$ rpki-client -vvf rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/HhI4RWNx50SJRiLpisHuVbQUXhA.mft File: HhI4RWNx50SJRiLpisHuVbQUXhA.mft (raw, json) Hash identifier: ILYIS8ncuzBKDbEi8ZK50aQl8DX6IXGH7eKi+hBk/Bo= Subject key identifier: B3:7B:0D:79:09:CB:BA:DB:9C:23:C8:81:29:04:C3:61:22:A5:AD:8E Authority key identifier: 1E:12:38:45:63:71:E7:44:89:46:22:E9:8A:C1:EE:55:B4:14:5E:10 Certificate issuer: /CN=A917E678/serialNumber=1E1238456371E744894622E98AC1EE55B4145E10 Certificate serial: 1597 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HhI4RWNx50SJRiLpisHuVbQUXhA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/HhI4RWNx50SJRiLpisHuVbQUXhA.mft Manifest number: 1545 Signing time: Fri 22 Aug 2025 17:00:46 +0000 Manifest this update: Fri 22 Aug 2025 17:00:46 +0000 Manifest next update: Fri 29 Aug 2025 17:00:46 +0000 Files and hashes: 1: HhI4RWNx50SJRiLpisHuVbQUXhA.crl (hash: /Y8Vkxur5gOaWUS5HkAzoqtw+VH9RNKBf9DitO7SHBY=) 2: 1E7AFF46066811ED8098BF45C4F9AE02.roa (hash: EuXxU/8tx8j9kPsvmnFxl7zhI7smJV3xMzjzvaZA3m0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/HhI4RWNx50SJRiLpisHuVbQUXhA.crl rsync://rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/HhI4RWNx50SJRiLpisHuVbQUXhA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HhI4RWNx50SJRiLpisHuVbQUXhA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 17:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5527 (0x1597) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E678, serialNumber=1E1238456371E744894622E98AC1EE55B4145E10 Validity Not Before: Aug 22 17:00:46 2025 GMT Not After : Aug 29 17:00:46 2025 GMT Subject: CN=68a8a23e-5bda Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:f2:3b:2f:55:a0:e2:5f:93:6e:b4:e9:54:f0: eb:76:3e:94:77:44:be:d3:0c:f8:c8:70:76:52:24: 95:cd:54:0d:c0:93:e1:3d:3c:e9:3c:78:d6:64:ae: 10:29:ea:84:d9:0c:bc:8d:e0:99:84:e4:d9:68:90: b1:89:fd:38:c5:4e:ba:f5:6e:9c:7f:10:15:78:e2: 17:77:a8:e1:f1:ac:20:50:4e:c9:03:34:b9:85:68: 5c:08:3a:9f:05:37:a5:3d:fd:9c:ff:8a:80:54:c2: 4d:b5:87:6c:ff:9b:21:b6:05:19:53:45:de:70:22: 46:9d:66:84:88:1e:6b:82:85:91:c2:b1:8d:4e:63: 25:c3:67:99:f4:db:dc:5b:71:4a:a5:fd:db:77:37: 98:4d:01:29:03:a4:d5:f0:fa:9d:a1:85:5a:62:4d: c2:fb:25:76:4b:79:08:4e:f9:58:6f:dc:c1:cc:de: 44:95:00:80:a5:66:45:88:11:99:fb:88:ad:53:41: 25:18:fa:b3:2c:b4:ea:ac:aa:98:e0:fd:4c:c8:5b: 95:e9:7c:c3:9c:67:77:ab:45:3f:f4:21:4a:7a:05: 74:e1:63:b0:60:49:47:65:27:7b:dd:3c:59:38:46: 42:f6:eb:7f:1f:dc:9f:ae:5d:4c:90:be:3f:05:d4: f2:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:7B:0D:79:09:CB:BA:DB:9C:23:C8:81:29:04:C3:61:22:A5:AD:8E X509v3 Authority Key Identifier: keyid:1E:12:38:45:63:71:E7:44:89:46:22:E9:8A:C1:EE:55:B4:14:5E:10 