$ rpki-client -vvf rpki.apnic.net/member_repository/A914E1E3/021AE92ABDE311E684CE0B54C4F9AE02/3FfpX2KSEzop44hINlCWI10ZN8o.mft File: 3FfpX2KSEzop44hINlCWI10ZN8o.mft (raw, json) Hash identifier: Sqfe46UaDB2XIE7H4HEKa7kL+z1qLDkzt7+ac2AjqEA= Subject key identifier: 01:8F:CD:57:10:0D:82:DB:DF:DB:77:83:7A:69:8C:F7:13:BB:FC:F3 Authority key identifier: DC:57:E9:5F:62:92:13:3A:29:E3:88:48:36:50:96:23:5D:19:37:CA Certificate issuer: /CN=A914E1E3/serialNumber=DC57E95F6292133A29E38848365096235D1937CA Certificate serial: 1D29 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FfpX2KSEzop44hINlCWI10ZN8o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914E1E3/021AE92ABDE311E684CE0B54C4F9AE02/3FfpX2KSEzop44hINlCWI10ZN8o.mft Manifest number: 1D1F Signing time: Fri 22 Aug 2025 16:14:04 +0000 Manifest this update: Fri 22 Aug 2025 16:14:03 +0000 Manifest next update: Fri 29 Aug 2025 16:14:03 +0000 Files and hashes: 1: 3FfpX2KSEzop44hINlCWI10ZN8o.crl (hash: qS4VghXaA3ScAhrGoJp3RF+8LuBbREn+HnX+GEE4mHs=) 2: 3C1382D0BEA211E68902BC3DC4F9AE02.roa (hash: fz4f6MmX7R6kRL2gcaEtaQrQoy9cdumfsJWJxUL1YME=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914E1E3/021AE92ABDE311E684CE0B54C4F9AE02/3FfpX2KSEzop44hINlCWI10ZN8o.crl rsync://rpki.apnic.net/member_repository/A914E1E3/021AE92ABDE311E684CE0B54C4F9AE02/3FfpX2KSEzop44hINlCWI10ZN8o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FfpX2KSEzop44hINlCWI10ZN8o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 16:14:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7465 (0x1d29) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914E1E3, serialNumber=DC57E95F6292133A29E38848365096235D1937CA Validity Not Before: Aug 22 16:14:03 2025 GMT Not After : Aug 29 16:14:03 2025 GMT Subject: CN=68a8974b-881f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:ee:ff:74:6c:bc:f6:23:17:f2:15:e7:72:39: c7:95:63:6c:ac:51:ed:85:b5:ce:59:07:d3:1a:9c: 4e:54:e1:91:26:d5:32:c4:68:be:08:5b:39:b9:d3: 64:a4:04:4d:82:de:8d:2a:96:f7:a9:36:3b:ca:47: 48:99:90:d1:76:3a:5d:96:38:14:de:33:07:26:d6: 09:ab:40:cb:90:17:a6:d5:22:35:65:26:b5:95:11: 0d:d5:a3:64:1c:80:8b:23:f3:25:b5:f5:31:4f:64: 8f:1c:dc:1a:1a:35:bc:ec:00:b5:0a:42:13:0a:aa: 18:99:6e:cd:8f:03:2e:c5:aa:11:92:5e:d6:25:2c: da:1d:05:81:27:23:cd:ee:48:bd:84:18:b2:98:7a: 75:b0:6c:c9:91:a5:83:39:d7:80:7a:e3:9f:f8:e0: c0:2b:9f:84:27:69:d4:38:b0:d0:bf:85:de:57:62: 5f:e4:78:8d:ba:1b:55:f7:95:3e:d1:ba:a6:2c:b3: 73:26:ba:c2:73:8f:09:19:2a:a2:16:29:92:74:eb: a5:7c:92:32:93:df:99:28:58:a2:5b:5b:a8:99:19: 68:c1:70:6b:81:a3:cd:11:28:8d:01:54:a8:bf:60: 39:30:7c:04:01:e6:db:c7:4e:85:b3:6b:d1:83:3d: cc:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:8F:CD:57:10:0D:82:DB:DF:DB:77:83:7A:69:8C:F7:13:BB:FC:F3 X509v3 Authority Key Identifier: keyid:DC:57:E9:5F:62:92:13:3A:29:E3:88:48:36:50:96:23:5D:19:37:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914E1E3/021AE92ABDE311E684CE0B54C4F9AE02/3FfpX2KSEzop44hINlCWI10ZN8o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FfpX2KSEzop44hINlCWI10ZN8o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914E1E3/021AE92ABDE311E684CE0B54C4F9AE02/3FfpX2KSEzop44hINlCWI10ZN8o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5b:b4:d8:08:da:cc:94:c2:e3:8e:3a:1f:b2:53:71:fb:a6:b7: 25:42:2f:02:77:ae:7a:47:86:cd:fd:c9:2d:51:7f:55:bf:d4: 8e:e2:95:93:69:06:4d:b7:31:f8:f1:2b:16:7c:0c:08:d6:43: c3:26:04:2b:79:ef:4f:de:da:92:07:3e:f0:f8:b8:7a:4a:b4: 17:ac:d8:95:b7:64:03:6d:6b:2a:d2:f6:56:ce:11:b9:8d:40: 6f:4c:ba:a9:b3:63:ac:0c:da:02:45:ac:1b:7f:12:27:79:92: a2:ef:54:b0:7a:f0:42:46:69:a9:c8:a7:f8:ea:fe:0d:85:65: 59:62:56:8e:c0:b9:0e:21:ab:c9:d3:06:10:91:9c:e3:ba:4c: 5b:a2:dd:cb:b3:fc:85:93:2a:5c:97:8e:d8:06:dd:1e:e6:7b: 27:61:ae:52:2a:10:b9:3a:54:38:50:02:91:a2:10:c5:61:26: 47:54:63:e7:56:f7:2f:bc:98:74:18:66:3d:31:ca:69:3b:d6: 3b:cf:a0:23:a6:95:be:19:8e:27:0d:67:3e:8a:e9:81:8d:33: 17:ae:6c:ef:83:29:7c:55:80:4b:88:99:9a:e0:4b:05:4f:d2: 6f:fc:b8:75:7c:05:63:ad:61:a7:7c:60:6b:2b:33:68:08:ee: c5:57:35:96 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHSkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEUxRTMxMTAvBgNVBAUTKERDNTdFOTVGNjI5MjEzM0EyOUUzODg0ODM2NTA5NjIz NUQxOTM3Q0EwHhcNMjUwODIyMTYxNDAzWhcNMjUwODI5MTYxNDAzWjAYMRYwFAYD VQQDEw02OGE4OTc0Yi04ODFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2O7/dGy89iMX8hXncjnHlWNsrFHthbXOWQfTGpxOVOGRJtUyxGi+CFs5udNk pARNgt6NKpb3qTY7ykdImZDRdjpdljgU3jMHJtYJq0DLkBem1SI1ZSa1lREN1aNk HICLI/MltfUxT2SPHNwaGjW87AC1CkITCqoYmW7NjwMuxaoRkl7WJSzaHQWBJyPN 7ki9hBiymHp1sGzJkaWDOdeAeuOf+ODAK5+EJ2nUOLDQv4XeV2Jf5HiNuhtV95U+ 0bqmLLNzJrrCc48JGSqiFimSdOulfJIyk9+ZKFiiW1uomRlowXBrgaPNESiNAVSo v2A5MHwEAebbx06Fs2vRgz3MFwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAGPzVcQ DYLb39t3g3ppjPcTu/zzMB8GA1UdIwQYMBaAFNxX6V9ikhM6KeOISDZQliNdGTfK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RTFFMy8wMjFBRTkyQUJE RTMxMUU2ODRDRTBCNTRDNEY5QUUwMi8zRmZwWDJLU0V6b3A0NGhJTmxDV0kxMFpO OG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNGZnBYMktTRXpvcDQ0aElObENXSTEwWk44by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RTFFMy8wMjFBRTkyQUJERTMxMUU2ODRDRTBCNTRDNEY5QUUwMi8zRmZwWDJLU0V6 b3A0NGhJTmxDV0kxMFpOOG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBbtNgI2syUwuOOOh+yU3H7prclQi8Cd656R4bN/cktUX9Vv9SO4pWT aQZNtzH48SsWfAwI1kPDJgQree9P3tqSBz7w+Lh6SrQXrNiVt2QDbWsq0vZWzhG5 jUBvTLqps2OsDNoCRawbfxIneZKi71SwevBCRmmpyKf46v4NhWVZYlaOwLkOIavJ 0wYQkZzjukxbot3Ls/yFkypcl47YBt0e5nsnYa5SKhC5OlQ4UAKRohDFYSZHVGPn VvcvvJh0GGY9McppO9Y7z6AjppW+GY4nDWc+iumBjTMXrmzvgyl8VYBLiJma4EsF T9Jv/Lh1fAVjrWGnfGBrKzNoCO7FVzWW -----END CERTIFICATE-----Generated at Sat Aug 23 19:38:51 2025 by rpki-client