$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft File: r_h3chh1NYXDiOm4HDkGa9ONtZI.mft (raw, json) Hash identifier: A9C33RZq2SSmhZvL6UxfbUdcglRH3WNMwUuf4OzXnPo= Subject key identifier: 68:B8:B1:13:32:6A:84:42:B7:5C:6D:18:31:C1:4C:1D:90:E8:DD:10 Authority key identifier: AF:F8:77:72:18:75:35:85:C3:88:E9:B8:1C:39:06:6B:D3:8D:B5:92 Certificate issuer: /CN=A91CB3FE/serialNumber=AFF8777218753585C388E9B81C39066BD38DB592 Certificate serial: 54 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_h3chh1NYXDiOm4HDkGa9ONtZI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft Manifest number: 51 Signing time: Sun 19 Oct 2025 10:42:10 +0000 Manifest this update: Sun 19 Oct 2025 10:42:10 +0000 Manifest next update: Sun 26 Oct 2025 10:42:10 +0000 Files and hashes: 1: r_h3chh1NYXDiOm4HDkGa9ONtZI.crl (hash: h5PiNLdDrBs+wSFhiS567ko+kpbhMYoyV6ydoJRglwo=) 2: AFD61B9C36A311F08A82A258C4F9AE02.roa (hash: GbT2Xq8LMseiodZFptbEkKwR2JJrCaZJBMK5VYRS9TY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.crl rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_h3chh1NYXDiOm4HDkGa9ONtZI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 10:42:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 84 (0x54) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CB3FE, serialNumber=AFF8777218753585C388E9B81C39066BD38DB592 Validity Not Before: Oct 19 10:42:10 2025 GMT Not After : Oct 26 10:42:10 2025 GMT Subject: CN=68f4c082-2c34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:2d:15:71:b6:24:c6:51:bb:11:2b:3f:dc:28: b0:e2:dd:69:ea:4a:5f:54:cb:36:9f:2b:d0:f5:ad: 2e:f1:31:4c:a7:3b:a1:16:e6:0d:14:ee:01:18:fd: dc:39:76:95:ed:06:65:5e:1a:0c:c4:8f:bd:c7:e0: 65:1f:0f:c2:23:88:ff:20:a3:08:6f:b9:a8:77:99: 21:1f:44:de:41:33:82:3f:7a:61:a0:b7:ad:74:e4: 19:cb:0a:33:1b:67:09:33:b8:3e:f1:11:c0:8c:15: ea:ee:75:6d:ec:e9:47:9d:ce:39:ac:53:ec:62:7d: d9:c2:f1:f9:91:13:e2:c0:bc:c1:6d:a4:d3:ea:7e: 8d:03:69:65:80:cf:d4:72:91:f5:28:c9:ae:53:fc: 6a:72:f5:43:87:ca:34:81:17:ff:bd:e9:41:e6:4f: 25:9d:a5:f7:69:01:61:04:41:c2:ef:13:cc:e4:43: 00:ff:51:d7:f6:8d:b0:0c:65:6f:81:4a:dd:c8:85: af:71:d3:ba:47:5a:44:f5:44:63:59:19:40:d0:5e: 4f:6d:69:cc:7b:94:1b:6b:2a:25:cc:e5:eb:f6:a0: c6:a0:ef:48:c0:b3:01:ed:39:60:f1:62:6b:58:e7: ce:9f:b8:2b:24:05:db:bc:13:7b:b7:65:7c:30:8a: 86:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:B8:B1:13:32:6A:84:42:B7:5C:6D:18:31:C1:4C:1D:90:E8:DD:10 X509v3 Authority Key Identifier: keyid:AF:F8:77:72:18:75:35:85:C3:88:E9:B8:1C:39:06:6B:D3:8D:B5:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_h3chh1NYXDiOm4HDkGa9ONtZI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a6:64:be:3d:ef:3c:ed:b8:52:b3:f7:c2:9e:d4:36:9b:4a:eb: d1:34:1c:af:38:7b:da:b4:f4:2f:29:c1:85:82:2e:16:9e:2f: 0d:c9:46:16:4a:9d:eb:72:2f:1b:a7:f5:bf:7e:ca:5b:39:0b: da:c2:97:c5:53:d4:5f:ae:fa:2b:b5:5e:71:37:b1:ae:bb:20: 9e:12:ac:57:16:a5:21:ac:5d:d6:8f:90:67:d8:6a:a4:e6:7a: 10:10:de:ca:0a:92:06:09:11:ab:5d:14:ee:96:2d:44:99:2e: 9d:72:6f:19:e2:cf:45:d8:73:da:d3:07:fb:17:28:38:68:72: 21:54:14:04:bc:57:4e:e8:4c:8f:3e:03:f5:3c:40:c1:30:a5: cb:c3:bc:13:f0:76:59:ee:a2:1b:30:92:c9:26:1b:b8:5d:55: 2a:6a:cf:cb:cf:3f:74:79:04:27:9c:28:48:8a:49:5d:6e:2f: 87:4d:68:72:19:a9:9c:1c:20:97:60:6b:0d:c9:73:20:90:d3: 36:d2:d4:9a:8e:68:c0:44:85:91:3c:42:44:16:4f:1a:1c:ed: 84:b1:b7:9c:a8:c7:9a:53:7e:d9:05:89:ba:b5:5d:7a:50:20: 28:f4:b8:29:83:4c:64:84:42:d1:0d:7c:5f:4c:f5:71:a4:c4: 52:09:73:ca -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBVDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD QjNGRTExMC8GA1UEBRMoQUZGODc3NzIxODc1MzU4NUMzODhFOUI4MUMzOTA2NkJE MzhEQjU5MjAeFw0yNTEwMTkxMDQyMTBaFw0yNTEwMjYxMDQyMTBaMBgxFjAUBgNV BAMTDTY4ZjRjMDgyLTJjMzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDuLRVxtiTGUbsRKz/cKLDi3WnqSl9UyzafK9D1rS7xMUynO6EW5g0U7gEY/dw5 dpXtBmVeGgzEj73H4GUfD8IjiP8gowhvuah3mSEfRN5BM4I/emGgt6105BnLCjMb ZwkzuD7xEcCMFerudW3s6UedzjmsU+xifdnC8fmRE+LAvMFtpNPqfo0DaWWAz9Ry kfUoya5T/Gpy9UOHyjSBF/+96UHmTyWdpfdpAWEEQcLvE8zkQwD/Udf2jbAMZW+B St3Iha9x07pHWkT1RGNZGUDQXk9tacx7lBtrKiXM5ev2oMag70jAswHtOWDxYmtY 586fuCskBdu8E3u3ZXwwioZjAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUaLixEzJq hEK3XG0YMcFMHZDo3RAwHwYDVR0jBBgwFoAUr/h3chh1NYXDiOm4HDkGa9ONtZIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNCM0ZFLzJBNTY4NzgyMzZB MjExRjA4OTdCNEIzQ0M0RjlBRTAyL3JfaDNjaGgxTllYRGlPbTRIRGtHYTlPTnRa SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvcl9oM2NoaDFOWVhEaU9tNEhEa0dhOU9OdFpJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNC M0ZFLzJBNTY4NzgyMzZBMjExRjA4OTdCNEIzQ0M0RjlBRTAyL3JfaDNjaGgxTllY RGlPbTRIRGtHYTlPTnRaSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKZkvj3vPO24UrP3wp7UNptK69E0HK84e9q09C8pwYWCLhaeLw3JRhZK netyLxun9b9+yls5C9rCl8VT1F+u+iu1XnE3sa67IJ4SrFcWpSGsXdaPkGfYaqTm ehAQ3soKkgYJEatdFO6WLUSZLp1ybxniz0XYc9rTB/sXKDhociFUFAS8V07oTI8+ A/U8QMEwpcvDvBPwdlnuohswkskmG7hdVSpqz8vPP3R5BCecKEiKSV1uL4dNaHIZ qZwcIJdgaw3JcyCQ0zbS1JqOaMBEhZE8QkQWTxoc7YSxt5yox5pTftkFibq1XXpQ ICj0uCmDTGSEQtENfF9M9XGkxFIJc8o= -----END CERTIFICATE-----Generated at Mon Oct 20 14:01:47 2025 by rpki-client