$ rpki-client -vvf rpki.apnic.net/member_repository/A916156D/7CD3DEAC4E8911F0A81C6716C4F9AE02/Sd3R5MWp_HZmJtL6O2Y32oDqL9I.mft File: Sd3R5MWp_HZmJtL6O2Y32oDqL9I.mft (raw, json) Hash identifier: tjm8j/2QwIzFO4EF7a50hlQDy8hJjBiZXbtLa+TD09A= Subject key identifier: A3:B8:EA:69:CF:73:8D:91:A1:6F:59:6A:2B:D5:CF:A6:3F:A2:52:5D Authority key identifier: 49:DD:D1:E4:C5:A9:FC:76:66:26:D2:FA:3B:66:37:DA:80:EA:2F:D2 Certificate issuer: /CN=A916156D/serialNumber=49DDD1E4C5A9FC766626D2FA3B6637DA80EA2FD2 Certificate serial: 21 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Sd3R5MWp_HZmJtL6O2Y32oDqL9I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916156D/7CD3DEAC4E8911F0A81C6716C4F9AE02/Sd3R5MWp_HZmJtL6O2Y32oDqL9I.mft Manifest number: 1E Signing time: Sat 09 Aug 2025 08:26:20 +0000 Manifest this update: Sat 09 Aug 2025 08:26:20 +0000 Manifest next update: Sat 16 Aug 2025 08:26:20 +0000 Files and hashes: 1: Sd3R5MWp_HZmJtL6O2Y32oDqL9I.crl (hash: QOMw6YzE5xzcrIOwBrFusAFWPQLYWORixFaYhhX2TUU=) 2: 850105504F3D11F0A0960F7CC4F9AE02.roa (hash: ycoxpKT+DpgcLoAUSWd+EWSk4JnPGKou98k0R1luHMk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916156D/7CD3DEAC4E8911F0A81C6716C4F9AE02/Sd3R5MWp_HZmJtL6O2Y32oDqL9I.crl rsync://rpki.apnic.net/member_repository/A916156D/7CD3DEAC4E8911F0A81C6716C4F9AE02/Sd3R5MWp_HZmJtL6O2Y32oDqL9I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Sd3R5MWp_HZmJtL6O2Y32oDqL9I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33 (0x21) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916156D, serialNumber=49DDD1E4C5A9FC766626D2FA3B6637DA80EA2FD2 Validity Not Before: Aug 9 08:26:20 2025 GMT Not After : Aug 16 08:26:20 2025 GMT Subject: CN=6897062c-6a4f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:87:30:d6:62:cb:00:61:e1:c1:00:dd:88:b2: 85:57:3c:68:32:45:61:66:87:12:28:5b:58:c5:b1: e8:ad:88:d5:1e:19:c3:36:7d:12:4f:d3:8c:2e:bb: b8:99:93:70:aa:4d:a6:37:9e:38:9f:61:d9:ce:96: 03:54:3c:ee:18:c6:d7:d3:ad:2f:26:4c:1a:bd:d8: 59:c4:6c:ac:ec:27:a7:b7:a5:4b:7e:43:b0:af:75: 9b:f0:a5:29:d9:4a:13:53:7d:8b:dc:53:cf:8d:7e: 43:bc:62:04:98:40:c7:ef:1f:fd:36:f7:15:ec:e0: c8:57:98:e0:3b:64:88:e7:09:5f:94:81:5a:e5:2e: fe:6b:e4:51:82:93:b3:8e:90:01:91:a5:85:d9:2d: 5c:18:26:5e:00:fb:0c:c9:15:1a:88:58:21:6c:8a: 11:03:12:73:b6:72:f5:63:3d:61:be:63:4a:2d:84: 74:11:16:93:6f:52:54:d1:61:e9:8c:a8:64:e0:59: c9:2b:e7:e9:69:20:3f:77:91:ed:bd:e4:b7:a4:d0: d7:de:45:51:6c:a9:89:bd:10:bc:91:e4:17:62:8b: 10:dc:46:35:6f:2c:f8:3f:65:7f:ec:de:4a:1a:c4: c4:6e:b2:0c:d2:b9:33:94:56:31:f0:47:24:1b:8e: 44:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:B8:EA:69:CF:73:8D:91:A1:6F:59:6A:2B:D5:CF:A6:3F:A2:52:5D X509v3 Authority Key Identifier: keyid:49:DD:D1:E4:C5:A9:FC:76:66:26:D2:FA:3B:66:37:DA:80:EA:2F:D2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916156D/7CD3DEAC4E8911F0A81C6716C4F9AE02/Sd3R5MWp_HZmJtL6O2Y32oDqL9I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Sd3R5MWp_HZmJtL6O2Y32oDqL9I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916156D/7CD3DEAC4E8911F0A81C6716C4F9AE02/Sd3R5MWp_HZmJtL6O2Y32oDqL9I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4c:32:ab:e0:ae:1c:fa:b6:27:15:b0:3d:52:34:40:58:74:f3: fa:37:88:2d:61:0d:8f:b6:c1:8b:1f:ba:8f:20:37:20:13:d7: 16:3b:a4:e2:0c:01:78:a7:57:46:63:80:41:45:74:1b:e1:35: 6f:42:33:00:84:a1:bc:e7:2b:b3:8b:99:41:ed:65:ec:a5:ab: 4a:ee:e1:59:de:73:d5:68:a8:58:61:e3:05:82:b7:46:fd:41: 3c:92:77:b0:b3:d2:45:75:0a:3d:29:2c:8c:b2:f0:b9:a6:a0: 35:97:d9:ae:5d:46:cf:58:20:60:d0:85:53:0e:15:44:a0:d4: f1:f9:85:b9:b9:1b:90:10:ad:f7:7c:c1:62:52:4d:cc:4d:5e: 31:3d:5a:fd:9a:a8:33:7d:72:06:9f:5c:85:6b:28:87:63:c6: 97:8d:ac:7d:27:65:a2:f1:9e:2f:51:18:09:03:a1:a6:ea:00: e4:ea:b3:14:ed:98:6f:10:e1:ee:30:84:f6:b4:7b:35:48:72: 62:2f:db:cc:40:b0:11:11:78:dd:13:73:51:dc:f6:9a:c5:17: e7:a1:97:68:fa:26:20:a9:a1:97:4d:35:14:c1:54:f5:9b:7f: fe:13:7d:fb:bb:75:33:51:bd:96:25:c3:6c:03:e1:6b:14:42: 2b:4f:8f:46 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBITANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 MTU2RDExMC8GA1UEBRMoNDlEREQxRTRDNUE5RkM3NjY2MjZEMkZBM0I2NjM3REE4 MEVBMkZEMjAeFw0yNTA4MDkwODI2MjBaFw0yNTA4MTYwODI2MjBaMBgxFjAUBgNV BAMTDTY4OTcwNjJjLTZhNGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDchzDWYssAYeHBAN2IsoVXPGgyRWFmhxIoW1jFseitiNUeGcM2fRJP04wuu7iZ k3CqTaY3njifYdnOlgNUPO4YxtfTrS8mTBq92FnEbKzsJ6e3pUt+Q7CvdZvwpSnZ ShNTfYvcU8+NfkO8YgSYQMfvH/029xXs4MhXmOA7ZIjnCV+UgVrlLv5r5FGCk7OO kAGRpYXZLVwYJl4A+wzJFRqIWCFsihEDEnO2cvVjPWG+Y0othHQRFpNvUlTRYemM qGTgWckr5+lpID93ke295Lek0NfeRVFsqYm9ELyR5BdiixDcRjVvLPg/ZX/s3koa xMRusgzSuTOUVjHwRyQbjkRHAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUo7jqac9z jZGhb1lqK9XPpj+iUl0wHwYDVR0jBBgwFoAUSd3R5MWp/HZmJtL6O2Y32oDqL9Iw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYxNTZELzdDRDNERUFDNEU4 OTExRjBBODFDNjcxNkM0RjlBRTAyL1NkM1I1TVdwX0habUp0TDZPMlkzMm9EcUw5 SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvU2QzUjVNV3BfSFptSnRMNk8yWTMyb0RxTDlJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYx NTZELzdDRDNERUFDNEU4OTExRjBBODFDNjcxNkM0RjlBRTAyL1NkM1I1TVdwX0ha bUp0TDZPMlkzMm9EcUw5SS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEwyq+CuHPq2JxWwPVI0QFh08/o3iC1hDY+2wYsfuo8gNyAT1xY7pOIM AXinV0ZjgEFFdBvhNW9CMwCEobznK7OLmUHtZeylq0ru4Vnec9VoqFhh4wWCt0b9 QTySd7Cz0kV1Cj0pLIyy8LmmoDWX2a5dRs9YIGDQhVMOFUSg1PH5hbm5G5AQrfd8 wWJSTcxNXjE9Wv2aqDN9cgafXIVrKIdjxpeNrH0nZaLxni9RGAkDoabqAOTqsxTt mG8Q4e4whPa0ezVIcmIv28xAsBEReN0Tc1Hc9prFF+ehl2j6JiCpoZdNNRTBVPWb f/4Tffu7dTNRvZYlw2wD4WsUQitPj0Y= -----END CERTIFICATE-----Generated at Sat Aug 9 15:19:20 2025 by rpki-client