$ rpki-client -vvf rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.mft File: He-yCnpR7hjdetBq2qxJEePi95Q.mft (raw, json) Hash identifier: yIrAxL00zbjLMNMDVdZUuPOkbt883nmUX2g9Q1HkvhA= Subject key identifier: 66:BF:1C:75:01:05:04:AF:13:45:34:47:04:66:E9:2F:A5:29:26:80 Authority key identifier: 1D:EF:B2:0A:7A:51:EE:18:DD:7A:D0:6A:DA:AC:49:11:E3:E2:F7:94 Certificate issuer: /CN=A91285E3/serialNumber=1DEFB20A7A51EE18DD7AD06ADAAC4911E3E2F794 Certificate serial: 0209 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He-yCnpR7hjdetBq2qxJEePi95Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.mft Manifest number: 0203 Signing time: Sat 23 Aug 2025 02:28:59 +0000 Manifest this update: Sat 23 Aug 2025 02:28:58 +0000 Manifest next update: Sat 30 Aug 2025 02:28:58 +0000 Files and hashes: 1: He-yCnpR7hjdetBq2qxJEePi95Q.crl (hash: MFOkNtfp02SFcKJjr4hYguQLkB/8cLEIAerRYi+Xaq8=) 2: 54365208708411EDA8B14246C4F9AE02.roa (hash: mCCSZ+9WYvhaMFX9tC0Iaz2gMx4GH4ZGb0UPoAirqT8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.crl rsync://rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He-yCnpR7hjdetBq2qxJEePi95Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 02:28:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 521 (0x209) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91285E3, serialNumber=1DEFB20A7A51EE18DD7AD06ADAAC4911E3E2F794 Validity Not Before: Aug 23 02:28:58 2025 GMT Not After : Aug 30 02:28:58 2025 GMT Subject: CN=68a9276a-9122 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:e4:7b:15:46:00:08:2c:47:84:f5:7d:e7:56: a3:90:ac:c6:a5:29:0d:41:bd:52:e3:07:5b:d4:c1: 64:48:38:9b:9f:4a:6b:50:d0:8b:c2:2b:00:cb:24: 0e:95:14:1c:fd:fc:a2:c1:df:42:9a:8f:d6:51:f6: 1c:e1:79:7f:fa:84:7f:97:0b:31:80:6a:d3:6f:df: eb:28:df:4e:69:3b:91:41:8e:48:ca:5c:5b:20:c9: e5:31:9c:be:1a:0d:1f:d3:f8:08:05:46:12:5b:93: b3:42:26:02:3c:c2:b8:1c:10:14:27:e4:1a:13:80: 2d:d2:1d:f3:d6:d4:98:31:96:63:64:0d:35:fd:61: 68:22:4e:f3:c5:79:e9:82:d0:3d:97:c2:e1:3f:94: c1:b7:b8:24:22:cd:42:7d:3d:e9:25:84:94:02:64: 19:67:36:29:21:d0:81:dd:00:fe:03:1a:b5:4e:8a: 62:08:6c:88:d0:68:39:54:af:01:39:a5:89:d6:8a: 24:37:50:d0:90:12:c2:ed:90:c1:40:31:5d:44:05: 93:c5:62:ea:b6:94:a8:70:bb:bb:ed:94:2d:f5:aa: eb:b7:f7:ae:10:8f:ac:bb:e7:a4:2f:3b:c5:a9:eb: 43:19:72:f1:05:4d:4c:02:ca:29:25:92:95:79:a1: 91:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:BF:1C:75:01:05:04:AF:13:45:34:47:04:66:E9:2F:A5:29:26:80 X509v3 Authority Key Identifier: keyid:1D:EF:B2:0A:7A:51:EE:18:DD:7A:D0:6A:DA:AC:49:11:E3:E2:F7:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He-yCnpR7hjdetBq2qxJEePi95Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 90:41:6d:6c:e5:0a:08:df:3c:d1:ee:5b:7b:c4:64:31:68:10: 8e:d3:d0:27:18:fe:93:18:ce:a6:cc:0e:13:a1:f6:85:6d:b3: 21:77:99:96:cc:31:08:68:12:cc:84:95:a4:a9:a2:54:07:bb: 0b:19:da:7f:d0:a3:ca:5c:f5:88:8c:95:06:7d:4e:2c:e0:c6: 25:bc:80:36:26:32:3c:b2:5d:65:d4:c8:6d:6d:05:5f:e8:39: b5:c0:93:6c:c7:7a:33:51:e9:3f:3a:dd:94:0d:bc:30:65:9a: bd:f2:e8:ab:4e:31:4f:ee:3e:3f:b2:0c:f0:63:14:1a:c4:9e: 0b:99:b8:22:6f:2d:b1:bc:5c:12:1f:65:d7:0a:dd:d6:9f:a7: 95:3b:c8:8e:1b:10:e6:0a:76:d8:e7:44:1c:99:1a:33:85:a0: 00:5c:2d:13:a0:8c:60:f1:85:cb:f1:4d:bd:09:a7:0e:f5:1d: 10:cc:57:fc:c8:be:fe:e5:f1:20:0c:b3:80:b8:54:64:8c:f1: 59:01:34:03:fd:bd:6e:12:49:2d:84:a6:2d:39:a9:41:8a:58: 14:3c:8c:ee:42:ce:06:eb:bd:19:f3:4e:e1:cb:51:72:78:6d: 16:45:2b:f0:9a:57:2c:67:ae:59:70:84:34:9b:4b:0d:7f:c7: a9:c8:7d:2d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAgkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mjg1RTMxMTAvBgNVBAUTKDFERUZCMjBBN0E1MUVFMThERDdBRDA2QURBQUM0OTEx RTNFMkY3OTQwHhcNMjUwODIzMDIyODU4WhcNMjUwODMwMDIyODU4WjAYMRYwFAYD VQQDEw02OGE5Mjc2YS05MTIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu+R7FUYACCxHhPV951ajkKzGpSkNQb1S4wdb1MFkSDibn0prUNCLwisAyyQO lRQc/fyiwd9Cmo/WUfYc4Xl/+oR/lwsxgGrTb9/rKN9OaTuRQY5IylxbIMnlMZy+ Gg0f0/gIBUYSW5OzQiYCPMK4HBAUJ+QaE4At0h3z1tSYMZZjZA01/WFoIk7zxXnp gtA9l8LhP5TBt7gkIs1CfT3pJYSUAmQZZzYpIdCB3QD+Axq1TopiCGyI0Gg5VK8B OaWJ1ookN1DQkBLC7ZDBQDFdRAWTxWLqtpSocLu77ZQt9arrt/euEI+su+ekLzvF qetDGXLxBU1MAsopJZKVeaGRSwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGa/HHUB BQSvE0U0RwRm6S+lKSaAMB8GA1UdIwQYMBaAFB3vsgp6Ue4Y3XrQatqsSRHj4veU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyODVFMy8xQjEyQTgyNDcw NzkxMUVEQkFBN0NEMjZDNEY5QUUwMi9IZS15Q25wUjdoamRldEJxMnF4SkVlUGk5 NVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hlLXlDbnBSN2hqZGV0QnEycXhKRWVQaTk1US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy ODVFMy8xQjEyQTgyNDcwNzkxMUVEQkFBN0NEMjZDNEY5QUUwMi9IZS15Q25wUjdo amRldEJxMnF4SkVlUGk5NVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCQQW1s5QoI3zzR7lt7xGQxaBCO09AnGP6TGM6mzA4TofaFbbMhd5mW zDEIaBLMhJWkqaJUB7sLGdp/0KPKXPWIjJUGfU4s4MYlvIA2JjI8sl1l1MhtbQVf 6Dm1wJNsx3ozUek/Ot2UDbwwZZq98uirTjFP7j4/sgzwYxQaxJ4Lmbgiby2xvFwS H2XXCt3Wn6eVO8iOGxDmCnbY50QcmRozhaAAXC0ToIxg8YXL8U29CacO9R0QzFf8 yL7+5fEgDLOAuFRkjPFZATQD/b1uEkkthKYtOalBilgUPIzuQs4G670Z807hy1Fy eG0WRSvwmlcsZ65ZcIQ0m0sNf8epyH0t -----END CERTIFICATE-----Generated at Sat Aug 23 23:41:09 2025 by rpki-client