$ rpki-client -vvf rpki.apnic.net/member_repository/A91561B7/5FA1ED309EF011E681102733C4F9AE02/5HE8G511dZKVr2TN-6YrcNuaBTc.mft File: 5HE8G511dZKVr2TN-6YrcNuaBTc.mft (raw, json) Hash identifier: nJrrsavA1umcHfz4j6NvDExnfPRsGJ7PiDM5y8OkdtQ= Subject key identifier: B1:5F:AD:BD:4C:E4:0A:CA:8B:01:C8:A5:8E:BF:8F:15:39:D8:D6:3E Authority key identifier: E4:71:3C:1B:9D:75:75:92:95:AF:64:CD:FB:A6:2B:70:DB:9A:05:37 Certificate issuer: /CN=A91561B7/serialNumber=E4713C1B9D75759295AF64CDFBA62B70DB9A0537 Certificate serial: 1DD8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5HE8G511dZKVr2TN-6YrcNuaBTc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91561B7/5FA1ED309EF011E681102733C4F9AE02/5HE8G511dZKVr2TN-6YrcNuaBTc.mft Manifest number: 1DC3 Signing time: Fri 22 Aug 2025 16:10:05 +0000 Manifest this update: Fri 22 Aug 2025 16:10:05 +0000 Manifest next update: Fri 29 Aug 2025 16:10:05 +0000 Files and hashes: 1: 5HE8G511dZKVr2TN-6YrcNuaBTc.crl (hash: eIMmpYKFJtaKeQowy8ixlsVqhlhjv/deHPsgV0D4bNg=) 2: 4865DD00A13B11E687921078C4F9AE02.roa (hash: MaFWYkY2HcnSI16cq7zrf3Xg1TMrKe+K2OOU5n2vPcU=) 3: 1D57FF40A01311E684546521C4F9AE02.roa (hash: 8kLRR6g7/NXM5uPCUqU+X4Qb9woBVi0kDN/Wkxs+ARo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91561B7/5FA1ED309EF011E681102733C4F9AE02/5HE8G511dZKVr2TN-6YrcNuaBTc.crl rsync://rpki.apnic.net/member_repository/A91561B7/5FA1ED309EF011E681102733C4F9AE02/5HE8G511dZKVr2TN-6YrcNuaBTc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5HE8G511dZKVr2TN-6YrcNuaBTc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 16:10:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7640 (0x1dd8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91561B7, serialNumber=E4713C1B9D75759295AF64CDFBA62B70DB9A0537 Validity Not Before: Aug 22 16:10:05 2025 GMT Not After : Aug 29 16:10:05 2025 GMT Subject: CN=68a8965d-e110 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:83:57:5b:3a:84:72:a8:6c:4a:4c:b0:46:9d: 66:84:6a:5b:68:ad:7e:26:59:d6:89:b5:e5:e6:ca: e3:c1:1d:9f:f0:21:67:2f:a7:c4:21:45:c9:69:a0: 0e:5e:b4:31:e1:cf:18:a4:ba:2e:1e:e0:1a:8d:69: 98:0d:c0:5f:73:11:4f:de:7e:55:cf:1c:56:a0:9f: 43:25:3a:a8:c8:a6:3c:0e:97:9c:c7:f2:36:ed:10: 0e:f4:34:82:49:27:e5:d5:14:98:72:39:4c:0f:99: 21:0f:a3:0b:4a:1e:7b:a4:f0:2a:ac:e0:36:fd:98: 13:4b:7d:d6:ec:6d:c5:ee:f3:6c:fb:bd:11:cc:70: cc:45:de:c7:16:65:a1:3e:de:89:1a:63:67:4b:86: c7:09:00:b0:6c:25:25:2a:ba:58:74:d5:99:73:80: 5b:b6:08:71:f5:02:bb:f6:1a:50:7f:c7:ad:7d:f7: 1d:43:45:0a:1e:9b:96:fa:fd:f1:ee:08:5e:49:3c: d1:ec:f3:2a:6c:4f:a0:ba:34:b5:6f:33:68:67:ce: 8c:e0:d1:14:24:09:e5:be:41:bb:c9:c0:e2:bd:af: 40:6d:66:08:c3:af:80:11:de:d3:9e:c8:79:63:f8: 1b:87:40:4f:dd:c5:fd:e3:9c:ac:bd:c6:c2:dd:83: 48:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:5F:AD:BD:4C:E4:0A:CA:8B:01:C8:A5:8E:BF:8F:15:39:D8:D6:3E X509v3 Authority Key Identifier: keyid:E4:71:3C:1B:9D:75:75:92:95:AF:64:CD:FB:A6:2B:70:DB:9A:05:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91561B7/5FA1ED309EF011E681102733C4F9AE02/5HE8G511dZKVr2TN-6YrcNuaBTc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5HE8G511dZKVr2TN-6YrcNuaBTc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91561B7/5FA1ED309EF011E681102733C4F9AE02/5HE8G511dZKVr2TN-6YrcNuaBTc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 33:5b:c2:f7:e2:10:0e:3e:8a:23:7c:f8:1c:17:3a:5b:d9:76: a7:18:bd:29:dc:cd:72:4b:57:bb:3b:68:51:68:b0:e5:f1:8e: 0f:f2:36:50:b0:70:97:78:db:7f:2e:4d:58:7e:24:2a:59:42: 11:66:bd:86:32:50:70:86:82:3b:47:0c:11:5d:f7:fd:ed:82: 26:9f:56:80:6c:7e:a4:56:34:e8:71:0d:0b:61:ec:1a:6c:28: 50:c4:00:f8:7e:f2:f9:56:7c:08:e4:ef:50:e3:7b:16:e3:89: c6:91:16:7e:a8:23:e2:91:94:41:46:18:0c:30:f1:1d:17:fb: 6c:93:94:da:00:57:88:85:18:51:88:f3:c0:65:ae:b4:19:ac: c1:1d:fd:06:20:fe:68:dc:43:b3:90:75:c8:85:bf:3c:9a:4d: b8:b1:92:f4:e0:8a:77:b3:9f:c3:d9:88:3e:01:7c:ff:bc:1f: 91:eb:8e:ae:f5:a4:20:f4:10:4d:79:ad:d7:a4:98:1b:a3:2a: 21:f9:e0:f5:0e:f8:18:c8:ac:8d:bb:0b:b3:82:48:6c:22:6a: 86:c1:b2:4f:b7:56:25:5a:60:38:f4:3a:f4:67:eb:00:29:1f: 70:e4:0f:cd:11:8a:97:7b:c3:8c:4a:b8:c7:67:5d:db:6f:99: c3:64:14:68 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHdgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTYxQjcxMTAvBgNVBAUTKEU0NzEzQzFCOUQ3NTc1OTI5NUFGNjRDREZCQTYyQjcw REI5QTA1MzcwHhcNMjUwODIyMTYxMDA1WhcNMjUwODI5MTYxMDA1WjAYMRYwFAYD VQQDEw02OGE4OTY1ZC1lMTEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0YNXWzqEcqhsSkywRp1mhGpbaK1+JlnWibXl5srjwR2f8CFnL6fEIUXJaaAO XrQx4c8YpLouHuAajWmYDcBfcxFP3n5VzxxWoJ9DJTqoyKY8Dpecx/I27RAO9DSC SSfl1RSYcjlMD5khD6MLSh57pPAqrOA2/ZgTS33W7G3F7vNs+70RzHDMRd7HFmWh Pt6JGmNnS4bHCQCwbCUlKrpYdNWZc4Bbtghx9QK79hpQf8etffcdQ0UKHpuW+v3x 7gheSTzR7PMqbE+gujS1bzNoZ86M4NEUJAnlvkG7ycDiva9AbWYIw6+AEd7Tnsh5 Y/gbh0BP3cX945ysvcbC3YNIZQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLFfrb1M 5ArKiwHIpY6/jxU52NY+MB8GA1UdIwQYMBaAFORxPBuddXWSla9kzfumK3DbmgU3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NjFCNy81RkExRUQzMDlF RjAxMUU2ODExMDI3MzNDNEY5QUUwMi81SEU4RzUxMWRaS1ZyMlROLTZZcmNOdWFC VGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzVIRThHNTExZFpLVnIyVE4tNllyY051YUJUYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 NjFCNy81RkExRUQzMDlFRjAxMUU2ODExMDI3MzNDNEY5QUUwMi81SEU4RzUxMWRa S1ZyMlROLTZZcmNOdWFCVGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAzW8L34hAOPoojfPgcFzpb2XanGL0p3M1yS1e7O2hRaLDl8Y4P8jZQ sHCXeNt/Lk1YfiQqWUIRZr2GMlBwhoI7RwwRXff97YImn1aAbH6kVjTocQ0LYewa bChQxAD4fvL5VnwI5O9Q43sW44nGkRZ+qCPikZRBRhgMMPEdF/tsk5TaAFeIhRhR iPPAZa60GazBHf0GIP5o3EOzkHXIhb88mk24sZL04Ip3s5/D2Yg+AXz/vB+R646u 9aQg9BBNea3XpJgboyoh+eD1DvgYyKyNuwuzgkhsImqGwbJPt1YlWmA49Dr0Z+sA KR9w5A/NEYqXe8OMSrjHZ13bb5nDZBRo -----END CERTIFICATE-----Generated at Sun Aug 24 00:01:37 2025 by rpki-client