$ rpki-client -vvf rpki.apnic.net/member_repository/A91717D1/9A9B48A282A311E99E582384C4F9AE02/3Bh_yEFs5bNHuvIho2E6O0eCjog.mft File: 3Bh_yEFs5bNHuvIho2E6O0eCjog.mft (raw, json) Hash identifier: 8XWnPytBIoePZKxiAgEU80n56dclLKLRgvJ1BQ6gTXs= Subject key identifier: 37:6A:25:70:7F:9E:69:75:11:B0:27:2A:F3:34:72:77:BE:14:CB:A8 Authority key identifier: DC:18:7F:C8:41:6C:E5:B3:47:BA:F2:21:A3:61:3A:3B:47:82:8E:88 Certificate issuer: /CN=A91717D1/serialNumber=DC187FC8416CE5B347BAF221A3613A3B47828E88 Certificate serial: 0F0D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Bh_yEFs5bNHuvIho2E6O0eCjog.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91717D1/9A9B48A282A311E99E582384C4F9AE02/3Bh_yEFs5bNHuvIho2E6O0eCjog.mft Manifest number: 0EFF Signing time: Sun 10 Aug 2025 17:38:38 +0000 Manifest this update: Sun 10 Aug 2025 17:38:38 +0000 Manifest next update: Sun 17 Aug 2025 17:38:38 +0000 Files and hashes: 1: 3Bh_yEFs5bNHuvIho2E6O0eCjog.crl (hash: 0Pe1ILlxMTNoD3zF6Gid5kt94VYg7AM/9Etgk/FmQ8M=) 2: 085B4576C35711EC9F5ADC3DC4F9AE02.roa (hash: LJ768Cu3JxipfpTsVr1alEqz1iSEePAZhcCKQ/8p8EU=) 3: 0963FDF0C35711EC9F5ADC3DC4F9AE02.roa (hash: 6UUZGVX+yz33BPFW9zj9LAK08O51N58DNxWBC06Z/8c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91717D1/9A9B48A282A311E99E582384C4F9AE02/3Bh_yEFs5bNHuvIho2E6O0eCjog.crl rsync://rpki.apnic.net/member_repository/A91717D1/9A9B48A282A311E99E582384C4F9AE02/3Bh_yEFs5bNHuvIho2E6O0eCjog.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Bh_yEFs5bNHuvIho2E6O0eCjog.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3853 (0xf0d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91717D1, serialNumber=DC187FC8416CE5B347BAF221A3613A3B47828E88 Validity Not Before: Aug 10 17:38:38 2025 GMT Not After : Aug 17 17:38:38 2025 GMT Subject: CN=6898d91e-189d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:f4:e4:ee:16:b7:8c:41:97:e1:23:0e:28:a1: e9:c4:e7:fb:47:fc:8a:de:cb:79:31:8f:b4:b5:37: 16:b7:b4:96:6f:72:db:f9:a4:90:11:57:f5:55:e2: 75:8e:6a:cf:a0:b4:8f:00:5d:80:1b:b9:64:c2:3e: 66:a8:db:ae:a0:a3:ee:6b:73:cc:4b:b1:e1:92:1c: 96:52:ef:7e:b0:a6:20:d4:98:99:4b:25:70:78:98: 2b:d7:03:64:e7:55:ad:33:cd:4c:91:0b:fd:5c:a1: 6c:c9:9c:71:1f:fe:18:64:69:12:f3:8d:45:e0:59: 53:f8:f4:95:d8:f5:e5:9b:1c:df:89:cc:d2:d6:9c: 6b:19:54:c6:3d:b4:0f:12:54:a9:be:00:36:0f:89: b6:19:5a:fc:22:37:f0:6b:70:7e:3b:05:8f:a0:54: fb:1e:b6:5f:09:4d:1e:df:ee:9c:c5:e7:67:5c:e2: 5b:79:75:01:f2:74:83:a8:df:95:e0:f9:f7:0a:77: 51:0b:94:45:ca:27:ff:20:eb:ff:01:4b:6f:dd:36: 86:bb:9e:92:49:ec:18:6b:8b:d7:99:10:19:33:4c: 5f:4d:54:f7:99:6f:1e:1b:f6:4b:92:8f:af:c3:e2: 24:20:09:0d:5f:16:97:a5:bf:13:54:45:7e:d8:ec: da:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:6A:25:70:7F:9E:69:75:11:B0:27:2A:F3:34:72:77:BE:14:CB:A8 X509v3 Authority Key Identifier: keyid:DC:18:7F:C8:41:6C:E5:B3:47:BA:F2:21:A3:61:3A:3B:47:82:8E:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91717D1/9A9B48A282A311E99E582384C4F9AE02/3Bh_yEFs5bNHuvIho2E6O0eCjog.