$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3584/D1A129461D8511E2BB4FA4DC08B02CD2/HAF157M3En5uwlH0Og0qxhMRv04.mft File: HAF157M3En5uwlH0Og0qxhMRv04.mft (raw, json) Hash identifier: /AYDZotbAXSJYaU2x+zDnXd0fLEsQsysk4LTxVw6JgQ= Subject key identifier: DA:6B:EB:BC:C4:CB:EC:91:1A:E5:FF:19:A3:EC:44:A4:B3:5F:B6:9D Authority key identifier: 1C:01:75:E7:B3:37:12:7E:6E:C2:51:F4:3A:0D:2A:C6:13:11:BF:4E Certificate issuer: /CN=A91E3584/serialNumber=1C0175E7B337127E6EC251F43A0D2AC61311BF4E Certificate serial: 3494 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HAF157M3En5uwlH0Og0qxhMRv04.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3584/D1A129461D8511E2BB4FA4DC08B02CD2/HAF157M3En5uwlH0Og0qxhMRv04.mft Manifest number: 3491 Signing time: Sat 28 Jun 2025 14:25:26 +0000 Manifest this update: Sat 28 Jun 2025 14:25:26 +0000 Manifest next update: Sat 05 Jul 2025 14:25:26 +0000 Files and hashes: 1: HAF157M3En5uwlH0Og0qxhMRv04.crl (hash: QVhsLp9jMpyqp63EP3KKeyWZ+O491Ik+cYljM0bUirU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3584/D1A129461D8511E2BB4FA4DC08B02CD2/HAF157M3En5uwlH0Og0qxhMRv04.crl rsync://rpki.apnic.net/member_repository/A91E3584/D1A129461D8511E2BB4FA4DC08B02CD2/HAF157M3En5uwlH0Og0qxhMRv04.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HAF157M3En5uwlH0Og0qxhMRv04.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Jul 2025 14:25:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13460 (0x3494) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3584, serialNumber=1C0175E7B337127E6EC251F43A0D2AC61311BF4E Validity Not Before: Jun 28 14:25:26 2025 GMT Not After : Jul 5 14:25:26 2025 GMT Subject: CN=685ffb56-b70e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:86:7b:30:41:d4:7e:e5:d8:6c:ac:de:18:46: fb:f4:88:90:aa:b0:39:ad:4a:5e:1c:9e:67:ae:d6: c2:f5:2a:52:c0:7e:1d:60:02:b6:5c:7d:04:eb:43: 5f:f0:96:83:f0:a6:4f:88:95:0f:f8:b2:da:4b:04: 4c:06:7e:4c:f3:66:49:31:45:8d:31:9a:96:e9:fc: 71:3d:20:e2:ad:3d:ee:8b:51:3a:bd:11:e1:6c:ce: 3f:01:6d:59:f8:0d:fb:25:8a:84:97:0a:77:43:79: ca:95:0c:bf:5c:ed:c7:f7:cd:a5:78:0c:3d:28:1e: 1a:c2:d6:0b:55:02:69:31:e9:6a:8c:0d:0a:0c:15: 6d:f2:8b:77:98:ea:0c:c8:d6:d6:ca:c9:e4:e8:3e: 2e:3a:2f:d0:db:2a:6c:1c:2c:ef:d3:3a:8d:bf:60: d5:45:a0:57:af:e8:83:58:c6:d4:bc:95:d8:5f:7d: 79:6d:43:24:da:16:06:3b:87:d8:d0:ac:0e:94:5d: f0:31:0a:67:b0:f3:31:59:16:61:76:0c:2f:85:c0: 0f:40:f0:8b:af:37:5c:49:8a:87:e1:99:94:d4:1f: 09:65:f6:cb:45:51:52:7f:ca:c6:c9:78:74:cc:ab: 01:cc:15:14:23:8b:e6:12:08:31:b2:a3:62:ef:98: 27:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:6B:EB:BC:C4:CB:EC:91:1A:E5:FF:19:A3:EC:44:A4:B3:5F:B6:9D X509v3 Authority Key Identifier: keyid:1C:01:75:E7:B3:37:12:7E:6E:C2:51:F4:3A:0D:2A:C6:13:11:BF:4E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3584/D1A129461D8511E2BB4FA4DC08B02CD2/HAF157M3En5uwlH0Og0qxhMRv04.