$ rpki-client -vvf rpki.apnic.net/member_repository/A91A8151/70114DAA0C5711EA98510256C4F9AE02/USSgTiOq3aRNlKsNSrLAt7IL_HU.mft File: USSgTiOq3aRNlKsNSrLAt7IL_HU.mft (raw, json) Hash identifier: F1TrXBoaGAxk8AJ9m7L368b5ysMJGux2YWLW9R6QWMQ= Subject key identifier: 33:AF:94:75:5A:72:75:70:D0:F5:FD:D0:78:58:C2:F0:D5:A1:08:56 Authority key identifier: 51:24:A0:4E:23:AA:DD:A4:4D:94:AB:0D:4A:B2:C0:B7:B2:0B:FC:75 Certificate issuer: /CN=A91A8151/serialNumber=5124A04E23AADDA44D94AB0D4AB2C0B7B20BFC75 Certificate serial: 0C5B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/USSgTiOq3aRNlKsNSrLAt7IL_HU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A8151/70114DAA0C5711EA98510256C4F9AE02/USSgTiOq3aRNlKsNSrLAt7IL_HU.mft Manifest number: 0C4F Signing time: Fri 22 Aug 2025 18:42:20 +0000 Manifest this update: Fri 22 Aug 2025 18:42:19 +0000 Manifest next update: Fri 29 Aug 2025 18:42:19 +0000 Files and hashes: 1: USSgTiOq3aRNlKsNSrLAt7IL_HU.crl (hash: tV4c2HbDekC6zpBuczG4SwviPyvK+drNvtvjfmqK1gc=) 2: 4279BBD80C5811EA93151657C4F9AE02.roa (hash: sMJ9ABTkBjJpmsGpVTgN6KS8wLvV90Yar62yGx5iotI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A8151/70114DAA0C5711EA98510256C4F9AE02/USSgTiOq3aRNlKsNSrLAt7IL_HU.crl rsync://rpki.apnic.net/member_repository/A91A8151/70114DAA0C5711EA98510256C4F9AE02/USSgTiOq3aRNlKsNSrLAt7IL_HU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/USSgTiOq3aRNlKsNSrLAt7IL_HU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 18:42:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3163 (0xc5b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A8151, serialNumber=5124A04E23AADDA44D94AB0D4AB2C0B7B20BFC75 Validity Not Before: Aug 22 18:42:19 2025 GMT Not After : Aug 29 18:42:19 2025 GMT Subject: CN=68a8ba0b-243c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:be:1b:33:e3:66:5b:72:94:99:cd:ae:f0:39: a9:1b:f6:9c:9b:62:d5:ab:6d:49:9e:3a:80:c4:3f: a6:eb:f5:cc:c8:55:b4:9f:63:9a:33:49:fd:9a:a9: 0f:92:3f:4f:93:b0:93:28:63:fb:29:d0:a8:ce:1f: 33:db:93:e1:85:71:df:e0:52:b0:30:50:5c:d6:dd: 38:df:93:61:d4:29:90:d3:34:dc:af:97:33:64:be: 2f:b4:c0:88:8c:5b:54:78:40:5b:b3:de:3f:a3:f0: ad:bd:d7:f9:fd:38:45:95:d2:ba:ae:d1:24:29:fb: 62:78:f2:7e:a2:ba:4e:6d:a4:cf:88:53:87:87:f8: a9:e7:8c:f5:e2:b5:c2:a8:d7:8b:a4:9a:dd:33:85: 04:a8:ec:e5:5f:5f:c9:25:c6:2f:1f:d6:b8:a8:96: 12:4c:77:bc:3c:a3:48:bb:ce:e4:36:39:f4:b2:48: 46:82:13:0b:d1:5d:d9:c2:24:c3:2d:72:b3:80:32: f4:7a:35:81:6f:fb:93:e5:d8:c6:81:57:0e:5a:42: b1:65:dd:7c:0d:33:0d:f4:6c:cb:92:f1:ab:f6:ed: 80:b4:3d:76:de:76:c9:39:cb:78:b4:85:d9:e8:86: 67:9c:c5:15:a6:e2:ff:08:48:b4:79:95:0c:0a:4b: 3c:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:AF:94:75:5A:72:75:70:D0:F5:FD:D0:78:58:C2:F0:D5:A1:08:56 X509v3 Authority Key Identifier: keyid:51:24:A0:4E:23:AA:DD:A4:4D:94:AB:0D:4A:B2:C0:B7:B2:0B:FC:75 