$ rpki-client -vvf rpki.apnic.net/member_repository/A917AFE7/F8B65374291211EC8631B854C4F9AE02/3MB6nY_-N43drzzQ5Bqe9v3TFI8.mft File: 3MB6nY_-N43drzzQ5Bqe9v3TFI8.mft (raw, json) Hash identifier: RaTEEUo+HH50/VgvjxLXoI2lsHePQMP1aawiCAcPIRM= Subject key identifier: F0:C1:27:25:A6:19:1D:8D:15:9A:A6:3E:A5:98:07:C9:98:04:81:8D Authority key identifier: DC:C0:7A:9D:8F:FE:37:8D:DD:AF:3C:D0:E4:1A:9E:F6:FD:D3:14:8F Certificate issuer: /CN=A917AFE7/serialNumber=DCC07A9D8FFE378DDDAF3CD0E41A9EF6FDD3148F Certificate serial: 04ED Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3MB6nY_-N43drzzQ5Bqe9v3TFI8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917AFE7/F8B65374291211EC8631B854C4F9AE02/3MB6nY_-N43drzzQ5Bqe9v3TFI8.mft Manifest number: 04E7 Signing time: Sun 10 Aug 2025 23:51:53 +0000 Manifest this update: Sun 10 Aug 2025 23:51:53 +0000 Manifest next update: Sun 17 Aug 2025 23:51:53 +0000 Files and hashes: 1: 3MB6nY_-N43drzzQ5Bqe9v3TFI8.crl (hash: 0Y8Y268zKTmOggXmvQj6jDv4Wr4uiJVqtfvCWFdQaVw=) 2: D3D1604C2B6711EC8CD1C61FC4F9AE02.roa (hash: K+U5H/gEB39S0MtkniCqyAbmgU8k6WO9RKiUyR91DCc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917AFE7/F8B65374291211EC8631B854C4F9AE02/3MB6nY_-N43drzzQ5Bqe9v3TFI8.crl rsync://rpki.apnic.net/member_repository/A917AFE7/F8B65374291211EC8631B854C4F9AE02/3MB6nY_-N43drzzQ5Bqe9v3TFI8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3MB6nY_-N43drzzQ5Bqe9v3TFI8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 17 Aug 2025 23:51:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1261 (0x4ed) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917AFE7, serialNumber=DCC07A9D8FFE378DDDAF3CD0E41A9EF6FDD3148F Validity Not Before: Aug 10 23:51:53 2025 GMT Not After : Aug 17 23:51:53 2025 GMT Subject: CN=68993099-b9db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:aa:ea:8b:ba:36:68:1f:de:a7:27:00:09:3e: 34:c6:06:92:36:32:89:1c:de:8f:8a:5f:ce:38:da: e1:95:0a:4c:bc:bb:55:fd:4c:0a:d6:57:a8:4d:38: d2:48:36:b3:22:f3:12:ad:43:23:18:3f:44:4a:f9: 2c:c2:8d:f2:89:6f:81:66:2a:b9:e5:1b:e8:18:7d: 14:aa:af:d8:ea:22:67:c1:6c:fc:90:bc:e3:19:94: 05:4a:b8:6f:35:d5:ee:ec:e5:33:c7:25:46:bd:6a: ac:28:f7:76:fc:87:89:7f:80:b2:75:ef:38:a2:9f: 16:fa:bd:55:95:81:82:aa:8c:3a:7b:2b:6e:0c:e9: 68:b4:bc:74:7f:92:26:51:8e:aa:2e:34:0a:92:04: 21:a5:75:50:4b:8b:f0:72:6f:51:ae:09:d9:86:22: 65:c2:37:13:b3:d2:6a:ac:6d:ae:76:b0:8a:8c:76: d3:18:cd:9c:3b:64:95:a1:fa:b9:c9:08:a0:df:f0: a9:ea:2d:33:8b:8e:12:36:14:26:ad:8a:b6:b8:c2: ff:5c:e5:74:a7:01:e6:25:48:d3:19:c7:e0:5c:3a: dc:8f:ef:85:33:a1:ef:66:3d:ce:d0:81:ac:10:11: 8f:fb:dc:cc:c9:5a:1b:3d:ab:b3:5a:d2:bf:da:5f: 92:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:C1:27:25:A6:19:1D:8D:15:9A:A6:3E:A5:98:07:C9:98:04:81:8D X509v3 Authority Key Identifier: