$ rpki-client -vvf rpki.apnic.net/member_repository/A917A67E/67B4CB841BD311EE965FEF38C4F9AE02/S3IqOmeTvzLJvPUuTncuCm86Yxk.mft File: S3IqOmeTvzLJvPUuTncuCm86Yxk.mft (raw, json) Hash identifier: EbFosphzfzQJ3JKdOjkuFr/+whMrB7u7BmlCjoW2kGY= Subject key identifier: 54:86:A8:70:4D:13:DA:96:D5:19:FF:23:17:5B:A5:ED:5E:6A:E3:5A Authority key identifier: 4B:72:2A:3A:67:93:BF:32:C9:BC:F5:2E:4E:77:2E:0A:6F:3A:63:19 Certificate issuer: /CN=A917A67E/serialNumber=4B722A3A6793BF32C9BCF52E4E772E0A6F3A6319 Certificate serial: 0198 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S3IqOmeTvzLJvPUuTncuCm86Yxk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917A67E/67B4CB841BD311EE965FEF38C4F9AE02/S3IqOmeTvzLJvPUuTncuCm86Yxk.mft Manifest number: 0194 Signing time: Sat 23 Aug 2025 03:34:54 +0000 Manifest this update: Sat 23 Aug 2025 03:34:53 +0000 Manifest next update: Sat 30 Aug 2025 03:34:53 +0000 Files and hashes: 1: S3IqOmeTvzLJvPUuTncuCm86Yxk.crl (hash: 2GqnZoP3VaXrN4dsbd80pEiPEhJUj5FpNcA9IsehlS8=) 2: E3901F981BD711EEB9597921C4F9AE02.roa (hash: sLVF2uLBYBc6LDSXH2VUz3ksriL+t2pMsQjafYLst9Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917A67E/67B4CB841BD311EE965FEF38C4F9AE02/S3IqOmeTvzLJvPUuTncuCm86Yxk.crl rsync://rpki.apnic.net/member_repository/A917A67E/67B4CB841BD311EE965FEF38C4F9AE02/S3IqOmeTvzLJvPUuTncuCm86Yxk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S3IqOmeTvzLJvPUuTncuCm86Yxk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 03:34:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 408 (0x198) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917A67E, serialNumber=4B722A3A6793BF32C9BCF52E4E772E0A6F3A6319 Validity Not Before: Aug 23 03:34:53 2025 GMT Not After : Aug 30 03:34:53 2025 GMT Subject: CN=68a936de-6937 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:ca:ee:a1:f1:ef:66:8b:7e:83:3d:bc:4c:51: 01:4f:b6:1a:12:21:38:66:4d:cd:1c:66:54:69:b2: 9a:25:2d:91:9b:31:f4:5c:d7:2f:8d:84:e0:40:f2: 05:ea:41:c3:5b:9a:a5:ef:d7:57:19:64:12:ab:85: e9:0c:98:da:de:6a:da:41:5e:7c:59:1a:37:bb:bd: 15:a4:ec:15:0f:24:78:a3:e7:e1:5c:1b:22:cc:d4: 90:38:1e:5b:40:f3:ee:69:3f:79:ee:d9:f3:83:53: 6a:dd:e5:f2:72:8d:e2:af:73:56:c7:dd:4e:ea:25: 3e:4e:c1:ad:5f:1b:41:cb:d3:1b:92:88:50:36:b8: f0:a8:0a:49:bc:ec:1c:1e:65:17:d8:1a:30:68:02: 3c:14:d6:2e:9e:ce:8d:36:15:a7:01:b4:46:b3:3d: f9:a1:1e:06:0d:e7:27:4e:21:34:e4:df:71:4b:16: 1d:86:08:47:56:8c:dd:3a:f9:b6:2d:c0:48:f9:89: d3:cc:3e:12:72:89:af:a7:62:18:e8:72:78:e7:2a: 0d:3a:98:e6:53:86:a4:ba:1e:2b:bf:e3:8a:df:c3: a5:d5:a3:0e:ea:d4:69:4c:f5:ce:a3:d4:2f:0f:b9: 16:73:34:73:eb:19:2a:ab:46:f2:9c:f5:1f:e1:6f: 57:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:86:A8:70:4D:13:DA:96:D5:19:FF:23:17:5B:A5:ED:5E:6A:E3:5A X509v3 Authority Key Identifier: keyid:4B:72:2A:3A:67:93:BF:32:C9:BC:F5:2E:4E:77:2E:0A:6F:3A:63:19 