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HAF157M3En5uwlH0Og0qxhMRv04.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3584/D1A129461D8511E2BB4FA4DC08B02CD2/HAF157M3En5uwlH0Og0qxhMRv04.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3f:fd:6d:93:88:b0:0b:b8:b1:e5:e1:21:98:54:de:4a:42:a8: 43:88:c1:51:21:c7:70:bd:bd:f8:36:fc:61:ab:08:85:63:59: 0b:c7:be:15:85:85:09:02:50:7c:c0:a8:f1:36:e0:58:04:4c: 9d:14:0a:60:30:0c:3d:0f:02:09:93:a1:6f:9c:2d:30:25:28: 41:01:8e:c0:de:92:64:35:c5:84:76:94:84:7d:2f:b4:c8:08: 7b:3c:68:38:1a:4e:a7:1e:5f:8d:13:54:6c:e7:df:ee:e5:9d: cb:fb:71:98:eb:5a:f5:52:78:70:85:dd:d8:49:bb:27:be:09: dc:75:c3:fb:5d:8a:29:47:23:4c:a6:34:b0:8c:9a:20:47:45: 81:d9:96:da:9d:5f:bb:4f:d6:77:0b:49:aa:4f:51:88:4f:35: b7:81:b7:f9:34:f2:41:70:9d:25:b6:1d:1f:7d:4c:4a:72:29: 70:fb:69:5a:a7:c2:65:03:d5:8d:fc:07:ba:7f:07:6c:85:35: d0:6e:71:f7:e9:58:f7:ac:d3:b3:da:c0:67:b2:e0:a4:dc:cc: 9a:49:e8:7d:43:0e:43:1f:62:8e:66:7f:a4:01:2b:6f:8e:81: 78:e7:de:29:78:12:58:e0:ed:23:85:61:9a:c5:71:67:ce:ec: c3:ed:8b:95 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNJQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTM1ODQxMTAvBgNVBAUTKDFDMDE3NUU3QjMzNzEyN0U2RUMyNTFGNDNBMEQyQUM2 MTMxMUJGNEUwHhcNMjUwNjI4MTQyNTI2WhcNMjUwNzA1MTQyNTI2WjAYMRYwFAYD VQQDEw02ODVmZmI1Ni1iNzBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzoZ7MEHUfuXYbKzeGEb79IiQqrA5rUpeHJ5nrtbC9SpSwH4dYAK2XH0E60Nf 8JaD8KZPiJUP+LLaSwRMBn5M82ZJMUWNMZqW6fxxPSDirT3ui1E6vRHhbM4/AW1Z +A37JYqElwp3Q3nKlQy/XO3H982leAw9KB4awtYLVQJpMelqjA0KDBVt8ot3mOoM yNbWysnk6D4uOi/Q2ypsHCzv0zqNv2DVRaBXr+iDWMbUvJXYX315bUMk2hYGO4fY 0KwOlF3wMQpnsPMxWRZhdgwvhcAPQPCLrzdcSYqH4ZmU1B8JZfbLRVFSf8rGyXh0 zKsBzBUUI4vmEggxsqNi75gnaQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNpr67zE y+yRGuX/GaPsRKSzX7adMB8GA1UdIwQYMBaAFBwBdeezNxJ+bsJR9DoNKsYTEb9O MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMzU4NC9EMUExMjk0NjFE ODUxMUUyQkI0RkE0REMwOEIwMkNEMi9IQUYxNTdNM0VuNXV3bEgwT2cwcXhoTVJ2 MDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hBRjE1N00zRW41dXdsSDBPZzBxeGhNUnYwNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MzU4NC9EMUExMjk0NjFEODUxMUUyQkI0RkE0REMwOEIwMkNEMi9IQUYxNTdNM0Vu NXV3bEgwT2cwcXhoTVJ2MDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA//W2TiLALuLHl4SGYVN5KQqhDiMFRIcdwvb34NvxhqwiFY1kLx74V hYUJAlB8wKjxNuBYBEydFApgMAw9DwIJk6FvnC0wJShBAY7A3pJkNcWEdpSEfS+0 yAh7PGg4Gk6nHl+NE1Rs59/u5Z3L+3GY61r1Unhwhd3YSbsnvgncdcP7XYopRyNM pjSwjJogR0WB2ZbanV+7T9Z3C0mqT1GITzW3gbf5NPJBcJ0lth0ffUxKcilw+2la p8JlA9WN/Ae6fwdshTXQbnH36Vj3rNOz2sBnsuCk3MyaSeh9Qw5DH2KOZn+kAStv joF4594peBJY4O0jhWGaxXFnzuzD7YuV -----END CERTIFICATE-----Generated at Sun Jun 29 16:49:55 2025 by rpki-client