$ rpki-client -vvf rpki.apnic.net/member_repository/A91559AC/C06135165F8D11EAB500BD64C4F9AE02/CmH1ryEJpoNhH7ogbyCM7-NImCE.mft File: CmH1ryEJpoNhH7ogbyCM7-NImCE.mft (raw, json) Hash identifier: bB4HUYSnKaUlDfWnkef5oa8BBAbY25sGaVqrJI/haDM= Subject key identifier: 9F:CF:2E:91:B7:91:02:6B:60:54:0C:D4:C3:98:2A:74:D1:A9:B3:69 Authority key identifier: 0A:61:F5:AF:21:09:A6:83:61:1F:BA:20:6F:20:8C:EF:E3:48:98:21 Certificate issuer: /CN=A91559AC/serialNumber=0A61F5AF2109A683611FBA206F208CEFE3489821 Certificate serial: 0AB5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CmH1ryEJpoNhH7ogbyCM7-NImCE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91559AC/C06135165F8D11EAB500BD64C4F9AE02/CmH1ryEJpoNhH7ogbyCM7-NImCE.mft Manifest number: 0AF6 Signing time: Sun 24 Aug 2025 19:32:35 +0000 Manifest this update: Sun 24 Aug 2025 19:32:34 +0000 Manifest next update: Sun 31 Aug 2025 19:32:34 +0000 Files and hashes: 1: CmH1ryEJpoNhH7ogbyCM7-NImCE.crl (hash: FCfq8F8YIADEhtaVpZ8ztQDxiTh7CxtYucCc6BkTZtI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91559AC/C06135165F8D11EAB500BD64C4F9AE02/CmH1ryEJpoNhH7ogbyCM7-NImCE.crl rsync://rpki.apnic.net/member_repository/A91559AC/C06135165F8D11EAB500BD64C4F9AE02/CmH1ryEJpoNhH7ogbyCM7-NImCE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CmH1ryEJpoNhH7ogbyCM7-NImCE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 31 Aug 2025 19:03:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2741 (0xab5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91559AC, serialNumber=0A61F5AF2109A683611FBA206F208CEFE3489821 Validity Not Before: Aug 24 19:32:34 2025 GMT Not After : Aug 31 19:32:34 2025 GMT Subject: CN=68ab68d3-e494 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:ac:9d:53:e1:19:72:c7:a2:b2:f5:c8:9e:51: 8b:43:f6:c6:6f:51:25:50:ff:39:81:79:ca:a7:a7: 6f:0a:19:88:fd:07:f3:47:89:16:06:a7:73:a5:44: f4:69:38:09:57:2a:72:36:e1:9b:a1:14:d3:72:27: 84:87:8c:2e:17:25:b2:00:6d:c8:72:d0:72:ec:ea: 91:59:00:10:bf:cc:25:e0:14:26:e9:1c:7a:fc:b2: a9:80:0a:d3:05:64:90:cd:f2:90:ee:11:d7:07:25: fe:5e:ef:e8:dd:32:90:73:8c:22:e1:34:3e:18:66: c5:f9:23:b6:b9:67:4c:0d:46:4e:75:34:e1:13:43: 7d:70:4f:9b:2e:a2:19:8f:e2:9f:2f:93:77:3e:b3: 58:e8:62:fc:5d:91:7b:cd:3c:b0:95:9d:a3:cb:3f: 9b:b3:32:55:68:ec:3e:08:aa:d0:ff:ab:37:91:9b: 7b:2f:0b:a8:2a:08:2e:c6:c0:4a:46:18:75:b8:ce: 46:74:1f:c3:ed:4b:2e:40:be:88:41:be:38:2a:ce: 6e:f1:e3:d2:51:33:9a:37:41:79:fd:6f:99:f0:44: 80:31:de:c0:d1:68:2d:72:a0:bf:ce:b0:78:a9:1d: a8:da:01:bb:36:1b:53:c6:d8:20:74:03:b9:f1:21: 02:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:CF:2E:91:B7:91:02:6B:60:54:0C:D4:C3:98:2A:74:D1:A9:B3:69 X509v3 Authority Key Identifier: keyid:0A:61:F5:AF:21:09:A6:83:61:1F:BA:20:6F:20:8C:EF:E3:48:98:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91559AC/C06135165F8D11EAB500BD64C4F9AE02/CmH1ryEJpoNhH7ogbyCM7-NImCE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CmH1ryEJpoNhH7ogbyCM7-NImCE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91559AC/C06135165F8D11EAB500BD64C4F9AE02/CmH1ryEJpoNhH7ogbyCM7-NImCE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3c:5c:54:96:77:dc:00:4d:20:23:7d:16:67:17:f1:64:00:ed: 28:6c:44:76:76:31:f4:6a:1e:3b:7a:8c:34:7e:4d:60:5a:15: 1f:57:42:47:98:6a:01:ea:43:c9:2f:54:35:ac:fd:ba:94:77: 12:a1:1a:f7:48:7b:8f:56:9f:0e:bf:90:3d:46:71:15:6f:35: 95:87:95:8d:c8:84:24:06:41:cf:19:f8:d4:f0:2e:fe:8a:74: 29:ef:1c:d3:c1:ae:ae:ae:33:36:9d:37:ec:9d:4b:7d:7d:22: f6:26:3b:26:33:eb:d6:81:4e:5d:d3:f3:14:1f:6a:42:8f:38: 1a:f9:3e:dd:71:1a:50:af:1c:ca:b3:ee:5a:db:56:04:b8:7c: 12:be:e8:7c:2c:23:4c:8a:aa:b5:2d:b0:09:5f:4d:df:63:20: dd:3a:3d:7e:8c:eb:0f:6e:68:d5:b2:d3:8b:ba:e2:f2:53:fb: 90:4f:54:b8:b0:d5:47:71:64:61:53:95:00:d8:59:e7:9d:0e: c2:3c:04:f5:06:88:38:cb:fe:fc:ca:8f:61:17:93:84:d3:59: 5e:ce:31:23:8d:70:1e:ad:8d:65:ba:0d:27:f5:8a:45:bb:4b: 98:79:b0:8b:e6:d6:25:2c:e4:66:6a:29:3c:59:b8:e0:34:2c: 7c:81:bc:c1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCrUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTU5QUMxMTAvBgNVBAUTKDBBNjFGNUFGMjEwOUE2ODM2MTFGQkEyMDZGMjA4Q0VG RTM0ODk4MjEwHhcNMjUwODI0MTkzMjM0WhcNMjUwODMxMTkzMjM0WjAYMRYwFAYD VQQDEw02OGFiNjhkMy1lNDk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwqydU+EZcseisvXInlGLQ/bGb1ElUP85gXnKp6dvChmI/QfzR4kWBqdzpUT0 aTgJVypyNuGboRTTcieEh4wuFyWyAG3IctBy7OqRWQAQv8wl4BQm6Rx6/LKpgArT BWSQzfKQ7hHXByX+Xu/o3TKQc4wi4TQ+GGbF+SO2uWdMDUZOdTThE0N9cE+bLqIZ j+KfL5N3PrNY6GL8XZF7zTywlZ2jyz+bszJVaOw+CKrQ/6s3kZt7LwuoKgguxsBK Rhh1uM5GdB/D7UsuQL6IQb44Ks5u8ePSUTOaN0F5/W+Z8ESAMd7A0WgtcqC/zrB4 qR2o2gG7NhtTxtggdAO58SECnQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ/PLpG3 kQJrYFQM1MOYKnTRqbNpMB8GA1UdIwQYMBaAFAph9a8hCaaDYR+6IG8gjO/jSJgh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NTlBQy9DMDYxMzUxNjVG OEQxMUVBQjUwMEJENjRDNEY5QUUwMi9DbUgxcnlFSnBvTmhIN29nYnlDTTctTklt Q0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NtSDFyeUVKcG9OaEg3b2dieUNNNy1OSW1DRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 NTlBQy9DMDYxMzUxNjVGOEQxMUVBQjUwMEJENjRDNEY5QUUwMi9DbUgxcnlFSnBv TmhIN29nYnlDTTctTkltQ0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA8XFSWd9wATSAjfRZnF/FkAO0obER2djH0ah47eow0fk1gWhUfV0JH mGoB6kPJL1Q1rP26lHcSoRr3SHuPVp8Ov5A9RnEVbzWVh5WNyIQkBkHPGfjU8C7+ inQp7xzTwa6urjM2nTfsnUt9fSL2JjsmM+vWgU5d0/MUH2pCjzga+T7dcRpQrxzK s+5a21YEuHwSvuh8LCNMiqq1LbAJX03fYyDdOj1+jOsPbmjVstOLuuLyU/uQT1S4 sNVHcWRhU5UA2FnnnQ7CPAT1Bog4y/78yo9hF5OE01lezjEjjXAerY1lug0n9YpF u0uYebCL5tYlLORmaik8WbjgNCx8gbzB -----END CERTIFICATE-----Generated at Sun Aug 24 21:48:14 2025 by rpki-client