$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft File: He4XpqM4DuSI7ztuISW4eOZAckg.mft (raw, json) Hash identifier: AcDWJNPC4um/SugvW0vG2gey4ZRRysolhYksLUGXof4= Subject key identifier: EF:22:0E:57:3F:52:B9:D0:5B:23:98:8C:29:0C:08:E5:77:7E:07:AD Authority key identifier: 1D:EE:17:A6:A3:38:0E:E4:88:EF:3B:6E:21:25:B8:78:E6:40:72:48 Certificate issuer: /CN=A91E8D22/serialNumber=1DEE17A6A3380EE488EF3B6E2125B878E6407248 Certificate serial: 01AA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft Manifest number: 01A5 Signing time: Sat 23 Aug 2025 03:23:14 +0000 Manifest this update: Sat 23 Aug 2025 03:23:13 +0000 Manifest next update: Sat 30 Aug 2025 03:23:13 +0000 Files and hashes: 1: He4XpqM4DuSI7ztuISW4eOZAckg.crl (hash: 1FpHzPUMlCZwWlRQmbYhGLMGU36It1uIFCz4IDTujsI=) 2: 805A2E74660311EF90397033C4F9AE02.roa (hash: kr3XK/LA3ME6CWbcxw7hFQfhU6QavtLWXc2+mP6aHgc=) 3: 8405155C69EB11EF933A993CC4F9AE02.roa (hash: Nc218pLJmDdsf2Z9Kv612BkBE9ixmiOBUD2+vg6KRQA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.crl rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 03:23:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 426 (0x1aa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8D22, serialNumber=1DEE17A6A3380EE488EF3B6E2125B878E6407248 Validity Not Before: Aug 23 03:23:13 2025 GMT Not After : Aug 30 03:23:13 2025 GMT Subject: CN=68a93421-380b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:e3:8c:96:af:35:f7:26:67:fc:67:1a:da:5c: 02:0b:ca:e3:17:1e:a6:c0:79:78:6d:08:f0:ff:cc: 37:f2:67:50:50:80:ac:a4:c2:e4:68:75:7c:43:3d: c5:d7:7f:40:26:3b:fd:50:b6:50:09:47:44:22:c0: f6:0b:35:c9:60:8e:68:d1:85:64:68:40:0f:f4:cd: c0:80:5c:02:88:62:59:4e:f6:c7:fb:82:a3:40:ad: c7:57:b6:fa:14:69:0f:1b:aa:23:70:cd:10:82:25: 9c:a3:cb:f6:40:14:8d:23:44:ae:08:52:3d:03:ff: df:62:a7:6b:b0:73:94:b5:56:43:8b:da:a1:b2:19: 68:32:9a:2e:d2:b9:b4:61:7c:cc:14:2f:ac:ea:ce: 30:72:60:79:99:dd:dc:fe:df:db:93:51:6d:db:b6: 16:1b:cb:c8:ef:c3:f8:fa:3d:e4:f2:b7:5f:34:45: 8a:60:11:7a:f8:9c:f2:c1:1a:39:9b:f1:c1:1a:dd: 8d:fb:04:2c:9e:af:98:71:ad:64:17:00:2e:47:d4: 8d:78:63:89:bc:e0:c7:6f:21:30:af:cc:6d:2c:79: 17:0e:bb:23:ba:51:50:2c:e5:0f:f6:e4:24:59:95: b6:d0:56:e9:18:21:41:6d:30:a5:80:16:14:fe:eb: c7:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:22:0E:57:3F:52:B9:D0:5B:23:98:8C:29:0C:08:E5:77:7E:07:AD X509v3 Authority Key Identifier: keyid:1D:EE:17:A6:A3:38:0E:E4:88:EF:3B:6E:21:25:B8:78:E6:40:72:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 