$ rpki-client -vvf rpki.apnic.net/member_repository/A917A67E/67B4CB841BD311EE965FEF38C4F9AE02/S3IqOmeTvzLJvPUuTncuCm86Yxk.mft File: S3IqOmeTvzLJvPUuTncuCm86Yxk.mft (raw, json) Hash identifier: fgHqYf/kFH6adquREwaUUyhYWB/OOSvKtgZZ6cv6h0I= Subject key identifier: 61:34:2F:1F:F0:F8:7A:0C:0D:67:DF:65:63:F2:1B:5E:17:F3:2D:C6 Authority key identifier: 4B:72:2A:3A:67:93:BF:32:C9:BC:F5:2E:4E:77:2E:0A:6F:3A:63:19 Certificate issuer: /CN=A917A67E/serialNumber=4B722A3A6793BF32C9BCF52E4E772E0A6F3A6319 Certificate serial: 0191 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S3IqOmeTvzLJvPUuTncuCm86Yxk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917A67E/67B4CB841BD311EE965FEF38C4F9AE02/S3IqOmeTvzLJvPUuTncuCm86Yxk.mft Manifest number: 018D Signing time: Sat 09 Aug 2025 03:54:30 +0000 Manifest this update: Sat 09 Aug 2025 03:54:30 +0000 Manifest next update: Sat 16 Aug 2025 03:54:30 +0000 Files and hashes: 1: S3IqOmeTvzLJvPUuTncuCm86Yxk.crl (hash: Q1gcaYmg3NXlaCXHgmtt3YyEumg/5zz3oldx+kkHQ1E=) 2: E3901F981BD711EEB9597921C4F9AE02.roa (hash: sLVF2uLBYBc6LDSXH2VUz3ksriL+t2pMsQjafYLst9Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917A67E/67B4CB841BD311EE965FEF38C4F9AE02/S3IqOmeTvzLJvPUuTncuCm86Yxk.crl rsync://rpki.apnic.net/member_repository/A917A67E/67B4CB841BD311EE965FEF38C4F9AE02/S3IqOmeTvzLJvPUuTncuCm86Yxk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S3IqOmeTvzLJvPUuTncuCm86Yxk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 401 (0x191) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917A67E, serialNumber=4B722A3A6793BF32C9BCF52E4E772E0A6F3A6319 Validity Not Before: Aug 9 03:54:30 2025 GMT Not After : Aug 16 03:54:30 2025 GMT Subject: CN=6896c676-a70d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:54:78:93:22:73:57:26:0c:0d:fc:ee:19:c2: ad:0b:09:21:be:18:d8:bf:cc:8d:a6:a3:3a:7e:0c: 7a:91:d7:25:b3:82:1c:7b:85:7c:d0:31:cf:1f:b8: 4b:6b:49:c7:17:15:c6:c2:68:6b:ec:5e:08:eb:7c: f5:26:2f:9a:8c:8d:6c:bc:f9:2c:d9:d1:38:03:7f: f1:fe:e6:60:28:d1:15:45:04:6d:44:c9:61:ee:81: e3:70:f4:44:1f:e7:3f:ac:ff:ab:e1:33:54:c7:49: e2:9d:d3:28:48:98:ba:ec:ac:cd:bc:4d:ab:ec:09: 53:f7:c9:d6:16:bc:1d:66:09:c9:a5:e8:16:d8:ca: 0c:45:1d:f7:4f:56:f2:06:22:e9:0f:af:4b:ed:7d: 67:fd:bc:b0:8c:ae:87:f6:ef:ef:be:ee:42:9c:95: 45:d0:44:b6:47:5c:e2:a8:b1:dd:9b:2a:7e:c4:20: c8:95:a2:8d:0d:d8:9c:c2:6e:3c:af:71:e2:2b:d6: b9:07:95:10:e2:f6:6d:46:56:26:56:44:77:b4:b2: 0d:10:f7:00:40:63:9e:3c:9d:ef:43:e6:87:79:54: a5:61:ef:3f:7f:74:58:78:13:51:65:e5:a8:f6:d1: dc:84:0c:7a:fb:16:a5:6b:58:55:88:e7:d3:31:53: b2:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:34:2F:1F:F0:F8:7A:0C:0D:67:DF:65:63:F2:1B:5E:17:F3:2D:C6 X509v3 Authority Key Identifier: keyid:4B:72:2A:3A:67:93:BF:32:C9:BC:F5:2E:4E:77:2E:0A:6F:3A:63:19 