$ rpki-client -vvf rpki.apnic.net/member_repository/A911902E/57AFDB28855511EB94C2215FC4F9AE02/UhsGwpEQKEqq_gh1qmGGsABtJ2c.mft File: UhsGwpEQKEqq_gh1qmGGsABtJ2c.mft (raw, json) Hash identifier: oMOURBvDuQ3F/v7LFVcGgxFC6vMswQseHgs8ov8qrXk= Subject key identifier: BB:FF:22:06:E6:20:0B:6B:D0:F5:EE:0B:7D:E3:1F:F9:73:C8:A2:7B Authority key identifier: 52:1B:06:C2:91:10:28:4A:AA:FE:08:75:AA:61:86:B0:00:6D:27:67 Certificate issuer: /CN=A911902E/serialNumber=521B06C29110284AAAFE0875AA6186B0006D2767 Certificate serial: 068E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UhsGwpEQKEqq_gh1qmGGsABtJ2c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911902E/57AFDB28855511EB94C2215FC4F9AE02/UhsGwpEQKEqq_gh1qmGGsABtJ2c.mft Manifest number: 0686 Signing time: Fri 22 Aug 2025 22:31:14 +0000 Manifest this update: Fri 22 Aug 2025 22:31:14 +0000 Manifest next update: Fri 29 Aug 2025 22:31:14 +0000 Files and hashes: 1: UhsGwpEQKEqq_gh1qmGGsABtJ2c.crl (hash: Nurb59WSlvVT4sl/YOJKGrivHWoV8It9AvFUeuExaaU=) 2: C3FEC56C855711EB871D267FC4F9AE02.roa (hash: y8hsODPDu9mxz9gFgQEr+IEal2qwbZYp1jlJlCiW6og=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911902E/57AFDB28855511EB94C2215FC4F9AE02/UhsGwpEQKEqq_gh1qmGGsABtJ2c.crl rsync://rpki.apnic.net/member_repository/A911902E/57AFDB28855511EB94C2215FC4F9AE02/UhsGwpEQKEqq_gh1qmGGsABtJ2c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UhsGwpEQKEqq_gh1qmGGsABtJ2c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 22:31:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1678 (0x68e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911902E, serialNumber=521B06C29110284AAAFE0875AA6186B0006D2767 Validity Not Before: Aug 22 22:31:14 2025 GMT Not After : Aug 29 22:31:14 2025 GMT Subject: CN=68a8efb2-4ddd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:e6:71:5b:98:0a:f8:49:70:c5:15:fc:f5:29: 9a:31:62:30:b4:70:c3:1a:93:39:ab:4b:31:6a:88: 3f:ac:71:a2:df:96:65:d3:4d:ef:75:63:76:45:65: 3d:20:bb:49:22:e1:16:b9:c9:d9:cb:c1:99:ca:13: 8f:4a:9e:60:f3:fc:2d:56:ab:1d:b0:29:e3:36:9e: fa:00:1d:93:ff:59:53:04:f8:af:4b:dd:a1:c9:f2: ec:71:70:52:80:77:f8:eb:af:63:e9:b2:15:f3:28: 18:1c:65:b5:b9:39:1f:b2:86:d0:1e:19:09:cc:e7: 1f:6b:91:f4:84:4e:a2:83:fa:7c:8d:3a:66:5c:71: 74:f7:a1:ae:0a:83:7f:51:75:27:41:8a:d6:81:82: 1a:ff:5e:bf:bd:9b:88:ff:06:88:eb:40:4e:50:c2: c2:3f:30:b9:8f:71:4f:89:00:89:6e:f0:39:17:4f: 14:72:75:3f:7a:57:ba:d6:56:af:38:a1:07:0e:ab: 09:d5:a7:3b:0e:63:2a:f6:77:7c:7a:23:35:1a:27: ca:82:59:35:9a:e5:08:62:66:7c:13:a7:ca:49:65: 25:96:4c:35:19:19:47:e9:78:ec:1e:5a:6c:8a:e7: 34:44:0b:58:3c:19:15:5c:a9:93:c1:f8:ae:a1:e7: c7:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:FF:22:06:E6:20:0B:6B:D0:F5:EE:0B:7D:E3:1F:F9:73:C8:A2:7B X509v3 Authority Key Identifier: keyid:52:1B:06:C2:91:10:28:4A:AA:FE:08:75:AA:61:86:B0:00:6D:27:67 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911902E/57AFDB28855511EB94C2215FC4F9AE02/UhsGwpEQKEqq_gh1qmGGsABtJ2c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UhsGwpEQKEqq_gh1qmGGsABtJ2c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911902E/57AFDB28855511EB94C2215FC4F9AE02/UhsGwpEQKEqq_gh1qmGGsABtJ2c.