$ rpki-client -vvf rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft File: 3q8cjeT-PFHGkVP8r5_owq1vjiY.mft (raw, json) Hash identifier: 4U0jQPd6WmDHqY2QZdDMD2cjHTiYQqE9xCXOmJvqOE8= Subject key identifier: 9E:D5:24:75:23:EE:65:7B:CF:4D:76:F3:A2:3C:A7:E0:B7:07:D6:2B Authority key identifier: DE:AF:1C:8D:E4:FE:3C:51:C6:91:53:FC:AF:9F:E8:C2:AD:6F:8E:26 Certificate issuer: /CN=A917AC33/serialNumber=DEAF1C8DE4FE3C51C69153FCAF9FE8C2AD6F8E26 Certificate serial: 0123 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3q8cjeT-PFHGkVP8r5_owq1vjiY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft Manifest number: 0120 Signing time: Sun 15 Jun 2025 03:55:11 +0000 Manifest this update: Sun 15 Jun 2025 03:55:10 +0000 Manifest next update: Sun 22 Jun 2025 03:55:10 +0000 Files and hashes: 1: 3q8cjeT-PFHGkVP8r5_owq1vjiY.crl (hash: LCaYrAXs0+ecp/wbM51nT+vdFnrMTvvbVKER7lyZ5yI=) 2: 1C2EA330925011EE9571EE40C4F9AE02.roa (hash: g1vuB/s+fKkz9lQDwgz7uwUHIIgwyYOpfROfbA+7Aro=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.crl rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3q8cjeT-PFHGkVP8r5_owq1vjiY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Jun 2025 03:55:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 291 (0x123) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917AC33, serialNumber=DEAF1C8DE4FE3C51C69153FCAF9FE8C2AD6F8E26 Validity Not Before: Jun 15 03:55:10 2025 GMT Not After : Jun 22 03:55:10 2025 GMT Subject: CN=684e441f-053a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:94:66:ba:ad:84:be:03:b8:7b:9d:af:a5:fa: cb:13:24:d3:13:e9:a2:29:cc:0e:27:32:0c:7b:ac: bd:e1:f0:1b:3d:ae:60:eb:6f:b9:17:47:74:c4:d2: a9:d3:08:da:bb:29:31:89:1b:20:24:9e:bd:8a:5f: 28:9e:31:d6:e7:47:1f:25:63:d2:b9:9a:1e:58:31: 30:f2:77:11:d2:8f:80:59:4b:22:f7:da:68:7c:7e: 39:05:e2:be:32:c7:c9:5d:20:e2:ce:91:e2:b0:39: 9c:cb:3e:83:a3:6b:69:dc:e6:49:27:de:36:da:14: d0:55:68:50:6e:57:82:c2:d5:fd:6f:74:88:9d:45: 1e:f7:39:b3:d1:1f:9d:46:53:7d:d5:09:7b:29:64: 35:70:4c:d7:82:2a:9d:56:fc:df:81:df:fd:06:91: 86:74:ef:16:bb:17:66:45:ca:c1:b9:8b:2f:b0:4b: e6:08:ae:2f:2f:18:1d:ec:3c:39:29:d2:75:e4:68: 62:3e:17:5e:55:2c:99:c0:c5:f8:18:fb:23:49:d7: e1:34:7e:31:fb:b5:49:7e:0c:dc:5b:a6:35:eb:f9: c2:02:41:83:54:04:d6:28:a1:16:74:66:3d:ef:17: 44:b1:2c:10:54:17:7b:20:41:38:47:0e:97:4b:8d: 27:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:D5:24:75:23:EE:65:7B:CF:4D:76:F3:A2:3C:A7:E0:B7:07:D6:2B X509v3 Authority Key Identifier: