$ rpki-client -vvf rpki.apnic.net/member_repository/A917AFE7/F8B65374291211EC8631B854C4F9AE02/3MB6nY_-N43drzzQ5Bqe9v3TFI8.mft File: 3MB6nY_-N43drzzQ5Bqe9v3TFI8.mft (raw, json) Hash identifier: G/JpW8S7Fb59MKUL7qGr94HC2qXp6jk1a0/JKc6MbXI= Subject key identifier: F7:18:4E:7B:96:A2:62:B2:89:DF:D0:84:00:6A:35:1F:8F:90:6A:30 Authority key identifier: DC:C0:7A:9D:8F:FE:37:8D:DD:AF:3C:D0:E4:1A:9E:F6:FD:D3:14:8F Certificate issuer: /CN=A917AFE7/serialNumber=DCC07A9D8FFE378DDDAF3CD0E41A9EF6FDD3148F Certificate serial: 0517 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3MB6nY_-N43drzzQ5Bqe9v3TFI8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917AFE7/F8B65374291211EC8631B854C4F9AE02/3MB6nY_-N43drzzQ5Bqe9v3TFI8.mft Manifest number: 0511 Signing time: Sun 02 Nov 2025 23:34:41 +0000 Manifest this update: Sun 02 Nov 2025 23:34:40 +0000 Manifest next update: Sun 09 Nov 2025 23:34:40 +0000 Files and hashes: 1: 3MB6nY_-N43drzzQ5Bqe9v3TFI8.crl (hash: rsNjorv+b4REyNVcWJl27tDH1eEJWD7Qno3vuY+Jkvg=) 2: D3D1604C2B6711EC8CD1C61FC4F9AE02.roa (hash: K+U5H/gEB39S0MtkniCqyAbmgU8k6WO9RKiUyR91DCc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917AFE7/F8B65374291211EC8631B854C4F9AE02/3MB6nY_-N43drzzQ5Bqe9v3TFI8.crl rsync://rpki.apnic.net/member_repository/A917AFE7/F8B65374291211EC8631B854C4F9AE02/3MB6nY_-N43drzzQ5Bqe9v3TFI8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3MB6nY_-N43drzzQ5Bqe9v3TFI8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 23:34:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1303 (0x517) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917AFE7, serialNumber=DCC07A9D8FFE378DDDAF3CD0E41A9EF6FDD3148F Validity Not Before: Nov 2 23:34:40 2025 GMT Not After : Nov 9 23:34:40 2025 GMT Subject: CN=6907ea91-6f3f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:ba:b4:a3:e1:89:0d:2a:da:6c:b0:3e:6a:83: a8:b2:ef:1b:ef:49:a9:34:d1:6e:f2:18:1f:ce:49: d2:33:eb:64:58:e3:bc:10:e4:a7:38:47:05:de:2c: fd:e9:d2:29:39:4d:aa:10:d0:39:3d:9a:ea:fc:34: 14:0d:dd:7e:ff:6f:7e:00:8f:2b:40:57:64:07:26: 79:f9:a4:ba:25:a6:63:b8:18:78:e0:57:b3:c7:c6: 1f:c5:39:58:1d:d1:cf:36:f3:04:b5:c9:f7:ee:e2: 10:34:f0:a8:45:f4:61:f1:a2:4f:dc:9e:dd:95:e7: 42:e6:69:7c:3b:6b:00:15:dc:0d:43:2e:76:90:2d: bf:42:43:bc:cc:09:af:69:48:9f:1f:76:b8:f6:e5: b8:da:3e:e9:b4:4a:c5:08:51:92:4e:71:f9:d6:0d: 29:cb:47:70:0b:1a:59:dd:36:f4:43:65:92:be:e1: 47:ea:c3:0b:ca:a0:3a:94:17:b4:86:0e:bb:5a:1f: dc:82:4a:37:ac:70:c8:e6:10:e4:6d:2e:d3:e9:af: 68:9b:24:72:a8:aa:8e:93:b6:56:db:4a:24:4a:96: e8:ae:b3:6f:23:2d:aa:f0:92:dc:46:7f:fe:c4:49: ae:6f:90:a8:69:b2:09:29:56:c0:a2:9d:5a:ba:6d: 25:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:18:4E:7B:96:A2:62:B2:89:DF:D0:84:00:6A:35:1F:8F:90:6A:30 X509v3 Authority Key Identifier: