$ rpki-client -vvf rpki.apnic.net/member_repository/A9123CA4/B7516B1089B611EE99512A6DC4F9AE02/DHxNa-htVb5Ey0rZZmbBU1GT93I.mft File: DHxNa-htVb5Ey0rZZmbBU1GT93I.mft (raw, json) Hash identifier: O2colgRwFMNX66Tr3hZerHKYY0AKDMmjOL4Jgf/CSzc= Subject key identifier: 28:64:7D:4D:95:19:FC:CC:AA:39:FB:D7:80:37:4B:B0:CC:40:29:67 Authority key identifier: 0C:7C:4D:6B:E8:6D:55:BE:44:CB:4A:D9:66:66:C1:53:51:93:F7:72 Certificate issuer: /CN=A9123CA4/serialNumber=0C7C4D6BE86D55BE44CB4AD96666C1535193F772 Certificate serial: 0154 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DHxNa-htVb5Ey0rZZmbBU1GT93I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9123CA4/B7516B1089B611EE99512A6DC4F9AE02/DHxNa-htVb5Ey0rZZmbBU1GT93I.mft Manifest number: 014F Signing time: Sat 23 Aug 2025 04:25:15 +0000 Manifest this update: Sat 23 Aug 2025 04:25:15 +0000 Manifest next update: Sat 30 Aug 2025 04:25:15 +0000 Files and hashes: 1: DHxNa-htVb5Ey0rZZmbBU1GT93I.crl (hash: HMzSJq6JSKV6z9Dp7ftnBMJxZjWgyUHyH/JaZVKEBKk=) 2: 300438B6C03511EFA42E9085C4F9AE02.roa (hash: oBJXc8GYCJgJm/47m5fsAm6DbvpC1fTX4mDB8Bng8Io=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9123CA4/B7516B1089B611EE99512A6DC4F9AE02/DHxNa-htVb5Ey0rZZmbBU1GT93I.crl rsync://rpki.apnic.net/member_repository/A9123CA4/B7516B1089B611EE99512A6DC4F9AE02/DHxNa-htVb5Ey0rZZmbBU1GT93I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DHxNa-htVb5Ey0rZZmbBU1GT93I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 04:25:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 340 (0x154) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9123CA4, serialNumber=0C7C4D6BE86D55BE44CB4AD96666C1535193F772 Validity Not Before: Aug 23 04:25:15 2025 GMT Not After : Aug 30 04:25:15 2025 GMT Subject: CN=68a942ab-2c70 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:ec:e7:4b:1b:45:be:c1:80:d0:01:4c:dc:30: 93:53:b0:5f:54:28:8e:3b:88:9e:2c:59:79:d3:4d: 7c:38:62:eb:da:e8:c3:21:81:f8:ae:ce:b9:aa:2c: 34:95:b7:d0:d2:fc:e3:d8:4a:7b:82:d5:a7:b0:2a: 68:1f:7c:1d:25:5b:52:6a:2e:f3:1b:c5:a7:c4:46: 3f:1d:aa:d6:de:76:df:13:7c:f0:ca:8e:ae:ec:7c: f3:13:65:66:19:2d:5b:65:15:34:32:fa:da:97:11: ed:6f:42:6d:bb:31:c5:9c:78:f6:7e:73:1f:72:11: cf:03:0c:26:c5:26:18:fb:85:7b:28:4f:c4:4a:14: 84:20:d2:b1:bc:32:1d:c9:ff:4b:87:fe:21:62:8f: 01:f6:02:4f:b0:2a:4a:1c:08:b8:20:56:e7:1d:45: 54:ff:96:6d:fb:28:db:f8:da:a7:09:0d:4d:6c:21: 64:14:3b:36:bf:16:24:ec:3b:40:7a:23:05:9c:15: 19:c3:21:9e:ba:ca:aa:76:63:7c:e2:0b:d0:50:01: 63:ba:ff:94:f7:39:cd:0f:36:8f:e1:f0:28:f4:c2: 17:9f:cc:b1:fa:49:5e:bb:6d:c2:81:dc:68:04:b7: 73:3e:1b:e0:82:fd:90:28:d4:bf:d2:b5:d2:95:3a: f9:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:64:7D:4D:95:19:FC:CC:AA:39:FB:D7:80:37:4B:B0:CC:40:29:67 X509v3 Authority Key Identifier: keyid:0C:7C:4D:6B:E8:6D:55:BE:44:CB:4A:D9:66:66:C1:53:51:93:F7:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9123CA4/B7516B1089B611EE99512A6DC4F9AE02/DHxNa-htVb5Ey0rZZmbBU1GT93I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DHxNa-htVb5Ey0rZZmbBU1GT93I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9123CA4/B7516B1089B611EE99512A6DC4F9AE02/DHxNa-htVb5Ey0rZZmbBU1GT93I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7a:81:4b:5c:84:a9:2e:17:5d:19:5f:01:7d:48:da:cc:b1:60: 96:fc:2a:3f:fe:47:6d:fd:84:bb:fd:69:10:91:59:4d:32:d9: 8f:29:48:15:93:d9:d6:85:3a:f4:09:3f:42:a5:9d:4f:3a:85: 34:81:56:03:72:c1:00:d0:84:81:ac:b5:3a:58:98:95:ef:ce: 0f:7b:cd:41:be:00:91:0a:c8:f7:03:9d:6c:f5:5b:0f:79:a6: 20:57:c5:47:60:0b:95:c9:ce:de:f0:01:f6:2d:da:0a:5e:a6: 76:70:7d:4d:1a:27:af:46:64:6e:96:88:0c:ab:ea:8d:51:3b: b1:b3:87:31:59:be:39:a0:f6:30:e0:cc:ce:7d:9b:21:a6:9c: d1:33:c3:bb:ae:7c:0d:16:0d:74:79:86:ab:ab:22:62:1f:d7: 79:e0:e2:2d:15:cd:d5:97:49:74:3a:8b:02:56:9b:fd:44:23: 75:6d:f7:d0:06:78:e3:7b:ec:5a:69:cc:9f:85:bc:d0:ec:78: 8b:0e:51:6b:18:d8:28:fa:69:c0:97:59:48:3f:a4:22:15:3f: 14:5c:4a:bd:04:66:9d:72:24:fd:1d:77:9b:01:5f:9b:31:5f: 46:ae:64:bc:af:5e:52:7a:bb:d1:d5:b4:1a:86:0c:09:49:c7: 76:e3:b0:65 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAVQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjNDQTQxMTAvBgNVBAUTKDBDN0M0RDZCRTg2RDU1QkU0NENCNEFEOTY2NjZDMTUz NTE5M0Y3NzIwHhcNMjUwODIzMDQyNTE1WhcNMjUwODMwMDQyNTE1WjAYMRYwFAYD VQQDEw02OGE5NDJhYi0yYzcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAo+znSxtFvsGA0AFM3DCTU7BfVCiOO4ieLFl50018OGLr2ujDIYH4rs65qiw0 lbfQ0vzj2Ep7gtWnsCpoH3wdJVtSai7zG8WnxEY/HarW3nbfE3zwyo6u7HzzE2Vm GS1bZRU0MvralxHtb0JtuzHFnHj2fnMfchHPAwwmxSYY+4V7KE/EShSEINKxvDId yf9Lh/4hYo8B9gJPsCpKHAi4IFbnHUVU/5Zt+yjb+NqnCQ1NbCFkFDs2vxYk7DtA eiMFnBUZwyGeusqqdmN84gvQUAFjuv+U9znNDzaP4fAo9MIXn8yx+kleu23Cgdxo BLdzPhvggv2QKNS/0rXSlTr5sQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFChkfU2V GfzMqjn714A3S7DMQClnMB8GA1UdIwQYMBaAFAx8TWvobVW+RMtK2WZmwVNRk/dy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyM0NBNC9CNzUxNkIxMDg5 QjYxMUVFOTk1MTJBNkRDNEY5QUUwMi9ESHhOYS1odFZiNUV5MHJaWm1iQlUxR1Q5 M0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0RIeE5hLWh0VmI1RXkwclpabWJCVTFHVDkzSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy M0NBNC9CNzUxNkIxMDg5QjYxMUVFOTk1MTJBNkRDNEY5QUUwMi9ESHhOYS1odFZi NUV5MHJaWm1iQlUxR1Q5M0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB6gUtchKkuF10ZXwF9SNrMsWCW/Co//kdt/YS7/WkQkVlNMtmPKUgV k9nWhTr0CT9CpZ1POoU0gVYDcsEA0ISBrLU6WJiV784Pe81BvgCRCsj3A51s9VsP eaYgV8VHYAuVyc7e8AH2LdoKXqZ2cH1NGievRmRulogMq+qNUTuxs4cxWb45oPYw 4MzOfZshppzRM8O7rnwNFg10eYarqyJiH9d54OItFc3Vl0l0OosCVpv9RCN1bffQ Bnjje+xaacyfhbzQ7HiLDlFrGNgo+mnAl1lIP6QiFT8UXEq9BGadciT9HXebAV+b MV9GrmS8r15ServR1bQahgwJScd247Bl -----END CERTIFICATE-----Generated at Sat Aug 23 19:03:28 2025 by rpki-client