keyid:DC:C0:7A:9D:8F:FE:37:8D:DD:AF:3C:D0:E4:1A:9E:F6:FD:D3:14:8F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917AFE7/F8B65374291211EC8631B854C4F9AE02/3MB6nY_-N43drzzQ5Bqe9v3TFI8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3MB6nY_-N43drzzQ5Bqe9v3TFI8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917AFE7/F8B65374291211EC8631B854C4F9AE02/3MB6nY_-N43drzzQ5Bqe9v3TFI8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 40:87:e6:8f:64:e9:3b:6d:66:ad:82:dd:82:9c:ac:d6:d6:c7: 7b:57:ad:8b:53:d4:f8:01:56:42:cf:e5:ba:b4:55:2b:7b:87: 3f:93:99:32:fa:5c:88:e3:1a:9b:cc:2d:e4:5c:2a:40:19:b0: 54:c0:7d:64:05:00:07:c8:58:11:09:c8:25:65:85:2a:20:10: 26:66:35:20:d2:be:2b:a4:bb:4e:cd:00:1e:eb:97:9d:ab:3c: 66:81:37:d6:7b:fa:cf:a6:23:9c:91:5d:98:11:51:74:f5:06: 2d:e5:6e:d3:af:e8:a0:18:6c:7e:42:cd:59:fd:6a:03:34:e5: 33:39:86:45:2a:91:46:69:11:ac:47:4f:e8:a4:06:90:30:49: 4f:84:5a:03:67:87:c3:61:4d:46:47:ae:fd:83:52:a5:06:06: f6:b3:90:08:9d:a3:a8:14:5d:3f:03:25:ec:ea:fc:91:b1:f0: 61:06:53:7c:3f:8c:ae:c5:d1:37:61:f7:a6:8b:7e:db:41:0b: 5c:c9:f6:df:20:65:23:84:23:c7:bd:7b:f9:78:a3:50:0f:28: 9b:3d:5e:d4:88:79:e1:c2:00:b8:58:6d:5c:97:d8:56:4f:b1: bf:31:78:5b:df:49:b7:ce:11:93:66:d5:48:13:ed:ff:f5:1f: cc:c6:a3:f7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBO0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0FGRTcxMTAvBgNVBAUTKERDQzA3QTlEOEZGRTM3OEREREFGM0NEMEU0MUE5RUY2 RkREMzE0OEYwHhcNMjUwODEwMjM1MTUzWhcNMjUwODE3MjM1MTUzWjAYMRYwFAYD VQQDEw02ODk5MzA5OS1iOWRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw6rqi7o2aB/epycACT40xgaSNjKJHN6Pil/OONrhlQpMvLtV/UwK1leoTTjS SDazIvMSrUMjGD9ESvkswo3yiW+BZiq55RvoGH0Uqq/Y6iJnwWz8kLzjGZQFSrhv NdXu7OUzxyVGvWqsKPd2/IeJf4Cyde84op8W+r1VlYGCqow6eytuDOlotLx0f5Im UY6qLjQKkgQhpXVQS4vwcm9RrgnZhiJlwjcTs9JqrG2udrCKjHbTGM2cO2SVofq5 yQig3/Cp6i0zi44SNhQmrYq2uML/XOV0pwHmJUjTGcfgXDrcj++FM6HvZj3O0IGs EBGP+9zMyVobPauzWtK/2l+SaQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPDBJyWm GR2NFZqmPqWYB8mYBIGNMB8GA1UdIwQYMBaAFNzAep2P/jeN3a880OQanvb90xSP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QUZFNy9GOEI2NTM3NDI5 MTIxMUVDODYzMUI4NTRDNEY5QUUwMi8zTUI2bllfLU40M2RyenpRNUJxZTl2M1RG STguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNNQjZuWV8tTjQzZHJ6elE1QnFlOXYzVEZJOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QUZFNy9GOEI2NTM3NDI5MTIxMUVDODYzMUI4NTRDNEY5QUUwMi8zTUI2bllfLU40 M2RyenpRNUJxZTl2M1RGSTgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBAh+aPZOk7bWatgt2CnKzW1sd7V62LU9T4AVZCz+W6tFUre4c/k5ky +lyI4xqbzC3kXCpAGbBUwH1kBQAHyFgRCcglZYUqIBAmZjUg0r4rpLtOzQAe65ed qzxmgTfWe/rPpiOckV2YEVF09QYt5W7Tr+igGGx+Qs1Z/WoDNOUzOYZFKpFGaRGs R0/opAaQMElPhFoDZ4fDYU1GR679g1KlBgb2s5AInaOoFF0/AyXs6vyRsfBhBlN8 P4yuxdE3Yfemi37bQQtcyfbfIGUjhCPHvXv5eKNQDyibPV7UiHnhwgC4WG1cl9hW T7G/MXhb30m3zhGTZtVIE+3/9R/MxqP3 -----END CERTIFICATE-----Generated at Tue Aug 12 14:48:50 2025 by rpki-client