$ rpki-client -vvf rpki.apnic.net/member_repository/A9194AE2/26A6F44C3BAC11EF9D7EA871C4F9AE02/hF2I4KIVFF82fZMEvz9xrujrTC0.mft File: hF2I4KIVFF82fZMEvz9xrujrTC0.mft (raw, json) Hash identifier: A82YlVcogoKfBDrd/rlBG2TL3af8ED+m9py4P8YYTt8= Subject key identifier: 0D:75:23:80:E2:00:EC:0D:3E:92:EE:0D:F9:90:FF:73:AA:AE:BE:61 Authority key identifier: 84:5D:88:E0:A2:15:14:5F:36:7D:93:04:BF:3F:71:AE:E8:EB:4C:2D Certificate issuer: /CN=A9194AE2/serialNumber=845D88E0A215145F367D9304BF3F71AEE8EB4C2D Certificate serial: DB Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hF2I4KIVFF82fZMEvz9xrujrTC0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9194AE2/26A6F44C3BAC11EF9D7EA871C4F9AE02/hF2I4KIVFF82fZMEvz9xrujrTC0.mft Manifest number: D7 Signing time: Sat 23 Aug 2025 05:45:44 +0000 Manifest this update: Sat 23 Aug 2025 05:45:44 +0000 Manifest next update: Sat 30 Aug 2025 05:45:44 +0000 Files and hashes: 1: hF2I4KIVFF82fZMEvz9xrujrTC0.crl (hash: lrByxhfgKqMDkizc51NPACjLrygp1WlqdMTLFiPY08c=) 2: CB6840EE3BAC11EF9C334410C4F9AE02.roa (hash: q+bs+pmU+B7fJo6iymx9EUit+9N40A02etOl0mkXvRg=) 3: 2042987C6C4411EF9B263275C4F9AE02.roa (hash: bKtFSMRmBEl0oKGrwWVZYxuAEvHDipNsFv7Plkp3FeU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9194AE2/26A6F44C3BAC11EF9D7EA871C4F9AE02/hF2I4KIVFF82fZMEvz9xrujrTC0.crl rsync://rpki.apnic.net/member_repository/A9194AE2/26A6F44C3BAC11EF9D7EA871C4F9AE02/hF2I4KIVFF82fZMEvz9xrujrTC0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hF2I4KIVFF82fZMEvz9xrujrTC0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 05:45:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 219 (0xdb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9194AE2, serialNumber=845D88E0A215145F367D9304BF3F71AEE8EB4C2D Validity Not Before: Aug 23 05:45:44 2025 GMT Not After : Aug 30 05:45:44 2025 GMT Subject: CN=68a95588-ef62 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:7c:28:45:9d:41:2e:63:c3:c9:b2:95:18:08: 2c:58:ed:80:93:4d:b8:ec:8f:bc:1b:c7:7a:c2:e9: 8d:0c:76:e8:37:f3:32:ff:a8:a4:87:4a:d7:ce:e8: f5:98:12:fb:68:30:f9:07:de:1c:e3:20:71:85:c2: 4c:92:e6:0d:55:95:a9:f9:0c:f0:3f:2b:3c:a0:3c: db:10:46:ca:6f:47:ee:e7:8b:aa:3d:4b:52:da:e4: fe:3d:bc:9b:96:dd:75:59:08:a1:cd:7f:2c:b5:cc: 8f:62:fa:b6:2e:2d:92:7d:22:d9:bf:47:ae:8c:d0: be:db:29:b5:ef:bb:8e:7e:7c:e3:ca:f7:4d:ee:27: 59:7f:71:ce:66:10:70:80:4b:9e:d5:b4:07:64:2b: 73:0a:9e:98:74:a0:2b:5b:13:d2:44:50:a6:4b:c9: 33:c1:a9:62:c8:8c:be:87:87:4a:cf:46:e4:eb:40: d0:60:a5:27:64:9e:96:ec:49:0d:e5:8b:08:2a:cb: 26:04:9a:f2:de:87:68:8f:8b:c9:b1:24:84:79:5c: 35:d4:15:46:d1:a3:86:a8:c8:1d:be:f1:f5:b7:52: 20:d3:0e:78:17:f8:c4:0a:3a:ce:56:f5:8e:e0:83: dc:11:09:48:e2:c3:0e:1c:54:b9:bb:0a:6c:8d:a2: 61:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:75:23:80:E2:00:EC:0D:3E:92:EE:0D:F9:90:FF:73:AA:AE:BE:61 X509v3 Authority Key