$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8177/8BA3D8C43DDB11F0AC93D432C4F9AE02/HNLU8yahhKSHvyKs14rVwGj0ZmE.mft File: HNLU8yahhKSHvyKs14rVwGj0ZmE.mft (raw, json) Hash identifier: uBJTexKNGTn7vlibjGLpNHHaQEC8qYurXTMhDn3k14c= Subject key identifier: 79:DA:87:A0:A8:36:54:6D:2C:03:23:4A:9E:35:88:B6:B1:1B:60:DD Authority key identifier: 1C:D2:D4:F3:26:A1:84:A4:87:BF:22:AC:D7:8A:D5:C0:68:F4:66:61 Certificate issuer: /CN=A91F8177/serialNumber=1CD2D4F326A184A487BF22ACD78AD5C068F46661 Certificate serial: 30 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HNLU8yahhKSHvyKs14rVwGj0ZmE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F8177/8BA3D8C43DDB11F0AC93D432C4F9AE02/HNLU8yahhKSHvyKs14rVwGj0ZmE.mft Manifest number: 2E Signing time: Thu 21 Aug 2025 07:57:25 +0000 Manifest this update: Thu 21 Aug 2025 07:57:24 +0000 Manifest next update: Thu 28 Aug 2025 07:57:24 +0000 Files and hashes: 1: HNLU8yahhKSHvyKs14rVwGj0ZmE.crl (hash: tcBPbguJHZjjkzIRfxXOfJ6jJjhbkZ8/i1C0MC76SNk=) 2: 447A88023DDC11F0ACD9F475C4F9AE02.roa (hash: RAa8qDITo259IkIrPotazGyLqrpj79/JGsviOOW/nx8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F8177/8BA3D8C43DDB11F0AC93D432C4F9AE02/HNLU8yahhKSHvyKs14rVwGj0ZmE.crl rsync://rpki.apnic.net/member_repository/A91F8177/8BA3D8C43DDB11F0AC93D432C4F9AE02/HNLU8yahhKSHvyKs14rVwGj0ZmE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HNLU8yahhKSHvyKs14rVwGj0ZmE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Aug 2025 07:57:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48 (0x30) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F8177, serialNumber=1CD2D4F326A184A487BF22ACD78AD5C068F46661 Validity Not Before: Aug 21 07:57:24 2025 GMT Not After : Aug 28 07:57:24 2025 GMT Subject: CN=68a6d165-72af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:47:46:93:be:23:dc:f4:0f:14:fb:78:c2:f5: 76:bc:95:4d:ba:f6:e9:48:8a:59:6d:0d:e8:67:35: e7:4c:8e:f0:ee:5f:ba:8e:68:0e:fb:16:11:7d:46: 1b:84:1d:4c:bf:fb:2b:d4:88:06:60:90:62:36:17: af:82:e9:1f:03:ff:8a:e9:87:f9:2c:c3:f2:72:17: ce:40:03:62:82:8a:8a:4f:77:1a:8c:a6:4b:fd:8d: 95:0a:36:4e:64:ea:e7:d9:bb:3c:e9:40:55:f1:e2: 17:2f:27:6a:5a:f4:a6:7e:a9:a6:e7:66:3c:3e:d6: b8:f2:59:c2:cb:ef:03:40:11:9a:82:22:8d:32:19: 13:a7:42:76:fd:a8:d1:d9:df:81:0f:df:fb:22:41: 6b:50:5b:ee:1b:9b:a5:6e:4c:2b:27:95:bd:14:e4: b5:7c:28:db:a3:73:88:e5:f6:7c:53:36:10:69:9e: 20:04:0a:26:2b:9e:9b:32:1d:5c:d0:91:8e:88:25: 01:5f:0e:63:c1:d4:22:3a:bd:e6:2a:9b:e1:74:01: 11:5a:27:3c:37:22:69:71:b0:70:46:66:3c:85:6b: 36:5e:1b:96:17:c9:61:96:25:a0:0b:fe:1e:8a:36: bf:69:a2:7b:3d:f8:92:67:08:55:d5:04:ad:fa:fb: 79:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:DA:87:A0:A8:36:54:6D:2C:03:23:4A:9E:35:88:B6:B1:1B:60:DD X509v3 Authority Key Identifier: keyid:1C:D2:D4:F3:26:A1:84:A4:87:BF:22:AC:D7:8A:D5:C0:68:F4:66:61 