$ rpki-client -vvf rpki.apnic.net/member_repository/A914E1E3/021AE92ABDE311E684CE0B54C4F9AE02/3FfpX2KSEzop44hINlCWI10ZN8o.mft File: 3FfpX2KSEzop44hINlCWI10ZN8o.mft (raw, json) Hash identifier: 5rVgq/GZ3LBfJ7gJPgB+ay0BW9O9y5hPp1nFeqH3zMo= Subject key identifier: D8:D7:2A:FD:15:A1:E5:6D:A5:2F:FB:C0:37:05:63:BF:92:0F:65:3E Authority key identifier: DC:57:E9:5F:62:92:13:3A:29:E3:88:48:36:50:96:23:5D:19:37:CA Certificate issuer: /CN=A914E1E3/serialNumber=DC57E95F6292133A29E38848365096235D1937CA Certificate serial: 1D49 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FfpX2KSEzop44hINlCWI10ZN8o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914E1E3/021AE92ABDE311E684CE0B54C4F9AE02/3FfpX2KSEzop44hINlCWI10ZN8o.mft Manifest number: 1D3E Signing time: Sat 18 Oct 2025 16:27:29 +0000 Manifest this update: Sat 18 Oct 2025 16:27:28 +0000 Manifest next update: Sat 25 Oct 2025 16:27:28 +0000 Files and hashes: 1: 3FfpX2KSEzop44hINlCWI10ZN8o.crl (hash: XEFbzmzMbf0E1iRsrG+wCXvyhLggv+5hl9CAbQQr84M=) 2: 3C1382D0BEA211E68902BC3DC4F9AE02.roa (hash: 4tdhNCoXuQpi6+LVzEflBnVNgk5q7DhclUHPWv4LN4k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914E1E3/021AE92ABDE311E684CE0B54C4F9AE02/3FfpX2KSEzop44hINlCWI10ZN8o.crl rsync://rpki.apnic.net/member_repository/A914E1E3/021AE92ABDE311E684CE0B54C4F9AE02/3FfpX2KSEzop44hINlCWI10ZN8o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FfpX2KSEzop44hINlCWI10ZN8o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 16:27:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7497 (0x1d49) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914E1E3, serialNumber=DC57E95F6292133A29E38848365096235D1937CA Validity Not Before: Oct 18 16:27:28 2025 GMT Not After : Oct 25 16:27:28 2025 GMT Subject: CN=68f3bff0-1f00 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:b8:0a:f7:48:34:93:ff:dc:b8:92:28:8a:d0: ca:cb:df:aa:ca:95:dc:47:ae:31:af:81:d9:11:2d: c9:7f:c3:f2:d9:8d:fc:bd:b0:18:4b:21:ee:10:9f: b2:17:27:0e:46:ac:76:c7:bf:ad:e9:9a:56:ae:de: c2:c7:47:4d:94:7d:31:4f:ea:b3:ed:4f:3b:84:e8: 01:08:e9:ba:40:11:a8:12:be:c6:70:98:80:95:67: 7e:51:e5:60:74:d7:09:7f:1d:41:5a:db:66:08:ef: 46:2a:85:4e:b7:27:a2:5a:83:5d:88:d9:ee:b0:11: ee:9d:cb:fa:ab:3b:a3:42:a6:29:dd:b3:0c:28:37: 2c:18:ed:cc:f6:35:24:3e:ff:21:32:ff:c0:df:39: c4:e0:c4:a0:c2:1f:fb:ca:01:90:f6:78:6a:8b:e8: e9:2c:a3:5b:1e:ab:b0:ef:3f:b8:b6:ed:80:a6:f4: 48:10:24:fd:4b:65:34:5d:72:67:c1:a1:a1:fd:aa: 4a:30:e6:ea:29:c7:d9:bc:3d:1f:bd:02:f1:6f:21: f8:88:37:be:a3:56:ab:7e:c2:f6:d0:34:c6:b8:e2: c6:fc:4c:0e:91:ca:47:e7:65:fa:a3:80:22:be:6a: 5e:84:60:9a:a7:ce:77:34:d5:56:1d:60:28:e9:0a: 1b:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:D7:2A:FD:15:A1:E5:6D:A5:2F:FB:C0:37:05:63:BF:92:0F:65:3E X509v3 Authority Key Identifier: keyid:DC:57:E9:5F:62:92:13:3A:29:E3:88:48:36:50:96:23:5D:19:37:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914E1E3/021AE92ABDE311E684CE0B54C4F9AE02/3FfpX2KSEzop44hINlCWI10ZN8o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FfpX2KSEzop44hINlCWI10ZN8o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914E1E3/021AE92ABDE311E684CE0B54C4F9AE02/3FfpX2KSEzop44hINlCWI10ZN8o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 31:4a:aa:d1:a3:cf:7d:e6:8c:ef:21:ac:25:cf:dd:fb:7e:41: 16:c3:8a:1a:a8:33:a2:f3:d4:82:53:32:70:d9:55:b2:a7:cd: a1:11:d1:b1:63:b0:f1:03:ff:0d:cc:9a:dc:96:fb:f8:f4:f6: c5:7d:2b:51:51:94:4d:1c:de:8d:ef:51:e0:7b:1b:00:a8:13: 82:84:97:f8:14:7f:ac:c9:1f:23:11:b5:55:7e:78:25:32:3f: a5:9c:85:8d:a9:cb:f0:ec:de:c2:3f:79:d3:50:19:0e:a1:ae: 85:cb:a4:24:0b:a0:aa:bd:d0:5e:1f:5b:8f:a3:bc:45:ed:57: e7:9d:88:bb:46:e3:d8:48:f7:f3:a2:40:d3:13:a2:ca:4f:68: fe:c7:24:18:a6:22:f4:fe:05:b8:f8:cf:ae:e9:e3:ce:92:aa: df:4e:78:95:e5:1f:38:4d:26:86:67:28:d6:19:33:28:dc:45: 68:a7:5b:4d:4c:d7:30:58:47:7d:0e:c2:9c:21:df:35:6e:3c: 88:54:53:9d:4f:e0:87:16:b7:9a:ff:7f:df:73:cd:b1:b6:5c: 80:bc:87:e2:ee:4a:5a:a9:4f:22:29:d7:a2:60:be:4b:d4:38: f5:c0:13:3d:a3:69:3e:27:22:90:de:14:9d:09:d8:c1:bf:e9: 5a:7c:89:9a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHUkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEUxRTMxMTAvBgNVBAUTKERDNTdFOTVGNjI5MjEzM0EyOUUzODg0ODM2NTA5NjIz NUQxOTM3Q0EwHhcNMjUxMDE4MTYyNzI4WhcNMjUxMDI1MTYyNzI4WjAYMRYwFAYD VQQDEw02OGYzYmZmMC0xZjAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv7gK90g0k//cuJIoitDKy9+qypXcR64xr4HZES3Jf8Py2Y38vbAYSyHuEJ+y FycORqx2x7+t6ZpWrt7Cx0dNlH0xT+qz7U87hOgBCOm6QBGoEr7GcJiAlWd+UeVg dNcJfx1BWttmCO9GKoVOtyeiWoNdiNnusBHuncv6qzujQqYp3bMMKDcsGO3M9jUk Pv8hMv/A3znE4MSgwh/7ygGQ9nhqi+jpLKNbHquw7z+4tu2ApvRIECT9S2U0XXJn waGh/apKMObqKcfZvD0fvQLxbyH4iDe+o1arfsL20DTGuOLG/EwOkcpH52X6o4Ai vmpehGCap853NNVWHWAo6QobKwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNjXKv0V oeVtpS/7wDcFY7+SD2U+MB8GA1UdIwQYMBaAFNxX6V9ikhM6KeOISDZQliNdGTfK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RTFFMy8wMjFBRTkyQUJE RTMxMUU2ODRDRTBCNTRDNEY5QUUwMi8zRmZwWDJLU0V6b3A0NGhJTmxDV0kxMFpO OG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNGZnBYMktTRXpvcDQ0aElObENXSTEwWk44by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RTFFMy8wMjFBRTkyQUJERTMxMUU2ODRDRTBCNTRDNEY5QUUwMi8zRmZwWDJLU0V6 b3A0NGhJTmxDV0kxMFpOOG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAxSqrRo8995ozvIawlz937fkEWw4oaqDOi89SCUzJw2VWyp82hEdGx Y7DxA/8NzJrclvv49PbFfStRUZRNHN6N71HgexsAqBOChJf4FH+syR8jEbVVfngl Mj+lnIWNqcvw7N7CP3nTUBkOoa6Fy6QkC6CqvdBeH1uPo7xF7VfnnYi7RuPYSPfz okDTE6LKT2j+xyQYpiL0/gW4+M+u6ePOkqrfTniV5R84TSaGZyjWGTMo3EVop1tN TNcwWEd9DsKcId81bjyIVFOdT+CHFrea/3/fc82xtlyAvIfi7kpaqU8iKdeiYL5L 1Dj1wBM9o2k+JyKQ3hSdCdjBv+lafIma -----END CERTIFICATE-----Generated at Mon Oct 20 13:43:45 2025 by rpki-client