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917A67E/67B4CB841BD311EE965FEF38C4F9AE02/S3IqOmeTvzLJvPUuTncuCm86Yxk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S3IqOmeTvzLJvPUuTncuCm86Yxk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A67E/67B4CB841BD311EE965FEF38C4F9AE02/S3IqOmeTvzLJvPUuTncuCm86Yxk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2d:b6:5a:23:b4:71:60:2a:c8:59:9f:8a:a8:c9:d2:8c:a1:ff: 3e:90:b9:52:54:18:a5:fa:04:9c:fb:7f:8e:85:0a:62:37:9e: 78:6e:01:5f:a0:d8:c7:b9:72:43:8e:9b:c1:f0:aa:d2:ed:d8: ec:dc:d6:77:db:14:ac:78:9b:46:31:8e:3b:70:7e:bb:67:37: b6:bc:5e:b7:25:d9:a9:00:36:69:f5:b4:44:05:09:52:a7:90: ed:b7:e0:b5:6d:de:e1:31:00:79:3c:cc:45:03:e5:04:c7:f8: 7a:01:71:71:03:96:94:30:7d:10:60:10:9b:ba:f7:ac:05:77: f8:95:71:5c:68:3b:ea:9e:14:73:ea:f0:01:56:aa:ae:9a:f9: 75:0b:af:56:df:b8:23:a7:66:22:24:96:b7:f1:f5:d5:3f:b3: 64:86:6d:8d:3f:7d:d5:8a:6f:4d:d3:84:ea:3c:20:e7:7f:51: 86:13:54:f1:1b:86:cf:bc:b3:3a:93:16:58:1f:3f:3a:95:18: e3:0e:d7:29:0d:ed:5e:32:63:3a:c6:f6:67:42:9d:cd:09:e1: c2:24:d2:95:16:02:73:9b:42:b7:9d:8f:9d:0b:4b:f8:e1:31: 83:9e:17:f1:21:83:a3:88:a6:99:4b:65:6f:7c:26:f3:b5:94: a7:e3:d1:53 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAZEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0E2N0UxMTAvBgNVBAUTKDRCNzIyQTNBNjc5M0JGMzJDOUJDRjUyRTRFNzcyRTBB NkYzQTYzMTkwHhcNMjUwODA5MDM1NDMwWhcNMjUwODE2MDM1NDMwWjAYMRYwFAYD VQQDEw02ODk2YzY3Ni1hNzBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtlR4kyJzVyYMDfzuGcKtCwkhvhjYv8yNpqM6fgx6kdcls4Ice4V80DHPH7hL a0nHFxXGwmhr7F4I63z1Ji+ajI1svPks2dE4A3/x/uZgKNEVRQRtRMlh7oHjcPRE H+c/rP+r4TNUx0nindMoSJi67KzNvE2r7AlT98nWFrwdZgnJpegW2MoMRR33T1by BiLpD69L7X1n/bywjK6H9u/vvu5CnJVF0ES2R1ziqLHdmyp+xCDIlaKNDdicwm48 r3HiK9a5B5UQ4vZtRlYmVkR3tLINEPcAQGOePJ3vQ+aHeVSlYe8/f3RYeBNRZeWo 9tHchAx6+xala1hViOfTMVOy4wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGE0Lx/w +HoMDWffZWPyG14X8y3GMB8GA1UdIwQYMBaAFEtyKjpnk78yybz1Lk53LgpvOmMZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTY3RS82N0I0Q0I4NDFC RDMxMUVFOTY1RkVGMzhDNEY5QUUwMi9TM0lxT21lVHZ6TEp2UFV1VG5jdUNtODZZ eGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1MzSXFPbWVUdnpMSnZQVXVUbmN1Q204Nll4ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QTY3RS82N0I0Q0I4NDFCRDMxMUVFOTY1RkVGMzhDNEY5QUUwMi9TM0lxT21lVHZ6 TEp2UFV1VG5jdUNtODZZeGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAttlojtHFgKshZn4qoydKMof8+kLlSVBil+gSc+3+OhQpiN554bgFf oNjHuXJDjpvB8KrS7djs3NZ32xSseJtGMY47cH67Zze2vF63JdmpADZp9bREBQlS p5Dtt+C1bd7hMQB5PMxFA+UEx/h6AXFxA5aUMH0QYBCbuvesBXf4lXFcaDvqnhRz 6vABVqqumvl1C69W37gjp2YiJJa38fXVP7Nkhm2NP33Vim9N04TqPCDnf1GGE1Tx G4bPvLM6kxZYHz86lRjjDtcpDe1eMmM6xvZnQp3NCeHCJNKVFgJzm0K3nY+dC0v4 4TGDnhfxIYOjiKaZS2VvfCbztZSn49FT -----END CERTIFICATE-----Generated at Sat Aug 9 23:28:10 2025 by rpki-client