$ rpki-client -vvf rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft File: 3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft (raw, json) Hash identifier: SEcT0omikbMGoG9N6sVIO+nZTRLRN1J9yYdLzG/Ck2E= Subject key identifier: C3:46:81:E8:98:B1:BE:F4:99:07:23:DE:BE:56:57:A2:9D:29:03:1F Authority key identifier: DF:25:34:84:DC:E5:2C:41:37:CB:D1:C8:ED:44:D9:CB:25:57:F4:3F Certificate issuer: /CN=A9158568/serialNumber=DF253484DCE52C4137CBD1C8ED44D9CB2557F43F Certificate serial: 0C30 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3yU0hNzlLEE3y9HI7UTZyyVX9D8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft Manifest number: 0C16 Signing time: Fri 22 Aug 2025 18:51:49 +0000 Manifest this update: Fri 22 Aug 2025 18:51:49 +0000 Manifest next update: Fri 29 Aug 2025 18:51:49 +0000 Files and hashes: 1: 3yU0hNzlLEE3y9HI7UTZyyVX9D8.crl (hash: GENHOaYzU550lyZV4DM4VOcv0zxHuisThrNySkgEqPk=) 2: 3A5A84F8CB7111EBA9EEF440C4F9AE02.roa (hash: LcxIbKxK3jutvAgu3ThkdTt7YT68VEQAWEq5z0WaOxY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.crl rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3yU0hNzlLEE3y9HI7UTZyyVX9D8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 18:51:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3120 (0xc30) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9158568, serialNumber=DF253484DCE52C4137CBD1C8ED44D9CB2557F43F Validity Not Before: Aug 22 18:51:49 2025 GMT Not After : Aug 29 18:51:49 2025 GMT Subject: CN=68a8bc45-abe3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:24:bb:a1:6b:e3:ba:06:a0:52:65:75:30:25: e8:80:0c:da:71:0c:2a:1a:cc:a8:7e:05:12:a8:3b: 78:28:07:d9:45:6f:af:3c:b3:42:df:2d:c0:32:a7: e4:9f:5c:46:1f:cb:cf:c3:89:44:0b:97:8e:67:08: f6:83:54:ce:9e:0e:6d:da:1a:b7:e5:cc:60:1f:55: 06:72:1c:e8:02:39:45:dd:f1:33:46:f7:e9:92:66: 44:dc:ee:3b:6f:3c:9d:68:b5:a2:1a:71:b7:d2:6a: 23:ab:84:c6:34:42:2e:10:ae:6d:a5:b4:c5:45:8a: e8:65:69:41:c0:87:95:fd:6f:fc:28:65:44:4c:f8: 90:55:86:f5:f7:32:ff:a7:d7:ed:bf:9d:42:07:08: 4b:fc:7c:d7:c3:15:68:53:35:e3:aa:1e:fa:a2:38: 46:c6:99:75:ed:0b:94:cd:56:0a:27:5c:40:91:2b: 3d:fd:c0:29:76:68:5f:58:97:76:b4:72:87:6f:43: ee:74:c1:7f:4d:25:5f:43:af:89:5e:bd:b8:96:6c: 28:d4:b1:de:04:b3:78:f4:18:ec:dc:d8:8e:d4:d5: 95:6c:7d:4f:09:02:f8:38:19:a1:55:0d:d0:38:ab: 77:7b:17:48:48:b8:4e:87:a9:f0:66:4d:6c:a8:79: f5:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:46:81:E8:98:B1:BE:F4:99:07:23:DE:BE:56:57:A2:9D:29:03:1F X509v3 Authority Key Identifier: keyid:DF:25:34:84:DC:E5:2C:41:37:CB:D1:C8:ED:44:D9:CB:25:57:F4:3F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3yU0hNzlLEE3y9HI7UTZyyVX9D8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8d:eb:55:60:bc:19:bd:5e:6b:fd:0f:d4:4d:6e:e0:c4:fe:36: 25:c4:6e:51:cf:2a:30:ce:45:b8:42:a1:38:f7:6c:77:43:75: 30:78:14:34:e6:0a:76:9d:61:db:58:83:1c:a6:08:b5:bb:42: 9c:fc:3f:ae:ef:e7:ef:e6:52:f9:77:2e:44:56:14:ff:0c:16: 8d:0e:56:dc:34:45:6c:29:03:13:d6:20:47:ae:7d:f3:7b:0f: ee:3e:12:ce:eb:7b:b4:e6:44:86:ff:5f:15:ea:56:a2:ad:54: 61:7c:36:a1:da:d2:b4:57:91:52:e2:f7:83:da:d1:a4:d5:2c: 60:50:11:e5:e6:14:3b:aa:c8:a1:8f:08:42:8f:28:5c:44:b7: 92:d6:c5:08:a8:cd:df:a3:0e:82:89:80:83:e1:88:53:65:0c: fa:d3:10:dc:81:b9:fe:a8:fd:1d:50:60:f5:e7:7a:eb:c7:28: ab:64:17:ad:86:d1:64:93:8e:7f:ca:f3:72:84:75:e8:9f:50: 3b:5e:76:fd:97:82:6c:99:29:67:db:c6:cf:88:0c:6f:78:1c: dd:36:29:8c:24:bc:84:5a:ab:90:92:79:55:48:d1:f9:ad:7a: bd:11:75:db:50:92:54:54:3f:6e:e4:c5:88:24:3c:87:21:31: a2:c8:e9:86 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDDAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTg1NjgxMTAvBgNVBAUTKERGMjUzNDg0RENFNTJDNDEzN0NCRDFDOEVENDREOUNC MjU1N0Y0M0YwHhcNMjUwODIyMTg1MTQ5WhcNMjUwODI5MTg1MTQ5WjAYMRYwFAYD VQQDEw02OGE4YmM0NS1hYmUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5iS7oWvjugagUmV1MCXogAzacQwqGsyofgUSqDt4KAfZRW+vPLNC3y3AMqfk n1xGH8vPw4lEC5eOZwj2g1TOng5t2hq35cxgH1UGchzoAjlF3fEzRvfpkmZE3O47 bzydaLWiGnG30mojq4TGNEIuEK5tpbTFRYroZWlBwIeV/W/8KGVETPiQVYb19zL/ p9ftv51CBwhL/HzXwxVoUzXjqh76ojhGxpl17QuUzVYKJ1xAkSs9/cApdmhfWJd2 tHKHb0PudMF/TSVfQ6+JXr24lmwo1LHeBLN49Bjs3NiO1NWVbH1PCQL4OBmhVQ3Q OKt3exdISLhOh6nwZk1sqHn13QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMNGgeiY sb70mQcj3r5WV6KdKQMfMB8GA1UdIwQYMBaAFN8lNITc5SxBN8vRyO1E2cslV/Q/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODU2OC9EMzEzMDY3NjE4 NTcxMUVBOTg2MzQxNUVDNEY5QUUwMi8zeVUwaE56bExFRTN5OUhJN1VUWnl5Vlg5 RDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzN5VTBoTnpsTEVFM3k5SEk3VVRaeXlWWDlEOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 ODU2OC9EMzEzMDY3NjE4NTcxMUVBOTg2MzQxNUVDNEY5QUUwMi8zeVUwaE56bExF RTN5OUhJN1VUWnl5Vlg5RDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCN61VgvBm9Xmv9D9RNbuDE/jYlxG5RzyowzkW4QqE492x3Q3UweBQ0 5gp2nWHbWIMcpgi1u0Kc/D+u7+fv5lL5dy5EVhT/DBaNDlbcNEVsKQMT1iBHrn3z ew/uPhLO63u05kSG/18V6lairVRhfDah2tK0V5FS4veD2tGk1SxgUBHl5hQ7qsih jwhCjyhcRLeS1sUIqM3fow6CiYCD4YhTZQz60xDcgbn+qP0dUGD153rrxyirZBet htFkk45/yvNyhHXon1A7Xnb9l4JsmSln28bPiAxveBzdNimMJLyEWquQknlVSNH5 rXq9EXXbUJJUVD9u5MWIJDyHITGiyOmG -----END CERTIFICATE-----Generated at Sat Aug 23 20:37:00 2025 by rpki-client