$ rpki-client -vvf rpki.apnic.net/member_repository/A919FD74/5367B6BE1A3811EAA0E8A23DC4F9AE02/hnoHFJZqnX2LIC37HeIhPALANic.mft File: hnoHFJZqnX2LIC37HeIhPALANic.mft (raw, json) Hash identifier: siOb8M2AMMO1cSjjEeZv369vUtvnGJOzHXcavStC3/M= Subject key identifier: B9:48:B9:86:15:19:18:85:EC:78:01:B2:55:A4:46:14:28:BB:5A:FB Authority key identifier: 86:7A:07:14:96:6A:9D:7D:8B:20:2D:FB:1D:E2:21:3C:02:C0:36:27 Certificate issuer: /CN=A919FD74/serialNumber=867A0714966A9D7D8B202DFB1DE2213C02C03627 Certificate serial: 0C06 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hnoHFJZqnX2LIC37HeIhPALANic.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919FD74/5367B6BE1A3811EAA0E8A23DC4F9AE02/hnoHFJZqnX2LIC37HeIhPALANic.mft Manifest number: 0BFF Signing time: Fri 22 Aug 2025 18:52:57 +0000 Manifest this update: Fri 22 Aug 2025 18:52:57 +0000 Manifest next update: Fri 29 Aug 2025 18:52:57 +0000 Files and hashes: 1: hnoHFJZqnX2LIC37HeIhPALANic.crl (hash: 7XYDuAI9034xFc7GpXq940RwY7hiFAJ291Q6RY07fig=) 2: D1DB990C1A3811EAB6F9C83DC4F9AE02.roa (hash: oYtKqIUNSIUuh/+KpPti5KOAL0KI5TmVO0WB52ytTkI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919FD74/5367B6BE1A3811EAA0E8A23DC4F9AE02/hnoHFJZqnX2LIC37HeIhPALANic.crl rsync://rpki.apnic.net/member_repository/A919FD74/5367B6BE1A3811EAA0E8A23DC4F9AE02/hnoHFJZqnX2LIC37HeIhPALANic.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hnoHFJZqnX2LIC37HeIhPALANic.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 18:52:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3078 (0xc06) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919FD74, serialNumber=867A0714966A9D7D8B202DFB1DE2213C02C03627 Validity Not Before: Aug 22 18:52:57 2025 GMT Not After : Aug 29 18:52:57 2025 GMT Subject: CN=68a8bc89-f144 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:38:e3:ca:5c:91:4d:ec:65:41:e7:c5:3c:cc: 9f:ec:32:15:91:84:b3:39:3d:86:1f:ab:34:c2:cd: 42:6e:1e:6c:ae:3b:d5:ed:67:05:78:8d:60:16:ba: 5e:58:f5:b3:25:1b:a9:48:bd:45:94:45:16:b3:69: 3f:9e:f9:11:9b:3a:98:b7:ef:98:9f:31:25:a0:8f: 00:f0:4f:5f:5a:11:64:a1:10:0c:d4:d5:9a:64:7c: 8b:29:ff:19:7e:e3:06:a6:d3:94:80:32:ca:9b:d4: 93:41:3b:50:b8:23:b2:32:39:6e:9c:f4:a8:a2:87: e9:08:2f:ad:9f:75:a6:f0:0e:f0:a1:5d:b7:07:f9: 22:d5:10:27:40:ab:13:21:6a:15:c3:b6:6d:24:5d: 4e:77:dc:3c:6a:dc:c4:4c:a7:1a:67:df:ef:e1:95: 95:5d:16:3e:31:51:0d:3c:0a:60:ab:78:98:61:c7: 1b:8b:4b:0c:ef:88:03:2c:83:7f:bf:d0:26:53:3b: bf:55:76:ff:00:73:65:b6:4e:1a:59:5b:ab:36:9d: 58:94:03:50:e2:67:8a:e7:d0:30:f1:dd:57:87:f8: fa:32:0a:9b:50:ea:84:5c:66:9d:ac:da:d6:fe:ae: 48:4e:5c:f0:f0:c8:8a:7c:b1:68:42:b3:5c:46:bb: 72:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:48:B9:86:15:19:18:85:EC:78:01:B2:55:A4:46:14:28:BB:5A:FB X509v3 Authority Key Identifier: keyid:86:7A:07:14:96:6A:9D:7D:8B:20:2D:FB:1D:E2:21:3C:02:C0:36:27 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919FD74/5367B6BE1A3811EAA0E8A23DC4F9AE02/hnoHFJZqnX2LIC37HeIhPALANic.