$ rpki-client -vvf rpki.apnic.net/member_repository/A91B15DC/5823AF86CEED11EFBD655511C4F9AE02/HUXnKUVKJCRGewPPyZfX6xhK52Y.mft File: HUXnKUVKJCRGewPPyZfX6xhK52Y.mft (raw, json) Hash identifier: Sy6CHBJdvFlHMHdRTGEDugFuDN3iDV4bKqAmvY4ODl8= Subject key identifier: D4:D5:2D:61:4F:17:C5:C3:34:B2:B2:88:A6:BF:86:4F:BF:12:56:5F Authority key identifier: 1D:45:E7:29:45:4A:24:24:46:7B:03:CF:C9:97:D7:EB:18:4A:E7:66 Certificate issuer: /CN=A91B15DC/serialNumber=1D45E729454A2424467B03CFC997D7EB184AE766 Certificate serial: 5B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HUXnKUVKJCRGewPPyZfX6xhK52Y.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B15DC/5823AF86CEED11EFBD655511C4F9AE02/HUXnKUVKJCRGewPPyZfX6xhK52Y.mft Manifest number: 5A Signing time: Thu 03 Jul 2025 07:22:19 +0000 Manifest this update: Thu 03 Jul 2025 07:22:19 +0000 Manifest next update: Thu 10 Jul 2025 07:22:18 +0000 Files and hashes: 1: HUXnKUVKJCRGewPPyZfX6xhK52Y.crl (hash: ke1LOgbWvZVWalv7OZedIrVKtM/gj5l1EeRyMtukcm8=) 2: 14F7BC00CEEF11EFAF6F762FC4F9AE02.roa (hash: ky3VVMd3//RxqftA8fTaKeSx7YmcJGB1DWo9MLV8eHo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B15DC/5823AF86CEED11EFBD655511C4F9AE02/HUXnKUVKJCRGewPPyZfX6xhK52Y.crl rsync://rpki.apnic.net/member_repository/A91B15DC/5823AF86CEED11EFBD655511C4F9AE02/HUXnKUVKJCRGewPPyZfX6xhK52Y.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HUXnKUVKJCRGewPPyZfX6xhK52Y.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 91 (0x5b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B15DC, serialNumber=1D45E729454A2424467B03CFC997D7EB184AE766 Validity Not Before: Jul 3 07:22:19 2025 GMT Not After : Jul 10 07:22:18 2025 GMT Subject: CN=68662fab-d337 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:c4:7d:20:1d:c9:a3:b9:71:df:8f:cc:d7:1d: b9:7d:42:0d:40:13:47:c8:44:6f:bd:e8:f8:7b:66: 45:8a:3b:b7:a2:af:a6:61:5d:e3:66:76:5a:b9:92: 98:ec:e6:07:2f:77:09:2b:71:0e:d8:e3:13:53:f5: ce:b1:e7:0b:81:9e:4a:de:7e:29:cc:68:8c:0e:6e: ad:d8:5d:c8:98:3a:08:1d:ab:99:cf:13:b7:15:51: df:55:b7:05:3a:5a:80:65:08:db:de:7e:15:9e:4f: 2d:41:26:91:6b:37:73:78:3f:2d:45:bc:8e:74:4b: e3:ff:0d:08:24:06:1f:3b:03:50:3e:35:94:58:7b: 2b:34:7a:49:42:d4:fa:77:45:74:3c:6f:23:dc:9e: de:9c:59:c5:09:8c:53:65:60:64:72:2e:f4:86:91: a0:3f:7c:ae:43:de:0d:6c:91:ae:16:66:53:a7:77: 33:6e:8c:ef:12:9c:8e:64:0c:34:7d:d0:54:0c:5d: 11:7a:6b:6a:28:6f:bc:7c:05:37:d4:a7:b8:94:14: 8a:b7:7b:90:30:9c:55:b7:82:8a:cd:74:88:b4:24: 4c:24:be:0c:61:12:69:ee:93:f6:98:cd:6d:84:d5: 0a:69:b9:99:9c:24:56:20:64:51:a4:05:a4:38:33: 44:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:D5:2D:61:4F:17:C5:C3:34:B2:B2:88:A6:BF:86:4F:BF:12:56:5F X509v3 Authority Key Identifier: keyid:1D:45:E7:29:45:4A:24:24:46:7B:03:CF:C9:97:D7:EB:18:4A:E7:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B15DC/5823AF86CEED11EFBD655511C4F9AE02/HUXnKUVKJCRGewPPyZfX6xhK52Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HUXnKUVKJCRGewPPyZfX6xhK52Y.