$ rpki-client -vvf rpki.apnic.net/member_repository/A917E754/ACD1D7701DAB11E2BA2806AA08B02CD2/tQk3XiWpXStZwZWBw8Y1topJES0.mft File: tQk3XiWpXStZwZWBw8Y1topJES0.mft (raw, json) Hash identifier: 3zo4W3x2wozwo7ZAIUHsoAQd4oOR6cTLVSx+UfjSZlg= Subject key identifier: B0:F2:A6:53:9D:1A:A4:09:59:27:F3:13:E3:58:3C:A9:6E:8A:B2:FA Authority key identifier: B5:09:37:5E:25:A9:5D:2B:59:C1:95:81:C3:C6:35:B6:8A:49:11:2D Certificate issuer: /CN=A917E754/serialNumber=B509375E25A95D2B59C19581C3C635B68A49112D Certificate serial: 34B8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tQk3XiWpXStZwZWBw8Y1topJES0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E754/ACD1D7701DAB11E2BA2806AA08B02CD2/tQk3XiWpXStZwZWBw8Y1topJES0.mft Manifest number: 34B1 Signing time: Tue 12 Aug 2025 15:21:44 +0000 Manifest this update: Tue 12 Aug 2025 15:21:43 +0000 Manifest next update: Tue 19 Aug 2025 15:21:43 +0000 Files and hashes: 1: tQk3XiWpXStZwZWBw8Y1topJES0.crl (hash: A920ouOQrs+ECzQcf+22COtpaMtW50s83Dd1sNtsrPU=) 2: 2F79F386050511EA87CC7D42C4F9AE02.roa (hash: 1r2fILVlnPF9g9/RvWkB32IMvkecllavKDmXeDe08HY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E754/ACD1D7701DAB11E2BA2806AA08B02CD2/tQk3XiWpXStZwZWBw8Y1topJES0.crl rsync://rpki.apnic.net/member_repository/A917E754/ACD1D7701DAB11E2BA2806AA08B02CD2/tQk3XiWpXStZwZWBw8Y1topJES0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tQk3XiWpXStZwZWBw8Y1topJES0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 19 Aug 2025 15:21:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13496 (0x34b8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E754, serialNumber=B509375E25A95D2B59C19581C3C635B68A49112D Validity Not Before: Aug 12 15:21:43 2025 GMT Not After : Aug 19 15:21:43 2025 GMT Subject: CN=689b5c07-cf7e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:ef:b6:67:94:12:b5:b9:0e:ec:1b:c7:71:68: c3:23:40:a7:58:9c:08:27:c3:a1:9d:3e:56:c5:08: 5d:89:b5:0d:fb:5b:44:b2:c4:c2:55:07:6c:d5:19: ec:be:4e:bf:32:9b:3e:73:b3:cb:47:cd:a7:5b:27: bc:d7:ee:8e:0e:9b:8d:15:50:db:13:87:8e:63:d7: 8a:cf:5a:76:2f:a4:78:42:e7:e8:48:60:92:48:07: ec:9b:cf:46:10:3c:e9:ce:1a:7d:1e:d3:90:6a:6f: 0d:02:4e:5a:43:12:a2:81:b9:d4:6f:b7:c2:cb:88: 7f:5d:b5:04:9e:5c:63:72:bb:27:e1:0d:86:01:0c: 99:3e:f0:f5:98:7d:16:b9:07:62:4d:dd:57:64:f3: 17:cc:11:40:7e:38:09:70:37:13:65:18:59:d8:13: d9:2e:bf:9f:8f:ae:b8:5c:ec:d6:23:9d:25:d1:1c: d7:a7:24:66:06:1e:3f:15:4f:ed:ad:f3:5a:01:ac: 2a:fb:e0:80:72:47:00:67:4e:e7:7c:7e:67:ec:cb: 69:0d:cb:d3:15:fe:fd:e6:cb:0c:7b:1c:e9:2e:67: 24:01:1b:c5:b6:8c:82:94:da:f6:65:37:42:69:0b: bc:95:5b:91:d8:77:c6:d1:8b:d3:bd:c8:1b:36:e5: cf:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:F2:A6:53:9D:1A:A4:09:59:27:F3:13:E3:58:3C:A9:6E:8A:B2:FA X509v3 Authority Key Identifier: keyid:B5:09:37:5E:25:A9:5D:2B:59:C1:95:81:C3:C6:35:B6:8A:49:11:2D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E754/ACD1D7701DAB11E2BA2806AA08B02CD2/tQk3XiWpXStZwZWBw8Y1topJES0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tQk3XiWpXStZwZWBw8Y1topJES0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E754/ACD1D7701DAB11E2BA2806AA08B02CD2/tQk3XiWpXStZwZWBw8Y1topJES0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b9:96:5d:61:2b:5d:33:9c:0f:63:2c:65:ac:52:25:4f:84:63: 6e:4e:c1:85:a1:fa:12:36:f4:01:ad:2a:89:52:e3:f9:03:0d: 5a:c9:d7:e0:33:da:ed:1d:1e:5b:df:f3:91:1a:e2:34:77:55: df:b0:39:d2:cb:ca:d3:42:eb:cd:f7:6e:7b:77:ad:d3:6f:15: 80:a5:d9:05:73:4f:59:1a:27:1c:eb:d4:98:e9:08:bd:d4:ba: 63:48:11:19:7d:9a:ed:2c:db:e8:0c:0c:66:18:f9:de:82:1d: eb:24:70:a5:57:14:25:51:7a:02:c2:3c:fb:f2:00:99:80:20: 31:49:90:01:d1:fb:a9:c6:e9:0e:88:0e:e6:da:7f:74:81:db: 0e:9c:61:62:2c:44:c6:14:3a:7d:4e:a7:1d:84:59:98:45:cd: 6e:4b:ba:01:8c:f9:f9:17:cc:ac:92:9f:98:a2:22:af:88:c6: 16:87:41:aa:bf:59:d7:10:3c:99:84:e3:94:1b:1c:07:f1:f7: 51:3f:bd:b7:a0:ce:fc:57:38:c2:18:46:d6:35:73:b8:d6:56: d0:62:e2:56:bf:0f:92:e5:f2:32:38:0b:8d:15:67:97:fc:93: c8:be:9f:09:e2:8a:50:f5:76:82:6e:17:3a:83:6b:6d:87:77: 61:73:d3:94 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNLgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0U3NTQxMTAvBgNVBAUTKEI1MDkzNzVFMjVBOTVEMkI1OUMxOTU4MUMzQzYzNUI2 OEE0OTExMkQwHhcNMjUwODEyMTUyMTQzWhcNMjUwODE5MTUyMTQzWjAYMRYwFAYD VQQDEw02ODliNWMwNy1jZjdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7++2Z5QStbkO7BvHcWjDI0CnWJwIJ8OhnT5WxQhdibUN+1tEssTCVQds1Rns vk6/Mps+c7PLR82nWye81+6ODpuNFVDbE4eOY9eKz1p2L6R4QufoSGCSSAfsm89G EDzpzhp9HtOQam8NAk5aQxKigbnUb7fCy4h/XbUEnlxjcrsn4Q2GAQyZPvD1mH0W uQdiTd1XZPMXzBFAfjgJcDcTZRhZ2BPZLr+fj664XOzWI50l0RzXpyRmBh4/FU/t rfNaAawq++CAckcAZ07nfH5n7MtpDcvTFf795ssMexzpLmckARvFtoyClNr2ZTdC aQu8lVuR2HfG0YvTvcgbNuXPowIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLDyplOd GqQJWSfzE+NYPKluirL6MB8GA1UdIwQYMBaAFLUJN14lqV0rWcGVgcPGNbaKSREt MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTc1NC9BQ0QxRDc3MDFE QUIxMUUyQkEyODA2QUEwOEIwMkNEMi90UWszWGlXcFhTdFp3WldCdzhZMXRvcEpF UzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RRazNYaVdwWFN0WndaV0J3OFkxdG9wSkVTMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTc1NC9BQ0QxRDc3MDFEQUIxMUUyQkEyODA2QUEwOEIwMkNEMi90UWszWGlXcFhT dFp3WldCdzhZMXRvcEpFUzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC5ll1hK10znA9jLGWsUiVPhGNuTsGFofoSNvQBrSqJUuP5Aw1aydfg M9rtHR5b3/ORGuI0d1XfsDnSy8rTQuvN9257d63TbxWApdkFc09ZGicc69SY6Qi9 1LpjSBEZfZrtLNvoDAxmGPnegh3rJHClVxQlUXoCwjz78gCZgCAxSZAB0fupxukO iA7m2n90gdsOnGFiLETGFDp9TqcdhFmYRc1uS7oBjPn5F8yskp+YoiKviMYWh0Gq v1nXEDyZhOOUGxwH8fdRP723oM78VzjCGEbWNXO41lbQYuJWvw+S5fIyOAuNFWeX /JPIvp8J4opQ9XaCbhc6g2tth3dhc9OU -----END CERTIFICATE-----Generated at Tue Aug 12 20:38:40 2025 by rpki-client