$ rpki-client -vvf rpki.apnic.net/member_repository/A91638DD/C8870CAED29711EDB0858B3DC4F9AE02/chHmi1fNzfTtqDzwtGI7dpP2NDo.mft File: chHmi1fNzfTtqDzwtGI7dpP2NDo.mft (raw, json) Hash identifier: VFT8tUdp9QL7C8eDeMp/UROi0+arYx3NLJ+37zF3snI= Subject key identifier: 97:31:A6:AE:64:6D:B8:D0:CE:67:7B:63:E4:EE:9E:41:74:46:9E:F7 Authority key identifier: 72:11:E6:8B:57:CD:CD:F4:ED:A8:3C:F0:B4:62:3B:76:93:F6:34:3A Certificate issuer: /CN=A91638DD/serialNumber=7211E68B57CDCDF4EDA83CF0B4623B7693F6343A Certificate serial: 01A9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/chHmi1fNzfTtqDzwtGI7dpP2NDo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91638DD/C8870CAED29711EDB0858B3DC4F9AE02/chHmi1fNzfTtqDzwtGI7dpP2NDo.mft Manifest number: 01A5 Signing time: Sun 29 Jun 2025 02:26:22 +0000 Manifest this update: Sun 29 Jun 2025 02:26:21 +0000 Manifest next update: Sun 06 Jul 2025 02:26:21 +0000 Files and hashes: 1: chHmi1fNzfTtqDzwtGI7dpP2NDo.crl (hash: 2CGteExQwJjeJ0T6ZcLKIaZYcUOnrEb6gdDPuXF5oSI=) 2: 3FA4288CD29B11ED88E16742C4F9AE02.roa (hash: L3qkCPmXp0iJV192Ab/fphVf55ttABMSsjRwG8i7X3I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91638DD/C8870CAED29711EDB0858B3DC4F9AE02/chHmi1fNzfTtqDzwtGI7dpP2NDo.crl rsync://rpki.apnic.net/member_repository/A91638DD/C8870CAED29711EDB0858B3DC4F9AE02/chHmi1fNzfTtqDzwtGI7dpP2NDo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/chHmi1fNzfTtqDzwtGI7dpP2NDo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 06 Jul 2025 02:26:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 425 (0x1a9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91638DD, serialNumber=7211E68B57CDCDF4EDA83CF0B4623B7693F6343A Validity Not Before: Jun 29 02:26:21 2025 GMT Not After : Jul 6 02:26:21 2025 GMT Subject: CN=6860a44d-34c3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:ea:4c:1c:75:21:5f:24:c1:1b:e4:fd:38:30: 5e:7f:fa:d7:27:7e:56:35:fa:77:b9:bd:e0:9a:78: 3a:a2:2c:98:dd:91:a3:3f:d5:dd:45:ca:bd:ec:3e: 12:2b:71:7f:43:c0:63:67:fb:bd:67:59:3f:42:54: 8e:ae:b1:dd:0f:7e:de:8f:a6:41:5f:69:66:0e:6d: 16:7f:d3:89:c4:d5:cb:c7:75:cc:0f:3b:8c:22:21: 32:ba:d9:da:3e:c7:ec:ec:45:8c:f1:85:e8:21:f6: 06:73:fc:03:5e:c6:20:52:ea:9e:29:05:8d:ff:ab: 14:cb:1b:f3:6d:3f:47:0c:49:7d:25:7c:ae:08:eb: c3:6b:9c:53:8f:34:84:e2:c3:04:c1:7b:40:14:f2: 96:b8:02:36:42:4c:5d:b0:81:17:20:9b:40:d5:7d: 53:00:bf:cc:61:31:3d:b5:83:90:90:96:5f:81:c5: 9f:e7:67:82:a7:c4:e1:8a:27:f4:64:78:5e:21:e8: ed:77:1a:d4:67:d0:f8:05:8b:a4:d3:2d:8e:60:84: a1:c1:38:2c:d9:f5:70:57:6f:6a:c1:90:3b:b8:6c: 05:d9:ab:24:51:1c:e0:17:83:62:27:8e:e4:cb:53: f4:73:9e:a4:18:c1:c8:4a:89:b6:a0:67:8b:f8:22: 59:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:31:A6:AE:64:6D:B8:D0:CE:67:7B:63:E4:EE:9E:41:74:46:9E:F7 X509v3 Authority Key Identifier: keyid:72:11:E6:8B:57:CD:CD:F4:ED:A8:3C:F0:B4:62:3B:76:93:F6:34:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91638DD/C8870CAED29711EDB0858B3DC4F9AE02/chHmi1fNzfTtqDzwtGI7dpP2NDo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/chHmi1fNzfTtqDzwtGI7dpP2NDo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91638DD/C8870CAED29711EDB0858B3DC4F9AE02/chHmi1fNzfTtqDzwtGI7dpP2NDo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4a:c5:fc:4c:dd:cd:2b:32:78:05:58:53:1e:9c:79:cf:fe:8c: d2:11:d5:b9:27:8a:78:3c:94:5b:27:6c:e1:9d:e2:96:84:ef: 65:0b:ee:44:84:99:98:02:3b:d5:57:17:ad:5a:b2:44:c1:44: 27:64:e2:13:65:17:1f:e8:84:17:f7:6a:46:8e:dd:ea:eb:3e: 60:18:c1:b8:50:ff:87:47:32:b9:b5:b9:e5:ca:8e:c4:9c:be: 2b:b5:88:87:e2:ef:c6:5c:7d:b0:9d:f4:a1:cc:ea:41:1e:a0: 49:a2:76:c9:0a:cf:bb:39:7e:33:9d:b8:d2:06:a9:d7:c3:9e: 62:48:63:e8:ee:17:a3:5b:bb:c2:84:d0:e3:e7:05:48:9b:92: 35:65:da:94:ae:3b:54:03:15:5b:fd:fb:4b:74:bf:d1:93:76: 76:1f:93:37:4e:62:d9:76:04:47:56:b5:ed:4d:26:8c:22:5f: 4d:b2:27:0d:5c:57:75:69:1c:09:54:09:ef:7d:e1:2d:ed:98: bf:d5:d7:6b:68:db:16:49:03:4b:38:4d:d2:93:bf:c0:7e:61: ca:6c:f1:8e:72:ad:fd:ba:c5:fc:3d:4d:ea:36:2f:b7:3a:58: 89:5e:0f:6f:67:43:8f:37:a3:fb:f6:88:80:5d:19:c0:9c:ce: 6f:5d:0f:6a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAakwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjM4REQxMTAvBgNVBAUTKDcyMTFFNjhCNTdDRENERjRFREE4M0NGMEI0NjIzQjc2 OTNGNjM0M0EwHhcNMjUwNjI5MDIyNjIxWhcNMjUwNzA2MDIyNjIxWjAYMRYwFAYD VQQDEw02ODYwYTQ0ZC0zNGMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnepMHHUhXyTBG+T9ODBef/rXJ35WNfp3ub3gmng6oiyY3ZGjP9XdRcq97D4S K3F/Q8BjZ/u9Z1k/QlSOrrHdD37ej6ZBX2lmDm0Wf9OJxNXLx3XMDzuMIiEyutna Psfs7EWM8YXoIfYGc/wDXsYgUuqeKQWN/6sUyxvzbT9HDEl9JXyuCOvDa5xTjzSE 4sMEwXtAFPKWuAI2QkxdsIEXIJtA1X1TAL/MYTE9tYOQkJZfgcWf52eCp8Thiif0 ZHheIejtdxrUZ9D4BYuk0y2OYIShwTgs2fVwV29qwZA7uGwF2askURzgF4NiJ47k y1P0c56kGMHISom2oGeL+CJZSQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJcxpq5k bbjQzmd7Y+TunkF0Rp73MB8GA1UdIwQYMBaAFHIR5otXzc307ag88LRiO3aT9jQ6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MzhERC9DODg3MENBRUQy OTcxMUVEQjA4NThCM0RDNEY5QUUwMi9jaEhtaTFmTnpmVHRxRHp3dEdJN2RwUDJO RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NoSG1pMWZOemZUdHFEend0R0k3ZHBQMk5Eby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 MzhERC9DODg3MENBRUQyOTcxMUVEQjA4NThCM0RDNEY5QUUwMi9jaEhtaTFmTnpm VHRxRHp3dEdJN2RwUDJORG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBKxfxM3c0rMngFWFMenHnP/ozSEdW5J4p4PJRbJ2zhneKWhO9lC+5E hJmYAjvVVxetWrJEwUQnZOITZRcf6IQX92pGjt3q6z5gGMG4UP+HRzK5tbnlyo7E nL4rtYiH4u/GXH2wnfShzOpBHqBJonbJCs+7OX4znbjSBqnXw55iSGPo7hejW7vC hNDj5wVIm5I1ZdqUrjtUAxVb/ftLdL/Rk3Z2H5M3TmLZdgRHVrXtTSaMIl9NsicN XFd1aRwJVAnvfeEt7Zi/1ddraNsWSQNLOE3Sk7/AfmHKbPGOcq39usX8PU3qNi+3 OliJXg9vZ0OPN6P79oiAXRnAnM5vXQ9q -----END CERTIFICATE-----Generated at Sun Jun 29 14:25:12 2025 by rpki-client