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B15DC/5823AF86CEED11EFBD655511C4F9AE02/HUXnKUVKJCRGewPPyZfX6xhK52Y.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4d:98:08:8f:77:f4:76:e4:2d:14:5f:84:78:b9:ca:a6:00:2c: 24:bf:1f:52:d2:83:bc:c9:b0:2e:58:99:e0:08:87:91:4f:77: 33:d0:fe:e3:13:82:fb:6c:c3:66:45:d7:7d:fb:ac:b5:42:fa: 42:e8:c8:d1:1b:2e:aa:75:70:db:d2:be:53:d7:fb:dd:d1:9e: 80:f6:3a:2f:74:4a:8d:3c:5e:b9:c2:94:18:63:37:ad:fc:52: 72:4b:98:7e:aa:e8:29:9e:b4:c2:40:38:d1:dd:a1:46:6e:b9: a2:2c:8d:16:36:07:65:07:33:5c:ff:01:0f:c3:2a:6c:26:49: dd:72:e0:ac:0e:62:ae:34:40:66:6e:9d:e8:7e:a1:24:f3:4f: ac:32:fa:de:05:44:03:49:e8:4f:af:f1:fc:43:5a:c3:46:ca: 16:6d:56:03:77:08:c6:53:20:b7:cd:78:a8:86:8f:bd:7d:b3: c0:98:f2:67:0d:aa:53:02:65:df:5f:91:db:67:85:ca:a1:43: 64:b6:13:a5:3a:d5:b1:85:b1:20:c4:e0:f0:db:e3:66:cd:5d: c9:16:52:5c:2f:7b:7d:73:ec:a0:42:82:cf:5b:ca:2c:33:ef: f0:06:c3:f7:66:fc:c1:90:d3:99:39:d6:a1:af:eb:27:c0:ba: 92:cd:02:53 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBWzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC MTVEQzExMC8GA1UEBRMoMUQ0NUU3Mjk0NTRBMjQyNDQ2N0IwM0NGQzk5N0Q3RUIx ODRBRTc2NjAeFw0yNTA3MDMwNzIyMTlaFw0yNTA3MTAwNzIyMThaMBgxFjAUBgNV BAMTDTY4NjYyZmFiLWQzMzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDPxH0gHcmjuXHfj8zXHbl9Qg1AE0fIRG+96Ph7ZkWKO7eir6ZhXeNmdlq5kpjs 5gcvdwkrcQ7Y4xNT9c6x5wuBnkrefinMaIwObq3YXciYOggdq5nPE7cVUd9VtwU6 WoBlCNvefhWeTy1BJpFrN3N4Py1FvI50S+P/DQgkBh87A1A+NZRYeys0eklC1Pp3 RXQ8byPcnt6cWcUJjFNlYGRyLvSGkaA/fK5D3g1ska4WZlOndzNujO8SnI5kDDR9 0FQMXRF6a2oob7x8BTfUp7iUFIq3e5AwnFW3gorNdIi0JEwkvgxhEmnuk/aYzW2E 1QppuZmcJFYgZFGkBaQ4M0R5AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU1NUtYU8X xcM0srKIpr+GT78SVl8wHwYDVR0jBBgwFoAUHUXnKUVKJCRGewPPyZfX6xhK52Yw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUIxNURDLzU4MjNBRjg2Q0VF RDExRUZCRDY1NTUxMUM0RjlBRTAyL0hVWG5LVVZLSkNSR2V3UFB5WmZYNnhoSzUy WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvSFVYbktVVktKQ1JHZXdQUHlaZlg2eGhLNTJZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUIx NURDLzU4MjNBRjg2Q0VFRDExRUZCRDY1NTUxMUM0RjlBRTAyL0hVWG5LVVZLSkNS R2V3UFB5WmZYNnhoSzUyWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAE2YCI939HbkLRRfhHi5yqYALCS/H1LSg7zJsC5YmeAIh5FPdzPQ/uMT gvtsw2ZF1337rLVC+kLoyNEbLqp1cNvSvlPX+93RnoD2Oi90So08XrnClBhjN638 UnJLmH6q6CmetMJAONHdoUZuuaIsjRY2B2UHM1z/AQ/DKmwmSd1y4KwOYq40QGZu neh+oSTzT6wy+t4FRANJ6E+v8fxDWsNGyhZtVgN3CMZTILfNeKiGj719s8CY8mcN qlMCZd9fkdtnhcqhQ2S2E6U61bGFsSDE4PDb42bNXckWUlwve31z7KBCgs9byiwz 7/AGw/dm/MGQ05k51qGv6yfAupLNAlM= -----END CERTIFICATE-----Generated at Thu Jul 3 15:21:38 2025 by rpki-client