$ rpki-client -vvf rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft File: 3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft (raw, json) Hash identifier: gMDRAGJ7wNhW5QN4OQ8xJV48I6oEnSXQJLdGcckM4UY= Subject key identifier: 2C:97:33:19:DE:D8:24:B6:26:F8:FF:69:22:D2:A7:3F:31:6D:46:D0 Authority key identifier: DF:25:34:84:DC:E5:2C:41:37:CB:D1:C8:ED:44:D9:CB:25:57:F4:3F Certificate issuer: /CN=A9158568/serialNumber=DF253484DCE52C4137CBD1C8ED44D9CB2557F43F Certificate serial: 0C2A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3yU0hNzlLEE3y9HI7UTZyyVX9D8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft Manifest number: 0C10 Signing time: Sun 10 Aug 2025 18:45:12 +0000 Manifest this update: Sun 10 Aug 2025 18:45:12 +0000 Manifest next update: Sun 17 Aug 2025 18:45:12 +0000 Files and hashes: 1: 3yU0hNzlLEE3y9HI7UTZyyVX9D8.crl (hash: iq1VnEqdCmOLaI6fP9C0OOayZUOgC+Q/NY0qrALlP1Q=) 2: 3A5A84F8CB7111EBA9EEF440C4F9AE02.roa (hash: LcxIbKxK3jutvAgu3ThkdTt7YT68VEQAWEq5z0WaOxY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.crl rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3yU0hNzlLEE3y9HI7UTZyyVX9D8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3114 (0xc2a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9158568, serialNumber=DF253484DCE52C4137CBD1C8ED44D9CB2557F43F Validity Not Before: Aug 10 18:45:12 2025 GMT Not After : Aug 17 18:45:12 2025 GMT Subject: CN=6898e8b8-abd4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:0c:f4:61:4e:11:c8:e9:22:57:12:fe:cf:78: c6:c3:24:0e:b0:65:c3:39:58:eb:95:ef:91:1a:8b: 90:55:de:9b:55:6c:f0:3c:6c:06:96:33:97:b9:0d: fc:a2:04:de:0f:67:bb:dc:3b:92:11:b6:3d:02:22: f9:63:94:02:e3:00:15:ca:2a:aa:18:fa:62:81:52: 51:88:37:dd:3d:5b:54:7a:64:36:ee:92:a7:32:ec: 02:99:32:e8:32:56:7d:33:f9:53:68:6b:37:47:a3: 25:1e:92:4d:fd:b3:7b:99:3d:89:42:2a:dc:4a:54: 18:8c:07:da:28:43:28:9e:e7:8d:db:a5:74:7a:d8: 6a:0c:f3:c1:dc:33:6e:cd:de:0f:df:b7:07:25:35: de:6e:be:c8:35:b9:00:d0:e5:3f:21:e6:4d:3d:29: 57:13:84:fb:8e:f8:74:5a:64:a3:43:c8:0a:72:dc: fe:6b:fb:98:b3:c0:d5:b3:bb:1e:f5:ca:f4:f9:3f: cc:8c:43:aa:1b:a5:59:81:3c:36:e5:68:b8:e0:26: 56:bd:ec:03:8f:c7:44:2e:b8:fa:d1:8a:3c:96:a6: 30:b7:ed:fe:d3:4d:f3:ab:b0:48:8d:d0:18:5a:18: a4:4d:36:28:fe:fb:e8:d0:78:b3:dd:6b:cd:78:3c: dd:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:97:33:19:DE:D8:24:B6:26:F8:FF:69:22:D2:A7:3F:31:6D:46:D0 X509v3 Authority Key Identifier: keyid:DF:25:34:84:DC:E5:2C:41:37:CB:D1:C8:ED:44:D9:CB:25:57:F4:3F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3yU0hNzlLEE3y9HI7UTZyyVX9D8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 