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Bh_yEFs5bNHuvIho2E6O0eCjog.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91717D1/9A9B48A282A311E99E582384C4F9AE02/3Bh_yEFs5bNHuvIho2E6O0eCjog.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3a:40:7d:3a:a9:75:12:fb:6d:98:5e:2b:0c:d1:ba:ad:c6:f2: 27:4d:58:42:68:cd:33:20:d1:73:05:57:b1:5f:89:a0:f3:8c: be:47:2e:bf:be:48:7d:fd:2e:46:c9:64:84:ac:cc:a2:88:cf: ed:28:7a:43:e1:46:0f:94:9e:90:0c:72:b4:4e:1e:83:72:e1: 25:49:8d:d0:52:f8:25:2c:13:3f:b4:5e:b8:50:a7:df:d4:e8: 40:81:18:e7:74:8f:fc:8b:58:7e:ec:7b:42:51:56:01:14:0c: 28:d4:ba:96:5c:ab:c5:e7:3a:2c:77:b4:22:2c:75:53:a9:dc: 61:b1:03:28:ee:ab:77:2b:71:4b:d5:1f:37:3e:2c:0f:ed:5a: ff:9d:ef:b2:37:f2:87:e7:04:e8:6a:b2:f0:30:14:33:39:97: cf:f0:ee:ff:c1:26:47:2d:0c:2a:1b:e8:e8:ca:e0:96:45:88: 21:8d:67:e9:d1:3a:34:b8:04:86:e7:46:fa:0e:97:22:bc:3b: 2f:30:38:b5:0b:d9:08:b1:53:68:15:6d:ea:9b:f3:da:cd:b0: 4c:6c:58:b9:01:5e:c5:d1:e6:b6:e2:72:9a:d8:7e:c8:5a:67: b8:06:00:ac:2b:09:64:81:0b:38:c3:d0:47:88:fe:28:71:61: 8b:33:a3:1b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDw0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzE3RDExMTAvBgNVBAUTKERDMTg3RkM4NDE2Q0U1QjM0N0JBRjIyMUEzNjEzQTNC NDc4MjhFODgwHhcNMjUwODEwMTczODM4WhcNMjUwODE3MTczODM4WjAYMRYwFAYD VQQDEw02ODk4ZDkxZS0xODlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuPTk7ha3jEGX4SMOKKHpxOf7R/yK3st5MY+0tTcWt7SWb3Lb+aSQEVf1VeJ1 jmrPoLSPAF2AG7lkwj5mqNuuoKPua3PMS7HhkhyWUu9+sKYg1JiZSyVweJgr1wNk 51WtM81MkQv9XKFsyZxxH/4YZGkS841F4FlT+PSV2PXlmxzficzS1pxrGVTGPbQP ElSpvgA2D4m2GVr8Ijfwa3B+OwWPoFT7HrZfCU0e3+6cxednXOJbeXUB8nSDqN+V 4Pn3CndRC5RFyif/IOv/AUtv3TaGu56SSewYa4vXmRAZM0xfTVT3mW8eG/ZLko+v w+IkIAkNXxaXpb8TVEV+2OzadwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDdqJXB/ nml1EbAnKvM0cne+FMuoMB8GA1UdIwQYMBaAFNwYf8hBbOWzR7ryIaNhOjtHgo6I MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MTdEMS85QTlCNDhBMjgy QTMxMUU5OUU1ODIzODRDNEY5QUUwMi8zQmhfeUVGczViTkh1dklobzJFNk8wZUNq b2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNCaF95RUZzNWJOSHV2SWhvMkU2TzBlQ2pvZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MTdEMS85QTlCNDhBMjgyQTMxMUU5OUU1ODIzODRDNEY5QUUwMi8zQmhfeUVGczVi Tkh1dklobzJFNk8wZUNqb2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA6QH06qXUS+22YXisM0bqtxvInTVhCaM0zINFzBVexX4mg84y+Ry6/ vkh9/S5GyWSErMyiiM/tKHpD4UYPlJ6QDHK0Th6DcuElSY3QUvglLBM/tF64UKff 1OhAgRjndI/8i1h+7HtCUVYBFAwo1LqWXKvF5zosd7QiLHVTqdxhsQMo7qt3K3FL 1R83PiwP7Vr/ne+yN/KH5wToarLwMBQzOZfP8O7/wSZHLQwqG+joyuCWRYghjWfp 0To0uASG50b6DpcivDsvMDi1C9kIsVNoFW3qm/PazbBMbFi5AV7F0ea24nKa2H7I Wme4BgCsKwlkgQs4w9BHiP4ocWGLM6Mb -----END CERTIFICATE-----Generated at Mon Aug 11 09:29:06 2025 by rpki-client