$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft File: r_h3chh1NYXDiOm4HDkGa9ONtZI.mft (raw, json) Hash identifier: Bm+cejbfbBtvww9jb6R0vUezaX/ZQMTgZylnog0+2f0= Subject key identifier: E3:D6:CE:F2:65:56:ED:22:A8:AF:EE:70:AC:26:F0:40:EF:43:0D:DC Authority key identifier: AF:F8:77:72:18:75:35:85:C3:88:E9:B8:1C:39:06:6B:D3:8D:B5:92 Certificate issuer: /CN=A91CB3FE/serialNumber=AFF8777218753585C388E9B81C39066BD38DB592 Certificate serial: 30 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_h3chh1NYXDiOm4HDkGa9ONtZI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft Manifest number: 2D Signing time: Sat 09 Aug 2025 08:15:17 +0000 Manifest this update: Sat 09 Aug 2025 08:15:16 +0000 Manifest next update: Sat 16 Aug 2025 08:15:16 +0000 Files and hashes: 1: r_h3chh1NYXDiOm4HDkGa9ONtZI.crl (hash: o30DBlCDTm3IlQixByFcR26vbOtntTkeMTdvd2/BWi4=) 2: AFD61B9C36A311F08A82A258C4F9AE02.roa (hash: GbT2Xq8LMseiodZFptbEkKwR2JJrCaZJBMK5VYRS9TY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.crl rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_h3chh1NYXDiOm4HDkGa9ONtZI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48 (0x30) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CB3FE, serialNumber=AFF8777218753585C388E9B81C39066BD38DB592 Validity Not Before: Aug 9 08:15:16 2025 GMT Not After : Aug 16 08:15:16 2025 GMT Subject: CN=68970395-a345 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:1b:f7:a8:9c:1c:2c:6b:3c:40:ec:37:fb:fd: 1a:8c:ee:b7:64:af:6f:f4:ec:a5:36:36:10:7b:19: 26:9b:9b:c8:a9:ae:ac:d1:b7:8d:2a:cf:50:e5:df: 94:3b:73:29:bf:4c:c7:f7:81:1f:42:c9:bd:68:ba: b6:e9:57:b1:e8:2d:ec:c8:39:b4:a2:82:14:da:bf: 2d:3e:b7:95:f0:b9:6b:86:29:b6:85:5e:4a:f2:a6: ef:83:4d:77:f8:a3:42:b3:6a:a1:d0:d7:9f:82:76: ee:a0:a6:81:3f:d1:a0:52:c7:be:1c:a5:5e:46:95: 92:17:92:f6:7f:b7:9e:ae:bc:2c:fb:32:c9:05:e9: 80:3b:14:87:72:92:a5:c9:b5:36:39:94:08:85:71: 2b:27:5b:b4:f0:c6:55:6a:50:08:18:37:98:fd:0b: e4:3d:34:d4:e0:af:1e:42:92:f5:7f:83:1e:3d:f2: 6b:d3:b9:5d:e6:e6:93:62:c7:ee:7c:bb:93:80:e3: 35:3a:05:b3:c1:27:ca:80:26:e8:75:c2:cd:fe:42: 2a:cf:ec:af:d5:0c:8c:73:ed:de:19:f0:b6:91:5f: da:fa:05:ef:d0:86:08:cd:53:3c:00:f6:c2:e5:1e: 2b:47:80:fb:9c:66:40:0d:c0:d0:27:55:d2:42:02: 9a:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:D6:CE:F2:65:56:ED:22:A8:AF:EE:70:AC:26:F0:40:EF:43:0D:DC X509v3 Authority Key Identifier: keyid:AF:F8:77:72:18:75:35:85:C3:88:E9:B8:1C:39:06:6B:D3:8D:B5:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_h3chh1NYXDiOm4HDkGa9ONtZI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b2:f9:e2:0e:bc:4f:6d:b1:19:81:1e:dd:e9:e4:d7:b7:f1:3c: fb:15:30:ae:c9:b8:13:0e:7e:61:9a:17:e0:28:94:09:0e:02: c1:6a:4d:70:71:b6:29:c2:9d:da:55:dc:07:06:bd:77:28:5e: 9c:f5:eb:f9:44:72:7c:a9:82:09:54:32:f9:08:e0:82:96:ef: e0:29:45:80:8e:18:0b:fd:34:8a:51:bf:1e:d1:b9:6d:38:65: 0c:5e:c3:bb:dd:56:86:45:79:f5:4c:6c:0d:22:73:47:b9:fb: 56:83:eb:d7:74:2b:e0:fa:bc:36:2c:35:a0:e8:7f:16:e1:86: 0d:fe:0c:b9:75:ed:1c:66:e7:1f:53:dd:21:e0:d0:70:3d:a7: 0b:e4:b8:34:5d:78:9c:49:a4:f2:dd:a6:d1:7e:ed:b4:57:00: 6e:ce:00:db:09:3e:1e:c0:57:18:50:d3:7c:98:03:f9:50:70: 5f:52:63:bc:07:56:d0:e2:b9:2f:f7:d9:ea:8e:04:d1:68:83: b9:6f:4e:22:a8:9f:ee:08:30:ac:c8:a9:45:1a:4f:f7:ba:25: 40:11:34:69:7b:71:86:c5:f2:56:16:be:c0:e6:47:ff:ed:06: dd:bd:dc:f5:dc:8f:bd:6b:c5:5d:9b:e9:9a:d1:04:62:54:e1: 30:8f:9b:22 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBMDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD QjNGRTExMC8GA1UEBRMoQUZGODc3NzIxODc1MzU4NUMzODhFOUI4MUMzOTA2NkJE MzhEQjU5MjAeFw0yNTA4MDkwODE1MTZaFw0yNTA4MTYwODE1MTZaMBgxFjAUBgNV BAMTDTY4OTcwMzk1LWEzNDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDHG/eonBwsazxA7Df7/RqM7rdkr2/07KU2NhB7GSabm8iprqzRt40qz1Dl35Q7 cym/TMf3gR9Cyb1ourbpV7HoLezIObSighTavy0+t5XwuWuGKbaFXkrypu+DTXf4 o0KzaqHQ15+Cdu6gpoE/0aBSx74cpV5GlZIXkvZ/t56uvCz7MskF6YA7FIdykqXJ tTY5lAiFcSsnW7TwxlVqUAgYN5j9C+Q9NNTgrx5CkvV/gx498mvTuV3m5pNix+58 u5OA4zU6BbPBJ8qAJuh1ws3+QirP7K/VDIxz7d4Z8LaRX9r6Be/QhgjNUzwA9sLl HitHgPucZkANwNAnVdJCAppXAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU49bO8mVW 7SKor+5wrCbwQO9DDdwwHwYDVR0jBBgwFoAUr/h3chh1NYXDiOm4HDkGa9ONtZIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNCM0ZFLzJBNTY4NzgyMzZB MjExRjA4OTdCNEIzQ0M0RjlBRTAyL3JfaDNjaGgxTllYRGlPbTRIRGtHYTlPTnRa SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvcl9oM2NoaDFOWVhEaU9tNEhEa0dhOU9OdFpJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNC M0ZFLzJBNTY4NzgyMzZBMjExRjA4OTdCNEIzQ0M0RjlBRTAyL3JfaDNjaGgxTllY RGlPbTRIRGtHYTlPTnRaSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBALL54g68T22xGYEe3enk17fxPPsVMK7JuBMOfmGaF+AolAkOAsFqTXBx tinCndpV3AcGvXcoXpz16/lEcnypgglUMvkI4IKW7+ApRYCOGAv9NIpRvx7RuW04 ZQxew7vdVoZFefVMbA0ic0e5+1aD69d0K+D6vDYsNaDofxbhhg3+DLl17Rxm5x9T 3SHg0HA9pwvkuDRdeJxJpPLdptF+7bRXAG7OANsJPh7AVxhQ03yYA/lQcF9SY7wH VtDiuS/32eqOBNFog7lvTiKon+4IMKzIqUUaT/e6JUARNGl7cYbF8lYWvsDmR//t Bt293PXcj71rxV2b6ZrRBGJU4TCPmyI= -----END CERTIFICATE-----Generated at Sat Aug 9 14:27:40 2025 by rpki-client