$ rpki-client -vvf rpki.apnic.net/member_repository/A91937EA/1E9656306A5911EBA3641C3DC4F9AE02/CRHpmq32ZPA5kpyru0h0o6Fhyq0.mft File: CRHpmq32ZPA5kpyru0h0o6Fhyq0.mft (raw, json) Hash identifier: 6iav0JtEoeNl291ONZIc1gbsdZsSp/3jJYT6wd3Lhtg= Subject key identifier: BC:6D:0A:CA:67:11:76:4D:63:BF:E4:FD:A1:15:B0:AD:FE:0C:6F:D9 Authority key identifier: 09:11:E9:9A:AD:F6:64:F0:39:92:9C:AB:BB:48:74:A3:A1:61:CA:AD Certificate issuer: /CN=A91937EA/serialNumber=0911E99AADF664F039929CABBB4874A3A161CAAD Certificate serial: 069D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CRHpmq32ZPA5kpyru0h0o6Fhyq0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91937EA/1E9656306A5911EBA3641C3DC4F9AE02/CRHpmq32ZPA5kpyru0h0o6Fhyq0.mft Manifest number: 069B Signing time: Fri 30 May 2025 22:24:11 +0000 Manifest this update: Fri 30 May 2025 22:24:11 +0000 Manifest next update: Fri 06 Jun 2025 22:24:11 +0000 Files and hashes: 1: CRHpmq32ZPA5kpyru0h0o6Fhyq0.crl (hash: yeHOEyzfpCP1BXdmSSV+pFlDaW2IyJ9oMBNOmIMfTis=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91937EA/1E9656306A5911EBA3641C3DC4F9AE02/CRHpmq32ZPA5kpyru0h0o6Fhyq0.crl rsync://rpki.apnic.net/member_repository/A91937EA/1E9656306A5911EBA3641C3DC4F9AE02/CRHpmq32ZPA5kpyru0h0o6Fhyq0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CRHpmq32ZPA5kpyru0h0o6Fhyq0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 22:24:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1693 (0x69d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91937EA, serialNumber=0911E99AADF664F039929CABBB4874A3A161CAAD Validity Not Before: May 30 22:24:11 2025 GMT Not After : Jun 6 22:24:11 2025 GMT Subject: CN=683a300b-7153 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:fd:0a:03:f0:99:7b:77:11:9f:2c:ea:08:1d: 6d:dc:21:09:5e:55:4f:1e:a4:66:fd:ab:60:b8:44: 4b:ca:da:b1:72:8c:fe:7f:7f:41:5d:5c:61:ea:a9: 1c:14:bb:f1:2d:50:a1:f3:e4:b7:b1:73:c4:bb:1d: f2:7a:7d:bc:ca:fc:98:dd:93:b4:ed:bd:9e:78:95: b0:57:58:84:7f:02:72:30:e5:66:49:0c:41:78:49: 43:e8:67:7c:40:82:22:76:06:c6:96:45:8a:be:e4: 1c:3b:10:1b:3f:27:35:13:b6:06:14:5b:70:07:6e: a9:3c:86:c3:81:9c:3a:d7:9a:3b:d2:de:11:6d:da: 3d:a4:66:48:65:92:75:8b:46:59:da:10:c8:9d:98: 5f:3a:bc:aa:66:e9:04:40:95:d1:31:27:e5:ac:80: 99:99:90:25:c3:43:64:63:b6:e2:5b:1c:fa:9b:76: 6e:9c:3d:d4:85:49:b4:69:ba:77:39:d2:58:3b:34: da:ad:8e:18:64:30:cc:13:a7:8d:d7:d3:58:ac:8f: f2:55:26:5e:20:3b:c7:53:63:74:aa:43:07:8e:09: 09:9a:ea:cc:c1:8c:78:af:c1:c4:fa:0b:e6:55:82: ab:7f:85:c0:bd:73:bf:45:94:95:be:d2:92:4e:bc: 88:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:6D:0A:CA:67:11:76:4D:63:BF:E4:FD:A1:15:B0:AD:FE:0C:6F:D9 X509v3 Authority Key Identifier: keyid:09:11:E9:9A:AD:F6:64:F0:39:92:9C:AB:BB:48:74:A3:A1:61:CA:AD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91937EA/1E9656306A5911EBA3641C3DC4F9AE02/CRHpmq32ZPA5kpyru0h0o6Fhyq0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CRHpmq32ZPA5kpyru0h0o6Fhyq0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91937EA/1E9656306A5911EBA3641C3DC4F9AE02/CRHpmq32ZPA5kpyru0h0o6Fhyq0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3b:8b:7c:b6:66:3b:10:16:d6:0e:80:12:48:e8:80:9b:03:69: d6:5a:91:19:c6:f4:8d:f6:cc:bb:ef:f2:a4:59:11:10:bc:f7: d7:5e:e4:4a:df:3a:94:1b:b7:a3:78:1c:6f:ec:64:92:e3:4c: aa:8c:29:0f:43:e8:53:28:fa:ad:15:cd:91:dd:6b:95:da:32: fc:01:11:3f:14:fc:1a:23:c5:a6:ad:33:72:c0:0a:6b:72:85: 62:4e:7f:03:07:23:a0:92:d1:a8:90:5e:26:a1:9c:72:79:05: 87:2b:8f:0b:71:3f:a9:74:33:83:45:18:af:ec:28:2c:7b:4f: cf:b3:3a:7f:b0:3a:d6:53:13:db:cf:a8:b5:49:39:1f:6a:b5: 6a:24:2e:1e:cd:7a:40:cb:94:96:61:ad:9d:d1:72:70:cf:d4: a0:fe:90:f3:c7:7b:2a:3d:70:93:e4:58:a7:d2:8b:1f:49:11: 47:98:ad:72:f8:b6:c0:f2:2c:e9:56:b3:c1:a9:0a:bb:71:2b: fa:c9:6c:1f:ba:e5:5e:a0:1f:fc:92:5c:c5:57:50:26:6f:43: c2:a2:46:07:3e:0c:55:2b:d0:84:a0:c1:90:8d:5c:97:f9:43: 2d:0e:92:99:75:c2:b7:27:7a:72:70:ca:43:ad:4f:27:8e:48: ec:0f:ac:30 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBp0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTM3RUExMTAvBgNVBAUTKDA5MTFFOTlBQURGNjY0RjAzOTkyOUNBQkJCNDg3NEEz QTE2MUNBQUQwHhcNMjUwNTMwMjIyNDExWhcNMjUwNjA2MjIyNDExWjAYMRYwFAYD VQQDEw02ODNhMzAwYi03MTUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqv0KA/CZe3cRnyzqCB1t3CEJXlVPHqRm/atguERLytqxcoz+f39BXVxh6qkc FLvxLVCh8+S3sXPEux3yen28yvyY3ZO07b2eeJWwV1iEfwJyMOVmSQxBeElD6Gd8 QIIidgbGlkWKvuQcOxAbPyc1E7YGFFtwB26pPIbDgZw615o70t4Rbdo9pGZIZZJ1 i0ZZ2hDInZhfOryqZukEQJXRMSflrICZmZAlw0NkY7biWxz6m3ZunD3UhUm0abp3 OdJYOzTarY4YZDDME6eN19NYrI/yVSZeIDvHU2N0qkMHjgkJmurMwYx4r8HE+gvm VYKrf4XAvXO/RZSVvtKSTryI/QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLxtCspn EXZNY7/k/aEVsK3+DG/ZMB8GA1UdIwQYMBaAFAkR6Zqt9mTwOZKcq7tIdKOhYcqt MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MzdFQS8xRTk2NTYzMDZB NTkxMUVCQTM2NDFDM0RDNEY5QUUwMi9DUkhwbXEzMlpQQTVrcHlydTBoMG82Rmh5 cTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NSSHBtcTMyWlBBNWtweXJ1MGgwbzZGaHlxMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 MzdFQS8xRTk2NTYzMDZBNTkxMUVCQTM2NDFDM0RDNEY5QUUwMi9DUkhwbXEzMlpQ QTVrcHlydTBoMG82Rmh5cTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA7i3y2ZjsQFtYOgBJI6ICbA2nWWpEZxvSN9sy77/KkWREQvPfXXuRK 3zqUG7ejeBxv7GSS40yqjCkPQ+hTKPqtFc2R3WuV2jL8ARE/FPwaI8WmrTNywApr coViTn8DByOgktGokF4moZxyeQWHK48LcT+pdDODRRiv7Cgse0/Pszp/sDrWUxPb z6i1STkfarVqJC4ezXpAy5SWYa2d0XJwz9Sg/pDzx3sqPXCT5Fin0osfSRFHmK1y +LbA8izpVrPBqQq7cSv6yWwfuuVeoB/8klzFV1Amb0PCokYHPgxVK9CEoMGQjVyX +UMtDpKZdcK3J3pycMpDrU8njkjsD6ww -----END CERTIFICATE-----Generated at Sat May 31 17:34:19 2025 by rpki-client