$ rpki-client -vvf rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.mft File: HfNLnj96ONdYmO1LBfntTEAEzrw.mft (raw, json) Hash identifier: QrSPIPV4soW3xkxTv0Cuay54bBjspw3hmhKP3VSKvAU= Subject key identifier: AB:4B:7C:BB:AD:3B:E3:89:D5:54:A3:3A:3E:98:09:3E:32:6F:EA:D1 Authority key identifier: 1D:F3:4B:9E:3F:7A:38:D7:58:98:ED:4B:05:F9:ED:4C:40:04:CE:BC Certificate issuer: /CN=A91F6227/serialNumber=1DF34B9E3F7A38D75898ED4B05F9ED4C4004CEBC Certificate serial: 0A33 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HfNLnj96ONdYmO1LBfntTEAEzrw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.mft Manifest number: 0A28 Signing time: Thu 18 Sep 2025 20:00:18 +0000 Manifest this update: Thu 18 Sep 2025 20:00:17 +0000 Manifest next update: Thu 25 Sep 2025 20:00:17 +0000 Files and hashes: 1: HfNLnj96ONdYmO1LBfntTEAEzrw.crl (hash: IHZuYKVhPkRd3gvrnA28X32u8UKkXLi4HZdSNQ0Ax3o=) 2: A23D5DE87A6911EA930EB439C4F9AE02.roa (hash: 0c8vFwsGm0y9J7tirCRPVhjPNwdGg4DZRn3e0fuJjls=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.crl rsync://rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HfNLnj96ONdYmO1LBfntTEAEzrw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Sep 2025 19:44:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2611 (0xa33) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F6227, serialNumber=1DF34B9E3F7A38D75898ED4B05F9ED4C4004CEBC Validity Not Before: Sep 18 20:00:17 2025 GMT Not After : Sep 25 20:00:17 2025 GMT Subject: CN=68cc64d1-2c91 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:19:fa:ce:8d:d4:7c:2e:6d:6c:24:c2:31:ab: 26:5c:35:09:82:f6:48:77:9d:31:eb:ec:59:1f:ab: 5c:94:20:11:78:83:c4:66:66:a1:8d:54:b0:a0:5d: c9:b5:8d:98:2a:ac:90:17:52:6e:23:be:bb:9b:2e: 83:4c:50:1c:11:6c:e6:86:91:4e:ab:a0:01:20:3b: 7c:fb:4a:3a:ff:e0:66:13:c6:b1:e5:b8:66:17:46: 6e:3c:6e:97:cb:69:67:a0:a5:69:88:e7:11:8c:ae: 42:cf:7b:1b:e7:3c:79:83:0b:de:03:25:3e:96:6d: b2:e2:cc:65:a9:1e:85:2e:fe:74:6d:08:fa:1d:95: 8a:b8:06:23:e4:86:3c:97:a6:bc:39:eb:fd:bc:af: 31:65:8e:5d:8a:e1:d9:bd:e3:1f:d9:f2:a9:01:59: b9:d3:d3:cb:43:90:6b:07:62:ad:9d:1e:3d:8f:b6: 6d:1b:6e:37:c8:25:28:5a:90:81:df:46:d5:a7:f4: ef:75:cf:76:7b:57:88:22:27:df:95:f4:0e:04:aa: 2d:b0:ff:04:14:2d:59:87:ba:da:e6:63:3e:80:07: a0:7d:62:ff:9a:cc:70:f1:fc:f7:98:ad:70:e5:56: 41:4d:f7:88:13:18:81:a5:29:c2:4f:a6:14:bb:4c: d7:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:4B:7C:BB:AD:3B:E3:89:D5:54:A3:3A:3E:98:09:3E:32:6F:EA:D1 X509v3 Authority Key Identifier: keyid:1D:F3:4B:9E:3F:7A:38:D7:58:98:ED:4B:05:F9:ED:4C:40:04:CE:BC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HfNLnj96ONdYmO1LBfntTEAEzrw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F6227/0D728A0A7A3F11EA8E3D8035C4F9AE02/HfNLnj96ONdYmO1LBfntTEAEzrw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 22:6c:59:30:c1:a2:ae:fb:c4:d2:74:6a:60:78:d2:8e:b4:c4: f8:f6:8d:da:27:2c:4f:52:ee:10:52:8a:90:a4:56:65:0f:14: 0c:77:3b:eb:c7:86:19:1f:9c:71:11:56:88:0e:4f:64:0a:b5: 99:2a:d1:56:0d:9c:4c:b2:9b:de:2e:72:ca:07:69:86:7c:b4: 44:23:99:89:62:bd:fa:76:c5:82:08:10:d5:8d:b6:b9:7d:a0: 52:18:8a:7f:2a:9d:7c:b6:d4:82:c7:f7:f9:c7:4d:19:d6:07: 86:6d:fd:1e:23:2e:e6:79:01:71:f4:55:3a:f2:52:77:22:d1: 59:65:3f:d0:1e:3d:27:1c:d7:c9:de:ea:c6:c4:65:f0:da:96: 80:46:21:5f:c0:ed:06:d3:b9:f8:6d:c0:2c:16:8f:c9:3c:18: f0:8a:12:6c:8f:2f:e6:12:7a:c3:7d:42:32:d0:8a:01:c2:64: e2:16:12:73:20:e8:35:4e:9d:bf:7d:0a:56:5f:39:50:04:bc: 4c:5b:22:2f:81:9d:cd:14:e3:14:78:7a:40:00:69:b2:1c:36: 43:52:4a:23:44:00:46:66:0f:b6:96:7d:40:07:df:f2:43:53: 42:19:73:66:58:6a:5d:2c:5e:51:dc:7c:c7:d1:cf:b5:3d:21: c0:a3:e9:9b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCjMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjYyMjcxMTAvBgNVBAUTKDFERjM0QjlFM0Y3QTM4RDc1ODk4RUQ0QjA1RjlFRDRD NDAwNENFQkMwHhcNMjUwOTE4MjAwMDE3WhcNMjUwOTI1MjAwMDE3WjAYMRYwFAYD VQQDEw02OGNjNjRkMS0yYzkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1xn6zo3UfC5tbCTCMasmXDUJgvZId50x6+xZH6tclCAReIPEZmahjVSwoF3J tY2YKqyQF1JuI767my6DTFAcEWzmhpFOq6ABIDt8+0o6/+BmE8ax5bhmF0ZuPG6X y2lnoKVpiOcRjK5Cz3sb5zx5gwveAyU+lm2y4sxlqR6FLv50bQj6HZWKuAYj5IY8 l6a8Oev9vK8xZY5diuHZveMf2fKpAVm509PLQ5BrB2KtnR49j7ZtG243yCUoWpCB 30bVp/Tvdc92e1eIIifflfQOBKotsP8EFC1Zh7ra5mM+gAegfWL/msxw8fz3mK1w 5VZBTfeIExiBpSnCT6YUu0zXtwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKtLfLut O+OJ1VSjOj6YCT4yb+rRMB8GA1UdIwQYMBaAFB3zS54/ejjXWJjtSwX57UxABM68 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjIyNy8wRDcyOEEwQTdB M0YxMUVBOEUzRDgwMzVDNEY5QUUwMi9IZk5Mbmo5Nk9OZFltTzFMQmZudFRFQUV6 cncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hmTkxuajk2T05kWW1PMUxCZm50VEVBRXpydy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NjIyNy8wRDcyOEEwQTdBM0YxMUVBOEUzRDgwMzVDNEY5QUUwMi9IZk5Mbmo5Nk9O ZFltTzFMQmZudFRFQUV6cncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAibFkwwaKu+8TSdGpgeNKOtMT49o3aJyxPUu4QUoqQpFZlDxQMdzvr x4YZH5xxEVaIDk9kCrWZKtFWDZxMspveLnLKB2mGfLREI5mJYr36dsWCCBDVjba5 faBSGIp/Kp18ttSCx/f5x00Z1geGbf0eIy7meQFx9FU68lJ3ItFZZT/QHj0nHNfJ 3urGxGXw2paARiFfwO0G07n4bcAsFo/JPBjwihJsjy/mEnrDfUIy0IoBwmTiFhJz IOg1Tp2/fQpWXzlQBLxMWyIvgZ3NFOMUeHpAAGmyHDZDUkojRABGZg+2ln1AB9/y Q1NCGXNmWGpdLF5R3HzH0c+1PSHAo+mb -----END CERTIFICATE-----Generated at Thu Sep 18 21:40:58 2025 by rpki-client