$ rpki-client -vvf rpki.apnic.net/member_repository/A913442A/AB4E5244FC3911EC95C81387C4F9AE02/RCHzqdfkHW9Ht4b90-eojeQrB7k.mft File: RCHzqdfkHW9Ht4b90-eojeQrB7k.mft (raw, json) Hash identifier: r8jZwMmskZ+T9HS/0Oa/J+kfxwC7WxzD5/dtqdqkZGo= Subject key identifier: 7F:67:04:2A:5B:2E:59:2D:33:48:6E:14:50:70:AB:D2:3E:DF:60:FB Authority key identifier: 44:21:F3:A9:D7:E4:1D:6F:47:B7:86:FD:D3:E7:A8:8D:E4:2B:07:B9 Certificate issuer: /CN=A913442A/serialNumber=4421F3A9D7E41D6F47B786FDD3E7A88DE42B07B9 Certificate serial: 02A9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RCHzqdfkHW9Ht4b90-eojeQrB7k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913442A/AB4E5244FC3911EC95C81387C4F9AE02/RCHzqdfkHW9Ht4b90-eojeQrB7k.mft Manifest number: 02A5 Signing time: Sat 31 May 2025 01:41:47 +0000 Manifest this update: Sat 31 May 2025 01:41:46 +0000 Manifest next update: Sat 07 Jun 2025 01:41:46 +0000 Files and hashes: 1: RCHzqdfkHW9Ht4b90-eojeQrB7k.crl (hash: pCOtr/39ft8tdVJwxgAw3R2WL8oWlzySG4mxLNhP6co=) 2: 0F9DB8E0FC3D11ECAD619C35C4F9AE02.roa (hash: 5LtQSX5vsNltnL8EwaCWb4W4bCqyFzBXrqfQ3KUZW5E=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913442A/AB4E5244FC3911EC95C81387C4F9AE02/RCHzqdfkHW9Ht4b90-eojeQrB7k.crl rsync://rpki.apnic.net/member_repository/A913442A/AB4E5244FC3911EC95C81387C4F9AE02/RCHzqdfkHW9Ht4b90-eojeQrB7k.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RCHzqdfkHW9Ht4b90-eojeQrB7k.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 01:41:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 681 (0x2a9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913442A, serialNumber=4421F3A9D7E41D6F47B786FDD3E7A88DE42B07B9 Validity Not Before: May 31 01:41:46 2025 GMT Not After : Jun 7 01:41:46 2025 GMT Subject: CN=683a5e5a-213d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:0b:57:01:b1:8c:d5:5c:2c:68:6e:17:aa:b2: 0a:ba:ea:7e:d2:fc:41:07:72:e8:a0:99:00:31:25: 97:63:cb:ca:6d:4b:7c:36:4d:74:4d:a3:71:54:25: 97:c1:74:e3:89:4b:2d:e7:0f:65:6e:6d:fd:be:39: e1:c7:cc:b7:a2:18:98:3e:f1:27:7c:59:07:b8:b6: ec:13:77:52:1f:e4:d0:f7:b5:cc:85:d7:7e:80:93: 63:10:b2:7e:03:93:5c:30:08:f2:df:23:88:09:6c: 84:25:a7:6d:32:da:5d:68:6b:bd:87:39:19:b7:ff: 49:a0:e5:3c:a7:4e:c3:61:8e:72:e5:57:f0:46:5d: 6c:34:44:70:a8:07:15:42:60:6f:7f:82:29:1d:43: dc:46:8d:94:ba:82:74:a4:b9:92:69:ff:76:7b:d4: b6:0e:53:43:69:5b:54:a1:cf:4e:e7:e1:ff:89:3e: ec:46:9f:85:37:78:43:1f:50:93:18:93:d1:0b:2e: 50:02:b3:32:2a:7a:2c:ea:c7:e4:d0:0d:44:37:46: 59:0c:57:f5:1f:8d:50:c4:98:8c:a2:dc:fd:92:96: 9d:0a:bb:cd:a7:4a:13:3e:75:2c:45:b9:4c:4a:9b: 48:5d:39:bc:8d:0a:77:e2:a5:b2:dc:80:ab:19:6d: 65:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:67:04:2A:5B:2E:59:2D:33:48:6E:14:50:70:AB:D2:3E:DF:60:FB X509v3 Authority Key Identifier: keyid:44:21:F3:A9:D7:E4:1D:6F:47:B7:86:FD:D3:E7:A8:8D:E4:2B:07:B9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913442A/AB4E5244FC3911EC95C81387C4F9AE02/RCHzqdfkHW9Ht4b90-eojeQrB7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RCHzqdfkHW9Ht4b90-eojeQrB7k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913442A/AB4E5244FC3911EC95C81387C4F9AE02/RCHzqdfkHW9Ht4b90-eojeQrB7k.