Identifier: keyid:84:5D:88:E0:A2:15:14:5F:36:7D:93:04:BF:3F:71:AE:E8:EB:4C:2D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9194AE2/26A6F44C3BAC11EF9D7EA871C4F9AE02/hF2I4KIVFF82fZMEvz9xrujrTC0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hF2I4KIVFF82fZMEvz9xrujrTC0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9194AE2/26A6F44C3BAC11EF9D7EA871C4F9AE02/hF2I4KIVFF82fZMEvz9xrujrTC0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 19:40:5e:d0:61:f9:e7:f3:f1:a7:33:3a:3c:2c:61:bf:e3:e3: 82:34:c8:33:03:56:7d:52:2d:86:23:8b:d8:49:d6:c7:f2:ff: 2f:be:40:bd:59:02:2f:5a:22:34:ec:72:c0:14:13:67:27:f4: 41:71:56:92:51:31:2c:93:03:2c:18:f2:16:96:96:6d:47:98: 1f:70:42:0c:b9:74:42:fc:72:0d:f2:8d:f6:77:cf:fd:5f:75: 0b:53:ca:96:cd:19:fd:2c:01:de:3a:4e:f7:d3:b6:72:f0:76: 94:4e:5c:e2:ae:50:6e:a6:0a:ea:d5:71:d9:2b:34:a1:84:26: 7d:7a:29:18:86:cb:34:ac:7a:cd:9b:73:00:3e:bd:f1:b2:b1: 2a:92:d9:93:ec:87:82:05:d5:d5:e8:f6:ea:5e:92:d1:fe:43: 3a:3a:c7:92:09:40:b3:89:be:25:a7:3e:fe:25:8e:8c:f7:f1: 02:fe:1d:99:7f:e0:be:24:e8:98:41:26:b9:f5:7e:8c:38:b4: 47:6e:9a:6a:d4:22:82:63:2c:69:22:e7:f4:05:57:da:b8:9e: 64:eb:13:3f:c8:31:45:85:b1:bc:0a:21:31:13:60:5b:e7:09: 7e:98:44:62:fa:c0:dd:97:f3:04:73:6b:d4:aa:ae:02:50:f0: c2:4b:b8:40 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTRBRTIxMTAvBgNVBAUTKDg0NUQ4OEUwQTIxNTE0NUYzNjdEOTMwNEJGM0Y3MUFF RThFQjRDMkQwHhcNMjUwODIzMDU0NTQ0WhcNMjUwODMwMDU0NTQ0WjAYMRYwFAYD VQQDEw02OGE5NTU4OC1lZjYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr3woRZ1BLmPDybKVGAgsWO2Ak0247I+8G8d6wumNDHboN/My/6ikh0rXzuj1 mBL7aDD5B94c4yBxhcJMkuYNVZWp+QzwPys8oDzbEEbKb0fu54uqPUtS2uT+Pbyb lt11WQihzX8stcyPYvq2Li2SfSLZv0eujNC+2ym177uOfnzjyvdN7idZf3HOZhBw gEue1bQHZCtzCp6YdKArWxPSRFCmS8kzwaliyIy+h4dKz0bk60DQYKUnZJ6W7EkN 5YsIKssmBJry3odoj4vJsSSEeVw11BVG0aOGqMgdvvH1t1Ig0w54F/jECjrOVvWO 4IPcEQlI4sMOHFS5uwpsjaJhqwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA11I4Di AOwNPpLuDfmQ/3Oqrr5hMB8GA1UdIwQYMBaAFIRdiOCiFRRfNn2TBL8/ca7o60wt MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NEFFMi8yNkE2RjQ0QzNC QUMxMUVGOUQ3RUE4NzFDNEY5QUUwMi9oRjJJNEtJVkZGODJmWk1Fdno5eHJ1anJU QzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2hGMkk0S0lWRkY4MmZaTUV2ejl4cnVqclRDMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NEFFMi8yNkE2RjQ0QzNCQUMxMUVGOUQ3RUE4NzFDNEY5QUUwMi9oRjJJNEtJVkZG ODJmWk1Fdno5eHJ1anJUQzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAZQF7QYfnn8/GnMzo8LGG/4+OCNMgzA1Z9Ui2GI4vYSdbH8v8vvkC9 WQIvWiI07HLAFBNnJ/RBcVaSUTEskwMsGPIWlpZtR5gfcEIMuXRC/HIN8o32d8/9 X3ULU8qWzRn9LAHeOk7307Zy8HaUTlzirlBupgrq1XHZKzShhCZ9eikYhss0rHrN m3MAPr3xsrEqktmT7IeCBdXV6PbqXpLR/kM6OseSCUCzib4lpz7+JY6M9/EC/h2Z f+C+JOiYQSa59X6MOLRHbppq1CKCYyxpIuf0BVfauJ5k6xM/yDFFhbG8CiExE2Bb 5wl+mERi+sDdl/MEc2vUqq4CUPDCS7hA -----END CERTIFICATE-----Generated at Sat Aug 23 12:49:56 2025 by rpki-client