keyid:DE:AF:1C:8D:E4:FE:3C:51:C6:91:53:FC:AF:9F:E8:C2:AD:6F:8E:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3q8cjeT-PFHGkVP8r5_owq1vjiY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 92:a4:8f:e6:d5:73:11:41:27:c2:bd:da:e9:37:b5:7f:bb:82: d4:8c:5d:31:40:1e:a6:f1:48:74:aa:4a:60:75:c6:41:41:29: f4:2e:52:61:cf:81:f0:ad:94:64:c7:eb:e7:55:95:51:32:97: ee:66:f6:95:74:9a:9e:33:92:94:d4:cf:d8:e7:f8:1a:da:42: c7:3d:35:32:99:11:3e:ca:c2:ac:d4:14:c6:06:75:27:a8:08: b3:cf:94:87:7a:88:87:eb:d4:80:fb:1c:1d:66:49:8b:39:74: 85:fe:15:cf:62:7f:b9:ea:2f:d1:37:86:70:e1:92:7d:62:6f: 65:f6:d4:72:b2:c4:ef:40:2c:2a:c0:b1:6a:bb:52:55:60:cd: fc:66:bc:ce:4d:3a:32:2d:08:83:8e:6a:ee:ea:38:b0:e6:e6: 73:e5:a7:06:df:a6:e1:eb:10:14:71:65:55:11:b0:fd:1f:ae: df:ce:ab:6f:11:ae:98:51:20:38:76:23:d8:65:64:d4:6a:21: 42:bf:87:44:6c:4c:f3:5b:e8:f1:a6:31:31:e9:7d:94:99:72: a4:5b:29:d7:5e:6e:7a:f3:4d:95:03:fa:21:0e:52:e9:f4:77: 00:4b:a8:d9:7a:f1:7c:bf:a7:a4:a8:0a:c7:85:73:3e:d4:39: 71:00:0b:be -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0FDMzMxMTAvBgNVBAUTKERFQUYxQzhERTRGRTNDNTFDNjkxNTNGQ0FGOUZFOEMy QUQ2RjhFMjYwHhcNMjUwNjE1MDM1NTEwWhcNMjUwNjIyMDM1NTEwWjAYMRYwFAYD VQQDEw02ODRlNDQxZi0wNTNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwJRmuq2EvgO4e52vpfrLEyTTE+miKcwOJzIMe6y94fAbPa5g62+5F0d0xNKp 0wjauykxiRsgJJ69il8onjHW50cfJWPSuZoeWDEw8ncR0o+AWUsi99pofH45BeK+ MsfJXSDizpHisDmcyz6Do2tp3OZJJ9422hTQVWhQbleCwtX9b3SInUUe9zmz0R+d RlN91Ql7KWQ1cEzXgiqdVvzfgd/9BpGGdO8WuxdmRcrBuYsvsEvmCK4vLxgd7Dw5 KdJ15GhiPhdeVSyZwMX4GPsjSdfhNH4x+7VJfgzcW6Y16/nCAkGDVATWKKEWdGY9 7xdEsSwQVBd7IEE4Rw6XS40n9QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ7VJHUj 7mV7z01286I8p+C3B9YrMB8GA1UdIwQYMBaAFN6vHI3k/jxRxpFT/K+f6MKtb44m MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QUMzMy9CMEJGQUMzNDky NEYxMUVFQThDMjI0NDBDNEY5QUUwMi8zcThjamVULVBGSEdrVlA4cjVfb3dxMXZq aVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNxOGNqZVQtUEZIR2tWUDhyNV9vd3ExdmppWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QUMzMy9CMEJGQUMzNDkyNEYxMUVFQThDMjI0NDBDNEY5QUUwMi8zcThjamVULVBG SEdrVlA4cjVfb3dxMXZqaVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCSpI/m1XMRQSfCvdrpN7V/u4LUjF0xQB6m8Uh0qkpgdcZBQSn0LlJh z4HwrZRkx+vnVZVRMpfuZvaVdJqeM5KU1M/Y5/ga2kLHPTUymRE+ysKs1BTGBnUn qAizz5SHeoiH69SA+xwdZkmLOXSF/hXPYn+56i/RN4Zw4ZJ9Ym9l9tRyssTvQCwq wLFqu1JVYM38ZrzOTToyLQiDjmru6jiw5uZz5acG36bh6xAUcWVVEbD9H67fzqtv Ea6YUSA4diPYZWTUaiFCv4dEbEzzW+jxpjEx6X2UmXKkWynXXm56802VA/ohDlLp 9HcAS6jZevF8v6ekqArHhXM+1DlxAAu+ -----END CERTIFICATE-----Generated at Mon Jun 16 14:40:57 2025 by rpki-client