$ rpki-client -vvf rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft File: hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft (raw, json) Hash identifier: CNegfe5xAip4WXHPS7eRvLyEBOuHp3AsgvC/GHaNzyk= Subject key identifier: 72:74:87:F1:E5:FB:3B:C1:E0:BB:8B:D5:F1:31:08:D0:7D:F8:50:95 Authority key identifier: 84:E4:FF:B6:92:7F:77:F5:C3:F0:A2:52:68:2F:71:DD:B3:77:B1:1D Certificate issuer: /CN=A911C743/serialNumber=84E4FFB6927F77F5C3F0A252682F71DDB377B11D Certificate serial: 0E78 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft Manifest number: 0E6A Signing time: Fri 22 Aug 2025 17:51:16 +0000 Manifest this update: Fri 22 Aug 2025 17:51:16 +0000 Manifest next update: Fri 29 Aug 2025 17:51:16 +0000 Files and hashes: 1: hOT_tpJ_d_XD8KJSaC9x3bN3sR0.crl (hash: 8rrlvKsA7a4QjH240DM/NoX0yIVBvE4XxaDhyMNNX9E=) 2: 2B21EC2EE4E111E981365C17C4F9AE02.roa (hash: MmZvnPTLEUK2uOO8LldttqheyhLmSNsa1D7UmikJt9Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.crl rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 17:51:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3704 (0xe78) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911C743, serialNumber=84E4FFB6927F77F5C3F0A252682F71DDB377B11D Validity Not Before: Aug 22 17:51:16 2025 GMT Not After : Aug 29 17:51:16 2025 GMT Subject: CN=68a8ae14-61af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:67:52:24:6f:9d:67:ef:40:6c:88:9a:57:93: 94:8a:90:56:24:ee:9c:78:b9:ba:b8:4a:2a:1c:09: 77:82:8e:82:e1:92:f3:a8:e4:53:98:3f:da:29:98: 50:eb:ba:d6:c5:dc:9c:2e:cd:15:9e:2b:7b:dc:48: b4:95:b9:bf:de:58:b1:b8:6c:48:35:82:af:07:12: d9:f3:37:3c:76:ac:28:f5:19:9a:11:35:d8:70:d8: c9:07:5d:24:35:d6:b3:63:ac:92:e9:13:5a:69:08: 09:c4:59:f8:5c:62:78:ab:7f:82:8c:ca:b2:ed:60: a5:ed:b4:1b:94:e7:4f:76:bb:a4:71:1b:1b:eb:8f: a5:f8:97:c2:cb:e2:82:7c:36:b5:69:52:00:c4:35: 08:3e:c9:f6:29:f5:2e:7d:b6:22:7a:86:74:6a:74: 2f:e7:da:27:38:42:fa:9d:43:cd:9b:00:db:f5:9b: 10:c1:62:8a:ce:6f:15:2b:04:ed:6a:36:b1:cd:39: 09:2b:7d:78:7f:61:71:0c:0f:6a:b6:8c:93:87:73: 39:46:8d:2e:86:78:b7:55:46:7e:d4:6c:a6:7c:a9: 0a:b1:d9:e3:dc:9a:24:e3:c0:fb:75:31:82:0c:7e: 82:19:e4:6a:a5:3e:b9:79:2b:58:ff:16:ca:65:05: 16:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:74:87:F1:E5:FB:3B:C1:E0:BB:8B:D5:F1:31:08:D0:7D:F8:50:95 X509v3 Authority Key Identifier: keyid:84:E4:FF:B6:92:7F:77:F5:C3:F0:A2:52:68:2F:71:DD:B3:77:B1:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4b:90:3c:b1:27:e1:1f:31:f3:a9:4f:8c:06:10:af:45:eb:6d: 