$ rpki-client -vvf rpki.apnic.net/member_repository/A91509C4/4B8961381D8B11E28A33C7E508B02CD2/hQaYWfujzd6OwbgaHgTdYFCzgRM.mft File: hQaYWfujzd6OwbgaHgTdYFCzgRM.mft (raw, json) Hash identifier: O4iIE7rpE8mBbSItK4cdLWW5bjmbeCCBnkQxc8iyqW4= Subject key identifier: 33:1F:5A:95:85:53:47:4B:C8:7D:A7:A1:81:F0:F7:6D:3C:F0:28:86 Authority key identifier: 85:06:98:59:FB:A3:CD:DE:8E:C1:B8:1A:1E:04:DD:60:50:B3:81:13 Certificate issuer: /CN=A91509C4/serialNumber=85069859FBA3CDDE8EC1B81A1E04DD6050B38113 Certificate serial: 34B0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hQaYWfujzd6OwbgaHgTdYFCzgRM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91509C4/4B8961381D8B11E28A33C7E508B02CD2/hQaYWfujzd6OwbgaHgTdYFCzgRM.mft Manifest number: 34B0 Signing time: Fri 22 Aug 2025 14:34:35 +0000 Manifest this update: Fri 22 Aug 2025 14:34:35 +0000 Manifest next update: Fri 29 Aug 2025 14:34:35 +0000 Files and hashes: 1: hQaYWfujzd6OwbgaHgTdYFCzgRM.crl (hash: S77nNlhvcVsqmrCBfGdQKttvB9LWn2fhv/Jg8ekLGhc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91509C4/4B8961381D8B11E28A33C7E508B02CD2/hQaYWfujzd6OwbgaHgTdYFCzgRM.crl rsync://rpki.apnic.net/member_repository/A91509C4/4B8961381D8B11E28A33C7E508B02CD2/hQaYWfujzd6OwbgaHgTdYFCzgRM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hQaYWfujzd6OwbgaHgTdYFCzgRM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 14:34:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13488 (0x34b0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509C4, serialNumber=85069859FBA3CDDE8EC1B81A1E04DD6050B38113 Validity Not Before: Aug 22 14:34:35 2025 GMT Not After : Aug 29 14:34:35 2025 GMT Subject: CN=68a87ffb-8852 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:07:dc:db:87:f1:1c:3a:90:bb:ab:d2:e6:78: 2a:aa:41:dc:04:66:9b:fd:9f:ed:05:ad:2b:4a:ec: 01:d8:0d:24:57:dc:3f:16:33:9d:58:54:9e:31:c4: 90:32:c7:89:f2:9a:8e:a9:21:2d:ef:b5:22:3e:ee: 72:21:60:63:a3:55:7b:6a:0b:55:f4:6e:5b:88:7e: b8:38:fc:9f:60:0e:27:87:1b:7f:5c:3f:49:e5:d1: 77:7e:c7:fb:d5:40:05:23:b2:ca:6c:ab:17:d3:2e: 03:55:2d:fc:35:66:c1:01:66:62:df:5f:1e:bf:55: 47:9c:97:ec:79:2c:05:df:1d:a9:b5:c1:51:07:d0: 7b:38:4d:ed:9e:3e:c1:01:ed:7d:39:79:92:86:7e: d0:83:c3:c7:1e:96:ed:fb:14:de:13:5a:de:53:79: f2:72:e6:c6:ea:32:60:39:58:f8:71:d4:a0:e6:c0: c5:ec:2f:13:df:18:ab:3d:cf:3d:e2:91:c3:22:16: af:9c:1f:4e:6c:a7:58:96:50:fb:b7:79:25:1b:16: ce:cb:79:8c:65:09:dc:c7:1f:9d:d3:ed:21:6c:74: e7:e9:43:72:5a:5b:e6:e5:f7:a7:a6:55:4d:9e:20: 05:2e:ea:ab:ba:d6:69:6a:52:e8:f1:4f:9d:71:c7: ec:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:1F:5A:95:85:53:47:4B:C8:7D:A7:A1:81:F0:F7:6D:3C:F0:28:86 X509v3 Authority Key Identifier: keyid:85:06:98:59:FB:A3:CD:DE:8E:C1:B8:1A:1E:04:DD:60:50:B3:81:13 