$ rpki-client -vvf rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/HdG4aHiGkkxGExFgUO6Q6dSUJp4.mft File: HdG4aHiGkkxGExFgUO6Q6dSUJp4.mft (raw, json) Hash identifier: 5X8h3WgQ4NZ32CPYb6N6OZr56/JppNvvvkSOYnmfWPY= Subject key identifier: 7B:42:DD:9E:B9:64:B0:8F:32:56:B7:4A:7E:F4:7C:8A:31:68:0D:93 Authority key identifier: 1D:D1:B8:68:78:86:92:4C:46:13:11:60:50:EE:90:E9:D4:94:26:9E Certificate issuer: /CN=A911D848/serialNumber=1DD1B8687886924C4613116050EE90E9D494269E Certificate serial: A8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdG4aHiGkkxGExFgUO6Q6dSUJp4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/HdG4aHiGkkxGExFgUO6Q6dSUJp4.mft Manifest number: A1 Signing time: Sat 23 Aug 2025 06:37:08 +0000 Manifest this update: Sat 23 Aug 2025 06:37:08 +0000 Manifest next update: Sat 30 Aug 2025 06:37:08 +0000 Files and hashes: 1: HdG4aHiGkkxGExFgUO6Q6dSUJp4.crl (hash: Nnfcj5UrkpVH1U3VYWphWC3RkZjQP1kZFt5YmmCNzjo=) 2: F0C8DB1CA54E11EF8592FD66C4F9AE02.roa (hash: 76K1YbroX8X8W0IqnMICi5xKvh2ELCOHzwZ1tdiFlUg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/HdG4aHiGkkxGExFgUO6Q6dSUJp4.crl rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/HdG4aHiGkkxGExFgUO6Q6dSUJp4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdG4aHiGkkxGExFgUO6Q6dSUJp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 06:37:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 168 (0xa8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911D848, serialNumber=1DD1B8687886924C4613116050EE90E9D494269E Validity Not Before: Aug 23 06:37:08 2025 GMT Not After : Aug 30 06:37:08 2025 GMT Subject: CN=68a96194-8795 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:95:a9:80:fc:93:61:4a:d3:f2:1a:42:31:db: b5:05:07:6e:11:eb:7c:ec:63:8d:74:04:1a:12:20: c0:9a:5e:2b:61:7e:f8:ad:23:b3:05:ff:87:78:ec: cc:b7:ae:77:f9:b3:9c:3d:f3:ab:55:e5:87:3d:05: 27:8f:1c:84:af:b7:8b:2b:25:74:2b:28:73:8f:c0: a5:82:b7:42:e0:48:e0:fb:7b:a8:cf:c3:1d:d7:69: 56:05:e8:69:d9:e9:17:dc:7f:83:16:c7:64:db:e0: 5b:12:f5:6a:f5:64:18:a0:e2:4b:f8:ff:61:27:35: d3:06:34:4a:d4:f0:e7:89:07:bc:ca:2c:23:d5:2a: f6:65:5e:99:d8:51:68:50:50:84:7e:18:5c:b2:fd: d6:40:37:82:70:41:d1:e9:a5:e5:20:3e:e6:5b:6f: f0:67:42:06:d9:d0:2f:6e:92:0f:85:47:3d:32:2b: 8a:8c:63:f3:27:fa:23:73:db:4b:e4:31:96:3c:d7: b5:83:98:4b:e5:a2:6a:4b:25:a5:b1:94:b3:21:91: d6:7c:34:58:73:38:a1:b5:c5:8c:68:79:f8:b6:17: 14:13:31:87:dd:21:fa:0f:68:ab:37:1a:5a:df:64: bf:62:97:11:37:c6:39:79:ad:04:f5:55:76:04:b4: c1:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:42:DD:9E:B9:64:B0:8F:32:56:B7:4A:7E:F4:7C:8A:31:68:0D:93 X509v3 Authority Key Identifier: keyid:1D:D1:B8:68:78:86:92:4C:46:13:11:60:50:EE:90:E9:D4:94:26:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/HdG4aHiGkkxGExFgUO6Q6dSUJp4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdG4aHiGkkxGExFgUO6Q6dSUJp4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/HdG4aHiGkkxGExFgUO6Q6dSUJp4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c4:42:9c:d5:6c:bc:bb:ce:1e:c2:be:a4:c9:32:60:e1:23:8b: 38:e7:0e:c8:21:ad:bd:23:cd:00:23:27:03:4a:f6:1d:c1:f6: 70:a4:15:14:15:ce:75:44:7e:9e:dd:9a:96:75:11:aa:60:b3: 3c:47:fe:20:55:d6:57:d1:cd:83:51:03:4f:22:d0:3b:21:b5: 3c:34:11:38:35:8e:84:0a:0e:2e:1b:46:e4:7e:7a:4b:16:e2: e8:0f:0c:9a:00:c2:19:18:24:e9:c7:f4:6d:10:76:ac:cf:e0: 9a:6c:a2:1e:17:8e:40:5b:91:50:09:e6:fe:42:f4:9b:81:01: 96:c8:9a:f9:84:e4:2c:e2:b4:6b:8c:b5:5a:82:a7:f2:d9:51: 3c:9d:a5:f7:4a:b2:1e:ce:65:58:9e:53:52:3a:d6:96:dd:32: de:56:1f:f4:cc:01:b0:8a:f4:de:7d:2d:6d:20:73:33:78:17: cf:33:9c:b8:d3:25:ca:69:8f:de:ca:7f:f8:92:63:b3:06:e5: 80:25:ce:c7:c0:91:6f:64:30:22:84:a9:3c:bd:96:a3:9c:d6: 12:e1:ca:c8:b2:a1:64:9a:37:a2:e8:0b:08:58:f1:76:bf:c0: 28:0b:e6:88:5a:0b:55:7b:a0:59:9e:fb:5d:b2:5a:99:59:32: 7a:b9:6b:e7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUQ4NDgxMTAvBgNVBAUTKDFERDFCODY4Nzg4NjkyNEM0NjEzMTE2MDUwRUU5MEU5 RDQ5NDI2OUUwHhcNMjUwODIzMDYzNzA4WhcNMjUwODMwMDYzNzA4WjAYMRYwFAYD VQQDEw02OGE5NjE5NC04Nzk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyZWpgPyTYUrT8hpCMdu1BQduEet87GONdAQaEiDAml4rYX74rSOzBf+HeOzM t653+bOcPfOrVeWHPQUnjxyEr7eLKyV0Kyhzj8ClgrdC4Ejg+3uoz8Md12lWBehp 2ekX3H+DFsdk2+BbEvVq9WQYoOJL+P9hJzXTBjRK1PDniQe8yiwj1Sr2ZV6Z2FFo UFCEfhhcsv3WQDeCcEHR6aXlID7mW2/wZ0IG2dAvbpIPhUc9MiuKjGPzJ/ojc9tL 5DGWPNe1g5hL5aJqSyWlsZSzIZHWfDRYczihtcWMaHn4thcUEzGH3SH6D2irNxpa 32S/YpcRN8Y5ea0E9VV2BLTBBQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHtC3Z65 ZLCPMla3Sn70fIoxaA2TMB8GA1UdIwQYMBaAFB3RuGh4hpJMRhMRYFDukOnUlCae MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDg0OC9DMjUxQjVCMjlC MTAxMUVGQTcyQkEwMjBDNEY5QUUwMi9IZEc0YUhpR2treEdFeEZnVU82UTZkU1VK cDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hkRzRhSGlHa2t4R0V4RmdVTzZRNmRTVUpwNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx RDg0OC9DMjUxQjVCMjlCMTAxMUVGQTcyQkEwMjBDNEY5QUUwMi9IZEc0YUhpR2tr eEdFeEZnVU82UTZkU1VKcDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDEQpzVbLy7zh7CvqTJMmDhI4s45w7IIa29I80AIycDSvYdwfZwpBUU Fc51RH6e3ZqWdRGqYLM8R/4gVdZX0c2DUQNPItA7IbU8NBE4NY6ECg4uG0bkfnpL FuLoDwyaAMIZGCTpx/RtEHasz+CabKIeF45AW5FQCeb+QvSbgQGWyJr5hOQs4rRr jLVagqfy2VE8naX3SrIezmVYnlNSOtaW3TLeVh/0zAGwivTefS1tIHMzeBfPM5y4 0yXKaY/eyn/4kmOzBuWAJc7HwJFvZDAihKk8vZajnNYS4crIsqFkmjei6AsIWPF2 v8AoC+aIWgtVe6BZnvtdslqZWTJ6uWvn -----END CERTIFICATE-----Generated at Sat Aug 23 17:55:14 2025 by rpki-client