78:83:4e:77:32:3d:2e:2c:80:77:85:85:c6:39:a1:2f:75:9f: 62:80:b9:df:3e:71:e4:12:9d:b2:9e:cd:a0:72:9c:d6:82:b1: dd:fd:1d:70:05:39:2b:80:53:22:99:71:42:fe:46:b4:e6:06: 9b:3f:24:49:30:2a:b4:37:50:98:94:e6:aa:1c:ec:d4:1d:ed: 92:e4:01:d4:96:3a:d9:b4:1f:e2:16:87:bf:dd:dd:40:24:0b: be:36:ef:5f:31:47:83:9e:01:8b:fe:ba:9a:08:76:55:58:ce: df:32:ed:f3:f3:ed:4d:b2:b0:77:2d:bb:89:a5:47:b1:4e:57: d2:5b:55:d1:ae:63:c5:c1:b8:e7:b4:dc:11:e8:63:da:51:4c: 09:af:3e:e8:83:55:87:55:7e:26:7c:d1:95:99:52:41:4f:5b: e7:f4:11:72:70:d0:c9:a1:87:b9:2a:c6:5f:c1:80:69:7c:17: 60:68:e7:68:e9:81:0e:99:42:09:71:a0:ff:11:69:1d:fc:13: 37:41:7b:e4:81:a5:99:c4:f5:46:f2:cd:cb:c4:87:16:2f:ea: ae:98:83:5f:f1:5e:11:2a:da:bb:ed:38:7d:89:b5:3b:77:7e: 75:d6:41:85:d8:ad:10:08:84:47:92:a1:99:99:74:54:67:96: 0d:04:7b:10 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAaowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RThEMjIxMTAvBgNVBAUTKDFERUUxN0E2QTMzODBFRTQ4OEVGM0I2RTIxMjVCODc4 RTY0MDcyNDgwHhcNMjUwODIzMDMyMzEzWhcNMjUwODMwMDMyMzEzWjAYMRYwFAYD VQQDEw02OGE5MzQyMS0zODBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApOOMlq819yZn/Gca2lwCC8rjFx6mwHl4bQjw/8w38mdQUICspMLkaHV8Qz3F 139AJjv9ULZQCUdEIsD2CzXJYI5o0YVkaEAP9M3AgFwCiGJZTvbH+4KjQK3HV7b6 FGkPG6ojcM0QgiWco8v2QBSNI0SuCFI9A//fYqdrsHOUtVZDi9qhshloMpou0rm0 YXzMFC+s6s4wcmB5md3c/t/bk1Ft27YWG8vI78P4+j3k8rdfNEWKYBF6+JzywRo5 m/HBGt2N+wQsnq+Yca1kFwAuR9SNeGOJvODHbyEwr8xtLHkXDrsjulFQLOUP9uQk WZW20FbpGCFBbTClgBYU/uvHcQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFO8iDlc/ UrnQWyOYjCkMCOV3fgetMB8GA1UdIwQYMBaAFB3uF6ajOA7kiO87biEluHjmQHJI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEQyMi8zRjdENjhBOEZE RTUxMUVEODc4NDE3NzBDNEY5QUUwMi9IZTRYcHFNNER1U0k3enR1SVNXNGVPWkFj a2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hlNFhwcU00RHVTSTd6dHVJU1c0ZU9aQWNrZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OEQyMi8zRjdENjhBOEZERTUxMUVEODc4NDE3NzBDNEY5QUUwMi9IZTRYcHFNNER1 U0k3enR1SVNXNGVPWkFja2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB4g053Mj0uLIB3hYXGOaEvdZ9igLnfPnHkEp2yns2gcpzWgrHd/R1w BTkrgFMimXFC/ka05gabPyRJMCq0N1CYlOaqHOzUHe2S5AHUljrZtB/iFoe/3d1A JAu+Nu9fMUeDngGL/rqaCHZVWM7fMu3z8+1NsrB3LbuJpUexTlfSW1XRrmPFwbjn tNwR6GPaUUwJrz7og1WHVX4mfNGVmVJBT1vn9BFycNDJoYe5KsZfwYBpfBdgaOdo 6YEOmUIJcaD/EWkd/BM3QXvkgaWZxPVG8s3LxIcWL+qumINf8V4RKtq77Th9ibU7 d3511kGF2K0QCIRHkqGZmXRUZ5YNBHsQ -----END CERTIFICATE-----Generated at Sat Aug 23 21:01:09 2025 by rpki-client