$ rpki-client -vvf rpki.apnic.net/member_repository/A91712A8/46500F8C7D6811EBA432176AC4F9AE02/CHQTSbZiijmB94o3MLiYg-PXa8o.mft File: CHQTSbZiijmB94o3MLiYg-PXa8o.mft (raw, json) Hash identifier: W4svcDTjv450roVx53GXDLUzTP3TaDS44nMw2GVR9Xc= Subject key identifier: 6A:AA:66:DA:16:F9:E4:1E:B2:43:35:AD:76:F6:31:98:27:60:16:20 Authority key identifier: 08:74:13:49:B6:62:8A:39:81:F7:8A:37:30:B8:98:83:E3:D7:6B:CA Certificate issuer: /CN=A91712A8/serialNumber=08741349B6628A3981F78A3730B89883E3D76BCA Certificate serial: 06AA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CHQTSbZiijmB94o3MLiYg-PXa8o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91712A8/46500F8C7D6811EBA432176AC4F9AE02/CHQTSbZiijmB94o3MLiYg-PXa8o.mft Manifest number: 06A3 Signing time: Mon 08 Sep 2025 22:15:37 +0000 Manifest this update: Mon 08 Sep 2025 22:15:37 +0000 Manifest next update: Mon 15 Sep 2025 22:15:37 +0000 Files and hashes: 1: CHQTSbZiijmB94o3MLiYg-PXa8o.crl (hash: KoI/D/QrN/5M4R9u0CqE41N72/DFUvXu8lyUJQ9xrvk=) 2: B69DB4D27D6911EBA420FC6AC4F9AE02.roa (hash: FCcszwJptQkcVppu2l7EfA+c1nSvvhedE2ZFRuB0CdU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91712A8/46500F8C7D6811EBA432176AC4F9AE02/CHQTSbZiijmB94o3MLiYg-PXa8o.crl rsync://rpki.apnic.net/member_repository/A91712A8/46500F8C7D6811EBA432176AC4F9AE02/CHQTSbZiijmB94o3MLiYg-PXa8o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CHQTSbZiijmB94o3MLiYg-PXa8o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 15 Sep 2025 22:15:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1706 (0x6aa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91712A8, serialNumber=08741349B6628A3981F78A3730B89883E3D76BCA Validity Not Before: Sep 8 22:15:37 2025 GMT Not After : Sep 15 22:15:37 2025 GMT Subject: CN=68bf5589-d6fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:39:a9:5d:1a:ae:58:23:70:57:cb:b1:02:68: dc:e7:c0:27:a9:19:25:50:7e:83:12:a8:69:7a:2b: 08:70:85:cb:8f:2d:12:c3:e6:88:8f:13:f2:4a:93: 48:64:df:22:64:4b:d3:ea:d7:d6:3d:24:aa:61:1f: c6:1a:e9:e9:02:10:fe:d6:f9:0f:0d:fe:e2:01:ff: c2:42:b9:77:db:3b:5f:14:a3:db:26:9f:18:88:fc: ae:5d:71:ad:d2:0d:36:88:61:92:1a:86:4d:d3:dd: 00:42:81:50:59:81:d7:72:3b:83:6a:80:79:7b:0e: ed:05:2e:3e:13:a1:ee:8d:75:64:fe:9a:f6:6e:45: b6:f6:62:11:7f:1f:a4:e9:56:a0:0c:1b:80:30:4b: 3d:1f:02:56:73:d9:14:01:4d:87:aa:27:4c:bd:96: 19:46:c0:cb:f1:e1:f9:a5:01:32:4e:de:b3:41:36: 50:bc:46:f7:cf:84:39:47:79:35:09:c3:89:7c:21: 53:ff:57:45:f5:f4:bb:be:fe:48:99:83:2c:65:8c: ff:32:f9:a9:a1:e9:62:c9:5d:49:98:2f:ce:b8:3c: 6e:c4:4c:76:6b:2a:b5:de:ad:16:fd:fa:27:01:85: 7c:5e:b3:b3:1b:53:dc:d2:e9:74:8b:1a:32:cb:6d: 71:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:AA:66:DA:16:F9:E4:1E:B2:43:35:AD:76:F6:31:98:27:60:16:20 X509v3 Authority Key Identifier: keyid:08:74:13:49:B6:62:8A:39:81:F7:8A:37:30:B8:98:83:E3:D7:6B:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91712A8/46500F8C7D6811EBA432176AC4F9AE02/CHQTSbZiijmB94o3MLiYg-PXa8o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CHQTSbZiijmB94o3MLiYg-PXa8o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91712A8/46500F8C7D6811EBA432176AC4F9AE02/CHQTSbZiijmB94o3MLiYg-PXa8o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9c:90:71:04:17:ec:10:7b:6c:2d:7b:38:20:3e:4b:93:87:0b: 51:ec:87:41:42:d6:1c:c9:23:95:56:43:82:da:70:46:14:66: 54:a7:72:a5:ec:fa:76:ce:05:bd:16:28:ae:db:5e:95:69:93: 73:40:84:f4:6a:23:a1:17:bd:da:55:18:d8:1e:5b:17:9c:11: ef:c9:97:32:60:af:77:79:2a:db:27:cf:51:50:7e:1c:4c:56: 61:a7:f2:b8:87:f5:94:29:77:17:34:99:0f:31:cd:8c:b3:e3: ae:6b:79:77:ce:a8:e6:87:4b:df:b2:ad:72:e6:ac:1b:c1:44: 29:02:25:f2:30:4c:31:29:39:73:95:0a:c9:05:9e:fb:a4:82: 1a:4c:d7:12:6c:4e:e1:f2:cc:be:dd:3d:63:c0:f1:cf:18:05: b7:d2:e5:57:1b:25:36:7a:9e:95:70:eb:ad:79:17:f7:24:8f: 7e:7c:4c:79:56:c7:bc:08:6e:35:d0:05:c8:b3:01:dd:b7:56: b9:78:32:41:40:15:1f:8e:39:34:f3:67:b7:d2:98:2b:b9:33: 2a:f0:af:5a:f2:c8:aa:68:9d:97:1c:12:30:5c:0d:e4:ca:b9: 41:ad:ad:39:ae:5f:13:8d:4f:d3:89:0e:9e:87:e5:36:a5:ce: 95:54:d9:73 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBqowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzEyQTgxMTAvBgNVBAUTKDA4NzQxMzQ5QjY2MjhBMzk4MUY3OEEzNzMwQjg5ODgz RTNENzZCQ0EwHhcNMjUwOTA4MjIxNTM3WhcNMjUwOTE1MjIxNTM3WjAYMRYwFAYD VQQDEw02OGJmNTU4OS1kNmZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtTmpXRquWCNwV8uxAmjc58AnqRklUH6DEqhpeisIcIXLjy0Sw+aIjxPySpNI ZN8iZEvT6tfWPSSqYR/GGunpAhD+1vkPDf7iAf/CQrl32ztfFKPbJp8YiPyuXXGt 0g02iGGSGoZN090AQoFQWYHXcjuDaoB5ew7tBS4+E6HujXVk/pr2bkW29mIRfx+k 6VagDBuAMEs9HwJWc9kUAU2HqidMvZYZRsDL8eH5pQEyTt6zQTZQvEb3z4Q5R3k1 CcOJfCFT/1dF9fS7vv5ImYMsZYz/MvmpoeliyV1JmC/OuDxuxEx2ayq13q0W/fon AYV8XrOzG1Pc0ul0ixoyy21xQQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGqqZtoW +eQeskM1rXb2MZgnYBYgMB8GA1UdIwQYMBaAFAh0E0m2Yoo5gfeKNzC4mIPj12vK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MTJBOC80NjUwMEY4QzdE NjgxMUVCQTQzMjE3NkFDNEY5QUUwMi9DSFFUU2JaaWlqbUI5NG8zTUxpWWctUFhh OG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NIUVRTYlppaWptQjk0bzNNTGlZZy1QWGE4by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MTJBOC80NjUwMEY4QzdENjgxMUVCQTQzMjE3NkFDNEY5QUUwMi9DSFFUU2JaaWlq bUI5NG8zTUxpWWctUFhhOG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCckHEEF+wQe2wtezggPkuThwtR7IdBQtYcySOVVkOC2nBGFGZUp3Kl 7Pp2zgW9Fiiu216VaZNzQIT0aiOhF73aVRjYHlsXnBHvyZcyYK93eSrbJ89RUH4c TFZhp/K4h/WUKXcXNJkPMc2Ms+Oua3l3zqjmh0vfsq1y5qwbwUQpAiXyMEwxKTlz lQrJBZ77pIIaTNcSbE7h8sy+3T1jwPHPGAW30uVXGyU2ep6VcOuteRf3JI9+fEx5 Vse8CG410AXIswHdt1a5eDJBQBUfjjk082e30pgruTMq8K9a8siqaJ2XHBIwXA3k yrlBra05rl8TjU/TiQ6eh+U2pc6VVNlz -----END CERTIFICATE-----Generated at Tue Sep 9 09:31:12 2025 by rpki-client