc: 33:16:0d:2d:25:60:79:d3:9b:9a:33:7e:aa:1b:dc: 9c:fa:3d:d6:02:e7:b6:db:7e:f4:bb:2b:c8:48:29: 52:b1:10:44:ea:53:d3:44:e6:a6:ce:6f:f7:20:f0: 92:6a:e8:ef:1b:b1:34:87:c2:49:a4:ce:d7:89:27: b7:ba:02:8e:9c:20:5d:db:b0:9b:7e:28:26:b1:66: 38:4d:de:47:73:70:8b:26:cb:b0:e9:75:b5:0b:10: f6:a8:8b:7e:40:54:92:12:49:0c:27:25:a9:af:15: 5b:39:0c:2e:ce:ba:fe:bf:7e:23:ce:ac:67:30:2c: 7f:05:6d:88:83:a1:b8:5b:31:fa:bf:b8:11:0c:03: 2c:29:83:bf:69:84:0a:d0:1e:c3:dc:68:d4:aa:8b: 3b:e6:79:16:cd:b0:cf:b0:35:73:53:1a:18:fb:b4: a4:54:a4:b9:f5:84:d7:20:58:59:47:2e:bc:e9:d2: 15:05:91:2b:c9:a2:6d:70:f1:84:ad:69:f5:95:be: 09:3a:7b:80:2e:1a:c8:4a:32:68:96:24:1d:c4:1b: 34:97:88:a2:20:2b:13:6f:ba:e4:85:fa:35:6d:69: 7b:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:F1:40:02:1C:8E:13:B7:D8:1C:97:D2:AA:6D:B3:87:5A:9F:B9:9D X509v3 Authority Key Identifier: keyid:1D:0D:AC:11:ED:82:E3:5C:23:B0:CB:EF:FB:EE:00:62:63:B0:99:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA9C0/5AFB148E388211F08CCB1866C4F9AE02/HQ2sEe2C41wjsMvv--4AYmOwmVc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HQ2sEe2C41wjsMvv--4AYmOwmVc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA9C0/5AFB148E388211F08CCB1866C4F9AE02/HQ2sEe2C41wjsMvv--4AYmOwmVc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 19:50:7d:6e:b2:42:b7:91:50:89:ae:91:a3:95:a9:1d:70:6c: bd:70:5e:f8:e2:9c:a8:d7:6b:3d:dd:eb:fa:6e:c5:26:07:e5: 50:75:7b:59:73:b6:29:36:59:81:f5:ef:38:6e:79:c6:de:2a: 4f:1b:6a:94:3f:65:62:85:03:71:45:b2:21:98:93:77:02:55: 80:57:99:1a:c7:15:4e:43:8d:8f:29:16:dc:f0:6e:e9:56:47: 5b:9c:23:dd:b7:1d:44:1d:8a:2b:4f:ea:44:a2:31:9d:29:17: ef:9e:ce:5e:b2:03:c6:9a:d5:a7:93:3f:13:5c:13:e9:08:ab: 5e:4e:b8:15:a1:78:72:fd:5c:1e:6b:f5:c3:78:12:28:34:bd: 67:7c:5a:42:52:3d:8d:92:c9:64:4e:23:1e:a7:01:a4:1b:1a: a5:d5:1d:01:ac:76:66:5f:f8:e2:77:63:db:96:69:39:b8:3e: e3:64:66:a9:11:ac:2b:81:8b:37:27:97:a4:50:c7:62:9d:a6: 23:f2:d9:a0:d8:13:73:2b:96:4a:25:85:5c:ad:07:eb:20:cd: 03:ef:7e:b6:13:c5:10:bc:71:ab:2d:9e:b1:c4:e2:09:c2:c5: ca:2f:56:3b:a6:c7:5b:b7:01:94:60:ad:f9:45:32:17:8d:df: 7a:1a:60:a7 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBPTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF QTlDMDExMC8GA1UEBRMoMUQwREFDMTFFRDgyRTM1QzIzQjBDQkVGRkJFRTAwNjI2 M0IwOTk1NzAeFw0yNTA5MTcwODE1MTVaFw0yNTA5MjQwODE1MTVaMBgxFjAUBgNV BAMTDTY4Y2E2ZTEzLWJiNzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDZcEFlSLkUfasE1lw8/An98Bwuxzm3rLgTV+W13DMWDS0lYHnTm5ozfqob3Jz6 PdYC57bbfvS7K8hIKVKxEETqU9NE5qbOb/cg8JJq6O8bsTSHwkmkzteJJ7e6Ao6c IF3bsJt+KCaxZjhN3kdzcIsmy7DpdbULEPaoi35AVJISSQwnJamvFVs5DC7Ouv6/ fiPOrGcwLH8FbYiDobhbMfq/uBEMAywpg79phArQHsPcaNSqizvmeRbNsM+wNXNT Ghj7tKRUpLn1hNcgWFlHLrzp0hUFkSvJom1w8YStafWVvgk6e4AuGshKMmiWJB3E GzSXiKIgKxNvuuSF+jVtaXvrAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU8vFAAhyO E7fYHJfSqm2zh1qfuZ0wHwYDVR0jBBgwFoAUHQ2sEe2C41wjsMvv++4AYmOwmVcw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVBOUMwLzVBRkIxNDhFMzg4 MjExRjA4Q0NCMTg2NkM0RjlBRTAyL0hRMnNFZTJDNDF3anNNdnYtLTRBWW1Pd21W Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvSFEyc0VlMkM0MXdqc012di0tNEFZbU93bVZjLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVB OUMwLzVBRkIxNDhFMzg4MjExRjA4Q0NCMTg2NkM0RjlBRTAyL0hRMnNFZTJDNDF3 anNNdnYtLTRBWW1Pd21WYy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABlQfW6yQreRUImukaOVqR1wbL1wXvjinKjXaz3d6/puxSYH5VB1e1lz tik2WYH17zhuecbeKk8bapQ/ZWKFA3FFsiGYk3cCVYBXmRrHFU5DjY8pFtzwbulW R1ucI923HUQdiitP6kSiMZ0pF++ezl6yA8aa1aeTPxNcE+kIq15OuBWheHL9XB5r 9cN4Eig0vWd8WkJSPY2SyWROIx6nAaQbGqXVHQGsdmZf+OJ3Y9uWaTm4PuNkZqkR rCuBizcnl6RQx2KdpiPy2aDYE3MrlkolhVytB+sgzQPvfrYTxRC8castnrHE4gnC xcovVjumx1u3AZRgrflFMheN33oaYKc= -----END CERTIFICATE-----Generated at Fri Sep 19 00:59:31 2025 by rpki-client