$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.mft File: HretI1L3xupKYveEzl-7EW3ybsI.mft (raw, json) Hash identifier: 3qe7UN2yn175BloTlgPMblKf+l7JLODlVsms/4y9AZA= Subject key identifier: 3A:48:37:47:8E:A6:92:53:2B:DF:6B:AC:70:F7:55:E1:AE:22:E1:86 Authority key identifier: 1E:B7:AD:23:52:F7:C6:EA:4A:62:F7:84:CE:5F:BB:11:6D:F2:6E:C2 Certificate issuer: /CN=A91EF24F/serialNumber=1EB7AD2352F7C6EA4A62F784CE5FBB116DF26EC2 Certificate serial: 0812 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HretI1L3xupKYveEzl-7EW3ybsI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.mft Manifest number: 07F9 Signing time: Fri 22 Aug 2025 21:15:15 +0000 Manifest this update: Fri 22 Aug 2025 21:15:14 +0000 Manifest next update: Fri 29 Aug 2025 21:15:14 +0000 Files and hashes: 1: HretI1L3xupKYveEzl-7EW3ybsI.crl (hash: lhkuX+0nNBRFboawqf7Wh6JxcbFEvJF36e9ZxFCKaf4=) 2: 84B96CA6904111EF8D11A381C4F9AE02.roa (hash: apZe4MVRPNoFnu0VdCcMOgQQIHarERu0kJz1jLlb1yY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.crl rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HretI1L3xupKYveEzl-7EW3ybsI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 21:15:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2066 (0x812) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EF24F, serialNumber=1EB7AD2352F7C6EA4A62F784CE5FBB116DF26EC2 Validity Not Before: Aug 22 21:15:14 2025 GMT Not After : Aug 29 21:15:14 2025 GMT Subject: CN=68a8dde3-e625 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:be:ea:0a:11:f7:14:f7:0f:c2:ff:13:04:10: 6b:71:44:5b:e8:f6:d7:0c:f8:6d:dc:e7:ed:59:42: c5:e2:ef:52:c9:f1:4b:79:a5:bd:04:f4:29:03:a3: 94:82:a7:d0:4d:fb:af:c5:76:97:78:0a:75:54:e8: be:a7:b1:db:a6:68:39:66:d6:9a:94:71:d1:2a:35: de:f0:92:a6:c5:1b:91:30:af:24:98:df:e6:f8:c8: b8:09:d7:95:8e:5b:24:0c:b0:03:88:ce:57:3b:9d: 8c:1d:e3:07:2a:67:32:ef:2c:a9:4c:03:20:c5:b6: 37:7d:61:d0:31:76:3b:40:d3:4d:fe:6d:7e:c8:e5: 36:db:e7:a8:d3:65:93:f9:87:fc:5b:6e:3e:b1:7e: 45:41:a3:fb:1b:c6:3e:b2:57:fb:ec:eb:64:64:ec: 3b:83:d0:f0:5c:6a:c1:84:31:6d:c1:48:8e:1d:64: e3:f2:69:2e:e1:30:bb:9e:95:e4:ed:ad:b6:6b:c8: a1:a2:56:92:1d:40:0c:d8:99:d5:7f:9d:c1:6e:31: 6d:13:a4:6e:ae:db:34:5b:dc:ea:53:f6:cf:0a:38: 32:c1:17:8f:93:ff:a1:60:90:5f:15:c5:6e:e7:8d: 9a:fe:48:53:2c:4d:91:87:48:a7:82:0a:3e:93:df: d2:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:48:37:47:8E:A6:92:53:2B:DF:6B:AC:70:F7:55:E1:AE:22:E1:86 X509v3 Authority Key Identifier: keyid:1E:B7:AD:23:52:F7:C6:EA:4A:62:F7:84:CE:5F:BB:11:6D:F2:6E:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HretI1L3xupKYveEzl-7EW3ybsI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 51:4a:3f:ed:a6:b1:85:21:fb:f1:94:0a:a7:79:3b:87:81:ef: a9:e6:ba:e8:02:86:7f:38:69:56:b3:c7:8b:25:18:43:67:e6: fc:9a:44:cc:97:af:2f:8f:61:fc:d7:d9:eb:95:92:c5:4b:fe: a2:5a:30:48:41:29:cf:f7:89:09:7f:37:86:bf:10:40:62:4f: 9b:26:50:50:63:60:f2:52:5a:1a:fb:ad:59:8b:9c:b9:c9:9b: 64:61:87:74:74:89:29:b6:0f:48:04:64:0a:54:43:dd:27:d5: 99:bb:26:70:9d:b0:f4:c0:7a:e6:74:e1:62:b7:7d:78:16:8a: 74:48:ca:9d:22:e5:7c:72:5d:9c:00:fa:94:27:12:a9:b3:f7: 01:d2:68:c5:a9:84:8d:e8:d9:3a:05:2d:08:d3:ce:97:81:c9: c3:e5:23:e3:65:e5:b8:64:3b:64:3c:0f:68:b6:56:da:57:2c: 29:d5:0b:08:c4:9e:2a:cd:3e:b1:a2:a2:d6:52:ff:0e:5e:03: b4:7b:79:2a:86:32:fe:cf:86:f5:4c:74:1d:25:10:21:61:01: 3a:ac:37:d4:f7:53:bf:de:58:f7:a1:ca:d6:4f:5d:52:4b:ee: ed:8d:2a:6a:e2:4d:1c:9e:e3:b1:f4:69:8e:ce:fd:4b:ee:14: 24:9c:d2:4a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCBIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUYyNEYxMTAvBgNVBAUTKDFFQjdBRDIzNTJGN0M2RUE0QTYyRjc4NENFNUZCQjEx NkRGMjZFQzIwHhcNMjUwODIyMjExNTE0WhcNMjUwODI5MjExNTE0WjAYMRYwFAYD VQQDEw02OGE4ZGRlMy1lNjI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqb7qChH3FPcPwv8TBBBrcURb6PbXDPht3OftWULF4u9SyfFLeaW9BPQpA6OU gqfQTfuvxXaXeAp1VOi+p7Hbpmg5ZtaalHHRKjXe8JKmxRuRMK8kmN/m+Mi4CdeV jlskDLADiM5XO52MHeMHKmcy7yypTAMgxbY3fWHQMXY7QNNN/m1+yOU22+eo02WT +Yf8W24+sX5FQaP7G8Y+slf77OtkZOw7g9DwXGrBhDFtwUiOHWTj8mku4TC7npXk 7a22a8iholaSHUAM2JnVf53BbjFtE6Rurts0W9zqU/bPCjgywRePk/+hYJBfFcVu 542a/khTLE2Rh0inggo+k9/SQQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDpIN0eO ppJTK99rrHD3VeGuIuGGMB8GA1UdIwQYMBaAFB63rSNS98bqSmL3hM5fuxFt8m7C MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRjI0Ri82NURERkFCNDAy RkExMUVCQTNBMEEyMzFDNEY5QUUwMi9IcmV0STFMM3h1cEtZdmVFemwtN0VXM3li c0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hyZXRJMUwzeHVwS1l2ZUV6bC03RVczeWJzSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF RjI0Ri82NURERkFCNDAyRkExMUVCQTNBMEEyMzFDNEY5QUUwMi9IcmV0STFMM3h1 cEtZdmVFemwtN0VXM3lic0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBRSj/tprGFIfvxlAqneTuHge+p5rroAoZ/OGlWs8eLJRhDZ+b8mkTM l68vj2H819nrlZLFS/6iWjBIQSnP94kJfzeGvxBAYk+bJlBQY2DyUloa+61Zi5y5 yZtkYYd0dIkptg9IBGQKVEPdJ9WZuyZwnbD0wHrmdOFit314Fop0SMqdIuV8cl2c APqUJxKps/cB0mjFqYSN6Nk6BS0I086XgcnD5SPjZeW4ZDtkPA9otlbaVywp1QsI xJ4qzT6xoqLWUv8OXgO0e3kqhjL+z4b1THQdJRAhYQE6rDfU91O/3lj3ocrWT11S S+7tjSpq4k0cnuOx9GmOzv1L7hQknNJK -----END CERTIFICATE-----Generated at Sun Aug 24 00:42:37 2025 by rpki-client