$ rpki-client -vvf rpki.apnic.net/member_repository/A912BAAD/521ADDC8184811EA9078562BC4F9AE02/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.mft File: 3fiEkRrT8ozJ2WqMJKk5pl-LJXY.mft (raw, json) Hash identifier: ar6DbYdVfQ+qpSEt6hGeTMwRO/wJDmVmqwRdYxy1zu8= Subject key identifier: 48:E0:FE:00:95:1D:BD:A7:F9:C1:FB:94:82:C2:93:85:B3:03:15:13 Authority key identifier: DD:F8:84:91:1A:D3:F2:8C:C9:D9:6A:8C:24:A9:39:A6:5F:8B:25:76 Certificate issuer: /CN=A912BAAD/serialNumber=DDF884911AD3F28CC9D96A8C24A939A65F8B2576 Certificate serial: 0C44 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912BAAD/521ADDC8184811EA9078562BC4F9AE02/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.mft Manifest number: 0C35 Signing time: Sat 18 Oct 2025 19:29:18 +0000 Manifest this update: Sat 18 Oct 2025 19:29:17 +0000 Manifest next update: Sat 25 Oct 2025 19:29:17 +0000 Files and hashes: 1: 3fiEkRrT8ozJ2WqMJKk5pl-LJXY.crl (hash: V8QohSNvIFs2Gtu+yU2BUSRz4cImE7VGva59FCGZ9CY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912BAAD/521ADDC8184811EA9078562BC4F9AE02/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.crl rsync://rpki.apnic.net/member_repository/A912BAAD/521ADDC8184811EA9078562BC4F9AE02/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 19:29:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3140 (0xc44) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912BAAD, serialNumber=DDF884911AD3F28CC9D96A8C24A939A65F8B2576 Validity Not Before: Oct 18 19:29:17 2025 GMT Not After : Oct 25 19:29:17 2025 GMT Subject: CN=68f3ea8d-8fc9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:d0:9c:7f:fb:84:54:21:72:d2:4a:06:56:17: 76:68:b1:fa:a1:88:cb:02:d9:b3:ba:1b:2d:56:24: 31:3a:c1:4f:fd:94:86:91:17:d9:d6:2a:d0:6f:71: b8:36:10:87:2c:ff:f3:fd:71:b3:45:99:3b:27:6b: db:a5:37:b6:9e:67:51:b0:d9:a9:26:78:8e:45:1c: 4d:37:91:02:be:2b:6f:f4:59:4a:c6:ec:16:6b:d0: 8b:42:bd:83:13:8a:4e:85:73:48:d6:d2:f0:38:6f: 4f:9c:7c:6a:b1:db:a0:f6:b0:c5:42:8e:bf:b3:99: a2:37:46:1d:4c:6b:20:c9:b7:b5:a2:00:a7:9b:c0: d3:ed:24:b6:ac:90:27:51:a7:4b:3a:ef:5e:fd:e8: 21:a7:86:6a:dc:7f:17:38:aa:55:3b:44:33:72:a3: 14:6d:4c:fe:77:b9:32:39:df:52:ae:6f:2c:fd:c0: 06:75:dd:c7:88:f4:7f:77:73:ce:78:0f:99:02:4f: dd:69:12:97:e4:c5:f8:dd:ef:dd:6e:0d:db:74:be: 47:33:00:ca:49:d7:1b:5d:b3:59:61:86:67:75:ba: cb:ea:08:2f:2d:11:4d:18:fe:ac:fc:aa:cb:bc:50: b4:6e:54:e9:30:28:fe:32:7c:b7:9a:1b:35:25:4a: 44:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:E0:FE:00:95:1D:BD:A7:F9:C1:FB:94:82:C2:93:85:B3:03:15:13 X509v3 Authority Key Identifier: keyid:DD:F8:84:91:1A:D3:F2:8C:C9:D9:6A:8C:24:A9:39:A6:5F:8B:25:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912BAAD/521ADDC8184811EA9078562BC4F9AE02/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912BAAD/521ADDC8184811EA9078562BC4F9AE02/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 01:0d:35:e7:ca:b7:f9:8f:3c:c4:6c:b7:65:f7:06:97:41:bc: 72:56:64:11:48:35:53:54:46:fb:1c:ff:c2:97:03:ba:3d:87: 71:bd:f6:fd:df:40:4e:8a:72:aa:73:88:97:fd:ec:74:77:e2: e5:e9:0c:0b:dd:65:52:44:e4:12:af:c9:42:5d:45:05:d6:81: 79:a2:16:86:08:ba:ed:e2:fb:bf:d1:b8:c8:8a:29:a5:32:9f: e1:b4:f7:ab:f3:4b:3f:c1:ef:bb:f0:c7:f1:bd:19:68:8b:fa: 29:d7:a1:85:cb:dc:6a:56:cc:11:49:49:b2:b3:29:af:da:07: 67:71:b8:ce:ff:7a:ce:e6:8a:46:c5:d1:0a:c2:7c:af:2e:88: c4:6f:c0:e6:38:92:75:4c:63:47:94:f5:7e:68:06:61:fb:7c: 6c:08:da:12:98:c6:fe:75:e9:d7:99:94:7e:25:6e:0b:d3:bd: 10:5a:e8:9d:4e:08:8e:f9:b4:64:47:24:58:77:14:9c:1f:2a: 66:a8:63:4e:a4:1d:f6:6d:e4:01:b7:f2:79:63:9f:a1:d8:ef: 18:bd:5c:c4:11:62:31:10:30:2c:d2:6e:a5:a7:1b:3e:54:d3: 12:d7:db:fa:91:d9:01:46:41:42:7b:b2:3f:0b:65:b7:e7:19: 13:85:69:e2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDEQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkJBQUQxMTAvBgNVBAUTKERERjg4NDkxMUFEM0YyOENDOUQ5NkE4QzI0QTkzOUE2 NUY4QjI1NzYwHhcNMjUxMDE4MTkyOTE3WhcNMjUxMDI1MTkyOTE3WjAYMRYwFAYD VQQDEw02OGYzZWE4ZC04ZmM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuNCcf/uEVCFy0koGVhd2aLH6oYjLAtmzuhstViQxOsFP/ZSGkRfZ1irQb3G4 NhCHLP/z/XGzRZk7J2vbpTe2nmdRsNmpJniORRxNN5ECvitv9FlKxuwWa9CLQr2D E4pOhXNI1tLwOG9PnHxqsdug9rDFQo6/s5miN0YdTGsgybe1ogCnm8DT7SS2rJAn UadLOu9e/eghp4Zq3H8XOKpVO0QzcqMUbUz+d7kyOd9Srm8s/cAGdd3HiPR/d3PO eA+ZAk/daRKX5MX43e/dbg3bdL5HMwDKSdcbXbNZYYZndbrL6ggvLRFNGP6s/KrL vFC0blTpMCj+Mny3mhs1JUpEgQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEjg/gCV Hb2n+cH7lILCk4WzAxUTMB8GA1UdIwQYMBaAFN34hJEa0/KMydlqjCSpOaZfiyV2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQkFBRC81MjFBRERDODE4 NDgxMUVBOTA3ODU2MkJDNEY5QUUwMi8zZmlFa1JyVDhvekoyV3FNSktrNXBsLUxK WFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNmaUVrUnJUOG96SjJXcU1KS2s1cGwtTEpYWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy QkFBRC81MjFBRERDODE4NDgxMUVBOTA3ODU2MkJDNEY5QUUwMi8zZmlFa1JyVDhv ekoyV3FNSktrNXBsLUxKWFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQABDTXnyrf5jzzEbLdl9waXQbxyVmQRSDVTVEb7HP/ClwO6PYdxvfb9 30BOinKqc4iX/ex0d+Ll6QwL3WVSROQSr8lCXUUF1oF5ohaGCLrt4vu/0bjIiiml Mp/htPer80s/we+78MfxvRloi/op16GFy9xqVswRSUmysymv2gdncbjO/3rO5opG xdEKwnyvLojEb8DmOJJ1TGNHlPV+aAZh+3xsCNoSmMb+denXmZR+JW4L070QWuid TgiO+bRkRyRYdxScHypmqGNOpB32beQBt/J5Y5+h2O8YvVzEEWIxEDAs0m6lpxs+ VNMS19v6kdkBRkFCe7I/C2W35xkThWni -----END CERTIFICATE-----Generated at Mon Oct 20 14:00:37 2025 by rpki-client