$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3D04/7A17FE8EADD911E9B7409A72C4F9AE02/38I-PZBdDoNoEhlZbQgimmlPrxM.mft File: 38I-PZBdDoNoEhlZbQgimmlPrxM.mft (raw, json) Hash identifier: p1EH+Uq25z8tU+6dDOikNWkrBBqA9pNv2758Qim3DnM= Subject key identifier: C1:28:1B:7F:0A:49:59:FC:54:E2:63:5B:DC:F6:B9:09:E5:BF:E1:1A Authority key identifier: DF:C2:3E:3D:90:5D:0E:83:68:12:19:59:6D:08:22:9A:69:4F:AF:13 Certificate issuer: /CN=A91E3D04/serialNumber=DFC23E3D905D0E83681219596D08229A694FAF13 Certificate serial: 0E4A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/38I-PZBdDoNoEhlZbQgimmlPrxM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3D04/7A17FE8EADD911E9B7409A72C4F9AE02/38I-PZBdDoNoEhlZbQgimmlPrxM.mft Manifest number: 0E2F Signing time: Sun 10 Aug 2025 17:49:15 +0000 Manifest this update: Sun 10 Aug 2025 17:49:15 +0000 Manifest next update: Sun 17 Aug 2025 17:49:14 +0000 Files and hashes: 1: 38I-PZBdDoNoEhlZbQgimmlPrxM.crl (hash: 0ofXb+CSFx4tvx4kQOsWJSbViCbYL1luPmMmFPxKT/4=) 2: 10E6D9CAB55C11ECA9565039C4F9AE02.roa (hash: RzHUUv/miUNX3icVSP0eFdue2uGb59/3arKmFqnz2Fc=) 3: AB52C51AB96B11ECB44AC533C4F9AE02.roa (hash: fXxSo682fkgrV8puX+aCaQZxmTNLL+rJcYQD485NwzM=) 4: AC641C88B96B11ECB44AC533C4F9AE02.roa (hash: s3xebHa/jipF1DOC4szye5Ddv89P0OTkiIBe/5lBHnw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3D04/7A17FE8EADD911E9B7409A72C4F9AE02/38I-PZBdDoNoEhlZbQgimmlPrxM.crl rsync://rpki.apnic.net/member_repository/A91E3D04/7A17FE8EADD911E9B7409A72C4F9AE02/38I-PZBdDoNoEhlZbQgimmlPrxM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/38I-PZBdDoNoEhlZbQgimmlPrxM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3658 (0xe4a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3D04, serialNumber=DFC23E3D905D0E83681219596D08229A694FAF13 Validity Not Before: Aug 10 17:49:15 2025 GMT Not After : Aug 17 17:49:14 2025 GMT Subject: CN=6898db9b-24df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:b0:54:2d:ac:16:41:c6:51:8a:56:51:76:ca: 5e:90:20:8c:60:bf:12:64:7c:6d:e1:82:73:12:98: 7c:4d:2d:4b:9e:5a:91:3c:84:10:78:03:92:6b:95: bd:8d:82:0b:9f:22:df:bd:7b:99:ba:82:17:b5:09: ca:fb:c3:61:bc:ed:75:e4:87:ef:28:6f:34:56:6f: fc:e1:87:1f:fc:4d:f6:d4:fd:d7:5c:39:eb:5e:88: 7e:1c:30:74:61:d7:3d:99:14:81:3c:10:f4:d0:60: 4b:4c:91:13:d6:cb:ca:ee:8b:be:85:a6:30:c8:c7: ac:28:65:44:3d:c2:f4:89:f3:e4:8d:a1:8b:e2:9f: 34:58:0a:62:9d:dc:93:15:50:50:e8:96:11:5b:9b: b5:cf:33:d4:23:dd:2b:f8:60:54:97:5a:fc:e8:4f: b2:4e:50:13:30:5b:93:af:b0:24:7a:cc:27:6c:e3: 54:b2:ff:7d:e5:48:47:7b:6c:e5:ab:98:8a:13:07: dc:ca:2a:65:50:af:35:2c:47:a6:7f:13:9f:4b:64: 4d:2f:bf:e8:9e:4f:af:42:ea:f8:20:82:63:28:99: 70:d7:61:3c:6c:33:b6:fe:28:4c:10:1f:68:89:4f: ec:cc:7f:35:bd:c9:b2:fb:1e:45:f7:65:70:8e:cc: 86:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:28:1B:7F:0A:49:59:FC:54:E2:63:5B:DC:F6:B9:09:E5:BF:E1:1A X509v3 Authority Key Identifier: keyid:DF:C2:3E:3D:90:5D:0E:83:68:12:19:59:6D:08:22:9A:69:4F:AF:13 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3D04/7A17FE8EADD911E9B7409A72C4F9AE02/38I-PZBdDoNoEhlZbQgimmlPrxM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/38I-PZBdDoNoEhlZbQgimmlPrxM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3D04/7A17FE8EADD911E9B7409A72C4F9AE02/38I-PZBdDoNoEhlZbQgimmlPrxM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 49:47:fc:29:cf:28:57:c1:23:a8:63:38:a2:80:7d:be:24:71: 27:53:8d:6c:cb:35:63:9c:a8:c6:63:93:3b:a1:24:7a:b4:9b: ae:ae:ff:ef:18:07:ef:a8:b8:d8:45:18:31:74:cc:e4:ef:b5: 7a:82:f5:e0:fa:78:dd:bd:df:a8:a1:8e:fd:74:63:f6:ef:f2: 95:c0:32:6a:aa:e4:dc:ee:fa:db:86:9f:bb:0d:5e:90:f7:63: ee:80:63:41:0e:6a:85:2d:44:86:9c:b7:3d:bc:db:a8:a8:c3: 75:9f:22:7c:4a:bf:bc:3f:99:a8:5c:b2:fc:60:15:4d:77:5b: 70:ed:5a:40:2e:9d:19:bd:d8:30:d1:89:e2:8d:4d:be:4d:7c: 14:65:26:d3:af:b1:03:d5:2a:f5:07:6f:77:ef:82:eb:64:ab: 24:c2:3e:85:84:3e:8b:5d:91:5b:cf:3c:dd:ee:a5:7b:90:d8: 1b:7c:a0:b4:4b:74:1d:37:d2:f4:e2:4f:e7:2c:4c:ee:9e:cf: d7:aa:5b:47:fa:ff:ba:a1:00:4f:ef:92:c7:77:fb:aa:d0:38: a3:d8:16:41:c5:24:15:44:dd:83:0c:3f:bb:c0:96:b5:70:d1: 6d:25:ff:70:b4:ef:7b:70:9e:d0:06:9e:63:a7:5d:7a:df:0d: a5:d4:6d:85 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDkowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNEMDQxMTAvBgNVBAUTKERGQzIzRTNEOTA1RDBFODM2ODEyMTk1OTZEMDgyMjlB Njk0RkFGMTMwHhcNMjUwODEwMTc0OTE1WhcNMjUwODE3MTc0OTE0WjAYMRYwFAYD VQQDEw02ODk4ZGI5Yi0yNGRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApbBULawWQcZRilZRdspekCCMYL8SZHxt4YJzEph8TS1LnlqRPIQQeAOSa5W9 jYILnyLfvXuZuoIXtQnK+8NhvO115IfvKG80Vm/84Ycf/E321P3XXDnrXoh+HDB0 Ydc9mRSBPBD00GBLTJET1svK7ou+haYwyMesKGVEPcL0ifPkjaGL4p80WApindyT FVBQ6JYRW5u1zzPUI90r+GBUl1r86E+yTlATMFuTr7AkeswnbONUsv995UhHe2zl q5iKEwfcyiplUK81LEemfxOfS2RNL7/onk+vQur4IIJjKJlw12E8bDO2/ihMEB9o iU/szH81vcmy+x5F92VwjsyG1wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMEoG38K SVn8VOJjW9z2uQnlv+EaMB8GA1UdIwQYMBaAFN/CPj2QXQ6DaBIZWW0IIpppT68T MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0QwNC83QTE3RkU4RUFE RDkxMUU5Qjc0MDlBNzJDNEY5QUUwMi8zOEktUFpCZERvTm9FaGxaYlFnaW1tbFBy eE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzM4SS1QWkJkRG9Ob0VobFpiUWdpbW1sUHJ4TS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF M0QwNC83QTE3RkU4RUFERDkxMUU5Qjc0MDlBNzJDNEY5QUUwMi8zOEktUFpCZERv Tm9FaGxaYlFnaW1tbFByeE0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBJR/wpzyhXwSOoYziigH2+JHEnU41syzVjnKjGY5M7oSR6tJuurv/v GAfvqLjYRRgxdMzk77V6gvXg+njdvd+ooY79dGP27/KVwDJqquTc7vrbhp+7DV6Q 92PugGNBDmqFLUSGnLc9vNuoqMN1nyJ8Sr+8P5moXLL8YBVNd1tw7VpALp0Zvdgw 0YnijU2+TXwUZSbTr7ED1Sr1B29374LrZKskwj6FhD6LXZFbzzzd7qV7kNgbfKC0 S3QdN9L04k/nLEzuns/XqltH+v+6oQBP75LHd/uq0Dij2BZBxSQVRN2DDD+7wJa1 cNFtJf9wtO97cJ7QBp5jp1163w2l1G2F -----END CERTIFICATE-----Generated at Sun Aug 10 21:16:00 2025 by rpki-client