$ rpki-client -vvf rpki.apnic.net/member_repository/A91937EA/1E9656306A5911EBA3641C3DC4F9AE02/CRHpmq32ZPA5kpyru0h0o6Fhyq0.mft File: CRHpmq32ZPA5kpyru0h0o6Fhyq0.mft (raw, json) Hash identifier: hzdq3KpDblVL5U/9G06XVGwaghW+skGDjokYDxNSXB8= Subject key identifier: 70:42:0E:06:C4:F7:CE:02:9A:BB:F4:D0:79:8C:5C:D1:03:3E:10:3D Authority key identifier: 09:11:E9:9A:AD:F6:64:F0:39:92:9C:AB:BB:48:74:A3:A1:61:CA:AD Certificate issuer: /CN=A91937EA/serialNumber=0911E99AADF664F039929CABBB4874A3A161CAAD Certificate serial: 0695 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CRHpmq32ZPA5kpyru0h0o6Fhyq0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91937EA/1E9656306A5911EBA3641C3DC4F9AE02/CRHpmq32ZPA5kpyru0h0o6Fhyq0.mft Manifest number: 0693 Signing time: Wed 14 May 2025 22:16:13 +0000 Manifest this update: Wed 14 May 2025 22:16:13 +0000 Manifest next update: Wed 21 May 2025 22:16:13 +0000 Files and hashes: 1: CRHpmq32ZPA5kpyru0h0o6Fhyq0.crl (hash: nHYY+sd9FKwctfIYmS3Ok4UHclzjBfzyWlnboSZvqfs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91937EA/1E9656306A5911EBA3641C3DC4F9AE02/CRHpmq32ZPA5kpyru0h0o6Fhyq0.crl rsync://rpki.apnic.net/member_repository/A91937EA/1E9656306A5911EBA3641C3DC4F9AE02/CRHpmq32ZPA5kpyru0h0o6Fhyq0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CRHpmq32ZPA5kpyru0h0o6Fhyq0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 21 May 2025 22:16:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1685 (0x695) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91937EA, serialNumber=0911E99AADF664F039929CABBB4874A3A161CAAD Validity Not Before: May 14 22:16:13 2025 GMT Not After : May 21 22:16:13 2025 GMT Subject: CN=6825162d-7c42 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:7c:14:8d:97:fb:73:26:b9:33:02:e9:e2:56: 6b:6c:65:2d:85:a1:8e:02:18:56:36:dd:ca:56:5f: 02:cf:d3:56:c5:f1:d8:42:13:01:40:56:84:49:d2: c4:15:a2:2a:52:d6:4d:36:4b:1b:ef:66:06:ba:c4: 01:2c:12:a9:3d:42:15:75:e2:2f:04:d8:e2:5e:fc: a5:30:ec:4e:ed:d4:c6:96:b0:63:03:d6:6e:75:48: 05:5f:2f:48:1e:39:b6:03:12:ec:c2:26:fe:40:ae: c5:b2:b1:ea:42:80:03:18:8d:52:ec:97:34:69:ad: f2:4b:47:77:b9:a0:96:8b:03:30:1a:22:6d:70:95: a3:42:0a:47:2a:fb:da:b4:36:6d:dc:8e:09:bc:f9: 06:c9:15:0a:80:db:7d:b1:4a:2d:f7:89:9f:a1:d6: 4a:be:74:0b:66:fd:9d:af:9f:68:e6:11:09:98:e6: fc:19:19:cf:52:dc:f4:4f:5a:43:e2:5a:be:5b:22: 0a:0c:48:b8:40:ea:4a:f0:31:9f:bd:7d:4c:ab:d7: e7:f2:06:94:9c:8f:fd:da:2c:2b:0f:6b:24:42:7e: fe:66:a2:18:df:a7:63:58:3e:a1:ac:ed:4d:ea:40: 95:90:07:d5:2c:1c:21:69:ff:d2:83:db:0b:8a:27: 36:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:42:0E:06:C4:F7:CE:02:9A:BB:F4:D0:79:8C:5C:D1:03:3E:10:3D X509v3 Authority Key Identifier: keyid:09:11:E9:9A:AD:F6:64:F0:39:92:9C:AB:BB:48:74:A3:A1:61:CA:AD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91937EA/1E9656306A5911EBA3641C3DC4F9AE02/CRHpmq32ZPA5kpyru0h0o6Fhyq0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CRHpmq32ZPA5kpyru0h0o6Fhyq0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91937EA/1E9656306A5911EBA3641C3DC4F9AE02/CRHpmq32ZPA5kpyru0h0o6Fhyq0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 41:30:61:f7:1c:2b:66:34:90:aa:94:ae:98:43:36:0c:61:ee: f7:28:13:75:9e:43:3f:20:54:f4:8d:c8:ca:84:5d:c4:aa:b4: b4:e6:2d:ab:41:18:29:be:57:51:24:73:57:76:50:41:7c:0a: e1:c4:3b:df:11:22:ef:56:5d:36:fc:9a:4e:97:e9:03:ba:d6: b8:04:cf:21:2d:08:9b:64:d9:dc:77:00:f0:df:19:10:72:0c: e8:9f:aa:7d:02:9a:b7:f8:d5:00:85:84:6f:5d:e0:34:d9:fd: d1:a3:8b:60:28:f2:13:aa:54:71:93:70:40:0e:c1:67:cd:8e: 46:2b:d9:d7:4e:d2:41:d7:16:51:24:89:6c:8a:a8:ba:a2:ed: 0b:67:2d:8c:70:0e:10:bd:59:62:88:94:a7:98:c9:5f:f9:79: b4:f0:c1:f7:85:45:7f:80:14:72:86:21:65:96:32:11:85:7a: b1:24:4d:69:7b:fa:ad:25:ec:f1:3f:d6:a4:96:5b:6c:66:1c: 65:f4:84:21:43:d0:87:da:55:4f:b0:25:90:76:29:75:c1:20: 69:5e:6f:78:20:b3:b8:a0:5c:6f:3b:b8:57:b4:01:0b:2d:92: 2c:b5:d1:6f:5c:25:4c:fa:ac:f9:2e:78:db:0c:a6:63:d8:d7: 8a:29:4b:a5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBpUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTM3RUExMTAvBgNVBAUTKDA5MTFFOTlBQURGNjY0RjAzOTkyOUNBQkJCNDg3NEEz QTE2MUNBQUQwHhcNMjUwNTE0MjIxNjEzWhcNMjUwNTIxMjIxNjEzWjAYMRYwFAYD VQQDEw02ODI1MTYyZC03YzQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAn3wUjZf7cya5MwLp4lZrbGUthaGOAhhWNt3KVl8Cz9NWxfHYQhMBQFaESdLE FaIqUtZNNksb72YGusQBLBKpPUIVdeIvBNjiXvylMOxO7dTGlrBjA9ZudUgFXy9I Hjm2AxLswib+QK7FsrHqQoADGI1S7Jc0aa3yS0d3uaCWiwMwGiJtcJWjQgpHKvva tDZt3I4JvPkGyRUKgNt9sUot94mfodZKvnQLZv2dr59o5hEJmOb8GRnPUtz0T1pD 4lq+WyIKDEi4QOpK8DGfvX1Mq9fn8gaUnI/92iwrD2skQn7+ZqIY36djWD6hrO1N 6kCVkAfVLBwhaf/Sg9sLiic2awIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHBCDgbE 984Cmrv00HmMXNEDPhA9MB8GA1UdIwQYMBaAFAkR6Zqt9mTwOZKcq7tIdKOhYcqt MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MzdFQS8xRTk2NTYzMDZB NTkxMUVCQTM2NDFDM0RDNEY5QUUwMi9DUkhwbXEzMlpQQTVrcHlydTBoMG82Rmh5 cTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NSSHBtcTMyWlBBNWtweXJ1MGgwbzZGaHlxMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 MzdFQS8xRTk2NTYzMDZBNTkxMUVCQTM2NDFDM0RDNEY5QUUwMi9DUkhwbXEzMlpQ QTVrcHlydTBoMG82Rmh5cTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBBMGH3HCtmNJCqlK6YQzYMYe73KBN1nkM/IFT0jcjKhF3EqrS05i2r QRgpvldRJHNXdlBBfArhxDvfESLvVl02/JpOl+kDuta4BM8hLQibZNncdwDw3xkQ cgzon6p9Apq3+NUAhYRvXeA02f3Ro4tgKPITqlRxk3BADsFnzY5GK9nXTtJB1xZR JIlsiqi6ou0LZy2McA4QvVliiJSnmMlf+Xm08MH3hUV/gBRyhiFlljIRhXqxJE1p e/qtJezxP9aklltsZhxl9IQhQ9CH2lVPsCWQdil1wSBpXm94ILO4oFxvO7hXtAEL LZIstdFvXCVM+qz5LnjbDKZj2NeKKUul -----END CERTIFICATE-----Generated at Thu May 15 22:00:34 2025 by rpki-client