$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft File: r_h3chh1NYXDiOm4HDkGa9ONtZI.mft (raw, json) Hash identifier: ETmcZFnsGLp7mCeQQgRvLFWSRx52HZnyeC5ZDP3sMxg= Subject key identifier: 79:7F:AB:B7:2F:7F:C0:EC:59:F3:13:CF:9F:7C:BF:72:0F:BF:FD:73 Authority key identifier: AF:F8:77:72:18:75:35:85:C3:88:E9:B8:1C:39:06:6B:D3:8D:B5:92 Certificate issuer: /CN=A91CB3FE/serialNumber=AFF8777218753585C388E9B81C39066BD38DB592 Certificate serial: 19 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_h3chh1NYXDiOm4HDkGa9ONtZI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft Manifest number: 17 Signing time: Tue 01 Jul 2025 08:47:17 +0000 Manifest this update: Tue 01 Jul 2025 08:47:17 +0000 Manifest next update: Tue 08 Jul 2025 08:47:17 +0000 Files and hashes: 1: r_h3chh1NYXDiOm4HDkGa9ONtZI.crl (hash: Srap3tkTcPMVohHrDFRWMHW5HJoZGiON/6Qdm4zMTwc=) 2: AFD61B9C36A311F08A82A258C4F9AE02.roa (hash: +g7S+aP+gP5OGD63E2pSF3uq07V8a/AIOEKK09wzFAU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.crl rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_h3chh1NYXDiOm4HDkGa9ONtZI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 08:47:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25 (0x19) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CB3FE, serialNumber=AFF8777218753585C388E9B81C39066BD38DB592 Validity Not Before: Jul 1 08:47:17 2025 GMT Not After : Jul 8 08:47:17 2025 GMT Subject: CN=6863a095-8cca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:51:9b:8e:e4:68:77:7b:d7:4b:46:02:58:98: 37:8d:73:b2:94:55:de:4e:e0:54:13:0c:2b:8c:b9: ee:78:d6:99:b6:10:01:83:4d:3a:13:73:f0:d5:0e: 46:a7:06:27:33:de:1a:2e:e3:fe:5b:e6:be:ab:a9: e9:3f:8a:0b:e9:f6:69:50:ad:36:24:75:b5:f5:f8: 27:fb:55:27:be:58:f3:5f:96:24:bd:7e:0f:98:86: 68:ce:70:4d:e9:c4:85:17:d9:11:67:c2:c4:7e:d6: 57:5e:ea:08:73:fb:b7:f7:da:1d:bc:71:90:c7:39: 19:66:fd:6e:5a:4f:5e:bb:a1:7e:ae:29:40:ba:36: d5:1d:af:76:1f:1a:55:37:63:46:3a:0c:b2:d3:8b: b9:29:ac:cb:92:51:c9:58:83:e7:6a:f1:9d:55:93: bb:ac:cb:ab:05:1a:12:56:a4:b7:00:42:d7:b6:dc: 66:d8:e9:bf:c4:b1:e1:09:de:28:7e:07:de:35:65: 9e:3d:b0:c4:27:7d:0f:24:b9:a4:19:30:82:54:db: 4f:71:e2:f5:ef:40:18:26:d5:64:b5:6b:04:8b:85: 1f:57:68:dd:17:3b:01:ef:fa:75:2a:70:fe:c0:3d: 8c:24:55:5f:01:a1:b8:b0:5c:12:50:db:3d:84:a1: 53:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:7F:AB:B7:2F:7F:C0:EC:59:F3:13:CF:9F:7C:BF:72:0F:BF:FD:73 X509v3 Authority Key Identifier: keyid:AF:F8:77:72:18:75:35:85:C3:88:E9:B8:1C:39:06:6B:D3:8D:B5:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_h3chh1NYXDiOm4HDkGa9ONtZI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 