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bd:5b:45:5d:2a:4d:a3:b7:bb:9c:89:8f:75:b8:f5:2b:25:b0: f0:a3:15:5d:7d:13:9b:da:1f:05:4a:5e:14:76:7e:79:a4:6e: 28:82:90:9c:52:a9:ed:bd:4e:b9:23:2f:b1:55:e3:6e:25:d6: 21:aa:1d:77:1c:64:b3:13:0f:a8:42:5a:d9:2f:c8:07:6f:61: 26:91:61:9a:0a:1d:eb:d7:5f:91:a8:25:2d:18:10:2b:d9:b2: 10:8e:16:11:bb:7d:1a:69:c1:24:63:e0:5f:32:69:ab:4f:98: ba:ef:38:73:78:ac:44:e4:c8:2c:f4:c9:87:ff:81:53:f7:d1: 40:c5:82:4f:04:64:99:a7:6c:45:aa:3a:8d:a6:a2:c7:7a:6b: d9:a6:17:f0:49:a4:4e:db:6c:ef:c7:a3:dd:58:e4:7b:d8:7f: 17:39:42:2b:16:1c:59:12:23:cd:13:1b:fc:ee:90:28:93:17: 00:3a:b1:e3:06:db:b9:d2:14:d4:b0:45:fc:2f:7a:af:4a:fd: 83:4e:c4:99:b8:9a:54:27:d3:02:dd:d6:e3:9e:31:d4:d0:a8: 62:25:21:f8:ac:04:d7:65:53:e5:e5:72:64:ec:d7:f8:a3:c6: 77:31:40:01:e5:b7:ca:0e:db:ae:c8:89:ba:f4:f2:c4:d6:77: b6:2c:83:d2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBo4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTkwMkUxMTAvBgNVBAUTKDUyMUIwNkMyOTExMDI4NEFBQUZFMDg3NUFBNjE4NkIw MDA2RDI3NjcwHhcNMjUwODIyMjIzMTE0WhcNMjUwODI5MjIzMTE0WjAYMRYwFAYD VQQDEw02OGE4ZWZiMi00ZGRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAteZxW5gK+ElwxRX89SmaMWIwtHDDGpM5q0sxaog/rHGi35Zl003vdWN2RWU9 ILtJIuEWucnZy8GZyhOPSp5g8/wtVqsdsCnjNp76AB2T/1lTBPivS92hyfLscXBS gHf4669j6bIV8ygYHGW1uTkfsobQHhkJzOcfa5H0hE6ig/p8jTpmXHF096GuCoN/ UXUnQYrWgYIa/16/vZuI/waI60BOUMLCPzC5j3FPiQCJbvA5F08UcnU/ele61lav OKEHDqsJ1ac7DmMq9nd8eiM1GifKglk1muUIYmZ8E6fKSWUllkw1GRlH6XjsHlps iuc0RAtYPBkVXKmTwfiuoefHEQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLv/Igbm IAtr0PXuC33jH/lzyKJ7MB8GA1UdIwQYMBaAFFIbBsKREChKqv4IdaphhrAAbSdn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOTAyRS81N0FGREIyODg1 NTUxMUVCOTRDMjIxNUZDNEY5QUUwMi9VaHNHd3BFUUtFcXFfZ2gxcW1HR3NBQnRK MmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1Voc0d3cEVRS0VxcV9naDFxbUdHc0FCdEoyYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx OTAyRS81N0FGREIyODg1NTUxMUVCOTRDMjIxNUZDNEY5QUUwMi9VaHNHd3BFUUtF cXFfZ2gxcW1HR3NBQnRKMmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC9W0VdKk2jt7uciY91uPUrJbDwoxVdfROb2h8FSl4Udn55pG4ogpCc UqntvU65Iy+xVeNuJdYhqh13HGSzEw+oQlrZL8gHb2EmkWGaCh3r11+RqCUtGBAr 2bIQjhYRu30aacEkY+BfMmmrT5i67zhzeKxE5Mgs9MmH/4FT99FAxYJPBGSZp2xF qjqNpqLHemvZphfwSaRO22zvx6PdWOR72H8XOUIrFhxZEiPNExv87pAokxcAOrHj Btu50hTUsEX8L3qvSv2DTsSZuJpUJ9MC3dbjnjHU0KhiJSH4rATXZVPl5XJk7Nf4 o8Z3MUAB5bfKDtuuyIm69PLE1ne2LIPS -----END CERTIFICATE-----Generated at Sun Aug 24 00:33:32 2025 by rpki-client