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917A67E/67B4CB841BD311EE965FEF38C4F9AE02/S3IqOmeTvzLJvPUuTncuCm86Yxk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S3IqOmeTvzLJvPUuTncuCm86Yxk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A67E/67B4CB841BD311EE965FEF38C4F9AE02/S3IqOmeTvzLJvPUuTncuCm86Yxk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 42:39:32:a6:fc:e9:e7:a3:cd:b2:6d:61:33:28:0f:a4:b7:7e: b4:95:ca:21:02:f4:e5:9a:78:33:86:12:fd:e6:a0:f1:e1:95: 85:9b:0c:13:b9:98:98:1c:6a:81:e7:a8:e6:a6:8e:2a:8a:bb: c3:06:17:fe:5b:8b:e8:a1:7e:37:38:19:52:06:38:3c:20:36: b1:05:82:94:04:bc:b1:d6:fc:31:60:62:cd:1e:8a:d1:a5:e5: 7d:b2:e0:6e:9c:2c:91:f6:7e:43:89:ea:e4:db:48:ce:ad:cb: ae:d3:50:66:71:d5:62:df:b5:11:47:e7:48:1d:b1:b9:7f:6a: 2e:31:54:8f:e9:0a:d3:ba:ec:67:14:0d:f2:7f:7d:4f:d7:32: 48:02:3f:11:d1:23:58:8e:97:03:8b:39:65:0f:5a:e1:02:e0: a6:03:ab:04:6e:f4:16:ae:78:8f:c5:6e:9f:45:bd:58:fb:88: 85:98:e8:8f:e1:18:51:09:c6:6e:0a:f8:7a:bc:d5:82:08:7f: aa:83:16:b7:a6:11:73:5b:55:46:d1:43:1e:ae:5a:49:4e:d5: 15:f1:e4:d0:61:8f:d5:e1:83:fc:f0:e8:9d:a1:13:59:76:42: 1c:b8:fd:e6:ce:00:30:92:84:27:5c:c5:5b:fa:2f:07:c3:b1: 7e:35:a8:87 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAZgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0E2N0UxMTAvBgNVBAUTKDRCNzIyQTNBNjc5M0JGMzJDOUJDRjUyRTRFNzcyRTBB NkYzQTYzMTkwHhcNMjUwODIzMDMzNDUzWhcNMjUwODMwMDMzNDUzWjAYMRYwFAYD VQQDEw02OGE5MzZkZS02OTM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0sruofHvZot+gz28TFEBT7YaEiE4Zk3NHGZUabKaJS2RmzH0XNcvjYTgQPIF 6kHDW5ql79dXGWQSq4XpDJja3mraQV58WRo3u70VpOwVDyR4o+fhXBsizNSQOB5b QPPuaT957tnzg1Nq3eXyco3ir3NWx91O6iU+TsGtXxtBy9MbkohQNrjwqApJvOwc HmUX2BowaAI8FNYuns6NNhWnAbRGsz35oR4GDecnTiE05N9xSxYdhghHVozdOvm2 LcBI+YnTzD4Scomvp2IY6HJ45yoNOpjmU4akuh4rv+OK38Ol1aMO6tRpTPXOo9Qv D7kWczRz6xkqq0bynPUf4W9XqQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFSGqHBN E9qW1Rn/Ixdbpe1eauNaMB8GA1UdIwQYMBaAFEtyKjpnk78yybz1Lk53LgpvOmMZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTY3RS82N0I0Q0I4NDFC RDMxMUVFOTY1RkVGMzhDNEY5QUUwMi9TM0lxT21lVHZ6TEp2UFV1VG5jdUNtODZZ eGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1MzSXFPbWVUdnpMSnZQVXVUbmN1Q204Nll4ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QTY3RS82N0I0Q0I4NDFCRDMxMUVFOTY1RkVGMzhDNEY5QUUwMi9TM0lxT21lVHZ6 TEp2UFV1VG5jdUNtODZZeGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBCOTKm/Onno82ybWEzKA+kt360lcohAvTlmngzhhL95qDx4ZWFmwwT uZiYHGqB56jmpo4qirvDBhf+W4vooX43OBlSBjg8IDaxBYKUBLyx1vwxYGLNHorR peV9suBunCyR9n5Dierk20jOrcuu01BmcdVi37URR+dIHbG5f2ouMVSP6QrTuuxn FA3yf31P1zJIAj8R0SNYjpcDizllD1rhAuCmA6sEbvQWrniPxW6fRb1Y+4iFmOiP 4RhRCcZuCvh6vNWCCH+qgxa3phFzW1VG0UMerlpJTtUV8eTQYY/V4YP88OidoRNZ dkIcuP3mzgAwkoQnXMVb+i8Hw7F+NaiH -----END CERTIFICATE-----Generated at Sun Aug 24 04:56:55 2025 by rpki-client