95:0f:03:31:07:ff:19:6e:21:ff:59:78:91:d0:f3:a3:53:16: 6e:e4:7e:b8:9f:12:36:7e:93:56:c7:66:69:89:81:c0:9a:0e: ac:45:ed:c3:07:76:61:f8:89:7c:ba:09:69:e0:e8:8f:17:6f: 15:a3:0f:a6:c1:b9:19:4a:5d:10:ae:ad:43:be:6e:45:ef:3b: a4:40:18:c3:70:b5:03:89:dc:f3:f8:36:3a:07:86:68:07:ab: ee:e7:75:0f:83:e6:f6:de:a2:51:37:fb:a3:21:35:5a:65:cc: 22:1a:31:f1:6c:18:d6:08:06:6a:db:bb:16:bc:c2:20:2e:33: 3e:b8:ba:14:c9:25:56:a0:bb:3f:59:f1:81:e0:99:19:13:2e: 98:09:75:ab:18:0a:1a:d9:a4:15:02:2a:d0:e4:d7:67:1a:16: 68:20:f3:4d:5d:50:80:34:33:ab:33:05:c7:c6:06:0a:bf:5d: 7e:69:a0:a9:d2:64:91:5e:48:14:9f:e8:1e:9e:a2:07:ce:f1: 2a:b2:87:88:2d:97:c2:0b:87:e3:c1:3c:1a:b3:97:24:9b:e7: a9:db:51:3b:7c:bb:8d:68:56:cf:a1:1e:e3:99:fa:1d:a8:35: 59:b0:b5:ec:e8:18:c2:4e:6a:60:da:59:23:6a:14:0a:3b:07: 49:e8:b7:97 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDCowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTg1NjgxMTAvBgNVBAUTKERGMjUzNDg0RENFNTJDNDEzN0NCRDFDOEVENDREOUNC MjU1N0Y0M0YwHhcNMjUwODEwMTg0NTEyWhcNMjUwODE3MTg0NTEyWjAYMRYwFAYD VQQDEw02ODk4ZThiOC1hYmQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoAz0YU4RyOkiVxL+z3jGwyQOsGXDOVjrle+RGouQVd6bVWzwPGwGljOXuQ38 ogTeD2e73DuSEbY9AiL5Y5QC4wAVyiqqGPpigVJRiDfdPVtUemQ27pKnMuwCmTLo MlZ9M/lTaGs3R6MlHpJN/bN7mT2JQircSlQYjAfaKEMonueN26V0ethqDPPB3DNu zd4P37cHJTXebr7INbkA0OU/IeZNPSlXE4T7jvh0WmSjQ8gKctz+a/uYs8DVs7se 9cr0+T/MjEOqG6VZgTw25Wi44CZWvewDj8dELrj60Yo8lqYwt+3+003zq7BIjdAY WhikTTYo/vvo0Hiz3WvNeDzdwwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCyXMxne 2CS2Jvj/aSLSpz8xbUbQMB8GA1UdIwQYMBaAFN8lNITc5SxBN8vRyO1E2cslV/Q/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODU2OC9EMzEzMDY3NjE4 NTcxMUVBOTg2MzQxNUVDNEY5QUUwMi8zeVUwaE56bExFRTN5OUhJN1VUWnl5Vlg5 RDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzN5VTBoTnpsTEVFM3k5SEk3VVRaeXlWWDlEOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 ODU2OC9EMzEzMDY3NjE4NTcxMUVBOTg2MzQxNUVDNEY5QUUwMi8zeVUwaE56bExF RTN5OUhJN1VUWnl5Vlg5RDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCVDwMxB/8ZbiH/WXiR0POjUxZu5H64nxI2fpNWx2ZpiYHAmg6sRe3D B3Zh+Il8uglp4OiPF28Vow+mwbkZSl0Qrq1Dvm5F7zukQBjDcLUDidzz+DY6B4Zo B6vu53UPg+b23qJRN/ujITVaZcwiGjHxbBjWCAZq27sWvMIgLjM+uLoUySVWoLs/ WfGB4JkZEy6YCXWrGAoa2aQVAirQ5NdnGhZoIPNNXVCANDOrMwXHxgYKv11+aaCp 0mSRXkgUn+genqIHzvEqsoeILZfCC4fjwTwas5ckm+ep21E7fLuNaFbPoR7jmfod qDVZsLXs6BjCTmpg2lkjahQKOwdJ6LeX -----END CERTIFICATE-----Generated at Mon Aug 11 07:46:21 2025 by rpki-client