$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft File: r_h3chh1NYXDiOm4HDkGa9ONtZI.mft (raw, json) Hash identifier: I+8k3flW09h5O1siIUHj90Ff6+CPDPn9t/5Zq8Qqfjc= Subject key identifier: 9B:57:27:0F:09:F8:89:95:50:FE:56:E5:30:BC:E6:92:D6:9C:8E:65 Authority key identifier: AF:F8:77:72:18:75:35:85:C3:88:E9:B8:1C:39:06:6B:D3:8D:B5:92 Certificate issuer: /CN=A91CB3FE/serialNumber=AFF8777218753585C388E9B81C39066BD38DB592 Certificate serial: 09 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_h3chh1NYXDiOm4HDkGa9ONtZI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft Manifest number: 07 Signing time: Sat 31 May 2025 07:44:12 +0000 Manifest this update: Sat 31 May 2025 07:44:11 +0000 Manifest next update: Sat 07 Jun 2025 07:44:11 +0000 Files and hashes: 1: r_h3chh1NYXDiOm4HDkGa9ONtZI.crl (hash: Zfv0X4yAeCWQDs8lcONiw/f+EVxt2JbtWgkaF1q4ZaQ=) 2: AFD61B9C36A311F08A82A258C4F9AE02.roa (hash: +g7S+aP+gP5OGD63E2pSF3uq07V8a/AIOEKK09wzFAU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.crl rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_h3chh1NYXDiOm4HDkGa9ONtZI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 07:44:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9 (0x9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CB3FE, serialNumber=AFF8777218753585C388E9B81C39066BD38DB592 Validity Not Before: May 31 07:44:11 2025 GMT Not After : Jun 7 07:44:11 2025 GMT Subject: CN=683ab34b-5497 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:8b:1c:cb:4b:87:83:39:53:a6:c3:8e:75:ad: 89:a3:46:6e:f4:7f:61:66:05:82:67:75:ff:de:4f: d6:91:fc:ce:f3:21:d8:66:f8:e4:a8:d1:88:7f:50: 75:94:5c:76:02:ce:f9:36:87:32:35:d0:6d:70:04: 63:99:32:6d:38:65:75:98:eb:a6:a7:0b:34:73:07: a7:33:a8:71:f6:3c:15:80:5d:54:c7:10:37:39:17: 04:e5:2b:0c:52:e0:0b:73:a9:50:fc:ec:85:70:d3: 49:15:20:85:01:51:1c:69:50:45:28:ca:4a:48:04: 3b:32:9a:9b:1d:08:2d:f9:d0:41:55:28:f3:a0:e6: 40:06:16:81:20:4b:39:3b:5e:f8:36:0f:37:f9:63: 7a:f6:74:20:9f:22:64:a0:01:a2:04:d1:da:df:dc: 14:6b:59:f6:02:79:90:f7:da:27:21:12:3d:fc:5a: 3c:29:bd:2c:71:a6:04:fa:39:78:e1:2e:8d:af:fe: be:6e:24:e2:b5:de:fc:d0:7a:54:2a:ca:7b:3b:a8: c4:db:7c:05:20:24:a8:8d:9b:0c:b2:62:6c:0e:6f: ac:af:0c:f4:b3:5f:63:33:2a:35:8b:9d:b1:1a:fb: 4e:a5:7b:1d:9d:49:1b:ed:8c:e4:df:79:2d:d4:ef: 7c:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:57:27:0F:09:F8:89:95:50:FE:56:E5:30:BC:E6:92:D6:9C:8E:65 X509v3 Authority Key Identifier: keyid:AF:F8:77:72:18:75:35:85:C3:88:E9:B8:1C:39:06:6B:D3:8D:B5:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_h3chh1NYXDiOm4HDkGa9ONtZI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a1:78:50:9c:7b:c9:2e:d4:b0:62:f2:aa:bb:3f:28:ab:b4:00: f2:7e:0c:76:b0:d2:f9:ac:82:aa:19:a9:4d:b4:95:42:b7:ec: 2f:b7:8a:9c:95:f1:ff:ea:f7:57:de:1b:65:68:09:c2:54:9e: 8a:bb:fc:4f:d6:16:8d:ac:b6:71:a2:de:c3:fa:ae:a4:8e:21: d2:a9:62:05:dc:7a:7d:55:87:a3:3c:ef:50:f1:bf:b3:98:ae: 8f:04:8e:c0:52:af:b9:5a:01:0b:f3:aa:b6:db:b7:2a:52:d0: 01:93:8f:7a:0e:b3:1e:16:05:a2:35:4b:9d:f7:6d:4f:aa:b7: 49:df:a3:6c:27:49:a0:27:3c:65:20:06:9c:26:df:72:83:7f: c1:65:ed:5b:76:8e:5c:88:59:da:4b:0c:2c:21:4b:f0:fa:f7: 8a:57:27:cd:37:0b:df:b4:f1:89:49:01:a1:fb:23:bc:8b:81: 34:22:96:27:68:17:b3:d5:e5:4d:ad:9c:f9:6c:38:07:0a:3e: d0:7c:dd:2d:7c:04:44:50:44:c7:e2:14:e2:16:73:07:64:c5: 25:b1:4f:84:d8:2c:11:d0:df:14:f8:2f:72:e2:b1:17:f3:45: 1d:96:b3:d0:dd:34:a0:69:7f:9e:1c:d7:81:3c:16:d6:47:77: d2:10:31:6c -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBCTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD QjNGRTExMC8GA1UEBRMoQUZGODc3NzIxODc1MzU4NUMzODhFOUI4MUMzOTA2NkJE MzhEQjU5MjAeFw0yNTA1MzEwNzQ0MTFaFw0yNTA2MDcwNzQ0MTFaMBgxFjAUBgNV BAMTDTY4M2FiMzRiLTU0OTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCxixzLS4eDOVOmw451rYmjRm70f2FmBYJndf/eT9aR/M7zIdhm+OSo0Yh/UHWU XHYCzvk2hzI10G1wBGOZMm04ZXWY66anCzRzB6czqHH2PBWAXVTHEDc5FwTlKwxS 4AtzqVD87IVw00kVIIUBURxpUEUoykpIBDsympsdCC350EFVKPOg5kAGFoEgSzk7 Xvg2Dzf5Y3r2dCCfImSgAaIE0drf3BRrWfYCeZD32ichEj38WjwpvSxxpgT6OXjh Lo2v/r5uJOK13vzQelQqyns7qMTbfAUgJKiNmwyyYmwOb6yvDPSzX2MzKjWLnbEa +06lex2dSRvtjOTfeS3U73wZAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUm1cnDwn4 iZVQ/lblMLzmktacjmUwHwYDVR0jBBgwFoAUr/h3chh1NYXDiOm4HDkGa9ONtZIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNCM0ZFLzJBNTY4NzgyMzZB MjExRjA4OTdCNEIzQ0M0RjlBRTAyL3JfaDNjaGgxTllYRGlPbTRIRGtHYTlPTnRa SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvcl9oM2NoaDFOWVhEaU9tNEhEa0dhOU9OdFpJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNC M0ZFLzJBNTY4NzgyMzZBMjExRjA4OTdCNEIzQ0M0RjlBRTAyL3JfaDNjaGgxTllY RGlPbTRIRGtHYTlPTnRaSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKF4UJx7yS7UsGLyqrs/KKu0APJ+DHaw0vmsgqoZqU20lUK37C+3ipyV 8f/q91feG2VoCcJUnoq7/E/WFo2stnGi3sP6rqSOIdKpYgXcen1Vh6M871Dxv7OY ro8EjsBSr7laAQvzqrbbtypS0AGTj3oOsx4WBaI1S533bU+qt0nfo2wnSaAnPGUg Bpwm33KDf8Fl7Vt2jlyIWdpLDCwhS/D694pXJ803C9+08YlJAaH7I7yLgTQilido F7PV5U2tnPlsOAcKPtB83S18BERQRMfiFOIWcwdkxSWxT4TYLBHQ3xT4L3LisRfz RR2Ws9DdNKBpf54c14E8FtZHd9IQMWw= -----END CERTIFICATE-----Generated at Sat May 31 16:59:21 2025 by rpki-client