$ rpki-client -vvf rpki.apnic.net/member_repository/A915FDD9/BE7CAC12D6DE11EFB0474E1BC4F9AE02/A3iO4rrk2AXrzcpmGOLsGhilxOI.mft File: A3iO4rrk2AXrzcpmGOLsGhilxOI.mft (raw, json) Hash identifier: 1C101rhUY2K6IxM4OwJlq9FbDUUNyzYyZxgqyqM0CPQ= Subject key identifier: F4:F7:C0:EC:98:1B:49:9A:2D:E5:E2:3F:F3:86:82:8A:37:CE:CD:F9 Authority key identifier: 03:78:8E:E2:BA:E4:D8:05:EB:CD:CA:66:18:E2:EC:1A:18:A5:C4:E2 Certificate issuer: /CN=A915FDD9/serialNumber=03788EE2BAE4D805EBCDCA6618E2EC1A18A5C4E2 Certificate serial: 71 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A3iO4rrk2AXrzcpmGOLsGhilxOI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915FDD9/BE7CAC12D6DE11EFB0474E1BC4F9AE02/A3iO4rrk2AXrzcpmGOLsGhilxOI.mft Manifest number: 70 Signing time: Sat 23 Aug 2025 07:07:56 +0000 Manifest this update: Sat 23 Aug 2025 07:07:56 +0000 Manifest next update: Sat 30 Aug 2025 07:07:56 +0000 Files and hashes: 1: A3iO4rrk2AXrzcpmGOLsGhilxOI.crl (hash: lEbHoKIG5eFahrNSA1lueiDAl/UR6ceV/M/1r07C1mo=) 2: BE052770702E11F0A0DEEA12C4F9AE02.roa (hash: OHC1Lai90kPZXbPjZNHQeH48NvGag/35uNyXO/kBwSE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915FDD9/BE7CAC12D6DE11EFB0474E1BC4F9AE02/A3iO4rrk2AXrzcpmGOLsGhilxOI.crl rsync://rpki.apnic.net/member_repository/A915FDD9/BE7CAC12D6DE11EFB0474E1BC4F9AE02/A3iO4rrk2AXrzcpmGOLsGhilxOI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A3iO4rrk2AXrzcpmGOLsGhilxOI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 07:07:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 113 (0x71) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915FDD9, serialNumber=03788EE2BAE4D805EBCDCA6618E2EC1A18A5C4E2 Validity Not Before: Aug 23 07:07:56 2025 GMT Not After : Aug 30 07:07:56 2025 GMT Subject: CN=68a968cc-bf1a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:25:7d:36:dd:51:6a:c9:54:01:36:f0:d6:ae: af:85:07:5d:15:26:32:ab:79:89:57:35:99:df:6c: 8d:5e:47:ab:23:e1:39:9f:c0:63:58:3f:45:90:e1: 04:78:fa:38:c1:a5:49:e1:35:f3:d3:fa:db:00:d2: 2e:20:3f:4e:64:55:a1:25:e7:3a:31:61:a7:4d:3f: ce:e8:4b:c6:ce:40:a7:f6:d5:4c:e5:92:58:54:8d: b6:11:09:a3:3a:41:9b:78:12:fb:ce:45:9a:1a:d5: 47:43:0f:20:53:02:7c:a2:40:d9:81:6d:cf:72:53: 8f:0e:d0:1f:ac:20:1b:82:32:b6:93:6c:38:e6:11: be:66:4d:8a:7f:59:ef:ab:4e:99:48:5f:7e:f5:a4: ff:4d:4b:5e:a1:48:1e:b8:43:ea:17:d7:84:4a:e3: cc:44:6c:da:c6:f0:65:0f:32:01:09:a9:66:e8:46: ef:f8:4a:07:0c:4f:a7:1e:20:42:ea:59:4c:25:eb: 78:c3:45:fa:8e:6c:90:0e:9e:c4:63:b7:9d:14:2d: 91:5f:5c:ed:33:76:2b:e5:bb:51:53:ac:96:e8:8f: ad:19:e0:ce:b1:15:18:43:f1:03:ff:54:f2:66:05: f3:46:12:c0:3b:b4:bd:1e:f2:2e:eb:1d:20:dd:34: 03:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:F7:C0:EC:98:1B:49:9A:2D:E5:E2:3F:F3:86:82:8A:37:CE:CD:F9 X509v3 Authority Key Identifier: keyid:03:78:8E:E2:BA:E4:D8:05:EB:CD:CA:66:18:E2:EC:1A:18:A5:C4:E2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915FDD9/BE7CAC12D6DE11EFB0474E1BC4F9AE02/A3iO4rrk2AXrzcpmGOLsGhilxOI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A3iO4rrk2AXrzcpmGOLsGhilxOI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915FDD9/BE7CAC12D6DE11EFB0474E1BC4F9AE02/A3iO4rrk2AXrzcpmGOLsGhilxOI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 16:1e:79:c9:80:b7:32:69:b1:6a:7f:b7:fa:e1:91:2c:f8:1e: b4:0d:7f:10:75:15:5a:5f:e6:b8:16:70:02:14:2e:f3:aa:88: 80:33:64:c4:88:dd:9d:f1:5d:bc:3a:03:57:0d:93:26:f7:d4: 19:ba:e2:99:a5:4a:cf:32:7f:cb:65:9a:8c:84:28:33:3a:dd: e2:d4:7c:8f:7e:01:3e:80:50:b6:32:01:0f:3c:a1:58:3a:a0: 3c:43:2c:f1:9a:61:62:86:0a:a3:0e:8d:c9:33:a9:ee:bf:c0: 0b:5d:83:01:df:f6:0e:a6:b1:58:76:cb:c0:45:1c:86:d9:27: 66:0e:4e:a7:ea:1a:e8:12:18:38:40:db:55:27:7d:e5:9e:75: 36:67:fb:6e:03:52:4a:c5:4d:e7:8f:fa:8b:57:27:7c:96:4d: f4:d4:62:1f:68:31:dd:6a:48:a2:e7:b9:09:26:30:86:21:f2: 1e:cb:5f:38:52:f1:f6:f2:b6:d5:0a:6b:8f:f0:5b:90:d9:80: 71:97:b9:04:b1:57:e9:f0:43:ea:fd:f0:04:9c:92:e9:97:89: 43:78:a8:ec:53:64:de:50:97:b1:6a:3b:82:7d:25:2c:e8:4e: 5d:a8:6a:48:ef:ae:b9:41:46:51:3a:31:16:85:e2:70:ac:83: 99:8d:7f:62 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBcTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 RkREOTExMC8GA1UEBRMoMDM3ODhFRTJCQUU0RDgwNUVCQ0RDQTY2MThFMkVDMUEx OEE1QzRFMjAeFw0yNTA4MjMwNzA3NTZaFw0yNTA4MzAwNzA3NTZaMBgxFjAUBgNV BAMTDTY4YTk2OGNjLWJmMWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCoJX023VFqyVQBNvDWrq+FB10VJjKreYlXNZnfbI1eR6sj4TmfwGNYP0WQ4QR4 +jjBpUnhNfPT+tsA0i4gP05kVaEl5zoxYadNP87oS8bOQKf21UzlklhUjbYRCaM6 QZt4EvvORZoa1UdDDyBTAnyiQNmBbc9yU48O0B+sIBuCMraTbDjmEb5mTYp/We+r TplIX371pP9NS16hSB64Q+oX14RK48xEbNrG8GUPMgEJqWboRu/4SgcMT6ceIELq WUwl63jDRfqObJAOnsRjt50ULZFfXO0zdivlu1FTrJboj60Z4M6xFRhD8QP/VPJm BfNGEsA7tL0e8i7rHSDdNAO/AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU9PfA7Jgb SZot5eI/84aCijfOzfkwHwYDVR0jBBgwFoAUA3iO4rrk2AXrzcpmGOLsGhilxOIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTVGREQ5L0JFN0NBQzEyRDZE RTExRUZCMDQ3NEUxQkM0RjlBRTAyL0EzaU80cnJrMkFYcnpjcG1HT0xzR2hpbHhP SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvQTNpTzRycmsyQVhyemNwbUdPTHNHaGlseE9JLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTVG REQ5L0JFN0NBQzEyRDZERTExRUZCMDQ3NEUxQkM0RjlBRTAyL0EzaU80cnJrMkFY cnpjcG1HT0xzR2hpbHhPSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABYeecmAtzJpsWp/t/rhkSz4HrQNfxB1FVpf5rgWcAIULvOqiIAzZMSI 3Z3xXbw6A1cNkyb31Bm64pmlSs8yf8tlmoyEKDM63eLUfI9+AT6AULYyAQ88oVg6 oDxDLPGaYWKGCqMOjckzqe6/wAtdgwHf9g6msVh2y8BFHIbZJ2YOTqfqGugSGDhA 21UnfeWedTZn+24DUkrFTeeP+otXJ3yWTfTUYh9oMd1qSKLnuQkmMIYh8h7LXzhS 8fbyttUKa4/wW5DZgHGXuQSxV+nwQ+r98ASckumXiUN4qOxTZN5Ql7FqO4J9JSzo Tl2oakjvrrlBRlE6MRaF4nCsg5mNf2I= -----END CERTIFICATE-----Generated at Sat Aug 23 19:34:53 2025 by rpki-client