$ rpki-client -vvf rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/3lBUK-oQggGncsALyfJRrRf6ls0.mft File: 3lBUK-oQggGncsALyfJRrRf6ls0.mft (raw, json) Hash identifier: GqQnptMTOPsujx4Q8fP70MGbH1MMLN8v1Frf8KHl3+Y= Subject key identifier: BA:32:55:01:52:C5:A3:8F:05:2D:6B:50:73:ED:5C:1A:5E:17:FB:36 Authority key identifier: DE:50:54:2B:EA:10:82:01:A7:72:C0:0B:C9:F2:51:AD:17:FA:96:CD Certificate issuer: /CN=A91DEBE3/serialNumber=DE50542BEA108201A772C00BC9F251AD17FA96CD Certificate serial: 0CDE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3lBUK-oQggGncsALyfJRrRf6ls0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/3lBUK-oQggGncsALyfJRrRf6ls0.mft Manifest number: 0CA1 Signing time: Sun 10 Aug 2025 18:20:43 +0000 Manifest this update: Sun 10 Aug 2025 18:20:43 +0000 Manifest next update: Sun 17 Aug 2025 18:20:43 +0000 Files and hashes: 1: 3lBUK-oQggGncsALyfJRrRf6ls0.crl (hash: Jkz0zopZGGzo03nnXXMu0StRVcbLlfqGs6tEE+FYGr8=) 2: AF0508E8B1EE11EF93E70F63C4F9AE02.roa (hash: /m7E0Dw/anD8qYNxCWedW44uleLaVBkf0eBmZ6XFvMk=) 3: D59CB8F4968511EF93AE8239C4F9AE02.roa (hash: rZ4CQjG/7W0/b4/xy8McSOxNbiTi926f91iRcbtKHeo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/3lBUK-oQggGncsALyfJRrRf6ls0.crl rsync://rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/3lBUK-oQggGncsALyfJRrRf6ls0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3lBUK-oQggGncsALyfJRrRf6ls0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3294 (0xcde) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DEBE3, serialNumber=DE50542BEA108201A772C00BC9F251AD17FA96CD Validity Not Before: Aug 10 18:20:43 2025 GMT Not After : Aug 17 18:20:43 2025 GMT Subject: CN=6898e2fb-7a17 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:8f:76:3b:6d:2e:a3:f2:74:83:a3:23:d5:28: 75:f3:6e:80:9b:d1:0c:19:6d:de:9f:3e:0b:34:54: 9e:60:07:b5:9b:9b:55:d0:5f:8e:d3:7f:a5:3f:f2: 28:3e:a1:bc:9c:fd:4d:02:2d:43:b5:64:3c:53:50: 55:61:b2:73:ee:73:90:af:39:57:56:7a:3e:a3:ba: c7:fd:12:a6:92:3a:f3:ff:ff:04:7c:c9:a4:77:bb: d9:de:1c:9c:58:8a:72:b4:e1:b1:73:22:71:2c:db: d1:83:29:15:95:cc:51:4f:1e:d3:1e:03:44:e6:fd: a5:89:e9:77:72:51:d4:81:37:3c:2f:f2:de:01:86: 04:bf:0c:91:81:67:6a:65:82:a5:f4:9c:d3:1b:25: 65:c3:d8:a7:e0:1c:29:d2:73:c9:d6:10:c6:f4:ad: d9:bd:18:ac:bf:a8:89:be:04:53:00:9b:fd:a5:df: 41:1c:f7:24:11:46:6f:de:ac:7c:20:87:d8:27:0b: 6c:e4:35:81:b6:b6:9e:18:b7:6b:a4:96:82:b8:05: d4:bf:ce:c9:0b:4e:7a:9f:00:de:d4:09:83:86:bf: ea:61:c1:0a:a7:f2:ed:ce:aa:bf:e0:63:d8:51:81: 01:27:7f:7c:5f:4f:4d:73:98:b4:b4:0d:fd:02:8b: d7:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:32:55:01:52:C5:A3:8F:05:2D:6B:50:73:ED:5C:1A:5E:17:FB:36 X509v3 Authority Key Identifier: keyid:DE:50:54:2B:EA:10:82:01:A7:72:C0:0B:C9:F2:51:AD:17:FA:96:CD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/3lBUK-oQggGncsALyfJRrRf6ls0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3lBUK-oQggGncsALyfJRrRf6ls0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/3lBUK-oQggGncsALyfJRrRf6ls0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 45:d8:d0:a5:67:6d:17:aa:80:a6:6b:41:c1:d1:de:ac:cc:ea: ec:86:b5:c7:b8:bb:ec:3a:6d:a0:c1:e4:70:88:9c:28:45:27: 88:12:71:24:bb:e1:29:c7:1b:3d:d5:11:ad:00:76:71:b1:ee: 5c:eb:83:24:82:c1:42:25:3f:e8:1f:cb:b1:13:6d:34:c1:da: e4:df:2a:b3:bb:3d:43:ba:83:ec:42:41:5d:1f:70:2c:9c:e1: 62:d1:57:95:60:78:51:10:eb:49:96:87:85:ee:30:ac:79:da: 22:5c:a6:64:ed:b0:83:31:93:81:75:2d:7c:f7:d5:5a:5e:5b: 8a:be:69:ab:26:b0:a3:b7:01:74:49:5f:5c:ca:4f:b7:60:23: a4:10:40:c6:a7:58:7d:4a:d6:94:ae:c7:06:94:4e:78:1d:13: 19:fe:92:46:69:aa:2e:63:27:e0:17:3c:65:80:9c:38:bf:51: 5e:eb:df:be:90:b0:6f:ac:a0:98:51:7d:21:9d:54:2b:8f:1e: 4b:f4:e1:bf:ef:ce:91:f4:21:f6:40:9e:8c:2b:cd:91:4b:cf: 65:4e:50:16:e8:0a:d0:3b:d8:ac:84:e7:3b:4c:bc:60:e6:86: bd:a6:3c:47:85:b9:28:07:46:7b:99:71:5b:23:ee:de:79:bd: 92:ac:2d:78 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDN4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REVCRTMxMTAvBgNVBAUTKERFNTA1NDJCRUExMDgyMDFBNzcyQzAwQkM5RjI1MUFE MTdGQTk2Q0QwHhcNMjUwODEwMTgyMDQzWhcNMjUwODE3MTgyMDQzWjAYMRYwFAYD VQQDEw02ODk4ZTJmYi03YTE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoY92O20uo/J0g6Mj1Sh1826Am9EMGW3enz4LNFSeYAe1m5tV0F+O03+lP/Io PqG8nP1NAi1DtWQ8U1BVYbJz7nOQrzlXVno+o7rH/RKmkjrz//8EfMmkd7vZ3hyc WIpytOGxcyJxLNvRgykVlcxRTx7THgNE5v2liel3clHUgTc8L/LeAYYEvwyRgWdq ZYKl9JzTGyVlw9in4Bwp0nPJ1hDG9K3ZvRisv6iJvgRTAJv9pd9BHPckEUZv3qx8 IIfYJwts5DWBtraeGLdrpJaCuAXUv87JC056nwDe1AmDhr/qYcEKp/Ltzqq/4GPY UYEBJ398X09Nc5i0tA39AovXYwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLoyVQFS xaOPBS1rUHPtXBpeF/s2MB8GA1UdIwQYMBaAFN5QVCvqEIIBp3LAC8nyUa0X+pbN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERUJFMy84MEFFMTBDNjA0 NTAxMUVBQkE4MkM0MTVDNEY5QUUwMi8zbEJVSy1vUWdnR25jc0FMeWZKUnJSZjZs czAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNsQlVLLW9RZ2dHbmNzQUx5ZkpSclJmNmxzMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE RUJFMy84MEFFMTBDNjA0NTAxMUVBQkE4MkM0MTVDNEY5QUUwMi8zbEJVSy1vUWdn R25jc0FMeWZKUnJSZjZsczAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBF2NClZ20XqoCma0HB0d6szOrshrXHuLvsOm2gweRwiJwoRSeIEnEk u+Epxxs91RGtAHZxse5c64MkgsFCJT/oH8uxE200wdrk3yqzuz1DuoPsQkFdH3As nOFi0VeVYHhREOtJloeF7jCsedoiXKZk7bCDMZOBdS1899VaXluKvmmrJrCjtwF0 SV9cyk+3YCOkEEDGp1h9StaUrscGlE54HRMZ/pJGaaouYyfgFzxlgJw4v1Fe69++ kLBvrKCYUX0hnVQrjx5L9OG/786R9CH2QJ6MK82RS89lTlAW6ArQO9ishOc7TLxg 5oa9pjxHhbkoB0Z7mXFbI+7eeb2SrC14 -----END CERTIFICATE-----Generated at Mon Aug 11 07:27:29 2025 by rpki-client