$ rpki-client -vvf rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft File: 3FejmXtffOj7ybTZiz1F1jMHcRg.mft (raw, json) Hash identifier: 3+923fyYmub/rETH5hCGI9D2sW8JLKBGRI5vy4T9V5I= Subject key identifier: AE:55:31:D0:DE:39:33:53:3C:78:22:D8:EE:34:64:F5:AF:D6:88:06 Authority key identifier: DC:57:A3:99:7B:5F:7C:E8:FB:C9:B4:D9:8B:3D:45:D6:33:07:71:18 Certificate issuer: /CN=A917CABB/serialNumber=DC57A3997B5F7CE8FBC9B4D98B3D45D633077118 Certificate serial: 0C3C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft Manifest number: 0C35 Signing time: Fri 08 Aug 2025 18:52:13 +0000 Manifest this update: Fri 08 Aug 2025 18:52:12 +0000 Manifest next update: Fri 15 Aug 2025 18:52:12 +0000 Files and hashes: 1: 3FejmXtffOj7ybTZiz1F1jMHcRg.crl (hash: SGfBNAS2CeF8LjHsG/AzbjecoN8IBDcw1xh6smGQEOg=) 2: 17BA5658D1FA11EDA0A31C2FC4F9AE02.roa (hash: H306zJ6w0u++pxJwnmCEZeb1MJYQzvBqunxs7beIBF4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.crl rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3132 (0xc3c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917CABB, serialNumber=DC57A3997B5F7CE8FBC9B4D98B3D45D633077118 Validity Not Before: Aug 8 18:52:12 2025 GMT Not After : Aug 15 18:52:12 2025 GMT Subject: CN=6896475d-5761 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:ac:bc:89:eb:22:84:d2:ab:5c:20:e9:bd:18: b3:b9:e7:f9:46:c7:2f:81:78:1e:b5:34:a9:f7:97: 18:ee:14:c5:0c:ae:0b:6c:c9:40:6c:9f:5a:2a:61: c1:49:ee:e1:69:23:5f:4d:13:17:03:ac:e6:50:d4: 0c:9d:3c:df:94:29:1f:bd:16:66:b4:df:9f:37:6a: 0a:22:f8:6b:14:af:5a:e2:8c:5a:c9:f9:91:cb:28: 07:4a:bf:07:43:c0:65:b8:02:19:cc:ee:4b:37:e0: f8:19:1e:6d:f1:ef:eb:ed:4d:e8:21:15:be:20:33: 9c:4a:9a:ea:c3:9e:e4:b8:f3:3d:66:36:d8:6d:ff: da:72:8e:ee:dd:74:e2:44:7b:7b:64:d0:3c:da:76: 49:b2:ca:98:a6:b7:f0:18:b3:06:66:55:69:b3:eb: 0d:d2:33:68:73:d4:e9:88:90:66:1c:44:6f:96:34: 53:71:33:8f:d5:02:a3:64:79:af:cd:eb:8d:48:95: 21:6f:b6:66:b9:e1:b4:62:41:3c:5a:ae:12:32:57: cb:71:5f:c8:3e:90:61:af:ca:50:fd:9f:fe:75:c5: 93:05:9b:1d:fc:35:f5:fb:c9:6e:42:8a:b2:9c:f2: 61:e6:2c:9d:fe:14:0b:1e:5d:a1:5d:80:18:51:52: 18:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:55:31:D0:DE:39:33:53:3C:78:22:D8:EE:34:64:F5:AF:D6:88:06 X509v3 Authority Key Identifier: keyid:DC:57:A3:99:7B:5F:7C:E8:FB:C9:B4:D9:8B:3D:45:D6:33:07:71:18 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bd:43:23:9a:b7:44:26:5d:19:c0:ac:de:76:55:a3:96:d9:a4: be:0a:5b:aa:7a:9d:27:a6:e6:ee:db:e0:55:98:a2:af:f9:2e: 4b:fd:1a:09:d2:87:03:4b:8a:eb:1d:44:8b:e6:79:df:46:f9: 52:67:e3:29:c0:e2:7a:98:45:a3:28:e1:5e:aa:60:f3:f3:74: 2a:5c:cb:2a:8a:d0:7b:b2:5d:11:64:b6:5c:33:4a:34:f3:d4: 82:f1:3f:70:c1:ae:9b:87:e4:5c:d3:18:c1:ab:a8:f9:96:d0: 34:80:84:44:5f:65:d9:f9:9e:20:a0:cb:8f:87:0b:c6:a7:e9: c6:a9:2a:8d:20:da:85:3d:e4:e9:1c:2a:5f:21:15:d6:20:91: 67:f7:a3:e2:72:f0:22:38:c4:2d:f8:ab:e3:60:1f:a5:47:01: 35:18:39:a6:83:6b:c6:56:62:bb:84:3b:0f:1b:99:d5:56:4d: 7c:3d:c4:ca:ea:33:94:43:cb:01:b0:40:c2:00:e1:b4:7f:66: 02:f6:99:d0:c6:7c:7c:34:8d:23:af:ba:9f:d7:9a:7e:28:52: b8:1e:6c:f1:a2:14:98:57:86:4b:23:a1:3a:11:c2:91:e4:44: 53:56:3c:bb:8d:7f:5c:82:96:51:71:9a:64:da:26:8a:a0:5f: a1:db:a0:64 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDDwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0NBQkIxMTAvBgNVBAUTKERDNTdBMzk5N0I1RjdDRThGQkM5QjREOThCM0Q0NUQ2 MzMwNzcxMTgwHhcNMjUwODA4MTg1MjEyWhcNMjUwODE1MTg1MjEyWjAYMRYwFAYD VQQDEw02ODk2NDc1ZC01NzYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0qy8iesihNKrXCDpvRizuef5RscvgXgetTSp95cY7hTFDK4LbMlAbJ9aKmHB Se7haSNfTRMXA6zmUNQMnTzflCkfvRZmtN+fN2oKIvhrFK9a4oxayfmRyygHSr8H Q8BluAIZzO5LN+D4GR5t8e/r7U3oIRW+IDOcSprqw57kuPM9ZjbYbf/aco7u3XTi RHt7ZNA82nZJssqYprfwGLMGZlVps+sN0jNoc9TpiJBmHERvljRTcTOP1QKjZHmv zeuNSJUhb7ZmueG0YkE8Wq4SMlfLcV/IPpBhr8pQ/Z/+dcWTBZsd/DX1+8luQoqy nPJh5iyd/hQLHl2hXYAYUVIYVQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFK5VMdDe OTNTPHgi2O40ZPWv1ogGMB8GA1UdIwQYMBaAFNxXo5l7X3zo+8m02Ys9RdYzB3EY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Q0FCQi8wNzY3NUYxRTBG NjkxMUVBQTlENTI2NTBDNEY5QUUwMi8zRmVqbVh0ZmZPajd5YlRaaXoxRjFqTUhj UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNGZWptWHRmZk9qN3liVFppejFGMWpNSGNSZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 Q0FCQi8wNzY3NUYxRTBGNjkxMUVBQTlENTI2NTBDNEY5QUUwMi8zRmVqbVh0ZmZP ajd5YlRaaXoxRjFqTUhjUmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC9QyOat0QmXRnArN52VaOW2aS+Cluqep0npubu2+BVmKKv+S5L/RoJ 0ocDS4rrHUSL5nnfRvlSZ+MpwOJ6mEWjKOFeqmDz83QqXMsqitB7sl0RZLZcM0o0 89SC8T9wwa6bh+Rc0xjBq6j5ltA0gIREX2XZ+Z4goMuPhwvGp+nGqSqNINqFPeTp HCpfIRXWIJFn96PicvAiOMQt+KvjYB+lRwE1GDmmg2vGVmK7hDsPG5nVVk18PcTK 6jOUQ8sBsEDCAOG0f2YC9pnQxnx8NI0jr7qf15p+KFK4HmzxohSYV4ZLI6E6EcKR 5ERTVjy7jX9cgpZRcZpk2iaKoF+h26Bk -----END CERTIFICATE-----Generated at Sun Aug 10 18:17:42 2025 by rpki-client