$ rpki-client -vvf rpki.apnic.net/member_repository/A91FAED9/6A765AAA45DC11ECA8A3146DC4F9AE02/CHspwfvXREICrgAqSXEn_WbyStk.mft File: CHspwfvXREICrgAqSXEn_WbyStk.mft (raw, json) Hash identifier: P9/xxqJz/++ae44Z67ABTNoy6TMMkdkjLCIf/BCmJa4= Subject key identifier: 3E:8D:A0:48:7F:19:A5:6E:E1:91:C2:7C:80:C3:1B:E3:40:FF:2C:EE Authority key identifier: 08:7B:29:C1:FB:D7:44:42:02:AE:00:2A:49:71:27:FD:66:F2:4A:D9 Certificate issuer: /CN=A91FAED9/serialNumber=087B29C1FBD7444202AE002A497127FD66F24AD9 Certificate serial: 04B2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CHspwfvXREICrgAqSXEn_WbyStk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FAED9/6A765AAA45DC11ECA8A3146DC4F9AE02/CHspwfvXREICrgAqSXEn_WbyStk.mft Manifest number: 04AD Signing time: Wed 17 Sep 2025 00:19:16 +0000 Manifest this update: Wed 17 Sep 2025 00:19:15 +0000 Manifest next update: Wed 24 Sep 2025 00:19:15 +0000 Files and hashes: 1: CHspwfvXREICrgAqSXEn_WbyStk.crl (hash: cmG1Ot//BTh3VhLDnKnVCO9kwbxiWgtqjzG/IPCFKYQ=) 2: D3C965FA45F611EC9FB3BB49C4F9AE02.roa (hash: TOciMmg+YXh13dYfOrB14chWnhLKZ+JRHOQLiS8Jf5Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FAED9/6A765AAA45DC11ECA8A3146DC4F9AE02/CHspwfvXREICrgAqSXEn_WbyStk.crl rsync://rpki.apnic.net/member_repository/A91FAED9/6A765AAA45DC11ECA8A3146DC4F9AE02/CHspwfvXREICrgAqSXEn_WbyStk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CHspwfvXREICrgAqSXEn_WbyStk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Sep 2025 00:19:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1202 (0x4b2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FAED9, serialNumber=087B29C1FBD7444202AE002A497127FD66F24AD9 Validity Not Before: Sep 17 00:19:15 2025 GMT Not After : Sep 24 00:19:15 2025 GMT Subject: CN=68c9fe83-df4b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:50:49:ad:48:52:3e:85:05:42:79:a2:2e:f1: 37:68:0d:c0:21:9f:b5:67:02:c2:28:06:09:3d:ff: f6:0c:2e:88:07:4b:84:01:fe:51:af:19:ad:6c:bd: 1f:79:1a:95:1f:da:f6:9b:c8:64:8b:3f:5a:5d:88: 8e:79:6c:1e:86:12:92:b6:9d:22:e6:71:ca:60:9b: 9d:87:e9:11:cd:45:ff:d7:ac:83:5f:e3:86:c9:e6: 33:cc:05:93:48:7a:8e:49:c0:b4:4f:e5:e9:02:19: 81:fa:14:54:97:06:b2:d8:e0:0c:be:74:e5:30:12: 5f:34:19:9e:af:83:1e:32:c0:53:7b:b1:58:2d:74: 46:ef:34:73:e3:0d:0a:29:7c:28:ab:ce:02:ec:7e: 6b:5b:a5:e2:36:7f:03:6e:54:33:e6:07:2b:b2:e4: e1:8e:98:89:fa:30:d4:c9:99:97:4b:d7:34:94:86: a2:38:2f:98:df:ec:6a:ba:86:79:2f:8c:88:2a:f3: a4:c7:f5:2f:61:1e:23:e8:18:b8:36:01:50:80:85: 0c:d0:5e:58:08:8c:ab:d2:53:fc:29:0a:ef:d9:20: b4:67:0a:97:27:a1:44:7e:91:76:53:ce:92:e4:3d: cb:91:82:23:35:6c:b8:b6:cc:0d:4c:bb:a0:e7:6e: 8c:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:8D:A0:48:7F:19:A5:6E:E1:91:C2:7C:80:C3:1B:E3:40:FF:2C:EE X509v3 Authority Key Identifier: keyid:08:7B:29:C1:FB:D7:44:42:02:AE:00:2A:49:71:27:FD:66:F2:4A:D9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FAED9/6A765AAA45DC11ECA8A3146DC4F9AE02/CHspwfvXREICrgAqSXEn_WbyStk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CHspwfvXREICrgAqSXEn_WbyStk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FAED9/6A765AAA45DC11ECA8A3146DC4F9AE02/CHspwfvXREICrgAqSXEn_WbyStk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 27:ba:72:4c:8b:00:fa:9b:9b:7d:31:cb:60:4d:b1:04:09:33: 74:d2:0a:2f:b2:6a:a8:14:3c:14:de:7c:50:ca:eb:9b:3e:8e: cb:50:1e:47:0e:87:e8:b7:8a:e2:ce:f7:fa:84:16:db:3d:d3: c1:9d:10:43:64:74:71:a5:1c:2f:5c:70:2f:39:97:b6:37:41: ed:09:01:71:1c:e6:fd:33:00:ec:71:5d:4b:8d:5d:a5:5d:11: 73:88:e3:fb:12:ce:9f:80:41:bc:c8:0b:ee:fb:b1:a7:d5:ef: d0:fb:62:3e:67:a0:89:ab:d4:b2:4b:47:16:64:e1:21:14:5d: ab:a1:bf:d3:5f:c2:9e:e7:f2:dd:d9:cd:51:39:dd:ec:ed:89: cf:f9:ba:bf:b5:c5:55:fa:6b:50:0e:24:bc:0e:5a:96:d4:38: ee:bc:d2:be:8d:63:ea:57:8c:c9:c0:71:b3:52:47:c0:86:ac: 2f:e5:19:b5:60:5d:1f:03:7b:2c:ff:b9:d9:b6:2b:3c:98:14: 1f:d5:38:51:71:83:12:71:5b:b5:db:99:46:95:81:0b:1e:9d: b6:64:47:5c:48:a6:f1:ca:50:ae:0f:7c:0d:92:40:ed:d2:fb: 12:47:e2:af:f9:1f:7a:76:24:2e:af:e6:a8:1e:f8:84:bc:75: 0b:ca:09:0a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBLIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkFFRDkxMTAvBgNVBAUTKDA4N0IyOUMxRkJENzQ0NDIwMkFFMDAyQTQ5NzEyN0ZE NjZGMjRBRDkwHhcNMjUwOTE3MDAxOTE1WhcNMjUwOTI0MDAxOTE1WjAYMRYwFAYD VQQDEw02OGM5ZmU4My1kZjRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr1BJrUhSPoUFQnmiLvE3aA3AIZ+1ZwLCKAYJPf/2DC6IB0uEAf5RrxmtbL0f eRqVH9r2m8hkiz9aXYiOeWwehhKStp0i5nHKYJudh+kRzUX/16yDX+OGyeYzzAWT SHqOScC0T+XpAhmB+hRUlway2OAMvnTlMBJfNBmer4MeMsBTe7FYLXRG7zRz4w0K KXwoq84C7H5rW6XiNn8DblQz5gcrsuThjpiJ+jDUyZmXS9c0lIaiOC+Y3+xquoZ5 L4yIKvOkx/UvYR4j6Bi4NgFQgIUM0F5YCIyr0lP8KQrv2SC0ZwqXJ6FEfpF2U86S 5D3LkYIjNWy4tswNTLug526MZQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD6NoEh/ GaVu4ZHCfIDDG+NA/yzuMB8GA1UdIwQYMBaAFAh7KcH710RCAq4AKklxJ/1m8krZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQUVEOS82QTc2NUFBQTQ1 REMxMUVDQThBMzE0NkRDNEY5QUUwMi9DSHNwd2Z2WFJFSUNyZ0FxU1hFbl9XYnlT dGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NIc3B3ZnZYUkVJQ3JnQXFTWEVuX1dieVN0ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QUVEOS82QTc2NUFBQTQ1REMxMUVDQThBMzE0NkRDNEY5QUUwMi9DSHNwd2Z2WFJF SUNyZ0FxU1hFbl9XYnlTdGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAnunJMiwD6m5t9MctgTbEECTN00govsmqoFDwU3nxQyuubPo7LUB5H Dofot4rizvf6hBbbPdPBnRBDZHRxpRwvXHAvOZe2N0HtCQFxHOb9MwDscV1LjV2l XRFziOP7Es6fgEG8yAvu+7Gn1e/Q+2I+Z6CJq9SyS0cWZOEhFF2rob/TX8Ke5/Ld 2c1ROd3s7YnP+bq/tcVV+mtQDiS8DlqW1DjuvNK+jWPqV4zJwHGzUkfAhqwv5Rm1 YF0fA3ss/7nZtis8mBQf1ThRcYMScVu125lGlYELHp22ZEdcSKbxylCuD3wNkkDt 0vsSR+Kv+R96diQur+aoHviEvHULygkK -----END CERTIFICATE-----Generated at Thu Sep 18 18:58:45 2025 by rpki-client