$ rpki-client -vvf rpki.apnic.net/member_repository/A9147CA8/6A9E915C6EE911F0B301F667C4F9AE02/3SgIKP8JlqjL7ym_DZFN8lLfHL0.mft File: 3SgIKP8JlqjL7ym_DZFN8lLfHL0.mft (raw, json) Hash identifier: pFybJQ9DlNyEZPl8lfpJpbFedAvAvo1B25iLq42pzV0= Subject key identifier: 44:6F:CB:EA:26:54:73:0D:CE:4B:6F:E2:2C:A9:F0:A9:A0:B9:49:83 Authority key identifier: DD:28:08:28:FF:09:96:A8:CB:EF:29:BF:0D:91:4D:F2:52:DF:1C:BD Certificate issuer: /CN=A9147CA8/serialNumber=DD280828FF0996A8CBEF29BF0D914DF252DF1CBD Certificate serial: 06 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3SgIKP8JlqjL7ym_DZFN8lLfHL0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9147CA8/6A9E915C6EE911F0B301F667C4F9AE02/3SgIKP8JlqjL7ym_DZFN8lLfHL0.mft Manifest number: 06 Signing time: Sat 09 Aug 2025 08:43:15 +0000 Manifest this update: Sat 09 Aug 2025 08:43:15 +0000 Manifest next update: Sat 16 Aug 2025 08:43:15 +0000 Files and hashes: 1: 3SgIKP8JlqjL7ym_DZFN8lLfHL0.crl (hash: WRKvxCtkEgPaVc/g2X3ZMSqsn2NsMcP1pNkwv5dvej0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9147CA8/6A9E915C6EE911F0B301F667C4F9AE02/3SgIKP8JlqjL7ym_DZFN8lLfHL0.crl rsync://rpki.apnic.net/member_repository/A9147CA8/6A9E915C6EE911F0B301F667C4F9AE02/3SgIKP8JlqjL7ym_DZFN8lLfHL0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3SgIKP8JlqjL7ym_DZFN8lLfHL0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6 (0x6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9147CA8, serialNumber=DD280828FF0996A8CBEF29BF0D914DF252DF1CBD Validity Not Before: Aug 9 08:43:15 2025 GMT Not After : Aug 16 08:43:15 2025 GMT Subject: CN=68970a23-f5a5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:b3:f3:77:c0:a6:5c:8b:e7:a2:d4:50:43:ef: 4c:50:d7:66:fa:52:42:78:95:3a:77:c4:74:73:dc: dc:55:a6:72:9e:15:ea:5a:15:cd:c4:94:43:48:c1: 0b:5c:96:71:c2:1e:56:80:ac:7e:3f:ee:6b:9f:97: 56:d2:d5:1a:cc:b3:19:2e:b7:bc:bf:ba:5c:6b:36: 44:0d:e8:e4:06:f2:91:28:06:ee:fb:fe:9c:39:f9: d8:0d:79:ab:a6:26:88:34:d0:0e:86:d5:0a:51:07: a0:44:e5:35:1f:e5:de:ee:7e:05:10:a9:70:12:f8: 93:c8:48:79:9d:6e:83:25:5c:b1:17:ec:a1:0a:13: 1d:71:21:f6:11:62:2f:c7:f2:d0:c5:1a:19:63:b8: 42:44:4d:bd:03:ea:64:18:96:6a:27:b5:6f:3c:36: aa:14:62:d3:eb:fa:ef:a8:ae:fb:06:e3:4d:15:e6: 6a:52:00:7a:83:3b:59:9e:00:b9:89:f8:19:4b:12: e2:24:03:ab:32:6b:2d:2e:a8:23:28:6a:f5:95:0d: 21:ea:af:3b:3e:75:e8:d4:8a:5c:50:27:66:c8:16: 5f:02:d1:0c:49:0b:c1:11:bc:48:76:c3:e8:9b:45: bf:eb:b4:32:42:0f:b2:40:16:e3:d9:47:20:9c:06: 89:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:6F:CB:EA:26:54:73:0D:CE:4B:6F:E2:2C:A9:F0:A9:A0:B9:49:83 X509v3 Authority Key Identifier: keyid:DD:28:08:28:FF:09:96:A8:CB:EF:29:BF:0D:91:4D:F2:52:DF:1C:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9147CA8/6A9E915C6EE911F0B301F667C4F9AE02/3SgIKP8JlqjL7ym_DZFN8lLfHL0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3SgIKP8JlqjL7ym_DZFN8lLfHL0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147CA8/6A9E915C6EE911F0B301F667C4F9AE02/3SgIKP8JlqjL7ym_DZFN8lLfHL0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 95:63:74:6d:51:53:04:e8:ce:77:1e:9f:47:5e:0f:25:09:3f: fa:a0:31:d0:02:b8:9d:dd:d5:0f:6d:49:fe:3a:36:39:8a:89: 82:40:2c:29:c6:b7:9f:f6:cc:c0:22:05:44:59:ef:ab:08:74: 18:60:06:b7:c7:3b:ef:ba:da:a0:55:87:d7:e8:f3:77:7d:09: 18:71:ed:4d:68:96:b0:7a:1a:54:ce:2a:6e:d3:31:0e:45:a8: b3:8f:c9:5b:92:2e:a0:ad:9f:46:f3:95:fc:e9:2e:c2:f8:f5: bc:b9:54:98:d8:54:5e:8e:17:2f:b8:4b:6c:3e:61:f0:25:c3: 3b:64:81:49:0f:94:f6:83:40:e5:3a:c2:73:66:35:4e:fb:16: 72:3b:2b:f4:9d:3a:0f:c3:08:d7:44:6e:ab:1d:ec:1e:66:79: 7b:3c:06:16:9a:bb:e6:35:b5:3f:d7:38:65:db:b2:48:36:c1: a5:4f:5a:f1:50:e3:4c:49:bd:06:b8:29:c5:58:46:a9:43:e9: 41:4e:9b:7f:4a:e8:71:08:9c:f3:65:48:f9:c6:c0:0c:8b:9e: 3a:c8:1d:77:0b:ce:32:2d:1b:58:a8:b9:06:5e:37:3c:17:8d: 73:05:76:9b:2d:7b:11:c9:87:c6:24:35:9c:ce:e9:91:f2:1e: 0e:a0:d9:9e -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 N0NBODExMC8GA1UEBRMoREQyODA4MjhGRjA5OTZBOENCRUYyOUJGMEQ5MTRERjI1 MkRGMUNCRDAeFw0yNTA4MDkwODQzMTVaFw0yNTA4MTYwODQzMTVaMBgxFjAUBgNV BAMTDTY4OTcwYTIzLWY1YTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCqs/N3wKZci+ei1FBD70xQ12b6UkJ4lTp3xHRz3NxVpnKeFepaFc3ElENIwQtc lnHCHlaArH4/7mufl1bS1RrMsxkut7y/ulxrNkQN6OQG8pEoBu77/pw5+dgNeaum Jog00A6G1QpRB6BE5TUf5d7ufgUQqXAS+JPISHmdboMlXLEX7KEKEx1xIfYRYi/H 8tDFGhljuEJETb0D6mQYlmontW88NqoUYtPr+u+orvsG400V5mpSAHqDO1meALmJ +BlLEuIkA6syay0uqCMoavWVDSHqrzs+dejUilxQJ2bIFl8C0QxJC8ERvEh2w+ib Rb/rtDJCD7JAFuPZRyCcBonvAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQURG/L6iZU cw3OS2/iLKnwqaC5SYMwHwYDVR0jBBgwFoAU3SgIKP8JlqjL7ym/DZFN8lLfHL0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ3Q0E4LzZBOUU5MTVDNkVF OTExRjBCMzAxRjY2N0M0RjlBRTAyLzNTZ0lLUDhKbHFqTDd5bV9EWkZOOGxMZkhM MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvM1NnSUtQOEpscWpMN3ltX0RaRk44bExmSEwwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ3 Q0E4LzZBOUU5MTVDNkVFOTExRjBCMzAxRjY2N0M0RjlBRTAyLzNTZ0lLUDhKbHFq TDd5bV9EWkZOOGxMZkhMMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAJVjdG1RUwTozncen0deDyUJP/qgMdACuJ3d1Q9tSf46NjmKiYJALCnG t5/2zMAiBURZ76sIdBhgBrfHO++62qBVh9fo83d9CRhx7U1olrB6GlTOKm7TMQ5F qLOPyVuSLqCtn0bzlfzpLsL49by5VJjYVF6OFy+4S2w+YfAlwztkgUkPlPaDQOU6 wnNmNU77FnI7K/SdOg/DCNdEbqsd7B5meXs8Bhaau+Y1tT/XOGXbskg2waVPWvFQ 40xJvQa4KcVYRqlD6UFOm39K6HEInPNlSPnGwAyLnjrIHXcLzjItG1iouQZeNzwX jXMFdpstexHJh8YkNZzO6ZHyHg6g2Z4= -----END CERTIFICATE-----Generated at Sun Aug 10 20:01:03 2025 by rpki-client