31:03:a0:2b:58:c2:91:69:7c:a9:42:77:b6:e0:53:08:d6:80: fc:56:37:86:e7:64:c1:f9:ae:87:a9:f2:eb:64:af:7d:f3:30: df:19:9a:6b:b8:2c:2b:d5:52:24:af:bd:02:fe:30:77:13:29: 05:ed:dd:19:5e:a6:35:e8:e5:1d:a1:80:2d:e4:db:29:fb:ae: 0a:a5:c1:e0:de:9b:55:fa:40:98:32:76:56:eb:43:56:24:96: e5:da:fb:4e:12:55:83:a1:d4:c0:63:4d:d1:2a:f1:bd:12:ee: e7:fd:e3:e3:aa:70:7e:2d:e2:4f:bf:5e:0e:70:7a:cc:45:56: 30:29:45:02:5e:17:83:1c:8f:30:17:b7:ed:d5:e5:fd:56:a8: 74:97:63:17:9b:7b:78:e2:e5:9f:ac:78:44:16:7b:45:2c:6a: 12:c2:e5:9c:f1:bc:21:6d:27:ba:57:53:d0:d7:99:d1:32:4a: 4c:52:b3:22:07:32:ce:e4:7e:04:bc:a8:d5:10:eb:94:13:af: 39:cc:3e:cb:c7:f9:b2:dc:6f:13:d5:4e:06:68:03:bd:d5:b9: e9:ad:1c:37:fe:4e:d0:49:c9:4c:0f:83:f9:22:d3:4d:e7:df: 1d:0a:db:d8:77:ed:02:bb:31:b4:d1:7b:4d:f4:07:cf:0a:9b: 20:cd:32:f9 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBGTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD QjNGRTExMC8GA1UEBRMoQUZGODc3NzIxODc1MzU4NUMzODhFOUI4MUMzOTA2NkJE MzhEQjU5MjAeFw0yNTA3MDEwODQ3MTdaFw0yNTA3MDgwODQ3MTdaMBgxFjAUBgNV BAMTDTY4NjNhMDk1LThjY2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC7UZuO5Gh3e9dLRgJYmDeNc7KUVd5O4FQTDCuMue541pm2EAGDTToTc/DVDkan Bicz3hou4/5b5r6rqek/igvp9mlQrTYkdbX1+Cf7VSe+WPNfliS9fg+YhmjOcE3p xIUX2RFnwsR+1lde6ghz+7f32h28cZDHORlm/W5aT167oX6uKUC6NtUdr3YfGlU3 Y0Y6DLLTi7kprMuSUclYg+dq8Z1Vk7usy6sFGhJWpLcAQte23GbY6b/EseEJ3ih+ B941ZZ49sMQnfQ8kuaQZMIJU209x4vXvQBgm1WS1awSLhR9XaN0XOwHv+nUqcP7A PYwkVV8BobiwXBJQ2z2EoVPlAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUeX+rty9/ wOxZ8xPPn3y/cg+//XMwHwYDVR0jBBgwFoAUr/h3chh1NYXDiOm4HDkGa9ONtZIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNCM0ZFLzJBNTY4NzgyMzZB MjExRjA4OTdCNEIzQ0M0RjlBRTAyL3JfaDNjaGgxTllYRGlPbTRIRGtHYTlPTnRa SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvcl9oM2NoaDFOWVhEaU9tNEhEa0dhOU9OdFpJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNC M0ZFLzJBNTY4NzgyMzZBMjExRjA4OTdCNEIzQ0M0RjlBRTAyL3JfaDNjaGgxTllY RGlPbTRIRGtHYTlPTnRaSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBADEDoCtYwpFpfKlCd7bgUwjWgPxWN4bnZMH5roep8utkr33zMN8Zmmu4 LCvVUiSvvQL+MHcTKQXt3RlepjXo5R2hgC3k2yn7rgqlweDem1X6QJgydlbrQ1Yk luXa+04SVYOh1MBjTdEq8b0S7uf94+OqcH4t4k+/Xg5wesxFVjApRQJeF4McjzAX t+3V5f1WqHSXYxebe3ji5Z+seEQWe0UsahLC5ZzxvCFtJ7pXU9DXmdEySkxSsyIH Ms7kfgS8qNUQ65QTrznMPsvH+bLcbxPVTgZoA73VuemtHDf+TtBJyUwPg/ki003n 3x0K29h37QK7MbTRe030B88KmyDNMvk= -----END CERTIFICATE-----Generated at Wed Jul 2 20:04:05 2025 by rpki-client