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/HhI4RWNx50SJRiLpisHuVbQUXhA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HhI4RWNx50SJRiLpisHuVbQUXhA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/HhI4RWNx50SJRiLpisHuVbQUXhA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 80:d8:f9:ce:b5:ce:21:0c:5b:f7:84:2d:3f:d1:6f:56:db:c6: 43:7e:8d:66:38:d6:28:26:90:a4:28:96:6e:80:a7:39:d3:ed: eb:21:47:0d:9c:13:1e:18:82:7c:b1:17:aa:3c:47:38:ed:d6: 7f:3e:bf:c1:e4:32:23:0f:f7:30:3a:39:38:d9:5c:4d:88:85: 05:29:bf:3e:2d:93:8b:66:36:a5:77:34:03:5b:f6:be:d3:e4: f3:a7:5b:d0:51:fb:02:e8:3e:8a:7b:2a:6f:11:57:20:c3:1a: 5a:9b:b0:4a:d9:95:42:98:15:59:65:d5:7a:45:3f:54:21:f7: e9:3f:76:23:6e:ea:45:dc:f7:0d:1b:67:22:5a:91:4f:e0:6d: ae:4d:1c:54:3b:7d:2f:16:96:21:d4:e6:d3:6e:fb:19:f5:bd: 37:36:96:a1:62:81:f9:2b:81:44:2a:82:09:e1:74:c7:ee:48: 57:23:af:32:c5:1a:92:bc:5f:85:dd:78:92:f5:2b:b4:7c:52: e0:93:c6:83:07:8b:39:89:a2:ee:59:7b:55:ee:2e:03:47:7f: fc:55:3a:b6:8d:fc:73:2c:6f:02:98:74:a7:51:66:6e:f1:5e: da:12:e4:88:51:30:e0:6c:31:b4:49:64:22:c5:13:2a:9d:87: 1f:e2:75:85 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFZcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0U2NzgxMTAvBgNVBAUTKDFFMTIzODQ1NjM3MUU3NDQ4OTQ2MjJFOThBQzFFRTU1 QjQxNDVFMTAwHhcNMjUwODIyMTcwMDQ2WhcNMjUwODI5MTcwMDQ2WjAYMRYwFAYD VQQDEw02OGE4YTIzZS01YmRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy/I7L1Wg4l+TbrTpVPDrdj6Ud0S+0wz4yHB2UiSVzVQNwJPhPTzpPHjWZK4Q KeqE2Qy8jeCZhOTZaJCxif04xU669W6cfxAVeOIXd6jh8awgUE7JAzS5hWhcCDqf BTelPf2c/4qAVMJNtYds/5shtgUZU0XecCJGnWaEiB5rgoWRwrGNTmMlw2eZ9Nvc W3FKpf3bdzeYTQEpA6TV8PqdoYVaYk3C+yV2S3kITvlYb9zBzN5ElQCApWZFiBGZ +4itU0ElGPqzLLTqrKqY4P1MyFuV6XzDnGd3q0U/9CFKegV04WOwYElHZSd73TxZ OEZC9ut/H9yfrl1MkL4/BdTy1wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLN7DXkJ y7rbnCPIgSkEw2Eipa2OMB8GA1UdIwQYMBaAFB4SOEVjcedEiUYi6YrB7lW0FF4Q MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTY3OC82OTdFMzU2QTY5 NTcxMUU4QTQyQkU2ODBDNEY5QUUwMi9IaEk0UldOeDUwU0pSaUxwaXNIdVZiUVVY aEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0hoSTRSV054NTBTSlJpTHBpc0h1VmJRVVhoQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTY3OC82OTdFMzU2QTY5NTcxMUU4QTQyQkU2ODBDNEY5QUUwMi9IaEk0UldOeDUw U0pSaUxwaXNIdVZiUVVYaEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCA2PnOtc4hDFv3hC0/0W9W28ZDfo1mONYoJpCkKJZugKc50+3rIUcN nBMeGIJ8sReqPEc47dZ/Pr/B5DIjD/cwOjk42VxNiIUFKb8+LZOLZjaldzQDW/a+ 0+Tzp1vQUfsC6D6KeypvEVcgwxpam7BK2ZVCmBVZZdV6RT9UIffpP3YjbupF3PcN G2ciWpFP4G2uTRxUO30vFpYh1ObTbvsZ9b03NpahYoH5K4FEKoIJ4XTH7khXI68y xRqSvF+F3XiS9Su0fFLgk8aDB4s5iaLuWXtV7i4DR3/8VTq2jfxzLG8CmHSnUWZu 8V7aEuSIUTDgbDG0SWQixRMqnYcf4nWF -----END CERTIFICATE-----Generated at Sat Aug 23 10:57:44 2025 by rpki-client