$ rpki-client -vvf rpki.apnic.net/member_repository/A916A0AA/6A4FFC7A0F1011EAA969FE43C4F9AE02/u3QQVrccdV0D-5zyFKQSTKTzdgw.mft File: u3QQVrccdV0D-5zyFKQSTKTzdgw.mft (raw, json) Hash identifier: kiFlqSiOHAvy3lnFnrtY9XyZpKnjQGTUfrKFznkw/F0= Subject key identifier: D5:F7:05:1B:84:A4:6F:BF:87:F0:B9:07:06:11:DB:5D:0F:21:05:96 Authority key identifier: BB:74:10:56:B7:1C:75:5D:03:FB:9C:F2:14:A4:12:4C:A4:F3:76:0C Certificate issuer: /CN=A916A0AA/serialNumber=BB741056B71C755D03FB9CF214A4124CA4F3760C Certificate serial: 0C40 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u3QQVrccdV0D-5zyFKQSTKTzdgw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916A0AA/6A4FFC7A0F1011EAA969FE43C4F9AE02/u3QQVrccdV0D-5zyFKQSTKTzdgw.mft Manifest number: 0C37 Signing time: Fri 22 Aug 2025 18:43:50 +0000 Manifest this update: Fri 22 Aug 2025 18:43:50 +0000 Manifest next update: Fri 29 Aug 2025 18:43:50 +0000 Files and hashes: 1: u3QQVrccdV0D-5zyFKQSTKTzdgw.crl (hash: Ew50bbgaNA+6B7WMuE07II6HzTU+Axy5TrJ/EFF7tDw=) 2: 5AD6AAFE0F1111EA932F3E45C4F9AE02.roa (hash: fVpTiz95zT96q52Sv8C+QJmIZKHHi2b0N2xlEcRtgMo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916A0AA/6A4FFC7A0F1011EAA969FE43C4F9AE02/u3QQVrccdV0D-5zyFKQSTKTzdgw.crl rsync://rpki.apnic.net/member_repository/A916A0AA/6A4FFC7A0F1011EAA969FE43C4F9AE02/u3QQVrccdV0D-5zyFKQSTKTzdgw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u3QQVrccdV0D-5zyFKQSTKTzdgw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 18:43:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3136 (0xc40) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916A0AA, serialNumber=BB741056B71C755D03FB9CF214A4124CA4F3760C Validity Not Before: Aug 22 18:43:50 2025 GMT Not After : Aug 29 18:43:50 2025 GMT Subject: CN=68a8ba66-9ff9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:a6:70:53:82:a8:31:63:f9:55:08:6b:a9:18: d4:c2:68:8e:fa:4a:2a:85:29:89:e5:86:e9:09:55: 07:cb:e3:8e:b3:61:19:b3:ff:6e:47:33:54:7c:d0: 85:7c:01:34:e8:42:6a:f2:45:a7:9c:0a:e4:94:ba: 02:57:f8:4c:34:fb:a7:ba:a5:8e:cb:a5:dd:87:ff: 4d:2d:1b:98:9d:35:84:24:fa:d2:5d:3e:5c:ea:c1: c1:f9:a6:1c:58:4f:77:28:aa:04:25:d2:97:ad:31: b7:16:87:62:46:1f:b5:4b:b7:14:8a:ec:89:23:0c: 16:08:1a:2d:d1:a9:d8:79:2c:58:80:bc:e0:42:40: 4e:45:79:1a:a4:26:b9:4b:16:ab:e9:cd:3e:1f:ec: b7:8f:b8:57:e4:a2:c9:db:d3:a6:f7:6d:c1:d5:a9: 72:b2:65:08:7a:2b:c7:89:19:02:f4:3d:f0:d4:34: 26:6e:d7:67:de:4e:1f:c7:75:57:33:6e:a8:ec:e8: 02:05:71:cf:3b:1d:15:71:4f:e9:db:e9:31:96:fc: 20:82:b1:15:3d:92:aa:cf:cb:22:d3:b6:94:ab:6d: 4d:a6:cf:e8:d0:40:53:0a:a9:51:5f:e2:4c:d8:dc: 2b:60:35:8d:15:9e:59:f8:f8:4d:3b:f1:27:b7:97: 27:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:F7:05:1B:84:A4:6F:BF:87:F0:B9:07:06:11:DB:5D:0F:21:05:96 X509v3 Authority Key Identifier: keyid:BB:74:10:56:B7:1C:75:5D:03:FB:9C:F2:14:A4:12:4C:A4:F3:76:0C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916A0AA/6A4FFC7A0F1011EAA969FE43C4F9AE02/u3QQVrccdV0D-5zyFKQSTKTzdgw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u3QQVrccdV0D-5zyFKQSTKTzdgw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916A0AA/6A4FFC7A0F1011EAA969FE43C4F9AE02/u3QQVrccdV0D-5zyFKQSTKTzdgw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 66:37:64:05:40:98:8f:75:cf:a5:b9:6c:92:c9:c5:36:44:3b: 31:cc:3b:5d:8c:9d:03:95:ad:67:11:3d:b6:f3:96:cc:7f:72: 2a:6a:8f:1e:7a:ae:00:13:4a:e3:a3:e6:0d:1f:84:7c:e7:34: a9:0c:bc:29:1a:bf:60:86:1c:af:4c:1a:67:4a:a8:81:9c:d3: 0e:dc:bd:55:e2:0d:3d:2d:b8:05:38:c5:21:24:55:7d:75:a0: c3:15:8c:49:cb:93:21:e9:cc:13:ce:4d:8c:7e:cd:c2:4d:3d: 33:a6:98:23:d0:20:d0:97:c1:af:71:a1:f2:59:3a:83:f8:6e: 13:33:14:21:d7:48:c9:32:9e:07:3d:37:46:1d:e0:0d:e4:9a: fc:45:40:44:b6:b2:0c:95:33:42:25:4d:be:df:42:2e:54:88: 14:da:c0:a1:34:87:c4:15:b0:80:0f:2f:ff:3a:26:4d:ec:3c: 91:df:dc:68:89:77:60:60:b2:52:38:4d:ac:f2:84:17:f2:ba: 0a:66:36:43:c0:0f:b1:39:17:ad:95:43:7f:5d:69:fc:c0:cd: 10:14:e7:ff:c6:ca:c6:7c:27:35:cd:bd:cc:f8:b4:29:f1:53: 1b:cd:41:30:b9:c3:7f:d4:76:99:44:2f:25:c5:3f:64:6a:b0: b3:c6:5f:11 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDEAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkEwQUExMTAvBgNVBAUTKEJCNzQxMDU2QjcxQzc1NUQwM0ZCOUNGMjE0QTQxMjRD QTRGMzc2MEMwHhcNMjUwODIyMTg0MzUwWhcNMjUwODI5MTg0MzUwWjAYMRYwFAYD VQQDEw02OGE4YmE2Ni05ZmY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu6ZwU4KoMWP5VQhrqRjUwmiO+koqhSmJ5YbpCVUHy+OOs2EZs/9uRzNUfNCF fAE06EJq8kWnnArklLoCV/hMNPunuqWOy6Xdh/9NLRuYnTWEJPrSXT5c6sHB+aYc WE93KKoEJdKXrTG3FodiRh+1S7cUiuyJIwwWCBot0anYeSxYgLzgQkBORXkapCa5 Sxar6c0+H+y3j7hX5KLJ29Om923B1alysmUIeivHiRkC9D3w1DQmbtdn3k4fx3VX M26o7OgCBXHPOx0VcU/p2+kxlvwggrEVPZKqz8si07aUq21Nps/o0EBTCqlRX+JM 2NwrYDWNFZ5Z+PhNO/Ent5cnDQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNX3BRuE pG+/h/C5BwYR210PIQWWMB8GA1UdIwQYMBaAFLt0EFa3HHVdA/uc8hSkEkyk83YM MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QTBBQS82QTRGRkM3QTBG MTAxMUVBQTk2OUZFNDNDNEY5QUUwMi91M1FRVnJjY2RWMEQtNXp5RktRU1RLVHpk Z3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3UzUVFWcmNjZFYwRC01enlGS1FTVEtUemRndy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 QTBBQS82QTRGRkM3QTBGMTAxMUVBQTk2OUZFNDNDNEY5QUUwMi91M1FRVnJjY2RW MEQtNXp5RktRU1RLVHpkZ3cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBmN2QFQJiPdc+luWySycU2RDsxzDtdjJ0Dla1nET2285bMf3Iqao8e eq4AE0rjo+YNH4R85zSpDLwpGr9ghhyvTBpnSqiBnNMO3L1V4g09LbgFOMUhJFV9 daDDFYxJy5Mh6cwTzk2Mfs3CTT0zppgj0CDQl8GvcaHyWTqD+G4TMxQh10jJMp4H PTdGHeAN5Jr8RUBEtrIMlTNCJU2+30IuVIgU2sChNIfEFbCADy//OiZN7DyR39xo iXdgYLJSOE2s8oQX8roKZjZDwA+xORetlUN/XWn8wM0QFOf/xsrGfCc1zb3M+LQp 8VMbzUEwucN/1HaZRC8lxT9karCzxl8R -----END CERTIFICATE-----Generated at Sun Aug 24 03:34:01 2025 by rpki-client