$ rpki-client -vvf rpki.apnic.net/member_repository/A91FAED9/6A765AAA45DC11ECA8A3146DC4F9AE02/CHspwfvXREICrgAqSXEn_WbyStk.mft File: CHspwfvXREICrgAqSXEn_WbyStk.mft (raw, json) Hash identifier: wl1CpKQth1P5YoCPr5uSKbJcwlSZtJZ9O1/oXCDNJhM= Subject key identifier: BB:6C:0A:28:D4:B1:1A:B3:A7:6B:52:5D:E2:B6:6C:EE:6A:B0:A2:92 Authority key identifier: 08:7B:29:C1:FB:D7:44:42:02:AE:00:2A:49:71:27:FD:66:F2:4A:D9 Certificate issuer: /CN=A91FAED9/serialNumber=087B29C1FBD7444202AE002A497127FD66F24AD9 Certificate serial: 047A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CHspwfvXREICrgAqSXEn_WbyStk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FAED9/6A765AAA45DC11ECA8A3146DC4F9AE02/CHspwfvXREICrgAqSXEn_WbyStk.mft Manifest number: 0475 Signing time: Sat 31 May 2025 00:17:35 +0000 Manifest this update: Sat 31 May 2025 00:17:34 +0000 Manifest next update: Sat 07 Jun 2025 00:17:34 +0000 Files and hashes: 1: CHspwfvXREICrgAqSXEn_WbyStk.crl (hash: oNkdUP9tgZGMcZaDC/l1mxu8L2EUNf9O+TUdvmLR9Gg=) 2: D3C965FA45F611EC9FB3BB49C4F9AE02.roa (hash: TOciMmg+YXh13dYfOrB14chWnhLKZ+JRHOQLiS8Jf5Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FAED9/6A765AAA45DC11ECA8A3146DC4F9AE02/CHspwfvXREICrgAqSXEn_WbyStk.crl rsync://rpki.apnic.net/member_repository/A91FAED9/6A765AAA45DC11ECA8A3146DC4F9AE02/CHspwfvXREICrgAqSXEn_WbyStk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CHspwfvXREICrgAqSXEn_WbyStk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 00:17:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1146 (0x47a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FAED9, serialNumber=087B29C1FBD7444202AE002A497127FD66F24AD9 Validity Not Before: May 31 00:17:34 2025 GMT Not After : Jun 7 00:17:34 2025 GMT Subject: CN=683a4a9f-6c47 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:5b:6f:14:57:ba:0a:1f:b9:3c:e1:e3:d7:6b: 6e:4e:2c:c5:3c:41:34:a0:db:d4:0f:04:ee:ee:a8: ea:1e:5b:95:c3:7e:49:b1:95:46:e4:a4:4f:f1:9c: 06:80:1c:19:07:9d:b9:ce:7c:16:fd:f3:04:37:d2: ee:c6:34:4d:7d:bb:b4:cf:81:da:93:f9:59:07:e9: 34:42:64:60:da:28:ab:0f:5a:26:ee:64:9c:9b:31: ea:86:c1:a9:08:14:f9:dd:fe:48:0f:34:cc:e5:be: b1:9b:71:03:29:99:5d:3e:dd:a5:d7:23:fa:d0:8a: f8:35:86:e9:15:05:b9:87:b3:2b:81:9d:f7:b3:f1: 45:69:ef:b9:fd:c5:95:98:b0:1c:af:a0:5d:84:2d: 8c:63:fd:47:22:51:ec:7e:bf:84:9f:77:ca:0f:03: 0f:f8:05:c4:1a:e2:f6:a8:0e:50:24:90:aa:f0:7c: fd:29:5b:5d:93:2f:de:54:e3:50:b4:3d:cf:ff:b3: 81:14:a3:e1:bd:6e:2f:f7:e1:6b:4a:f6:22:3d:0d: e1:b9:b6:8a:d5:0d:c4:9e:9c:fe:b4:58:d8:18:22: d3:4e:de:9d:d9:ed:d1:45:af:2c:57:f4:d9:c8:f1: fe:a9:21:f8:a0:b6:6c:8d:fa:ff:08:3a:84:bd:20: 26:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:6C:0A:28:D4:B1:1A:B3:A7:6B:52:5D:E2:B6:6C:EE:6A:B0:A2:92 X509v3 Authority Key Identifier: keyid:08:7B:29:C1:FB:D7:44:42:02:AE:00:2A:49:71:27:FD:66:F2:4A:D9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FAED9/6A765AAA45DC11ECA8A3146DC4F9AE02/CHspwfvXREICrgAqSXEn_WbyStk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CHspwfvXREICrgAqSXEn_WbyStk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FAED9/6A765AAA45DC11ECA8A3146DC4F9AE02/CHspwfvXREICrgAqSXEn_WbyStk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4e:87:f6:a1:4e:ae:e5:c4:ab:39:31:27:ef:f9:f2:a3:62:2b: 2d:12:78:3f:4b:06:fa:e0:b9:c8:13:82:eb:f8:52:0f:6a:c8: 9e:a3:4b:f3:b7:bb:a5:89:c1:70:d9:4d:4d:36:00:50:b0:fe: 11:14:ef:1a:27:c9:a3:cc:cc:12:f8:1f:74:dd:ce:91:39:62: ce:ce:b5:64:e0:ee:f9:9f:74:e1:4c:90:3b:1c:23:1d:d8:63: 5f:af:a9:ce:52:bd:a0:a5:9e:aa:42:3c:10:26:3e:80:d4:bb: 18:aa:f7:bc:8f:0b:7f:1d:7d:d2:69:ff:ca:56:c5:0e:cd:ba: 51:17:97:8a:43:16:b8:9c:59:62:f5:18:1a:31:19:23:69:1c: 0a:e4:2a:96:e4:10:62:ce:3d:e2:32:c7:df:7f:cc:29:cc:a5: 7b:2f:8e:16:8a:81:86:c1:53:bf:38:48:28:bd:a9:6c:d6:c9: f4:31:c0:a9:c6:30:1d:dc:74:c5:d7:1c:f4:86:28:b6:f9:22: 16:53:59:4b:91:59:fc:dc:58:5d:27:ea:ad:2d:55:96:a8:be: 1a:a2:29:63:e8:43:26:7f:3d:b2:22:95:fb:99:e1:4b:c7:90: 21:ab:eb:f3:96:a8:89:1a:02:e4:27:a7:45:c5:6f:dd:ac:0d: c5:a7:84:4c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBHowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkFFRDkxMTAvBgNVBAUTKDA4N0IyOUMxRkJENzQ0NDIwMkFFMDAyQTQ5NzEyN0ZE NjZGMjRBRDkwHhcNMjUwNTMxMDAxNzM0WhcNMjUwNjA3MDAxNzM0WjAYMRYwFAYD VQQDEw02ODNhNGE5Zi02YzQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4FtvFFe6Ch+5POHj12tuTizFPEE0oNvUDwTu7qjqHluVw35JsZVG5KRP8ZwG gBwZB525znwW/fMEN9LuxjRNfbu0z4Hak/lZB+k0QmRg2iirD1om7mScmzHqhsGp CBT53f5IDzTM5b6xm3EDKZldPt2l1yP60Ir4NYbpFQW5h7MrgZ33s/FFae+5/cWV mLAcr6BdhC2MY/1HIlHsfr+En3fKDwMP+AXEGuL2qA5QJJCq8Hz9KVtdky/eVONQ tD3P/7OBFKPhvW4v9+FrSvYiPQ3hubaK1Q3Enpz+tFjYGCLTTt6d2e3RRa8sV/TZ yPH+qSH4oLZsjfr/CDqEvSAmMQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLtsCijU sRqzp2tSXeK2bO5qsKKSMB8GA1UdIwQYMBaAFAh7KcH710RCAq4AKklxJ/1m8krZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQUVEOS82QTc2NUFBQTQ1 REMxMUVDQThBMzE0NkRDNEY5QUUwMi9DSHNwd2Z2WFJFSUNyZ0FxU1hFbl9XYnlT dGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NIc3B3ZnZYUkVJQ3JnQXFTWEVuX1dieVN0ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QUVEOS82QTc2NUFBQTQ1REMxMUVDQThBMzE0NkRDNEY5QUUwMi9DSHNwd2Z2WFJF SUNyZ0FxU1hFbl9XYnlTdGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBOh/ahTq7lxKs5MSfv+fKjYistEng/Swb64LnIE4Lr+FIPasieo0vz t7ulicFw2U1NNgBQsP4RFO8aJ8mjzMwS+B903c6ROWLOzrVk4O75n3ThTJA7HCMd 2GNfr6nOUr2gpZ6qQjwQJj6A1LsYqve8jwt/HX3Saf/KVsUOzbpRF5eKQxa4nFli 9RgaMRkjaRwK5CqW5BBizj3iMsfff8wpzKV7L44WioGGwVO/OEgovals1sn0McCp xjAd3HTF1xz0hii2+SIWU1lLkVn83FhdJ+qtLVWWqL4aoilj6EMmfz2yIpX7meFL x5Ahq+vzlqiJGgLkJ6dFxW/drA3Fp4RM -----END CERTIFICATE-----Generated at Sat May 31 17:24:44 2025 by rpki-client