71:bf:94:55:8b:45:0e:fa:0a:28:6e:7e:9c:85:94:82:51:ff: 2e:0c:ce:4f:45:aa:d4:74:70:a4:53:29:f1:95:fd:d1:f6:da: 19:97:05:33:6c:55:16:ee:f7:0d:c2:99:06:3d:7d:25:2d:18: 06:6e:9d:81:86:02:f4:24:5c:03:b9:fb:0b:34:ca:b6:9c:13: 87:66:be:48:ea:e9:16:e7:4e:a4:ae:57:b3:a4:f6:63:b0:98: 5e:95:9e:ff:3f:c1:a0:2a:b1:7d:fc:47:23:f6:e9:78:02:ee: d9:e9:1d:b6:82:81:d2:a9:c0:c7:42:ae:87:5c:94:72:cf:f5: 67:31:d5:a4:32:40:3f:b5:dc:4a:a8:66:58:5f:6f:f3:79:bd: 7a:ff:2d:7f:2a:26:75:44:1f:80:ee:1c:7f:1d:d3:a1:bc:2b: c2:4c:6e:99:2c:02:2e:f0:ad:05:de:02:be:32:18:51:be:50: a1:95:a0:ae:b8:d9:bb:67:61:06:7b:1b:2d:96:8a:ad:af:83: 86:a3:31:fe:64:65:f6:38:72:01:c0:02:9f:b0:73:86:85:7d: 40:9c:ad:88:79:40:e6:67:7f:6b:ea:55:6a:21:42:0f:34:8e: ff:21:c5:7d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDngwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUM3NDMxMTAvBgNVBAUTKDg0RTRGRkI2OTI3Rjc3RjVDM0YwQTI1MjY4MkY3MURE QjM3N0IxMUQwHhcNMjUwODIyMTc1MTE2WhcNMjUwODI5MTc1MTE2WjAYMRYwFAYD VQQDEw02OGE4YWUxNC02MWFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtGdSJG+dZ+9AbIiaV5OUipBWJO6ceLm6uEoqHAl3go6C4ZLzqORTmD/aKZhQ 67rWxdycLs0Vnit73Ei0lbm/3lixuGxINYKvBxLZ8zc8dqwo9RmaETXYcNjJB10k NdazY6yS6RNaaQgJxFn4XGJ4q3+CjMqy7WCl7bQblOdPdrukcRsb64+l+JfCy+KC fDa1aVIAxDUIPsn2KfUufbYieoZ0anQv59onOEL6nUPNmwDb9ZsQwWKKzm8VKwTt ajaxzTkJK314f2FxDA9qtoyTh3M5Ro0uhni3VUZ+1GymfKkKsdnj3Jok48D7dTGC DH6CGeRqpT65eStY/xbKZQUWIwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHJ0h/Hl +zvB4LuL1fExCNB9+FCVMB8GA1UdIwQYMBaAFITk/7aSf3f1w/CiUmgvcd2zd7Ed MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzc0My9GOEFFMjg4MEEy MUQxMUU5ODI0MkFEODFDNEY5QUUwMi9oT1RfdHBKX2RfWEQ4S0pTYUM5eDNiTjNz UjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hPVF90cEpfZF9YRDhLSlNhQzl4M2JOM3NSMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx Qzc0My9GOEFFMjg4MEEyMUQxMUU5ODI0MkFEODFDNEY5QUUwMi9oT1RfdHBKX2Rf WEQ4S0pTYUM5eDNiTjNzUjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBLkDyxJ+EfMfOpT4wGEK9F621xv5RVi0UO+goobn6chZSCUf8uDM5P RarUdHCkUynxlf3R9toZlwUzbFUW7vcNwpkGPX0lLRgGbp2BhgL0JFwDufsLNMq2 nBOHZr5I6ukW506krlezpPZjsJhelZ7/P8GgKrF9/Ecj9ul4Au7Z6R22goHSqcDH Qq6HXJRyz/VnMdWkMkA/tdxKqGZYX2/zeb16/y1/KiZ1RB+A7hx/HdOhvCvCTG6Z LAIu8K0F3gK+MhhRvlChlaCuuNm7Z2EGexstloqtr4OGozH+ZGX2OHIBwAKfsHOG hX1AnK2IeUDmZ39r6lVqIUIPNI7/IcV9 -----END CERTIFICATE-----Generated at Sun Aug 24 00:15:19 2025 by rpki-client