$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft File: r_h3chh1NYXDiOm4HDkGa9ONtZI.mft (raw, json) Hash identifier: 1XC5LJyhQNmx6bFUVipvpnxnvcNNloOyexffBDjy4HA= Subject key identifier: DF:D8:EC:17:67:A7:E1:4C:A5:02:0B:5F:9C:0E:CD:B3:BB:81:D0:7A Authority key identifier: AF:F8:77:72:18:75:35:85:C3:88:E9:B8:1C:39:06:6B:D3:8D:B5:92 Certificate issuer: /CN=A91CB3FE/serialNumber=AFF8777218753585C388E9B81C39066BD38DB592 Certificate serial: 37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_h3chh1NYXDiOm4HDkGa9ONtZI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft Manifest number: 34 Signing time: Sat 23 Aug 2025 07:53:33 +0000 Manifest this update: Sat 23 Aug 2025 07:53:33 +0000 Manifest next update: Sat 30 Aug 2025 07:53:33 +0000 Files and hashes: 1: r_h3chh1NYXDiOm4HDkGa9ONtZI.crl (hash: SodNVcFV7rN1LiwjZahp1kb7ITsBodQe4f1Lg+Iu41A=) 2: AFD61B9C36A311F08A82A258C4F9AE02.roa (hash: GbT2Xq8LMseiodZFptbEkKwR2JJrCaZJBMK5VYRS9TY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.crl rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_h3chh1NYXDiOm4HDkGa9ONtZI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 07:53:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55 (0x37) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CB3FE, serialNumber=AFF8777218753585C388E9B81C39066BD38DB592 Validity Not Before: Aug 23 07:53:33 2025 GMT Not After : Aug 30 07:53:33 2025 GMT Subject: CN=68a9737d-b71e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:90:ce:35:18:3e:4e:53:53:8d:9a:a3:40:3c: cf:d2:66:1a:3b:59:6c:25:a6:82:87:f7:ef:77:53: fe:a5:33:ed:aa:54:17:76:af:42:04:61:68:57:3e: 4a:fd:11:f7:01:6e:90:3b:b6:eb:6c:e4:98:82:bb: 70:9d:f8:db:04:37:5e:f5:b3:c8:bc:37:2b:c3:2a: 64:b3:73:2c:80:42:62:8d:a2:93:23:11:61:a6:c2: 0f:68:ea:81:72:ea:ec:98:eb:e4:7f:aa:b2:18:51: e1:81:46:eb:13:c9:14:3b:c2:f4:0c:85:08:19:2d: 40:8e:4d:e9:0f:ed:9a:ac:a7:aa:42:06:9e:99:23: 60:05:1b:cb:39:d8:b9:65:2b:ab:15:6f:c5:c1:5e: 79:49:c3:20:c4:6f:79:9d:6d:e9:de:82:1f:3c:2c: 0e:cb:3f:57:ee:a7:e3:76:0d:15:f9:3b:99:ed:d8: 39:d8:4f:53:d0:08:68:fe:74:35:14:04:a4:15:a0: 5d:63:53:0d:40:60:37:60:d7:0c:52:74:44:50:18: bc:48:93:7c:b7:af:ad:52:ea:89:6d:88:12:21:be: af:b5:10:e9:1f:6a:f7:9f:71:39:43:14:70:ce:16: 50:58:e8:4d:c6:81:c3:6c:86:60:a8:7d:f1:c2:79: ba:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:D8:EC:17:67:A7:E1:4C:A5:02:0B:5F:9C:0E:CD:B3:BB:81:D0:7A X509v3 Authority Key Identifier: keyid:AF:F8:77:72:18:75:35:85:C3:88:E9:B8:1C:39:06:6B:D3:8D:B5:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_h3chh1NYXDiOm4HDkGa9ONtZI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 