$ rpki-client -vvf rpki.apnic.net/member_repository/A917AFE7/F8B65374291211EC8631B854C4F9AE02/3MB6nY_-N43drzzQ5Bqe9v3TFI8.mft File: 3MB6nY_-N43drzzQ5Bqe9v3TFI8.mft (raw, json) Hash identifier: AsvIS91rXqFxCmuMNv2TZTEmeYmjGpSMvPD9A4VsrlU= Subject key identifier: 23:D3:45:C0:58:D1:5D:9C:08:A8:DD:F3:79:D5:2F:53:1B:96:9F:7F Authority key identifier: DC:C0:7A:9D:8F:FE:37:8D:DD:AF:3C:D0:E4:1A:9E:F6:FD:D3:14:8F Certificate issuer: /CN=A917AFE7/serialNumber=DCC07A9D8FFE378DDDAF3CD0E41A9EF6FDD3148F Certificate serial: 04CF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3MB6nY_-N43drzzQ5Bqe9v3TFI8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917AFE7/F8B65374291211EC8631B854C4F9AE02/3MB6nY_-N43drzzQ5Bqe9v3TFI8.mft Manifest number: 04C9 Signing time: Thu 12 Jun 2025 23:25:08 +0000 Manifest this update: Thu 12 Jun 2025 23:25:07 +0000 Manifest next update: Thu 19 Jun 2025 23:25:07 +0000 Files and hashes: 1: 3MB6nY_-N43drzzQ5Bqe9v3TFI8.crl (hash: q8iCGEKsjDoF6JvbIrGZprNu26E7phvs4IpShELCGmY=) 2: D3D1604C2B6711EC8CD1C61FC4F9AE02.roa (hash: K+U5H/gEB39S0MtkniCqyAbmgU8k6WO9RKiUyR91DCc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917AFE7/F8B65374291211EC8631B854C4F9AE02/3MB6nY_-N43drzzQ5Bqe9v3TFI8.crl rsync://rpki.apnic.net/member_repository/A917AFE7/F8B65374291211EC8631B854C4F9AE02/3MB6nY_-N43drzzQ5Bqe9v3TFI8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3MB6nY_-N43drzzQ5Bqe9v3TFI8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 19 Jun 2025 23:25:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1231 (0x4cf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917AFE7, serialNumber=DCC07A9D8FFE378DDDAF3CD0E41A9EF6FDD3148F Validity Not Before: Jun 12 23:25:07 2025 GMT Not After : Jun 19 23:25:07 2025 GMT Subject: CN=684b61d4-1151 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:11:fd:b7:81:5a:9f:f7:d2:e2:ec:2c:d4:66: dd:2c:4b:8d:92:0a:b5:a3:0d:4c:33:d3:0e:3f:8d: 04:bf:05:8a:ed:0c:66:8e:5d:a6:6b:dc:07:16:3d: cc:96:ea:20:48:f1:37:1c:30:58:63:74:f9:e9:c1: 31:4b:1a:cb:5a:b4:32:ed:df:90:3d:d3:74:65:7b: 0d:c6:f7:ca:31:77:18:89:51:b2:76:ec:be:eb:8a: ab:0d:f3:76:d6:a4:b5:a6:1a:b5:86:07:98:4a:a0: cb:a6:67:97:01:d0:97:96:73:c1:b2:58:00:31:68: 8a:90:88:f7:8a:b2:90:62:6d:79:2f:3a:17:ce:b6: bf:47:21:be:c6:62:d2:3b:6b:98:45:cf:6d:06:77: f7:b4:df:cb:5a:25:cb:1d:4b:9a:b7:0d:d6:22:0a: 2c:0c:e0:00:5a:b2:4e:6a:9c:e8:b3:71:c5:b6:93: 3e:32:7a:6a:c5:41:7d:1a:bd:01:b1:f5:69:fb:c9: a5:da:51:10:3e:ed:e5:54:90:b8:3b:5f:bc:a1:f8: 24:fb:ff:69:d1:24:26:df:4c:a6:ff:82:7b:d0:fd: c9:60:63:7e:41:83:f3:8a:e0:44:8d:a9:93:e9:11: 3e:c6:85:15:9e:9e:b2:80:fa:88:94:59:0f:60:55: db:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:D3:45:C0:58:D1:5D:9C:08:A8:DD:F3:79:D5:2F:53:1B:96:9F:7F X509v3 Authority Key Identifier: keyid:DC:C0:7A:9D:8F:FE:37:8D:DD:AF:3C:D0:E4:1A:9E:F6:FD:D3:14:8F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917AFE7/F8B65374291211EC8631B854C4F9AE02/3MB6nY_-N43drzzQ5Bqe9v3TFI8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3MB6nY_-N43drzzQ5Bqe9v3TFI8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917AFE7/F8B65374291211EC8631B854C4F9AE02/3MB6nY_-N43drzzQ5Bqe9v3TFI8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7d:4d:fb:da:93:e3:e1:26:01:a7:84:07:42:62:57:77:ad:38: 0d:a3:ea:e8:49:ac:40:cd:3b:d0:b6:45:84:fd:af:55:9e:91: b5:63:0b:f0:6d:61:7e:98:16:72:ff:e8:d3:6e:68:a3:32:aa: b4:3c:c5:aa:e4:f5:01:83:60:a9:42:95:c8:a7:9a:c9:e1:bb: 46:39:d9:22:0d:b6:d6:50:d2:73:5c:b0:fa:43:0c:7e:4e:b8: bd:f6:09:42:c9:9d:bd:0d:b8:d6:70:3d:2c:0b:c2:e4:bd:7f: b0:fd:99:8c:62:fd:49:b2:0f:13:55:99:1d:94:dc:d2:8a:a3: 88:17:5e:0e:29:9c:4c:20:41:cd:e8:a7:1e:d4:f5:a4:75:19: bf:5b:ed:b2:ff:8b:13:5e:31:8c:e6:d6:29:91:b9:cf:a6:a7: c5:ac:1d:e6:c9:4b:e6:d9:f4:cc:cd:29:6b:5a:d1:8a:49:07: 03:4c:d8:bb:23:fe:27:5a:49:db:21:a0:82:18:74:af:a2:1c: bb:70:dd:73:c5:d9:77:f7:e0:30:6f:3a:11:f9:d0:a7:da:4c: 52:01:75:29:94:35:cd:96:5a:b0:37:f1:5d:f6:46:4b:3c:aa: 24:9f:69:8b:43:37:bf:6b:65:6f:59:c3:09:51:09:ec:a2:a2: 96:22:3c:d3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBM8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0FGRTcxMTAvBgNVBAUTKERDQzA3QTlEOEZGRTM3OEREREFGM0NEMEU0MUE5RUY2 RkREMzE0OEYwHhcNMjUwNjEyMjMyNTA3WhcNMjUwNjE5MjMyNTA3WjAYMRYwFAYD VQQDEw02ODRiNjFkNC0xMTUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0hH9t4Fan/fS4uws1GbdLEuNkgq1ow1MM9MOP40EvwWK7Qxmjl2ma9wHFj3M luogSPE3HDBYY3T56cExSxrLWrQy7d+QPdN0ZXsNxvfKMXcYiVGyduy+64qrDfN2 1qS1phq1hgeYSqDLpmeXAdCXlnPBslgAMWiKkIj3irKQYm15LzoXzra/RyG+xmLS O2uYRc9tBnf3tN/LWiXLHUuatw3WIgosDOAAWrJOapzos3HFtpM+MnpqxUF9Gr0B sfVp+8ml2lEQPu3lVJC4O1+8ofgk+/9p0SQm30ym/4J70P3JYGN+QYPziuBEjamT 6RE+xoUVnp6ygPqIlFkPYFXblwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCPTRcBY 0V2cCKjd83nVL1Mblp9/MB8GA1UdIwQYMBaAFNzAep2P/jeN3a880OQanvb90xSP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QUZFNy9GOEI2NTM3NDI5 MTIxMUVDODYzMUI4NTRDNEY5QUUwMi8zTUI2bllfLU40M2RyenpRNUJxZTl2M1RG STguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNNQjZuWV8tTjQzZHJ6elE1QnFlOXYzVEZJOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QUZFNy9GOEI2NTM3NDI5MTIxMUVDODYzMUI4NTRDNEY5QUUwMi8zTUI2bllfLU40 M2RyenpRNUJxZTl2M1RGSTgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB9Tfvak+PhJgGnhAdCYld3rTgNo+roSaxAzTvQtkWE/a9VnpG1Ywvw bWF+mBZy/+jTbmijMqq0PMWq5PUBg2CpQpXIp5rJ4btGOdkiDbbWUNJzXLD6Qwx+ Tri99glCyZ29DbjWcD0sC8LkvX+w/ZmMYv1Jsg8TVZkdlNzSiqOIF14OKZxMIEHN 6Kce1PWkdRm/W+2y/4sTXjGM5tYpkbnPpqfFrB3myUvm2fTMzSlrWtGKSQcDTNi7 I/4nWknbIaCCGHSvohy7cN1zxdl39+AwbzoR+dCn2kxSAXUplDXNllqwN/Fd9kZL PKokn2mLQze/a2VvWcMJUQnsoqKWIjzT -----END CERTIFICATE-----Generated at Sat Jun 14 19:30:09 2025 by rpki-client