keyid:DC:C0:7A:9D:8F:FE:37:8D:DD:AF:3C:D0:E4:1A:9E:F6:FD:D3:14:8F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917AFE7/F8B65374291211EC8631B854C4F9AE02/3MB6nY_-N43drzzQ5Bqe9v3TFI8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3MB6nY_-N43drzzQ5Bqe9v3TFI8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917AFE7/F8B65374291211EC8631B854C4F9AE02/3MB6nY_-N43drzzQ5Bqe9v3TFI8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0f:4a:e4:53:72:09:c2:05:f5:8a:31:f5:4f:7a:4b:7a:80:28: 7d:03:1c:8d:5a:25:da:af:e0:b5:66:42:2b:84:79:a4:9b:a4: 7c:37:fb:24:37:13:a9:04:16:99:0b:b7:d2:25:e1:3f:05:91: c9:d0:24:17:c7:88:66:c8:29:9a:97:38:a3:6d:38:44:5a:c6: 10:89:bc:8e:3e:11:7a:a9:7a:fd:93:4b:d6:3b:41:38:5e:db: 54:b4:5f:56:11:b9:59:7d:5a:91:15:5c:2c:d2:85:54:13:44: 93:fb:62:8f:be:1c:9e:70:18:4f:ed:b8:52:af:4d:eb:65:92: 6e:2f:c8:69:eb:77:0e:da:b4:4f:eb:61:0a:ac:59:7c:a4:d3: 69:b8:91:ee:ea:cf:b1:68:86:71:9c:a6:b2:7c:e4:8c:7b:f4: 33:cc:35:bb:93:df:aa:c8:a5:a0:f5:2e:c8:a8:c5:22:b4:2e: bd:98:14:85:e7:91:7d:d3:11:92:0b:ba:f1:5c:02:e4:2b:9a: 4d:6f:c7:4f:74:09:8d:bf:1f:d8:f2:8b:1c:2b:85:c6:c7:37: e6:a2:f5:84:b6:d6:c1:6e:fa:d1:84:90:86:b5:5c:6a:80:f2: 3c:9b:31:6c:84:22:d5:ad:d3:51:0b:0a:2f:bf:4b:93:39:91: dc:4b:a0:91 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBRcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0FGRTcxMTAvBgNVBAUTKERDQzA3QTlEOEZGRTM3OEREREFGM0NEMEU0MUE5RUY2 RkREMzE0OEYwHhcNMjUxMTAyMjMzNDQwWhcNMjUxMTA5MjMzNDQwWjAYMRYwFAYD VQQDEw02OTA3ZWE5MS02ZjNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA87q0o+GJDSrabLA+aoOosu8b70mpNNFu8hgfzknSM+tkWOO8EOSnOEcF3iz9 6dIpOU2qENA5PZrq/DQUDd1+/29+AI8rQFdkByZ5+aS6JaZjuBh44Fezx8YfxTlY HdHPNvMEtcn37uIQNPCoRfRh8aJP3J7dledC5ml8O2sAFdwNQy52kC2/QkO8zAmv aUifH3a49uW42j7ptErFCFGSTnH51g0py0dwCxpZ3Tb0Q2WSvuFH6sMLyqA6lBe0 hg67Wh/cgko3rHDI5hDkbS7T6a9omyRyqKqOk7ZW20okSpborrNvIy2q8JLcRn/+ xEmub5CoabIJKVbAop1aum0lfwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPcYTnuW omKyid/QhABqNR+PkGowMB8GA1UdIwQYMBaAFNzAep2P/jeN3a880OQanvb90xSP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QUZFNy9GOEI2NTM3NDI5 MTIxMUVDODYzMUI4NTRDNEY5QUUwMi8zTUI2bllfLU40M2RyenpRNUJxZTl2M1RG STguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNNQjZuWV8tTjQzZHJ6elE1QnFlOXYzVEZJOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QUZFNy9GOEI2NTM3NDI5MTIxMUVDODYzMUI4NTRDNEY5QUUwMi8zTUI2bllfLU40 M2RyenpRNUJxZTl2M1RGSTgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAPSuRTcgnCBfWKMfVPekt6gCh9AxyNWiXar+C1ZkIrhHmkm6R8N/sk NxOpBBaZC7fSJeE/BZHJ0CQXx4hmyCmalzijbThEWsYQibyOPhF6qXr9k0vWO0E4 XttUtF9WEblZfVqRFVws0oVUE0ST+2KPvhyecBhP7bhSr03rZZJuL8hp63cO2rRP 62EKrFl8pNNpuJHu6s+xaIZxnKayfOSMe/QzzDW7k9+qyKWg9S7IqMUitC69mBSF 55F90xGSC7rxXALkK5pNb8dPdAmNvx/Y8oscK4XGxzfmovWEttbBbvrRhJCGtVxq gPI8mzFshCLVrdNRCwovv0uTOZHcS6CR -----END CERTIFICATE-----Generated at Tue Nov 4 12:36:06 2025 by rpki-client