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91509C4/4B8961381D8B11E28A33C7E508B02CD2/hQaYWfujzd6OwbgaHgTdYFCzgRM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hQaYWfujzd6OwbgaHgTdYFCzgRM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91509C4/4B8961381D8B11E28A33C7E508B02CD2/hQaYWfujzd6OwbgaHgTdYFCzgRM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 67:02:1f:74:ce:63:df:47:bf:8e:30:be:db:be:42:8e:80:d1: c9:57:c2:94:e1:eb:ea:85:16:41:c7:56:d0:9b:6c:b3:91:c1: c0:12:5e:1b:65:64:e9:a2:3b:1e:37:72:ed:01:9c:e4:b1:39: e8:72:dc:df:d8:30:da:21:fe:a4:1e:84:cc:cd:a2:96:b6:5d: f4:c0:30:c2:db:a2:2b:90:97:a9:3e:30:8a:0c:a2:92:9e:9c: 91:48:42:b1:f4:77:53:d1:45:7f:59:54:eb:85:bc:63:f1:28: e8:18:b7:a9:6d:e7:3c:80:d5:f3:dc:23:38:96:65:e3:95:56: 5a:c8:64:81:fd:cd:32:98:af:34:4b:96:a3:71:fb:80:6e:cf: 91:4c:dc:1a:13:84:5b:9f:77:1c:ff:df:2f:07:11:be:c6:26: 4d:ce:aa:ee:69:5d:c9:57:90:12:a9:ae:04:20:d1:32:49:35: 41:8f:da:97:7b:f9:c8:05:ff:d7:4c:18:b2:e6:96:f4:3d:96: 35:ae:2c:0f:52:1e:34:4f:2a:cc:b9:f3:86:aa:f1:ec:12:7c: 20:a3:a6:b4:5f:ca:ed:5b:2a:39:f3:05:36:b7:4b:63:a1:c4: 9d:ff:24:5f:34:cd:c2:b8:b6:08:81:ae:7c:a0:67:58:c2:a9: 34:c2:fa:9f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNLAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTA5QzQxMTAvBgNVBAUTKDg1MDY5ODU5RkJBM0NEREU4RUMxQjgxQTFFMDRERDYw NTBCMzgxMTMwHhcNMjUwODIyMTQzNDM1WhcNMjUwODI5MTQzNDM1WjAYMRYwFAYD VQQDEw02OGE4N2ZmYi04ODUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3gfc24fxHDqQu6vS5ngqqkHcBGab/Z/tBa0rSuwB2A0kV9w/FjOdWFSeMcSQ MseJ8pqOqSEt77UiPu5yIWBjo1V7agtV9G5biH64OPyfYA4nhxt/XD9J5dF3fsf7 1UAFI7LKbKsX0y4DVS38NWbBAWZi318ev1VHnJfseSwF3x2ptcFRB9B7OE3tnj7B Ae19OXmShn7Qg8PHHpbt+xTeE1reU3nycubG6jJgOVj4cdSg5sDF7C8T3xirPc89 4pHDIhavnB9ObKdYllD7t3klGxbOy3mMZQncxx+d0+0hbHTn6UNyWlvm5fenplVN niAFLuqrutZpalLo8U+dccfs0wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDMfWpWF U0dLyH2noYHw92088CiGMB8GA1UdIwQYMBaAFIUGmFn7o83ejsG4Gh4E3WBQs4ET MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MDlDNC80Qjg5NjEzODFE OEIxMUUyOEEzM0M3RTUwOEIwMkNEMi9oUWFZV2Z1anpkNk93YmdhSGdUZFlGQ3pn Uk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hRYVlXZnVqemQ2T3diZ2FIZ1RkWUZDemdSTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 MDlDNC80Qjg5NjEzODFEOEIxMUUyOEEzM0M3RTUwOEIwMkNEMi9oUWFZV2Z1anpk Nk93YmdhSGdUZFlGQ3pnUk0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBnAh90zmPfR7+OML7bvkKOgNHJV8KU4evqhRZBx1bQm2yzkcHAEl4b ZWTpojseN3LtAZzksTnoctzf2DDaIf6kHoTMzaKWtl30wDDC26IrkJepPjCKDKKS npyRSEKx9HdT0UV/WVTrhbxj8SjoGLepbec8gNXz3CM4lmXjlVZayGSB/c0ymK80 S5ajcfuAbs+RTNwaE4Rbn3cc/98vBxG+xiZNzqruaV3JV5ASqa4EINEySTVBj9qX e/nIBf/XTBiy5pb0PZY1riwPUh40TyrMufOGqvHsEnwgo6a0X8rtWyo58wU2t0tj ocSd/yRfNM3CuLYIga58oGdYwqk0wvqf -----END CERTIFICATE-----Generated at Sat Aug 23 19:06:10 2025 by rpki-client