$ rpki-client -vvf rpki.apnic.net/member_repository/A9147CA8/6A9E915C6EE911F0B301F667C4F9AE02/3SgIKP8JlqjL7ym_DZFN8lLfHL0.mft File: 3SgIKP8JlqjL7ym_DZFN8lLfHL0.mft (raw, json) Hash identifier: 4s1bqG7NUR3yJk1cOMgVY2dO1eib/kUBXK3hKK9Qt/g= Subject key identifier: 1A:B6:15:C9:46:C0:36:75:02:ED:E4:09:BD:66:EC:EE:A5:A5:B2:26 Authority key identifier: DD:28:08:28:FF:09:96:A8:CB:EF:29:BF:0D:91:4D:F2:52:DF:1C:BD Certificate issuer: /CN=A9147CA8/serialNumber=DD280828FF0996A8CBEF29BF0D914DF252DF1CBD Certificate serial: 0D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3SgIKP8JlqjL7ym_DZFN8lLfHL0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9147CA8/6A9E915C6EE911F0B301F667C4F9AE02/3SgIKP8JlqjL7ym_DZFN8lLfHL0.mft Manifest number: 0D Signing time: Sat 23 Aug 2025 08:20:25 +0000 Manifest this update: Sat 23 Aug 2025 08:20:25 +0000 Manifest next update: Sat 30 Aug 2025 08:20:25 +0000 Files and hashes: 1: 3SgIKP8JlqjL7ym_DZFN8lLfHL0.crl (hash: TMlvyMst0BT0YOCg98IrLPjzMCuUb1GRiaE48C9cImQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9147CA8/6A9E915C6EE911F0B301F667C4F9AE02/3SgIKP8JlqjL7ym_DZFN8lLfHL0.crl rsync://rpki.apnic.net/member_repository/A9147CA8/6A9E915C6EE911F0B301F667C4F9AE02/3SgIKP8JlqjL7ym_DZFN8lLfHL0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3SgIKP8JlqjL7ym_DZFN8lLfHL0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 08:20:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13 (0xd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9147CA8, serialNumber=DD280828FF0996A8CBEF29BF0D914DF252DF1CBD Validity Not Before: Aug 23 08:20:25 2025 GMT Not After : Aug 30 08:20:25 2025 GMT Subject: CN=68a979c9-5cc9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:17:13:70:e7:c2:3b:81:7c:b0:0b:62:33:19: 83:d1:cd:9a:a6:69:8e:27:de:4d:40:1e:ef:82:22: 21:fd:91:ea:52:a6:63:70:1a:2a:c0:cd:a5:f8:5a: a3:b9:c6:08:08:ed:01:5e:67:17:8a:1e:46:7c:f8: 2d:0d:e6:29:ec:9d:c4:31:ac:fb:c9:f5:bb:f5:1f: b7:06:32:fa:ab:c3:12:da:ec:fc:cb:8c:f6:09:b5: 68:20:a1:72:bf:7c:48:eb:50:9a:8c:43:54:4f:49: aa:66:00:48:a1:59:a7:20:d5:96:82:5f:f7:55:f4: 31:fb:e1:72:56:22:50:50:8a:ad:7b:fd:25:ac:aa: b6:ae:3f:64:60:89:92:09:24:b9:4c:f8:24:36:f9: 82:66:da:b3:8f:0d:ed:26:92:d4:ba:79:ef:e0:be: e4:10:56:f3:85:e9:ea:bf:95:f1:35:48:f7:3f:a1: 1d:06:c4:8d:96:02:d6:60:31:33:39:35:c3:d8:e0: 73:11:37:c6:49:9c:86:d1:0d:a1:40:a6:03:e9:a9: 3f:53:90:b7:8a:32:c5:b0:4f:1e:fa:da:9c:8d:44: 23:67:40:db:b6:83:36:d6:8f:63:82:33:83:8b:b6: 39:20:aa:91:88:38:36:60:dc:45:26:26:3f:e8:ab: 70:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:B6:15:C9:46:C0:36:75:02:ED:E4:09:BD:66:EC:EE:A5:A5:B2:26 X509v3 Authority Key Identifier: keyid:DD:28:08:28:FF:09:96:A8:CB:EF:29:BF:0D:91:4D:F2:52:DF:1C:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9147CA8/6A9E915C6EE911F0B301F667C4F9AE02/3SgIKP8JlqjL7ym_DZFN8lLfHL0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3SgIKP8JlqjL7ym_DZFN8lLfHL0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147CA8/6A9E915C6EE911F0B301F667C4F9AE02/3SgIKP8JlqjL7ym_DZFN8lLfHL0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 73:94:fd:26:e2:fd:2f:e6:24:a1:11:0a:3f:de:8f:7a:6e:3d: b4:a6:ff:8d:2b:1b:ad:63:36:68:69:1a:0a:4c:ed:4c:48:0d: c7:28:31:f0:62:0c:99:bf:84:85:71:82:ba:94:0b:45:26:42: cf:0b:0b:e8:f6:b5:8b:66:c3:75:26:56:74:43:73:48:83:2a: 4d:3b:f0:be:b3:7c:4b:f1:c0:54:39:43:0c:45:9f:5e:6b:f6: 75:ec:d9:d1:29:ee:a2:c5:20:b4:48:b1:e6:28:d3:74:ee:be: c0:91:04:60:d1:3f:b4:31:93:e5:be:cb:80:93:46:80:ef:fc: 64:a7:cb:66:f5:80:1d:4d:3b:4b:af:2b:21:24:f3:b4:fd:f4: 32:b0:60:5e:03:f6:ec:88:76:5c:02:5b:fa:2b:6b:e6:fe:08: 3b:2e:2c:c1:18:de:26:20:ce:52:ad:9b:22:fe:63:40:ae:56: 6a:38:5d:bf:c0:0c:30:99:36:17:5b:24:68:c6:2d:76:1f:f8: 8e:cd:a3:89:e5:75:d2:5c:99:aa:2b:55:95:b2:43:e2:e4:1c: 28:43:b0:b0:88:3b:62:a5:b0:6c:f7:ad:f9:b5:80:bf:50:f1: 64:8f:50:3e:ca:5c:69:1c:58:cc:a7:6a:d1:a6:31:cb:2e:00: 4b:4a:92:39 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBDTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 N0NBODExMC8GA1UEBRMoREQyODA4MjhGRjA5OTZBOENCRUYyOUJGMEQ5MTRERjI1 MkRGMUNCRDAeFw0yNTA4MjMwODIwMjVaFw0yNTA4MzAwODIwMjVaMBgxFjAUBgNV BAMTDTY4YTk3OWM5LTVjYzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDYFxNw58I7gXywC2IzGYPRzZqmaY4n3k1AHu+CIiH9kepSpmNwGirAzaX4WqO5 xggI7QFeZxeKHkZ8+C0N5insncQxrPvJ9bv1H7cGMvqrwxLa7PzLjPYJtWggoXK/ fEjrUJqMQ1RPSapmAEihWacg1ZaCX/dV9DH74XJWIlBQiq17/SWsqrauP2RgiZIJ JLlM+CQ2+YJm2rOPDe0mktS6ee/gvuQQVvOF6eq/lfE1SPc/oR0GxI2WAtZgMTM5 NcPY4HMRN8ZJnIbRDaFApgPpqT9TkLeKMsWwTx762pyNRCNnQNu2gzbWj2OCM4OL tjkgqpGIODZg3EUmJj/oq3BtAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUGrYVyUbA NnUC7eQJvWbs7qWlsiYwHwYDVR0jBBgwFoAU3SgIKP8JlqjL7ym/DZFN8lLfHL0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ3Q0E4LzZBOUU5MTVDNkVF OTExRjBCMzAxRjY2N0M0RjlBRTAyLzNTZ0lLUDhKbHFqTDd5bV9EWkZOOGxMZkhM MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvM1NnSUtQOEpscWpMN3ltX0RaRk44bExmSEwwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ3 Q0E4LzZBOUU5MTVDNkVFOTExRjBCMzAxRjY2N0M0RjlBRTAyLzNTZ0lLUDhKbHFq TDd5bV9EWkZOOGxMZkhMMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHOU/Sbi/S/mJKERCj/ej3puPbSm/40rG61jNmhpGgpM7UxIDccoMfBi DJm/hIVxgrqUC0UmQs8LC+j2tYtmw3UmVnRDc0iDKk078L6zfEvxwFQ5QwxFn15r 9nXs2dEp7qLFILRIseYo03TuvsCRBGDRP7Qxk+W+y4CTRoDv/GSny2b1gB1NO0uv KyEk87T99DKwYF4D9uyIdlwCW/ora+b+CDsuLMEY3iYgzlKtmyL+Y0CuVmo4Xb/A DDCZNhdbJGjGLXYf+I7No4nlddJcmaorVZWyQ+LkHChDsLCIO2KlsGz3rfm1gL9Q 8WSPUD7KXGkcWMynatGmMcsuAEtKkjk= -----END CERTIFICATE-----Generated at Sat Aug 23 20:44:41 2025 by rpki-client