$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6BEF/4EA866C4C44211E99477E21FC4F9AE02/gR3hHn7cHBB2BVnus5v9Ztaa6kY.mft File: gR3hHn7cHBB2BVnus5v9Ztaa6kY.mft (raw, json) Hash identifier: fBKxa+ydzLS6IidHq0BR1f0JlCsEs5aedJilpYTLoGk= Subject key identifier: AA:EB:06:9C:E3:E4:0D:D6:50:7E:85:C8:4B:93:9C:84:B4:43:59:5E Authority key identifier: 81:1D:E1:1E:7E:DC:1C:10:76:05:59:EE:B3:9B:FD:66:D6:9A:EA:46 Certificate issuer: /CN=A91E6BEF/serialNumber=811DE11E7EDC1C10760559EEB39BFD66D69AEA46 Certificate serial: 0DBB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gR3hHn7cHBB2BVnus5v9Ztaa6kY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E6BEF/4EA866C4C44211E99477E21FC4F9AE02/gR3hHn7cHBB2BVnus5v9Ztaa6kY.mft Manifest number: 0DB2 Signing time: Sun 10 Aug 2025 17:54:51 +0000 Manifest this update: Sun 10 Aug 2025 17:54:50 +0000 Manifest next update: Sun 17 Aug 2025 17:54:50 +0000 Files and hashes: 1: gR3hHn7cHBB2BVnus5v9Ztaa6kY.crl (hash: ImOhCqCQZHclATfQ/pzEXt5cmgAufrWVg7M6BeQ6UI4=) 2: FEBD6C62C4B511E9B7D53A7FC4F9AE02.roa (hash: UdehkLAzVXoFe5wUis48zru/UMqEMsZcDt54OS7NI9c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E6BEF/4EA866C4C44211E99477E21FC4F9AE02/gR3hHn7cHBB2BVnus5v9Ztaa6kY.crl rsync://rpki.apnic.net/member_repository/A91E6BEF/4EA866C4C44211E99477E21FC4F9AE02/gR3hHn7cHBB2BVnus5v9Ztaa6kY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gR3hHn7cHBB2BVnus5v9Ztaa6kY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3515 (0xdbb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E6BEF, serialNumber=811DE11E7EDC1C10760559EEB39BFD66D69AEA46 Validity Not Before: Aug 10 17:54:50 2025 GMT Not After : Aug 17 17:54:50 2025 GMT Subject: CN=6898dceb-f4dc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:f8:2f:ff:c5:54:4a:6f:da:e8:ab:66:27:78: 65:c9:2a:61:1b:ac:f5:d0:46:f9:a3:fe:e2:f2:80: cb:eb:e1:76:17:e8:64:e2:8d:84:30:6c:17:84:5a: 16:f7:24:94:1f:39:51:41:47:83:16:1a:40:65:af: ed:ad:54:1d:50:3f:e6:d1:61:29:0d:a6:8d:e3:17: f1:c0:00:32:21:cb:30:7e:23:5a:b9:e8:19:62:3c: 66:40:52:d7:01:80:76:b8:9f:27:aa:ac:97:a2:8e: 27:c1:e2:c2:43:6b:ce:07:ad:2f:a2:fe:cc:95:66: db:2f:84:1d:0e:bf:e4:e8:e0:00:fa:f4:ce:9c:9d: 89:a9:83:26:d8:aa:19:02:b7:d3:71:2d:d9:a6:c1: 0e:f8:18:53:d0:6c:eb:c8:b6:99:fa:e6:7e:13:73: 3a:83:d2:7b:49:cf:ef:f5:1f:29:3c:84:d3:c3:a3: fa:5e:a6:2e:74:eb:14:8a:6e:ee:26:9e:3d:17:65: aa:01:2c:bb:89:dc:92:1d:3e:ed:10:1e:30:39:37: 9e:85:5b:d0:83:8a:7e:6c:63:9a:0c:2a:f0:d8:47: fe:c9:ab:5d:85:d6:dc:e5:43:7b:a0:9d:c3:7d:28: ea:9f:54:70:54:de:b8:54:db:37:fe:e8:9c:ce:4c: 7f:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:EB:06:9C:E3:E4:0D:D6:50:7E:85:C8:4B:93:9C:84:B4:43:59:5E X509v3 Authority Key Identifier: keyid:81:1D:E1:1E:7E:DC:1C:10:76:05:59:EE:B3:9B:FD:66:D6:9A:EA:46 