23:65:49:0a:dd:af:21:0c:3b:3d:52:e1:83:84:c0:39:d5:f4: 29:d0:1a:ce:7e:d4:13:69:28:4a:3e:7d:a7:19:2e:fa:8e:0f: 25:fd:49:95:35:6e:ff:55:76:3e:fc:c8:b2:71:a7:bd:5b:0d: 71:24:8e:ac:07:da:1e:0d:75:73:1b:a0:d4:8c:5c:3d:f5:a5: 34:e8:0f:84:35:83:22:da:1c:52:07:3e:7d:d2:7d:87:7e:b7: 38:cb:8b:5c:9f:d4:67:f7:21:b4:59:b3:bd:c7:7e:bf:01:31: 7c:0a:48:99:72:84:39:a0:bb:ee:82:79:c8:88:31:dd:22:cd: b9:58:a1:e3:95:e8:44:77:c3:f2:a4:e8:3d:1a:69:d5:cb:a0: e0:2e:b0:90:47:d1:c0:78:c3:93:93:6b:cc:fc:9d:35:59:46: 9b:c4:46:d8:ef:43:42:c1:38:e7:41:47:c6:e7:1b:a3:6b:ad: 98:6f:07:34:a3:62:b1:71:93:29:2e:fa:e0:4e:d7:62:91:a1: 15:64:62:55:fb:84:e5:cc:52:ae:1f:49:6c:f2:6a:89:15:e4: 4e:2d:81:fb:f2:3f:8d:12:6b:b2:74:4e:42:68:e1:12:2d:ff: 71:5e:ca:1b:19:3f:4e:e6:ad:c3:2e:2d:10:3f:17:62:34:cb: 8c:02:a7:6b -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBNzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD QjNGRTExMC8GA1UEBRMoQUZGODc3NzIxODc1MzU4NUMzODhFOUI4MUMzOTA2NkJE MzhEQjU5MjAeFw0yNTA4MjMwNzUzMzNaFw0yNTA4MzAwNzUzMzNaMBgxFjAUBgNV BAMTDTY4YTk3MzdkLWI3MWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDYkM41GD5OU1ONmqNAPM/SZho7WWwlpoKH9+93U/6lM+2qVBd2r0IEYWhXPkr9 EfcBbpA7tuts5JiCu3Cd+NsEN171s8i8NyvDKmSzcyyAQmKNopMjEWGmwg9o6oFy 6uyY6+R/qrIYUeGBRusTyRQ7wvQMhQgZLUCOTekP7Zqsp6pCBp6ZI2AFG8s52Lll K6sVb8XBXnlJwyDEb3mdbenegh88LA7LP1fup+N2DRX5O5nt2DnYT1PQCGj+dDUU BKQVoF1jUw1AYDdg1wxSdERQGLxIk3y3r61S6oltiBIhvq+1EOkfavefcTlDFHDO FlBY6E3GgcNshmCoffHCebovAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU39jsF2en 4UylAgtfnA7Ns7uB0HowHwYDVR0jBBgwFoAUr/h3chh1NYXDiOm4HDkGa9ONtZIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNCM0ZFLzJBNTY4NzgyMzZB MjExRjA4OTdCNEIzQ0M0RjlBRTAyL3JfaDNjaGgxTllYRGlPbTRIRGtHYTlPTnRa SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvcl9oM2NoaDFOWVhEaU9tNEhEa0dhOU9OdFpJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNC M0ZFLzJBNTY4NzgyMzZBMjExRjA4OTdCNEIzQ0M0RjlBRTAyL3JfaDNjaGgxTllY RGlPbTRIRGtHYTlPTnRaSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBACNlSQrdryEMOz1S4YOEwDnV9CnQGs5+1BNpKEo+facZLvqODyX9SZU1 bv9Vdj78yLJxp71bDXEkjqwH2h4NdXMboNSMXD31pTToD4Q1gyLaHFIHPn3SfYd+ tzjLi1yf1Gf3IbRZs73Hfr8BMXwKSJlyhDmgu+6CeciIMd0izblYoeOV6ER3w/Kk 6D0aadXLoOAusJBH0cB4w5OTa8z8nTVZRpvERtjvQ0LBOOdBR8bnG6NrrZhvBzSj YrFxkyku+uBO12KRoRVkYlX7hOXMUq4fSWzyaokV5E4tgfvyP40Sa7J0TkJo4RIt /3FeyhsZP07mrcMuLRA/F2I0y4wCp2s= -----END CERTIFICATE-----Generated at Sat Aug 23 17:19:46 2025 by rpki-client