$ rpki-client -vvf rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft File: 3q8cjeT-PFHGkVP8r5_owq1vjiY.mft (raw, json) Hash identifier: Q4NBvBMFAiBM0g0fc0nJ2hXcG9sLbnYD3nFKu73KGU0= Subject key identifier: EE:5A:80:4D:04:AB:C3:FF:20:32:F6:79:9B:8E:C5:4F:AF:26:84:D3 Authority key identifier: DE:AF:1C:8D:E4:FE:3C:51:C6:91:53:FC:AF:9F:E8:C2:AD:6F:8E:26 Certificate issuer: /CN=A917AC33/serialNumber=DEAF1C8DE4FE3C51C69153FCAF9FE8C2AD6F8E26 Certificate serial: 013D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3q8cjeT-PFHGkVP8r5_owq1vjiY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft Manifest number: 013A Signing time: Tue 05 Aug 2025 04:53:35 +0000 Manifest this update: Tue 05 Aug 2025 04:53:35 +0000 Manifest next update: Tue 12 Aug 2025 04:53:35 +0000 Files and hashes: 1: 3q8cjeT-PFHGkVP8r5_owq1vjiY.crl (hash: cPPQKYEp+CQvs+vRzwhX4U0dhWcQ/L/tda0CvE0ncN4=) 2: 1C2EA330925011EE9571EE40C4F9AE02.roa (hash: g1vuB/s+fKkz9lQDwgz7uwUHIIgwyYOpfROfbA+7Aro=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.crl rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3q8cjeT-PFHGkVP8r5_owq1vjiY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 12 Aug 2025 04:53:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 317 (0x13d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917AC33, serialNumber=DEAF1C8DE4FE3C51C69153FCAF9FE8C2AD6F8E26 Validity Not Before: Aug 5 04:53:35 2025 GMT Not After : Aug 12 04:53:35 2025 GMT Subject: CN=68918e4f-d5d3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:16:88:ef:00:a5:3d:1b:8a:b3:35:9b:bf:81: ce:85:3d:16:eb:22:23:97:e1:66:22:67:28:4d:1e: b4:cd:8a:e9:14:e2:8f:e2:60:ad:19:d7:0a:9d:39: cf:4a:5e:4b:ac:46:cb:7b:35:6f:9b:21:d9:4c:56: 4e:68:aa:93:da:b0:de:30:b9:bd:fc:6e:53:5d:9e: e9:24:27:92:56:85:ef:9c:3f:e2:fe:ee:1a:51:33: 9c:72:a2:42:0c:31:07:5c:0a:c8:5a:bc:e2:8a:ea: ae:cb:9b:da:b9:0a:a7:2a:be:8d:49:f0:2b:72:7d: 7c:2d:6d:a4:99:fa:80:28:4f:b1:da:0d:3f:52:9a: 6d:30:30:60:6b:8e:46:79:e9:4e:eb:d8:3d:3b:ad: 38:1e:22:42:0a:d1:4d:fb:29:8a:4a:b3:4c:27:0e: 70:1e:08:9e:97:f9:57:dd:42:c1:e9:6e:ae:2a:75: 47:7c:9f:8a:12:c9:b0:13:38:24:e1:91:ce:39:dc: 71:0f:6d:fd:cc:3c:28:28:c2:00:00:41:e1:9a:d1: ce:a7:34:2b:ea:e3:35:e2:13:2a:61:b4:1c:c8:7d: cc:15:c3:73:80:57:56:88:52:6a:5d:47:3c:de:57: 3a:4d:ab:d2:48:a5:63:d3:ed:27:ee:63:1b:61:96: 17:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:5A:80:4D:04:AB:C3:FF:20:32:F6:79:9B:8E:C5:4F:AF:26:84:D3 X509v3 Authority Key Identifier: keyid:DE:AF:1C:8D:E4:FE:3C:51:C6:91:53:FC:AF:9F:E8:C2:AD:6F:8E:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3q8cjeT-PFHGkVP8r5_owq1vjiY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ae:c3:bb:0f:97:2e:cb:a8:44:88:22:f0:da:f7:a3:ef:58:4e: 5e:3c:6a:63:53:71:34:93:03:ca:26:88:1b:dc:62:62:9d:55: 2c:07:55:29:2f:ec:2b:12:06:17:6d:10:97:b5:07:76:2d:62: 31:5f:e9:c2:f8:13:1f:3a:7d:9c:1a:4c:ec:3c:9c:95:07:58: e7:98:a8:a6:d6:9c:65:b8:09:13:4a:30:b9:65:1d:bd:70:3c: 19:52:40:43:7c:10:8e:2e:ae:0d:73:1a:40:95:cb:20:04:98: 17:0c:17:aa:fa:95:da:26:41:59:ab:1e:62:14:03:f1:ef:40: 70:45:e1:a7:76:43:c0:54:cc:01:7d:21:46:ce:d8:2b:95:ed: 8e:7e:d6:87:f3:20:75:09:8c:5c:c1:09:02:82:c1:af:2e:fe: 1f:cc:81:a7:2b:1c:b4:a4:6a:10:0d:f8:7f:ea:9d:1c:13:d6: d8:75:27:43:6f:8b:08:0d:e1:0f:58:4e:ae:19:d4:f6:df:d1: 25:39:b6:0e:9f:39:0b:f2:6f:f5:3d:7c:d9:9b:8f:f4:0f:28: bc:48:14:bd:e0:ff:45:b8:97:e6:4c:39:56:4a:b3:b6:44:4f: 3a:e5:a1:e6:d3:c9:bf:e7:c8:ba:d9:d0:7a:31:97:a4:a4:13: 83:b6:ce:75 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAT0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0FDMzMxMTAvBgNVBAUTKERFQUYxQzhERTRGRTNDNTFDNjkxNTNGQ0FGOUZFOEMy QUQ2RjhFMjYwHhcNMjUwODA1MDQ1MzM1WhcNMjUwODEyMDQ1MzM1WjAYMRYwFAYD VQQDEw02ODkxOGU0Zi1kNWQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2haI7wClPRuKszWbv4HOhT0W6yIjl+FmImcoTR60zYrpFOKP4mCtGdcKnTnP Sl5LrEbLezVvmyHZTFZOaKqT2rDeMLm9/G5TXZ7pJCeSVoXvnD/i/u4aUTOccqJC DDEHXArIWrziiuquy5vauQqnKr6NSfArcn18LW2kmfqAKE+x2g0/UpptMDBga45G eelO69g9O604HiJCCtFN+ymKSrNMJw5wHgiel/lX3ULB6W6uKnVHfJ+KEsmwEzgk 4ZHOOdxxD239zDwoKMIAAEHhmtHOpzQr6uM14hMqYbQcyH3MFcNzgFdWiFJqXUc8 3lc6TavSSKVj0+0n7mMbYZYX7wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFO5agE0E q8P/IDL2eZuOxU+vJoTTMB8GA1UdIwQYMBaAFN6vHI3k/jxRxpFT/K+f6MKtb44m MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QUMzMy9CMEJGQUMzNDky NEYxMUVFQThDMjI0NDBDNEY5QUUwMi8zcThjamVULVBGSEdrVlA4cjVfb3dxMXZq aVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNxOGNqZVQtUEZIR2tWUDhyNV9vd3ExdmppWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QUMzMy9CMEJGQUMzNDkyNEYxMUVFQThDMjI0NDBDNEY5QUUwMi8zcThjamVULVBG SEdrVlA4cjVfb3dxMXZqaVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCuw7sPly7LqESIIvDa96PvWE5ePGpjU3E0kwPKJogb3GJinVUsB1Up L+wrEgYXbRCXtQd2LWIxX+nC+BMfOn2cGkzsPJyVB1jnmKim1pxluAkTSjC5ZR29 cDwZUkBDfBCOLq4NcxpAlcsgBJgXDBeq+pXaJkFZqx5iFAPx70BwReGndkPAVMwB fSFGztgrle2OftaH8yB1CYxcwQkCgsGvLv4fzIGnKxy0pGoQDfh/6p0cE9bYdSdD b4sIDeEPWE6uGdT239ElObYOnzkL8m/1PXzZm4/0Dyi8SBS94P9FuJfmTDlWSrO2 RE865aHm08m/58i62dB6MZekpBODts51 -----END CERTIFICATE-----Generated at Thu Aug 7 02:10:36 2025 by rpki-client