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E6BEF/4EA866C4C44211E99477E21FC4F9AE02/gR3hHn7cHBB2BVnus5v9Ztaa6kY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gR3hHn7cHBB2BVnus5v9Ztaa6kY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6BEF/4EA866C4C44211E99477E21FC4F9AE02/gR3hHn7cHBB2BVnus5v9Ztaa6kY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9d:4c:e4:0c:ee:1e:95:9f:9f:7b:28:9f:3c:0e:bf:88:f0:94: db:f1:c1:a1:1b:96:f5:41:fa:dc:f0:76:55:30:04:c9:dc:71: df:1f:e3:28:69:3b:c3:47:b0:75:13:77:e9:f6:8e:bc:f6:a6: d6:7b:cf:e2:be:e6:57:40:06:84:c3:69:6c:f0:28:8f:40:ae: 29:41:53:4a:07:9a:a8:64:0a:80:07:e9:ab:c1:0c:82:09:03: 4b:8e:7b:a7:c8:95:27:41:f7:7e:b8:e5:78:85:3c:95:eb:c9: 76:a5:89:82:fb:2b:f6:52:5e:9e:52:11:d7:bf:e6:c5:18:14: e6:75:86:4f:6c:e6:66:f0:2f:d5:f1:fc:1d:b0:c8:3b:d5:00: 55:dc:07:3e:e6:71:b7:66:fc:2b:ee:a0:80:37:32:b0:12:02: d1:e8:e3:63:a4:6c:cd:59:7a:bd:e7:7d:9f:44:3e:bb:a9:a8: 85:32:28:2c:e0:ae:c3:c9:13:40:69:43:2d:87:92:97:5a:ba: 0d:1e:1b:1f:24:77:92:0b:41:13:5b:1e:74:9e:32:83:47:77: 13:8f:82:55:ba:12:6d:0a:01:0f:64:3d:a6:b7:9b:df:2c:a0: 69:b4:c4:4f:55:d1:e5:53:89:6a:dd:c5:8d:b6:f2:2c:dd:14: d0:20:26:b4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDbswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTZCRUYxMTAvBgNVBAUTKDgxMURFMTFFN0VEQzFDMTA3NjA1NTlFRUIzOUJGRDY2 RDY5QUVBNDYwHhcNMjUwODEwMTc1NDUwWhcNMjUwODE3MTc1NDUwWjAYMRYwFAYD VQQDEw02ODk4ZGNlYi1mNGRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtvgv/8VUSm/a6KtmJ3hlySphG6z10Eb5o/7i8oDL6+F2F+hk4o2EMGwXhFoW 9ySUHzlRQUeDFhpAZa/trVQdUD/m0WEpDaaN4xfxwAAyIcswfiNauegZYjxmQFLX AYB2uJ8nqqyXoo4nweLCQ2vOB60vov7MlWbbL4QdDr/k6OAA+vTOnJ2JqYMm2KoZ ArfTcS3ZpsEO+BhT0GzryLaZ+uZ+E3M6g9J7Sc/v9R8pPITTw6P6XqYudOsUim7u Jp49F2WqASy7idySHT7tEB4wOTeehVvQg4p+bGOaDCrw2Ef+yatdhdbc5UN7oJ3D fSjqn1RwVN64VNs3/uiczkx/fwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKrrBpzj 5A3WUH6FyEuTnIS0Q1leMB8GA1UdIwQYMBaAFIEd4R5+3BwQdgVZ7rOb/WbWmupG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNkJFRi80RUE4NjZDNEM0 NDIxMUU5OTQ3N0UyMUZDNEY5QUUwMi9nUjNoSG43Y0hCQjJCVm51czV2OVp0YWE2 a1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2dSM2hIbjdjSEJCMkJWbnVzNXY5WnRhYTZrWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NkJFRi80RUE4NjZDNEM0NDIxMUU5OTQ3N0UyMUZDNEY5QUUwMi9nUjNoSG43Y0hC QjJCVm51czV2OVp0YWE2a1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCdTOQM7h6Vn597KJ88Dr+I8JTb8cGhG5b1Qfrc8HZVMATJ3HHfH+Mo aTvDR7B1E3fp9o689qbWe8/ivuZXQAaEw2ls8CiPQK4pQVNKB5qoZAqAB+mrwQyC CQNLjnunyJUnQfd+uOV4hTyV68l2pYmC+yv2Ul6eUhHXv+bFGBTmdYZPbOZm8C/V 8fwdsMg71QBV3Ac+5nG3Zvwr7qCANzKwEgLR6ONjpGzNWXq9532fRD67qaiFMigs 4K7DyRNAaUMth5KXWroNHhsfJHeSC0ETWx50njKDR3cTj4JVuhJtCgEPZD2mt5vf LKBptMRPVdHlU4lq3cWNtvIs3RTQICa0 -----END CERTIFICATE-----Generated at Mon Aug 11 13:56:20 2025 by rpki-client