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 20:80:98:c9:90:a8:57:6d:62:0b:c7:f5:e1:da:7f:1e:50:7b: b6:25:45:e5:ce:8d:77:a4:b1:a8:67:33:e4:96:6f:65:46:f9: e6:b3:7b:97:dd:42:b0:7a:69:82:16:65:e8:27:51:b0:4e:70: 8a:29:6b:7e:a6:73:51:40:28:38:a0:39:01:ef:7e:00:40:a4: 23:c6:60:a4:99:b7:85:ca:81:15:fa:c0:cb:4b:b1:65:49:64: 07:03:83:df:ce:79:b1:36:e6:a6:f5:f7:61:84:55:11:03:fd: 2a:c1:83:27:51:41:a9:be:18:42:22:62:08:89:b6:08:f1:8c: 4b:f2:d0:e5:6d:28:a2:f2:28:2a:5f:2e:0c:90:ea:9d:c9:21: 64:c5:a7:69:69:7f:86:aa:0e:18:21:67:d7:cb:e4:ea:46:4b: 32:ca:1e:22:36:92:7e:9d:3d:75:ae:f4:d6:ed:f6:d1:8c:cd: f7:84:17:62:86:51:d0:4c:c0:e0:3d:0e:6e:8d:81:ef:f8:b7: 36:b5:e5:bb:df:b7:ff:c0:65:69:9c:bb:61:b0:3b:3c:80:d6: ce:26:39:2c:91:80:bd:f5:a3:6a:49:e3:97:69:59:31:f6:df: 6c:d4:45:e4:01:21:be:b2:bb:e3:8a:24:82:59:5b:2a:e4:1f: 42:b3:ea:88 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAqkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzQ0MkExMTAvBgNVBAUTKDQ0MjFGM0E5RDdFNDFENkY0N0I3ODZGREQzRTdBODhE RTQyQjA3QjkwHhcNMjUwNTMxMDE0MTQ2WhcNMjUwNjA3MDE0MTQ2WjAYMRYwFAYD VQQDEw02ODNhNWU1YS0yMTNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvAtXAbGM1VwsaG4XqrIKuup+0vxBB3LooJkAMSWXY8vKbUt8Nk10TaNxVCWX wXTjiUst5w9lbm39vjnhx8y3ohiYPvEnfFkHuLbsE3dSH+TQ97XMhdd+gJNjELJ+ A5NcMAjy3yOICWyEJadtMtpdaGu9hzkZt/9JoOU8p07DYY5y5VfwRl1sNERwqAcV QmBvf4IpHUPcRo2UuoJ0pLmSaf92e9S2DlNDaVtUoc9O5+H/iT7sRp+FN3hDH1CT GJPRCy5QArMyKnos6sfk0A1EN0ZZDFf1H41QxJiMotz9kpadCrvNp0oTPnUsRblM SptIXTm8jQp34qWy3ICrGW1lQQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH9nBCpb LlktM0huFFBwq9I+32D7MB8GA1UdIwQYMBaAFEQh86nX5B1vR7eG/dPnqI3kKwe5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNDQyQS9BQjRFNTI0NEZD MzkxMUVDOTVDODEzODdDNEY5QUUwMi9SQ0h6cWRma0hXOUh0NGI5MC1lb2plUXJC N2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1JDSHpxZGZrSFc5SHQ0YjkwLWVvamVRckI3ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NDQyQS9BQjRFNTI0NEZDMzkxMUVDOTVDODEzODdDNEY5QUUwMi9SQ0h6cWRma0hX OUh0NGI5MC1lb2plUXJCN2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAggJjJkKhXbWILx/Xh2n8eUHu2JUXlzo13pLGoZzPklm9lRvnms3uX 3UKwemmCFmXoJ1GwTnCKKWt+pnNRQCg4oDkB734AQKQjxmCkmbeFyoEV+sDLS7Fl SWQHA4PfznmxNuam9fdhhFURA/0qwYMnUUGpvhhCImIIibYI8YxL8tDlbSii8igq Xy4MkOqdySFkxadpaX+Gqg4YIWfXy+TqRksyyh4iNpJ+nT11rvTW7fbRjM33hBdi hlHQTMDgPQ5ujYHv+Lc2teW737f/wGVpnLthsDs8gNbOJjkskYC99aNqSeOXaVkx 9t9s1EXkASG+srvjiiSCWVsq5B9Cs+qI -----END CERTIFICATE-----Generated at Sat May 31 16:56:19 2025 by rpki-client