$ rpki-client -vvf rpki.apnic.net/member_repository/A9198767/7BC61D82884B11EE817FB67FC4F9AE02/hGiwIZf8m3cK-EBVe_QVoLYTgg0.mft File: hGiwIZf8m3cK-EBVe_QVoLYTgg0.mft (raw, json) Hash identifier: B4g/nGBeWfZsuRTvNnlH1Mz7CQAZaSARCTJp6zFG3r0= Subject key identifier: 11:EE:30:41:5D:91:12:F5:78:B8:8E:DB:D9:33:D9:ED:0E:90:71:77 Authority key identifier: 84:68:B0:21:97:FC:9B:77:0A:F8:40:55:7B:F4:15:A0:B6:13:82:0D Certificate issuer: /CN=A9198767/serialNumber=8468B02197FC9B770AF840557BF415A0B613820D Certificate serial: 014F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hGiwIZf8m3cK-EBVe_QVoLYTgg0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9198767/7BC61D82884B11EE817FB67FC4F9AE02/hGiwIZf8m3cK-EBVe_QVoLYTgg0.mft Manifest number: 014B Signing time: Sat 23 Aug 2025 04:24:15 +0000 Manifest this update: Sat 23 Aug 2025 04:24:14 +0000 Manifest next update: Sat 30 Aug 2025 04:24:14 +0000 Files and hashes: 1: hGiwIZf8m3cK-EBVe_QVoLYTgg0.crl (hash: V5YY38K35gZEHxrRsqQXmlJVkv4pENZrgp856bQ3Fug=) 2: 7BABB4BE884C11EE81C71A38C4F9AE02.roa (hash: u2PF7jLRF87OSxNEo/O16Z0DeQ7rzjbmi4fJ4Gt3Ltw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9198767/7BC61D82884B11EE817FB67FC4F9AE02/hGiwIZf8m3cK-EBVe_QVoLYTgg0.crl rsync://rpki.apnic.net/member_repository/A9198767/7BC61D82884B11EE817FB67FC4F9AE02/hGiwIZf8m3cK-EBVe_QVoLYTgg0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hGiwIZf8m3cK-EBVe_QVoLYTgg0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 04:24:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 335 (0x14f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9198767, serialNumber=8468B02197FC9B770AF840557BF415A0B613820D Validity Not Before: Aug 23 04:24:14 2025 GMT Not After : Aug 30 04:24:14 2025 GMT Subject: CN=68a9426f-1563 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:db:a3:2a:e9:1d:0c:7e:68:91:e9:fb:e8:17: f0:c3:c8:d7:a6:08:c2:79:a6:9b:12:39:04:83:ca: 91:21:6c:44:7c:c0:4b:95:d2:e8:30:20:bd:b3:50: 10:00:f5:3e:c5:45:93:ae:00:56:12:07:56:ed:75: e4:06:06:8a:be:69:27:46:ea:68:9d:e3:70:5c:08: f0:f8:b9:d0:3b:c3:31:da:2b:44:e0:26:ad:40:5d: a3:54:36:9d:fe:1a:b2:05:be:70:7d:42:1f:00:79: 57:ad:a2:60:42:a0:c4:a0:69:16:6f:17:a1:47:6d: 6b:1f:d5:2c:7e:6c:b3:0d:40:cf:bd:16:89:f3:8a: 07:3d:2d:1a:ce:80:19:0d:fd:a1:8d:10:06:1c:7f: 59:46:08:fc:41:13:e6:bc:62:12:77:57:67:2f:63: 57:d6:52:2b:98:45:88:18:1b:96:3b:3c:52:e2:0f: 6d:05:88:b9:70:fb:82:81:7b:f3:36:d5:4b:69:d0: 06:f4:55:96:54:7f:e5:de:e7:42:7a:cb:3a:82:c6: 85:94:ae:88:72:c6:5a:53:ae:21:e3:53:24:b2:7d: 94:62:f2:10:50:59:d3:15:0f:a8:5a:e1:07:75:a3: ce:8e:b5:f3:d4:eb:99:df:c1:49:61:9e:d8:3c:57: c5:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:EE:30:41:5D:91:12:F5:78:B8:8E:DB:D9:33:D9:ED:0E:90:71:77 X509v3 Authority Key Identifier: keyid:84:68:B0:21:97:FC:9B:77:0A:F8:40:55:7B:F4:15:A0:B6:13:82:0D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9198767/7BC61D82884B11EE817FB67FC4F9AE02/hGiwIZf8m3cK-EBVe_QVoLYTgg0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hGiwIZf8m3cK-EBVe_QVoLYTgg0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9198767/7BC61D82884B11EE817FB67FC4F9AE02/hGiwIZf8m3cK-EBVe_QVoLYTgg0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6c:3e:25:f1:31:1f:54:54:7e:10:e2:c4:e1:da:cc:aa:24:54: 44:37:72:e1:1c:10:b2:49:ec:20:c1:e5:b2:b2:b2:95:d7:ca: 30:c4:b0:76:db:b1:40:a6:82:77:a1:72:ca:ca:1c:7f:ba:14: f8:f3:cd:21:ce:36:41:ae:1b:90:5a:1c:95:3a:b4:96:8d:cb: aa:04:77:dd:e5:92:65:8f:9c:d7:f0:23:a1:78:d5:09:fc:81: 16:35:f3:53:91:9d:58:10:eb:bc:e1:dc:04:61:7d:07:7e:2c: 43:c7:72:b3:2b:e0:81:92:46:72:7c:90:fc:04:99:2e:32:0e: 0a:f4:3b:64:42:e5:80:eb:5e:05:8a:a5:be:7a:71:86:d8:15: d2:d2:73:f2:ee:af:7e:5c:06:e0:5f:c6:b7:e2:e4:d5:43:04: 67:5b:47:95:a6:3a:84:a4:a2:69:19:65:d0:92:d3:dc:6b:0b: 78:79:90:66:98:4f:e9:da:05:f4:15:8c:ce:c8:43:3b:bd:46: e9:f2:aa:4a:c4:43:35:c3:97:2c:e7:80:4d:3a:4d:81:4e:41: 7c:8c:4d:a7:a4:42:e8:85:0b:a6:b2:37:e7:8c:3a:fe:44:0d: f0:02:4f:08:e0:d4:c7:af:34:09:ee:84:15:32:8e:89:1e:79: 0d:4a:f3:f6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAU8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTg3NjcxMTAvBgNVBAUTKDg0NjhCMDIxOTdGQzlCNzcwQUY4NDA1NTdCRjQxNUEw QjYxMzgyMEQwHhcNMjUwODIzMDQyNDE0WhcNMjUwODMwMDQyNDE0WjAYMRYwFAYD VQQDEw02OGE5NDI2Zi0xNTYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwdujKukdDH5oken76Bfww8jXpgjCeaabEjkEg8qRIWxEfMBLldLoMCC9s1AQ APU+xUWTrgBWEgdW7XXkBgaKvmknRuponeNwXAjw+LnQO8Mx2itE4CatQF2jVDad /hqyBb5wfUIfAHlXraJgQqDEoGkWbxehR21rH9UsfmyzDUDPvRaJ84oHPS0azoAZ Df2hjRAGHH9ZRgj8QRPmvGISd1dnL2NX1lIrmEWIGBuWOzxS4g9tBYi5cPuCgXvz NtVLadAG9FWWVH/l3udCess6gsaFlK6IcsZaU64h41Mksn2UYvIQUFnTFQ+oWuEH daPOjrXz1OuZ38FJYZ7YPFfFEQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBHuMEFd kRL1eLiO29kz2e0OkHF3MB8GA1UdIwQYMBaAFIRosCGX/Jt3CvhAVXv0FaC2E4IN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5ODc2Ny83QkM2MUQ4Mjg4 NEIxMUVFODE3RkI2N0ZDNEY5QUUwMi9oR2l3SVpmOG0zY0stRUJWZV9RVm9MWVRn ZzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hHaXdJWmY4bTNjSy1FQlZlX1FWb0xZVGdnMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 ODc2Ny83QkM2MUQ4Mjg4NEIxMUVFODE3RkI2N0ZDNEY5QUUwMi9oR2l3SVpmOG0z Y0stRUJWZV9RVm9MWVRnZzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBsPiXxMR9UVH4Q4sTh2syqJFREN3LhHBCySewgweWysrKV18owxLB2 27FApoJ3oXLKyhx/uhT4880hzjZBrhuQWhyVOrSWjcuqBHfd5ZJlj5zX8COheNUJ /IEWNfNTkZ1YEOu84dwEYX0HfixDx3KzK+CBkkZyfJD8BJkuMg4K9DtkQuWA614F iqW+enGG2BXS0nPy7q9+XAbgX8a34uTVQwRnW0eVpjqEpKJpGWXQktPcawt4eZBm mE/p2gX0FYzOyEM7vUbp8qpKxEM1w5cs54BNOk2BTkF8jE2npELohQumsjfnjDr+ RA3wAk8I4NTHrzQJ7oQVMo6JHnkNSvP2 -----END CERTIFICATE-----Generated at Sat Aug 23 19:01:12 2025 by rpki-client