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A8151/70114DAA0C5711EA98510256C4F9AE02/USSgTiOq3aRNlKsNSrLAt7IL_HU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/USSgTiOq3aRNlKsNSrLAt7IL_HU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A8151/70114DAA0C5711EA98510256C4F9AE02/USSgTiOq3aRNlKsNSrLAt7IL_HU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c5:5f:c3:cd:d2:79:ac:b9:74:eb:c6:88:73:21:a8:f8:9b:b0: c8:40:56:fd:f9:40:ed:16:fd:1b:48:16:70:a1:de:a1:45:8e: 72:a1:e9:7c:b6:06:73:74:a8:73:f9:c5:f8:5c:1b:06:9a:44: 18:24:ad:12:45:61:fa:4e:18:54:2f:83:1f:16:1e:b2:c2:ae: 9f:36:bc:f4:7a:35:15:d2:36:33:5a:e3:ef:55:c6:b2:73:90: 78:e6:98:37:83:4b:f2:b0:19:12:dd:ed:ba:e0:92:9e:ab:31: 8f:fa:9c:c5:da:7c:d6:7c:5a:30:0d:87:04:0e:bf:84:2f:b4: dd:62:d4:0e:5a:58:f9:f5:e4:ea:ac:01:31:db:14:2e:a5:d5: 7a:80:64:a0:6f:21:e9:9d:6f:92:eb:bf:ee:e2:18:10:25:38: 45:14:25:fe:bf:e9:2d:2a:65:7b:8f:33:0c:45:15:91:ac:30: 8b:5d:62:b1:94:b3:8c:e8:a3:e1:76:04:45:c5:df:32:4d:69: 43:2c:3d:23:d9:3a:64:f9:80:76:70:39:bb:80:93:bf:1a:c6: 6e:c3:2c:d5:59:76:33:7c:92:5c:8b:e7:a1:85:d5:6c:56:73: a4:24:e3:2a:30:97:86:fa:58:e7:dd:e6:e8:44:69:66:7d:58: dc:1b:47:13 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDFswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTgxNTExMTAvBgNVBAUTKDUxMjRBMDRFMjNBQUREQTQ0RDk0QUIwRDRBQjJDMEI3 QjIwQkZDNzUwHhcNMjUwODIyMTg0MjE5WhcNMjUwODI5MTg0MjE5WjAYMRYwFAYD VQQDEw02OGE4YmEwYi0yNDNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAo74bM+NmW3KUmc2u8DmpG/acm2LVq21JnjqAxD+m6/XMyFW0n2OaM0n9mqkP kj9Pk7CTKGP7KdCozh8z25PhhXHf4FKwMFBc1t0435Nh1CmQ0zTcr5czZL4vtMCI jFtUeEBbs94/o/Ctvdf5/ThFldK6rtEkKftiePJ+orpObaTPiFOHh/ip54z14rXC qNeLpJrdM4UEqOzlX1/JJcYvH9a4qJYSTHe8PKNIu87kNjn0skhGghML0V3ZwiTD LXKzgDL0ejWBb/uT5djGgVcOWkKxZd18DTMN9GzLkvGr9u2AtD123nbJOct4tIXZ 6IZnnMUVpuL/CEi0eZUMCks8UQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDOvlHVa cnVw0PX90HhYwvDVoQhWMB8GA1UdIwQYMBaAFFEkoE4jqt2kTZSrDUqywLeyC/x1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBODE1MS83MDExNERBQTBD NTcxMUVBOTg1MTAyNTZDNEY5QUUwMi9VU1NnVGlPcTNhUk5sS3NOU3JMQXQ3SUxf SFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1VTU2dUaU9xM2FSTmxLc05TckxBdDdJTF9IVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB ODE1MS83MDExNERBQTBDNTcxMUVBOTg1MTAyNTZDNEY5QUUwMi9VU1NnVGlPcTNh Uk5sS3NOU3JMQXQ3SUxfSFUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDFX8PN0nmsuXTrxohzIaj4m7DIQFb9+UDtFv0bSBZwod6hRY5yoel8 tgZzdKhz+cX4XBsGmkQYJK0SRWH6ThhUL4MfFh6ywq6fNrz0ejUV0jYzWuPvVcay c5B45pg3g0vysBkS3e264JKeqzGP+pzF2nzWfFowDYcEDr+EL7TdYtQOWlj59eTq rAEx2xQupdV6gGSgbyHpnW+S67/u4hgQJThFFCX+v+ktKmV7jzMMRRWRrDCLXWKx lLOM6KPhdgRFxd8yTWlDLD0j2Tpk+YB2cDm7gJO/GsZuwyzVWXYzfJJci+ehhdVs VnOkJOMqMJeG+ljn3eboRGlmfVjcG0cT -----END CERTIFICATE-----Generated at Sun Aug 24 00:42:45 2025 by rpki-client