$ rpki-client -vvf rpki.apnic.net/member_repository/A913F721/6442437A53AC11EA9AD54B2FC4F9AE02/HdcXsimTYZDOtmfHzhyp-b-1-sQ.mft File: HdcXsimTYZDOtmfHzhyp-b-1-sQ.mft (raw, json) Hash identifier: hJ7bTWh4stDG2ddM9T61j0szRdYesKhLahW7GwOKRUI= Subject key identifier: A6:D9:E4:34:9A:1F:85:BD:D9:DA:24:2A:8F:30:C6:3F:1A:21:12:FF Authority key identifier: 1D:D7:17:B2:29:93:61:90:CE:B6:67:C7:CE:1C:A9:F9:BF:B5:FA:C4 Certificate issuer: /CN=A913F721/serialNumber=1DD717B229936190CEB667C7CE1CA9F9BFB5FAC4 Certificate serial: 0B46 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdcXsimTYZDOtmfHzhyp-b-1-sQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913F721/6442437A53AC11EA9AD54B2FC4F9AE02/HdcXsimTYZDOtmfHzhyp-b-1-sQ.mft Manifest number: 0B18 Signing time: Fri 22 Aug 2025 19:34:12 +0000 Manifest this update: Fri 22 Aug 2025 19:34:11 +0000 Manifest next update: Fri 29 Aug 2025 19:34:11 +0000 Files and hashes: 1: HdcXsimTYZDOtmfHzhyp-b-1-sQ.crl (hash: TDV12EfgEDZOPamzqXb6D9NCB/IvqT8m2doIiOpf0UE=) 2: 1AB6B24A502211F0AFF2E30FC4F9AE02.roa (hash: 2QerLmtFHY48UeZhmV6pCrS0LhLRpqATZj6aiM1bwoY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913F721/6442437A53AC11EA9AD54B2FC4F9AE02/HdcXsimTYZDOtmfHzhyp-b-1-sQ.crl rsync://rpki.apnic.net/member_repository/A913F721/6442437A53AC11EA9AD54B2FC4F9AE02/HdcXsimTYZDOtmfHzhyp-b-1-sQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdcXsimTYZDOtmfHzhyp-b-1-sQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 19:34:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2886 (0xb46) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913F721, serialNumber=1DD717B229936190CEB667C7CE1CA9F9BFB5FAC4 Validity Not Before: Aug 22 19:34:11 2025 GMT Not After : Aug 29 19:34:11 2025 GMT Subject: CN=68a8c634-dda5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:26:12:f3:b0:b7:02:bb:ab:b1:60:02:11:4d: ca:56:8d:d7:7e:63:90:2f:e1:65:48:eb:67:e4:5d: 86:d2:95:83:0f:51:d9:42:fe:bf:e9:25:86:ea:b1: 1f:b3:5d:05:9b:6d:ce:bb:d9:32:1e:b1:4e:cd:79: fa:1b:cd:73:e6:44:cc:03:c3:d3:63:06:a0:01:6d: 31:8e:27:41:b2:ec:25:bc:9a:83:eb:21:23:49:fc: 3d:d8:9f:c0:10:9b:0f:38:fc:5a:1f:bd:8e:d0:65: 52:0e:39:1d:e3:29:e0:a2:f7:68:0b:db:b5:90:9d: 5a:a8:6d:22:12:20:a3:bb:d6:c1:97:c2:88:53:b1: f8:ca:14:07:d9:8e:35:c0:9b:4a:23:7c:64:97:d0: ae:63:d1:13:5b:65:b3:e8:be:d0:46:26:de:7e:3d: 21:1e:ee:f9:f8:49:48:4f:eb:14:93:51:e7:dc:be: 4a:e4:0c:15:c0:a7:ba:59:85:69:8e:8f:96:0e:98: 1c:c4:5b:43:64:6a:d5:f4:a3:1f:4a:a7:50:fa:25: d5:25:72:24:a6:26:c3:1b:3e:0b:52:46:8d:49:0f: 8d:07:ae:48:e0:65:c9:e2:2a:32:39:b6:f3:c7:57: 28:ca:8d:33:7e:be:a6:82:92:e3:dd:7f:02:4a:be: 1e:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:D9:E4:34:9A:1F:85:BD:D9:DA:24:2A:8F:30:C6:3F:1A:21:12:FF X509v3 Authority Key Identifier: keyid:1D:D7:17:B2:29:93:61:90:CE:B6:67:C7:CE:1C:A9:F9:BF:B5:FA:C4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913F721/6442437A53AC11EA9AD54B2FC4F9AE02/HdcXsimTYZDOtmfHzhyp-b-1-sQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdcXsimTYZDOtmfHzhyp-b-1-sQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913F721/6442437A53AC11EA9AD54B2FC4F9AE02/HdcXsimTYZDOtmfHzhyp-b-1-sQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6e:73:b3:d8:a4:23:c5:0f:8c:3f:78:07:c8:7e:5b:a1:25:39: 6d:fb:96:1b:6d:57:0f:dc:31:5b:a8:50:14:89:5e:b8:29:a5: 94:8d:31:71:c4:a7:35:bf:d4:88:c6:b0:34:6c:8c:c4:4d:a2: c8:72:a0:43:f4:16:07:3f:04:40:ea:e1:78:46:64:ba:da:f3: d5:8d:80:2d:14:44:55:90:ce:df:03:89:1b:05:75:60:b7:55: 60:78:93:e3:73:39:6a:75:06:bc:29:0c:20:55:a2:bc:0e:db: d3:51:7c:31:c9:d9:0a:b1:09:e6:51:b8:f1:d6:6f:69:3e:32: 0a:b6:f8:fd:49:ca:75:ee:bc:59:33:28:01:9a:c2:cf:2d:4f: 5f:68:58:e2:3b:f1:5f:fd:0f:76:4e:da:3d:f9:9c:61:4e:8d: cd:17:8f:fb:3a:33:ff:33:bc:50:e3:b5:54:d5:ac:38:63:83: c1:86:8b:71:9c:c8:d5:bd:ef:12:f0:28:ff:ea:3d:24:2f:10: b4:18:51:cd:08:08:5d:53:5c:5a:c4:34:7d:3a:68:ae:6f:46: 75:32:3b:08:8c:d7:6c:2e:64:3e:2e:40:23:85:93:ba:da:20: c3:f2:90:b5:cd:d8:5a:75:f0:69:fd:7d:f7:1d:50:27:09:55: e1:60:c0:78 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC0YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0Y3MjExMTAvBgNVBAUTKDFERDcxN0IyMjk5MzYxOTBDRUI2NjdDN0NFMUNBOUY5 QkZCNUZBQzQwHhcNMjUwODIyMTkzNDExWhcNMjUwODI5MTkzNDExWjAYMRYwFAYD VQQDEw02OGE4YzYzNC1kZGE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvSYS87C3ArursWACEU3KVo3XfmOQL+FlSOtn5F2G0pWDD1HZQv6/6SWG6rEf s10Fm23Ou9kyHrFOzXn6G81z5kTMA8PTYwagAW0xjidBsuwlvJqD6yEjSfw92J/A EJsPOPxaH72O0GVSDjkd4yngovdoC9u1kJ1aqG0iEiCju9bBl8KIU7H4yhQH2Y41 wJtKI3xkl9CuY9ETW2Wz6L7QRibefj0hHu75+ElIT+sUk1Hn3L5K5AwVwKe6WYVp jo+WDpgcxFtDZGrV9KMfSqdQ+iXVJXIkpibDGz4LUkaNSQ+NB65I4GXJ4ioyObbz x1coyo0zfr6mgpLj3X8CSr4evwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKbZ5DSa H4W92dokKo8wxj8aIRL/MB8GA1UdIwQYMBaAFB3XF7Ipk2GQzrZnx84cqfm/tfrE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRjcyMS82NDQyNDM3QTUz QUMxMUVBOUFENTRCMkZDNEY5QUUwMi9IZGNYc2ltVFlaRE90bWZIemh5cC1iLTEt c1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hkY1hzaW1UWVpET3RtZkh6aHlwLWItMS1zUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz RjcyMS82NDQyNDM3QTUzQUMxMUVBOUFENTRCMkZDNEY5QUUwMi9IZGNYc2ltVFla RE90bWZIemh5cC1iLTEtc1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBuc7PYpCPFD4w/eAfIfluhJTlt+5YbbVcP3DFbqFAUiV64KaWUjTFx xKc1v9SIxrA0bIzETaLIcqBD9BYHPwRA6uF4RmS62vPVjYAtFERVkM7fA4kbBXVg t1VgeJPjczlqdQa8KQwgVaK8DtvTUXwxydkKsQnmUbjx1m9pPjIKtvj9Scp17rxZ MygBmsLPLU9faFjiO/Ff/Q92Tto9+ZxhTo3NF4/7OjP/M7xQ47VU1aw4Y4PBhotx nMjVve8S8Cj/6j0kLxC0GFHNCAhdU1xaxDR9Omiub0Z1MjsIjNdsLmQ+LkAjhZO6 2iDD8pC1zdhadfBp/X33HVAnCVXhYMB4 -----END CERTIFICATE-----Generated at Sat Aug 23 15:15:21 2025 by rpki-client