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F8177/8BA3D8C43DDB11F0AC93D432C4F9AE02/HNLU8yahhKSHvyKs14rVwGj0ZmE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HNLU8yahhKSHvyKs14rVwGj0ZmE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8177/8BA3D8C43DDB11F0AC93D432C4F9AE02/HNLU8yahhKSHvyKs14rVwGj0ZmE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 76:84:41:34:15:8d:97:e9:fd:34:7b:df:5f:92:ac:07:d4:98: 38:11:ed:4f:54:33:19:54:7e:67:bc:71:db:0a:37:15:3d:a0: d8:08:20:f3:1e:aa:83:c9:4b:60:8f:af:36:d7:b6:e8:43:70: 38:3b:db:e4:93:ec:a4:57:e2:97:a5:a5:ed:dd:d8:a8:f6:f4: ea:bb:5f:e1:eb:c9:bf:cc:2b:75:b3:b5:52:97:75:84:4d:4c: f2:0b:66:90:dd:98:f0:ad:f4:b1:e1:39:1a:9d:32:91:76:a7: d2:52:ee:15:f6:27:33:27:8f:4a:37:32:20:66:4e:32:67:74: 17:55:82:a0:da:86:70:a4:b2:5b:8b:ce:35:28:e0:30:3b:99: ce:b0:bb:9f:75:ec:25:b9:4a:53:2b:0f:f7:2e:91:ce:21:62: 9c:07:dd:f5:47:81:0e:10:e8:91:36:2f:c3:a9:b2:e0:4a:37: a1:fe:3d:bb:af:4c:24:30:e3:4c:23:65:59:01:91:e6:94:2a: 35:61:11:fd:40:ed:2e:e0:c7:1a:bb:d0:7e:13:be:db:85:5d: 73:3d:36:50:57:7d:ff:07:e6:2f:b5:e8:e5:42:f3:40:5c:3a: be:30:06:df:0f:e2:f8:5f:4e:ed:3f:92:d8:cc:ff:1e:7f:48: a2:d3:07:73 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBMDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG ODE3NzExMC8GA1UEBRMoMUNEMkQ0RjMyNkExODRBNDg3QkYyMkFDRDc4QUQ1QzA2 OEY0NjY2MTAeFw0yNTA4MjEwNzU3MjRaFw0yNTA4MjgwNzU3MjRaMBgxFjAUBgNV BAMTDTY4YTZkMTY1LTcyYWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC3R0aTviPc9A8U+3jC9Xa8lU269ulIilltDehnNedMjvDuX7qOaA77FhF9RhuE HUy/+yvUiAZgkGI2F6+C6R8D/4rph/ksw/JyF85AA2KCiopPdxqMpkv9jZUKNk5k 6ufZuzzpQFXx4hcvJ2pa9KZ+qabnZjw+1rjyWcLL7wNAEZqCIo0yGROnQnb9qNHZ 34EP3/siQWtQW+4bm6VuTCsnlb0U5LV8KNujc4jl9nxTNhBpniAECiYrnpsyHVzQ kY6IJQFfDmPB1CI6veYqm+F0ARFaJzw3ImlxsHBGZjyFazZeG5YXyWGWJaAL/h6K Nr9pons9+JJnCFXVBK36+3ljAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUedqHoKg2 VG0sAyNKnjWItrEbYN0wHwYDVR0jBBgwFoAUHNLU8yahhKSHvyKs14rVwGj0ZmEw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY4MTc3LzhCQTNEOEM0M0RE QjExRjBBQzkzRDQzMkM0RjlBRTAyL0hOTFU4eWFoaEtTSHZ5S3MxNHJWd0dqMFpt RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvSE5MVTh5YWhoS1NIdnlLczE0clZ3R2owWm1FLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY4 MTc3LzhCQTNEOEM0M0REQjExRjBBQzkzRDQzMkM0RjlBRTAyL0hOTFU4eWFoaEtT SHZ5S3MxNHJWd0dqMFptRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHaEQTQVjZfp/TR731+SrAfUmDgR7U9UMxlUfme8cdsKNxU9oNgIIPMe qoPJS2CPrzbXtuhDcDg72+ST7KRX4pelpe3d2Kj29Oq7X+Hryb/MK3WztVKXdYRN TPILZpDdmPCt9LHhORqdMpF2p9JS7hX2JzMnj0o3MiBmTjJndBdVgqDahnCksluL zjUo4DA7mc6wu5917CW5SlMrD/cukc4hYpwH3fVHgQ4Q6JE2L8OpsuBKN6H+Pbuv TCQw40wjZVkBkeaUKjVhEf1A7S7gxxq70H4TvtuFXXM9NlBXff8H5i+16OVC80Bc Or4wBt8P4vhfTu0/ktjM/x5/SKLTB3M= -----END CERTIFICATE-----Generated at Fri Aug 22 16:29:52 2025 by rpki-client