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hnoHFJZqnX2LIC37HeIhPALANic.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919FD74/5367B6BE1A3811EAA0E8A23DC4F9AE02/hnoHFJZqnX2LIC37HeIhPALANic.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ba:7e:9f:53:6c:0c:bb:84:41:7e:74:0b:5c:4d:d1:4d:95:41: 74:31:78:b0:af:73:6a:41:53:60:fc:34:0a:14:fc:07:4f:2e: a7:fd:37:d0:e7:3e:76:a5:e8:86:b1:6e:4e:0e:53:2b:44:3c: 85:1e:0d:26:59:e3:35:3c:d6:ef:28:04:46:06:10:1b:62:0d: 8a:21:b5:f6:3d:f8:2c:8b:76:e8:0a:47:10:3b:d1:43:a2:d5: 3e:6e:78:b0:72:ec:9a:46:fb:93:85:9e:ba:d9:98:2b:c1:aa: ad:bd:93:fb:74:40:69:42:ec:45:49:70:33:cb:5a:0d:f9:84: 46:0d:84:bb:07:c1:20:24:08:04:b2:14:fb:26:50:b5:92:59: 08:9f:5d:a5:ed:f8:47:5d:3a:ab:cc:b3:19:c8:81:ff:5e:d2: 63:dd:d7:28:3f:06:36:ed:76:65:28:f9:9d:bc:85:ee:57:42: 2b:93:1e:f6:4c:63:fd:fd:a6:d7:ec:cb:f2:9d:d4:03:91:5b: 11:9c:ed:a8:2b:66:b1:6a:08:52:a4:c7:8e:28:77:f7:5b:4b: 99:a8:e2:86:dd:c4:10:e2:7c:35:d8:cf:ea:a3:e9:06:ed:c4: 85:be:dd:93:31:e8:ee:69:16:8c:1f:a2:3a:11:65:95:16:35: 2f:01:a6:c5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDAYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUZENzQxMTAvBgNVBAUTKDg2N0EwNzE0OTY2QTlEN0Q4QjIwMkRGQjFERTIyMTND MDJDMDM2MjcwHhcNMjUwODIyMTg1MjU3WhcNMjUwODI5MTg1MjU3WjAYMRYwFAYD VQQDEw02OGE4YmM4OS1mMTQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyTjjylyRTexlQefFPMyf7DIVkYSzOT2GH6s0ws1Cbh5srjvV7WcFeI1gFrpe WPWzJRupSL1FlEUWs2k/nvkRmzqYt++YnzEloI8A8E9fWhFkoRAM1NWaZHyLKf8Z fuMGptOUgDLKm9STQTtQuCOyMjlunPSooofpCC+tn3Wm8A7woV23B/ki1RAnQKsT IWoVw7ZtJF1Od9w8atzETKcaZ9/v4ZWVXRY+MVENPApgq3iYYccbi0sM74gDLIN/ v9AmUzu/VXb/AHNltk4aWVurNp1YlANQ4meK59Aw8d1Xh/j6MgqbUOqEXGadrNrW /q5ITlzw8MiKfLFoQrNcRrtyIQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLlIuYYV GRiF7HgBslWkRhQou1r7MB8GA1UdIwQYMBaAFIZ6BxSWap19iyAt+x3iITwCwDYn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RkQ3NC81MzY3QjZCRTFB MzgxMUVBQTBFOEEyM0RDNEY5QUUwMi9obm9IRkpacW5YMkxJQzM3SGVJaFBBTEFO aWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hub0hGSlpxblgyTElDMzdIZUloUEFMQU5pYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 RkQ3NC81MzY3QjZCRTFBMzgxMUVBQTBFOEEyM0RDNEY5QUUwMi9obm9IRkpacW5Y MkxJQzM3SGVJaFBBTEFOaWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC6fp9TbAy7hEF+dAtcTdFNlUF0MXiwr3NqQVNg/DQKFPwHTy6n/TfQ 5z52peiGsW5ODlMrRDyFHg0mWeM1PNbvKARGBhAbYg2KIbX2Pfgsi3boCkcQO9FD otU+bniwcuyaRvuThZ662ZgrwaqtvZP7dEBpQuxFSXAzy1oN+YRGDYS7B8EgJAgE shT7JlC1klkIn12l7fhHXTqrzLMZyIH/XtJj3dcoPwY27XZlKPmdvIXuV0Irkx72 TGP9/abX7MvyndQDkVsRnO2oK2axaghSpMeOKHf3W0uZqOKG3cQQ4nw12M/qo+kG 7cSFvt2TMejuaRaMH6I6EWWVFjUvAabF -----END CERTIFICATE-----Generated at Sun Aug 24 01:00:45 2025 by rpki-client