$ rpki-client -vvf rpki.apnic.net/member_repository/A913F721/6442437A53AC11EA9AD54B2FC4F9AE02/HdcXsimTYZDOtmfHzhyp-b-1-sQ.mft File: HdcXsimTYZDOtmfHzhyp-b-1-sQ.mft (raw, json) Hash identifier: 00mniziryu9GkaBEIoDkl2Ek65SvpeXBDcGNbblR2XY= Subject key identifier: 5E:F1:A9:96:41:9E:B3:11:C3:D4:C7:D9:73:B0:14:E8:17:2D:43:B1 Authority key identifier: 1D:D7:17:B2:29:93:61:90:CE:B6:67:C7:CE:1C:A9:F9:BF:B5:FA:C4 Certificate issuer: /CN=A913F721/serialNumber=1DD717B229936190CEB667C7CE1CA9F9BFB5FAC4 Certificate serial: 0B6A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdcXsimTYZDOtmfHzhyp-b-1-sQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913F721/6442437A53AC11EA9AD54B2FC4F9AE02/HdcXsimTYZDOtmfHzhyp-b-1-sQ.mft Manifest number: 0B3A Signing time: Mon 20 Oct 2025 20:06:52 +0000 Manifest this update: Mon 20 Oct 2025 20:06:52 +0000 Manifest next update: Mon 27 Oct 2025 20:06:52 +0000 Files and hashes: 1: HdcXsimTYZDOtmfHzhyp-b-1-sQ.crl (hash: AmVfLqdGi/yI8KjuLCkhJz80m8o3TJBSeSRPrBbjYAo=) 2: 1AB6B24A502211F0AFF2E30FC4F9AE02.roa (hash: kj+LbGbtBvSSpF59xQ/oF6zo99e75Fj59GXX8sxOzfs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913F721/6442437A53AC11EA9AD54B2FC4F9AE02/HdcXsimTYZDOtmfHzhyp-b-1-sQ.crl rsync://rpki.apnic.net/member_repository/A913F721/6442437A53AC11EA9AD54B2FC4F9AE02/HdcXsimTYZDOtmfHzhyp-b-1-sQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdcXsimTYZDOtmfHzhyp-b-1-sQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 20:06:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2922 (0xb6a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913F721, serialNumber=1DD717B229936190CEB667C7CE1CA9F9BFB5FAC4 Validity Not Before: Oct 20 20:06:52 2025 GMT Not After : Oct 27 20:06:52 2025 GMT Subject: CN=68f6965c-257c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:4c:b5:c2:34:2e:fb:27:95:1e:c3:19:dd:70: ef:e1:c1:92:bf:34:d9:2e:37:ed:58:85:39:80:89: 4c:4b:dd:68:a4:a8:79:27:49:e8:60:29:f4:63:25: fa:b8:27:32:24:99:4e:9b:b2:d8:31:89:d8:b6:f7: 06:f7:e0:0f:5f:1b:b5:4f:71:74:c4:14:37:f5:70: 93:e0:12:ef:4b:4d:28:d6:79:8c:a6:ba:7e:c2:31: b4:21:d0:fd:f0:25:48:74:e7:82:43:6c:4c:3c:2c: a9:5f:b0:ed:b9:0d:18:aa:19:c3:d8:60:e1:2c:fd: 34:cf:0b:67:6d:a9:4d:ad:13:b4:1f:58:94:ae:cf: 89:e3:ac:dc:ba:f9:81:21:fb:83:d4:f6:2c:88:03: 4a:74:04:24:c1:ba:f3:18:72:01:11:28:22:28:f6: c8:c4:67:d7:cc:f3:59:90:78:7c:36:f9:0c:ed:80: 5b:3d:e2:a2:5a:44:a0:e0:b7:d2:20:d3:9d:5a:b8: 5a:b0:44:f2:02:64:4f:91:fd:ce:da:26:20:63:f4: 98:65:21:30:b6:0b:02:3c:18:cd:b5:f2:0a:09:56: 1b:6d:11:61:35:59:18:eb:07:05:2c:16:c6:23:14: 7a:af:39:77:c8:6f:29:c5:8b:51:6c:c1:47:a6:b0: f1:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:F1:A9:96:41:9E:B3:11:C3:D4:C7:D9:73:B0:14:E8:17:2D:43:B1 X509v3 Authority Key Identifier: keyid:1D:D7:17:B2:29:93:61:90:CE:B6:67:C7:CE:1C:A9:F9:BF:B5:FA:C4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913F721/6442437A53AC11EA9AD54B2FC4F9AE02/HdcXsimTYZDOtmfHzhyp-b-1-sQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdcXsimTYZDOtmfHzhyp-b-1-sQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913F721/6442437A53AC11EA9AD54B2FC4F9AE02/HdcXsimTYZDOtmfHzhyp-b-1-sQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 42:b2:0f:8f:16:b4:6e:be:5e:84:a2:e4:5e:f2:0c:b5:13:0c: 53:dd:db:84:f7:78:fd:88:d7:ad:ab:40:2d:d5:d1:34:bd:ed: 9d:1d:02:d0:6d:5c:b8:55:b0:42:73:a0:ab:c6:ad:59:83:2a: f4:da:d4:b2:1e:39:f4:5f:26:85:1e:7c:57:5e:84:fa:08:43: 85:d1:8e:a2:8a:20:c5:35:1e:d9:cd:db:76:31:e1:cd:4b:90: 59:77:64:4d:4f:bf:f5:69:b2:7f:9c:e1:c3:91:6d:62:55:63: 95:12:a1:00:85:8d:c7:52:3d:51:45:48:22:a8:85:62:66:87: 4e:70:77:88:e3:1e:a2:97:79:b5:3f:53:fa:e2:2e:0e:b0:f6: 7a:37:7d:51:62:83:7a:17:e9:8f:d3:7c:d9:3e:93:2c:96:f4: b5:b8:ac:98:13:e8:f6:b0:9b:93:29:ba:25:95:1e:f3:30:bd: 93:8e:88:5b:96:b9:44:3d:5a:91:39:fe:7c:9e:90:6a:ba:f4: 16:9c:6e:24:2f:bc:58:00:99:7c:c2:f1:cf:45:9f:5f:29:c8: 51:ec:ab:03:4a:ca:fa:0c:34:7d:04:de:45:a7:e2:5d:08:2f: c1:9b:72:02:1d:d4:c2:5b:df:f1:80:be:5c:b5:f3:7b:d1:12: 79:8c:3a:b1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC2owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0Y3MjExMTAvBgNVBAUTKDFERDcxN0IyMjk5MzYxOTBDRUI2NjdDN0NFMUNBOUY5 QkZCNUZBQzQwHhcNMjUxMDIwMjAwNjUyWhcNMjUxMDI3MjAwNjUyWjAYMRYwFAYD VQQDEw02OGY2OTY1Yy0yNTdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuUy1wjQu+yeVHsMZ3XDv4cGSvzTZLjftWIU5gIlMS91opKh5J0noYCn0YyX6 uCcyJJlOm7LYMYnYtvcG9+APXxu1T3F0xBQ39XCT4BLvS00o1nmMprp+wjG0IdD9 8CVIdOeCQ2xMPCypX7DtuQ0YqhnD2GDhLP00zwtnbalNrRO0H1iUrs+J46zcuvmB IfuD1PYsiANKdAQkwbrzGHIBESgiKPbIxGfXzPNZkHh8NvkM7YBbPeKiWkSg4LfS INOdWrhasETyAmRPkf3O2iYgY/SYZSEwtgsCPBjNtfIKCVYbbRFhNVkY6wcFLBbG IxR6rzl3yG8pxYtRbMFHprDxuwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF7xqZZB nrMRw9TH2XOwFOgXLUOxMB8GA1UdIwQYMBaAFB3XF7Ipk2GQzrZnx84cqfm/tfrE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRjcyMS82NDQyNDM3QTUz QUMxMUVBOUFENTRCMkZDNEY5QUUwMi9IZGNYc2ltVFlaRE90bWZIemh5cC1iLTEt c1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hkY1hzaW1UWVpET3RtZkh6aHlwLWItMS1zUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz RjcyMS82NDQyNDM3QTUzQUMxMUVBOUFENTRCMkZDNEY5QUUwMi9IZGNYc2ltVFla RE90bWZIemh5cC1iLTEtc1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBCsg+PFrRuvl6EouRe8gy1EwxT3duE93j9iNetq0At1dE0ve2dHQLQ bVy4VbBCc6Crxq1Zgyr02tSyHjn0XyaFHnxXXoT6CEOF0Y6iiiDFNR7Zzdt2MeHN S5BZd2RNT7/1abJ/nOHDkW1iVWOVEqEAhY3HUj1RRUgiqIViZodOcHeI4x6il3m1 P1P64i4OsPZ6N31RYoN6F+mP03zZPpMslvS1uKyYE+j2sJuTKbollR7zML2Tjohb lrlEPVqROf58npBquvQWnG4kL7xYAJl8wvHPRZ9fKchR7KsDSsr6DDR9BN5Fp+Jd CC/Bm3ICHdTCW9/xgL5ctfN70RJ5jDqx -----END CERTIFICATE-----Generated at Mon Oct 20 23:35:38 2025 by rpki-client