$ rpki-client -vvf rpki.apnic.net/member_repository/A9158059/BBD81DA89CC111EBBFDE6579C4F9AE02/H3amlEQsq0PX0XzW_fmpfgt_qo4.mft File: H3amlEQsq0PX0XzW_fmpfgt_qo4.mft (raw, json) Hash identifier: WwaadAKPycTR3J18bXHIe8mHNS8973MqOcufi8V8kZA= Subject key identifier: 21:D1:43:40:02:9C:AE:7E:CB:30:9E:60:C5:E7:DB:D3:9B:D0:3A:E1 Authority key identifier: 1F:76:A6:94:44:2C:AB:43:D7:D1:7C:D6:FD:F9:A9:7E:0B:7F:AA:8E Certificate issuer: /CN=A9158059/serialNumber=1F76A694442CAB43D7D17CD6FDF9A97E0B7FAA8E Certificate serial: 064E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H3amlEQsq0PX0XzW_fmpfgt_qo4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9158059/BBD81DA89CC111EBBFDE6579C4F9AE02/H3amlEQsq0PX0XzW_fmpfgt_qo4.mft Manifest number: 0649 Signing time: Fri 22 Aug 2025 22:49:12 +0000 Manifest this update: Fri 22 Aug 2025 22:49:11 +0000 Manifest next update: Fri 29 Aug 2025 22:49:11 +0000 Files and hashes: 1: H3amlEQsq0PX0XzW_fmpfgt_qo4.crl (hash: /7LfXC9LW33gqTqTrSE7ZWrCzK+EfgVWIcld54PT164=) 2: 702A62CE9CC311EBA5A7A47BC4F9AE02.roa (hash: casLvQjbiWmoUm1zZDsT8rFqITbKKo8QIpvIUSskW7g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9158059/BBD81DA89CC111EBBFDE6579C4F9AE02/H3amlEQsq0PX0XzW_fmpfgt_qo4.crl rsync://rpki.apnic.net/member_repository/A9158059/BBD81DA89CC111EBBFDE6579C4F9AE02/H3amlEQsq0PX0XzW_fmpfgt_qo4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H3amlEQsq0PX0XzW_fmpfgt_qo4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 22:49:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1614 (0x64e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9158059, serialNumber=1F76A694442CAB43D7D17CD6FDF9A97E0B7FAA8E Validity Not Before: Aug 22 22:49:11 2025 GMT Not After : Aug 29 22:49:11 2025 GMT Subject: CN=68a8f3e7-b8b6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:15:89:04:83:e1:02:7d:37:ba:a5:c7:22:22: 60:e1:d6:b9:42:ce:54:ea:50:89:75:02:b0:67:85: 65:43:be:b6:35:a4:f9:6f:70:af:1b:41:62:db:16: 2a:e6:80:c4:4f:37:5f:e5:9c:aa:f9:95:07:fc:ae: c0:6f:73:e3:3d:91:3e:b5:b3:2f:23:0e:48:22:1f: c7:a1:cf:dd:83:2c:cf:89:57:3f:17:2c:d6:91:fc: 48:c3:cd:ad:1c:dd:6e:78:91:0c:6e:ef:4d:ed:f8: 70:9f:b9:d3:fa:2e:56:ab:14:d2:e0:4b:c6:c8:36: df:92:8a:1c:4f:41:f3:ea:62:b3:44:74:a7:24:fd: fb:ef:82:eb:3b:cd:9f:8d:8c:5f:fe:04:2c:21:7a: fb:13:9e:78:14:1b:87:6b:b3:f8:58:9e:4e:53:cf: 34:85:8e:ad:8a:07:b4:1a:3e:17:47:02:f7:e5:3d: 54:f6:0a:cb:e3:9e:63:ec:83:28:f4:cd:59:89:c8: 67:06:23:41:76:9d:80:ae:45:b4:68:0a:8c:d4:35: 2c:7f:75:b8:f0:bd:a4:b2:b8:ee:b9:92:f2:81:dd: 07:69:65:85:54:56:05:a0:b2:8c:0d:c3:53:6c:38: 08:48:6d:44:f1:c6:ce:d3:92:b1:6e:ef:3a:76:3c: ed:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:D1:43:40:02:9C:AE:7E:CB:30:9E:60:C5:E7:DB:D3:9B:D0:3A:E1 X509v3 Authority Key Identifier: keyid:1F:76:A6:94:44:2C:AB:43:D7:D1:7C:D6:FD:F9:A9:7E:0B:7F:AA:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9158059/BBD81DA89CC111EBBFDE6579C4F9AE02/H3amlEQsq0PX0XzW_fmpfgt_qo4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H3amlEQsq0PX0XzW_fmpfgt_qo4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158059/BBD81DA89CC111EBBFDE6579C4F9AE02/H3amlEQsq0PX0XzW_fmpfgt_qo4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 32:cd:7e:73:2b:c7:64:6c:ce:77:eb:95:45:f0:2b:e2:10:6c: 51:44:bb:da:af:bf:4e:f9:61:59:86:81:c0:53:95:a1:db:bd: 8b:8a:aa:04:cd:e7:dd:5b:83:0b:43:a3:eb:27:b3:8c:09:bc: e9:e3:f6:f7:01:b9:61:7c:e1:f3:5c:95:0a:57:df:40:e9:ed: 51:de:37:83:27:59:ae:c7:49:6b:e5:b7:37:8d:ff:96:e0:5a: a8:5d:40:39:b6:d2:f0:b5:07:2a:2c:40:d2:c5:a3:9b:07:fb: 89:57:5b:04:95:84:91:2a:ef:ba:f1:45:c4:c6:f0:da:31:99: 9d:6c:db:44:5b:3a:80:6f:07:fa:65:ac:e0:7b:21:34:d6:23: 6e:25:28:89:22:7f:72:2b:07:e1:37:44:11:15:13:f1:0c:b8: 5d:d1:37:55:b4:84:5d:e0:ab:c5:9f:77:39:8f:6d:33:3f:82: ee:27:64:be:c9:da:98:65:25:27:0c:d9:5b:47:cf:df:56:99: 93:e9:b6:18:25:97:bd:ad:6b:c2:d0:71:66:2d:84:ff:93:16: f9:a3:58:d6:40:b4:6b:c0:45:f9:0e:a0:80:d4:e6:0e:b6:4d: bb:f9:fb:35:b4:73:91:52:b8:90:13:e1:6d:24:ac:b6:a9:6e: 9a:48:e6:88 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBk4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTgwNTkxMTAvBgNVBAUTKDFGNzZBNjk0NDQyQ0FCNDNEN0QxN0NENkZERjlBOTdF MEI3RkFBOEUwHhcNMjUwODIyMjI0OTExWhcNMjUwODI5MjI0OTExWjAYMRYwFAYD VQQDEw02OGE4ZjNlNy1iOGI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9hWJBIPhAn03uqXHIiJg4da5Qs5U6lCJdQKwZ4VlQ762NaT5b3CvG0Fi2xYq 5oDETzdf5Zyq+ZUH/K7Ab3PjPZE+tbMvIw5IIh/Hoc/dgyzPiVc/FyzWkfxIw82t HN1ueJEMbu9N7fhwn7nT+i5WqxTS4EvGyDbfkoocT0Hz6mKzRHSnJP3774LrO82f jYxf/gQsIXr7E554FBuHa7P4WJ5OU880hY6tige0Gj4XRwL35T1U9grL455j7IMo 9M1ZichnBiNBdp2ArkW0aAqM1DUsf3W48L2ksrjuuZLygd0HaWWFVFYFoLKMDcNT bDgISG1E8cbO05Kxbu86djztcQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCHRQ0AC nK5+yzCeYMXn29Ob0DrhMB8GA1UdIwQYMBaAFB92ppRELKtD19F81v35qX4Lf6qO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODA1OS9CQkQ4MURBODlD QzExMUVCQkZERTY1NzlDNEY5QUUwMi9IM2FtbEVRc3EwUFgwWHpXX2ZtcGZndF9x bzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0gzYW1sRVFzcTBQWDBYeldfZm1wZmd0X3FvNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 ODA1OS9CQkQ4MURBODlDQzExMUVCQkZERTY1NzlDNEY5QUUwMi9IM2FtbEVRc3Ew UFgwWHpXX2ZtcGZndF9xbzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAyzX5zK8dkbM5365VF8CviEGxRRLvar79O+WFZhoHAU5Wh272LiqoE zefdW4MLQ6PrJ7OMCbzp4/b3AblhfOHzXJUKV99A6e1R3jeDJ1mux0lr5bc3jf+W 4FqoXUA5ttLwtQcqLEDSxaObB/uJV1sElYSRKu+68UXExvDaMZmdbNtEWzqAbwf6 ZazgeyE01iNuJSiJIn9yKwfhN0QRFRPxDLhd0TdVtIRd4KvFn3c5j20zP4LuJ2S+ ydqYZSUnDNlbR8/fVpmT6bYYJZe9rWvC0HFmLYT/kxb5o1jWQLRrwEX5DqCA1OYO tk27+fs1tHORUriQE+FtJKy2qW6aSOaI -----END CERTIFICATE-----Generated at Sun Aug 24 00:47:49 2025 by rpki-client