$ rpki-client -vvf rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft File: 3q8cjeT-PFHGkVP8r5_owq1vjiY.mft (raw, json) Hash identifier: Ld2jLxULW+twK+gBqPc/HOOVZIsO34lI7R5jcrXYsxA= Subject key identifier: E9:05:C4:4B:E8:A1:C1:D1:AB:39:7E:EF:12:9E:44:12:1C:60:F9:08 Authority key identifier: DE:AF:1C:8D:E4:FE:3C:51:C6:91:53:FC:AF:9F:E8:C2:AD:6F:8E:26 Certificate issuer: /CN=A917AC33/serialNumber=DEAF1C8DE4FE3C51C69153FCAF9FE8C2AD6F8E26 Certificate serial: 0163 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3q8cjeT-PFHGkVP8r5_owq1vjiY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft Manifest number: 0160 Signing time: Sun 19 Oct 2025 06:43:30 +0000 Manifest this update: Sun 19 Oct 2025 06:43:29 +0000 Manifest next update: Sun 26 Oct 2025 06:43:29 +0000 Files and hashes: 1: 3q8cjeT-PFHGkVP8r5_owq1vjiY.crl (hash: y8X3mp51OYIvYHKzspcHDswpmf7tCXmOMSltkhKOiDg=) 2: 1C2EA330925011EE9571EE40C4F9AE02.roa (hash: g1vuB/s+fKkz9lQDwgz7uwUHIIgwyYOpfROfbA+7Aro=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.crl rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3q8cjeT-PFHGkVP8r5_owq1vjiY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 06:43:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 355 (0x163) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917AC33, serialNumber=DEAF1C8DE4FE3C51C69153FCAF9FE8C2AD6F8E26 Validity Not Before: Oct 19 06:43:29 2025 GMT Not After : Oct 26 06:43:29 2025 GMT Subject: CN=68f48891-74af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:da:13:c9:01:40:01:8f:26:37:74:6e:0d:7b: 2e:f5:0d:3d:98:17:aa:09:10:72:c0:8a:0e:66:4d: f3:14:4c:b1:61:e6:24:57:c3:43:5b:cb:c9:b3:93: 77:37:b8:87:d0:1c:89:fd:da:f5:72:1e:94:a1:05: c6:36:88:54:3e:16:40:71:68:8f:1f:57:7c:73:b6: 3f:e0:59:a5:8f:ab:ce:fa:23:73:87:f6:95:f0:b3: 35:6d:16:dd:c1:f6:62:d3:b5:68:27:2b:7b:3a:ea: 6b:cd:2f:d4:b5:5f:d0:db:24:ff:17:08:7c:de:88: 98:99:b8:d8:99:c7:16:90:c7:58:ba:dd:17:81:39: 48:da:1f:1f:fd:a9:a7:98:68:84:80:0d:d4:eb:29: 99:2f:ae:16:19:ed:6b:dd:3d:ed:64:87:b1:5e:c9: 14:ed:33:48:a4:ba:75:3b:b7:93:ba:cc:8d:fb:b9: ce:62:10:75:0f:9e:f8:fe:b4:a0:e7:34:0c:a4:b8: 9c:e3:4b:ae:5c:f7:fe:21:13:9b:bd:47:f5:0d:da: 06:74:f3:90:c4:c6:64:4a:b1:11:75:51:cd:63:aa: d4:ee:b9:06:8c:86:4a:bc:8a:6d:eb:89:46:dd:95: b3:1e:af:07:4b:8b:a8:e5:7d:0a:5b:49:6d:a0:b1: ac:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:05:C4:4B:E8:A1:C1:D1:AB:39:7E:EF:12:9E:44:12:1C:60:F9:08 X509v3 Authority Key Identifier: keyid:DE:AF:1C:8D:E4:FE:3C:51:C6:91:53:FC:AF:9F:E8:C2:AD:6F:8E:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3q8cjeT-PFHGkVP8r5_owq1vjiY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3f:c9:42:d6:be:cf:30:5a:81:5d:d8:5f:46:70:42:d6:22:bd: 17:43:a8:22:5b:19:2e:bf:65:67:c7:0d:62:4b:ae:2d:5e:b1: 4c:10:15:19:c0:e7:ae:25:0e:40:51:23:1c:f8:46:0f:74:f4: 35:ee:7b:d5:88:fb:f8:b5:84:7c:b6:1f:f3:fd:b9:58:20:e2: d3:8f:78:02:ea:4b:ab:c0:25:d8:2d:29:08:b0:97:f6:4b:2a: e4:b9:a3:01:b9:81:5d:f4:58:7a:3b:01:3e:75:5e:33:95:c5: d1:2f:70:2e:84:59:7f:5e:25:aa:79:1a:ab:99:3a:09:64:64: 55:df:a6:a5:81:d8:da:1b:75:ac:40:a3:dd:c5:3d:ca:7c:e8: 2f:92:99:c3:a2:a4:49:d6:9f:93:c8:9b:59:6d:d2:20:5c:f6: 06:3b:8d:37:5f:45:b4:04:61:d6:3e:3e:cc:d2:6c:3c:27:51: 1c:a7:e3:02:b9:57:55:94:36:3d:4e:49:9f:7c:e3:7e:a2:87: f3:99:61:5e:46:06:17:84:d6:3d:71:3c:2a:04:51:69:54:36: ed:96:dc:56:de:50:ee:b3:0b:5e:89:6f:13:c1:2e:b7:13:9c: 07:3d:61:5c:cb:75:1e:e0:c4:e0:63:76:24:d5:61:a7:44:68: 7d:a8:0a:b2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAWMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0FDMzMxMTAvBgNVBAUTKERFQUYxQzhERTRGRTNDNTFDNjkxNTNGQ0FGOUZFOEMy QUQ2RjhFMjYwHhcNMjUxMDE5MDY0MzI5WhcNMjUxMDI2MDY0MzI5WjAYMRYwFAYD VQQDEw02OGY0ODg5MS03NGFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6toTyQFAAY8mN3RuDXsu9Q09mBeqCRBywIoOZk3zFEyxYeYkV8NDW8vJs5N3 N7iH0ByJ/dr1ch6UoQXGNohUPhZAcWiPH1d8c7Y/4Fmlj6vO+iNzh/aV8LM1bRbd wfZi07VoJyt7OuprzS/UtV/Q2yT/Fwh83oiYmbjYmccWkMdYut0XgTlI2h8f/amn mGiEgA3U6ymZL64WGe1r3T3tZIexXskU7TNIpLp1O7eTusyN+7nOYhB1D574/rSg 5zQMpLic40uuXPf+IRObvUf1DdoGdPOQxMZkSrERdVHNY6rU7rkGjIZKvIpt64lG 3ZWzHq8HS4uo5X0KW0ltoLGsMQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOkFxEvo ocHRqzl+7xKeRBIcYPkIMB8GA1UdIwQYMBaAFN6vHI3k/jxRxpFT/K+f6MKtb44m MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QUMzMy9CMEJGQUMzNDky NEYxMUVFQThDMjI0NDBDNEY5QUUwMi8zcThjamVULVBGSEdrVlA4cjVfb3dxMXZq aVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNxOGNqZVQtUEZIR2tWUDhyNV9vd3ExdmppWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QUMzMy9CMEJGQUMzNDkyNEYxMUVFQThDMjI0NDBDNEY5QUUwMi8zcThjamVULVBG SEdrVlA4cjVfb3dxMXZqaVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA/yULWvs8wWoFd2F9GcELWIr0XQ6giWxkuv2Vnxw1iS64tXrFMEBUZ wOeuJQ5AUSMc+EYPdPQ17nvViPv4tYR8th/z/blYIOLTj3gC6kurwCXYLSkIsJf2 SyrkuaMBuYFd9Fh6OwE+dV4zlcXRL3AuhFl/XiWqeRqrmToJZGRV36algdjaG3Ws QKPdxT3KfOgvkpnDoqRJ1p+TyJtZbdIgXPYGO403X0W0BGHWPj7M0mw8J1Ecp+MC uVdVlDY9TkmffON+oofzmWFeRgYXhNY9cTwqBFFpVDbtltxW3lDuswteiW8TwS63 E5wHPWFcy3Ue4MTgY3Yk1WGnRGh9qAqy -----END CERTIFICATE-----Generated at Sun Oct 19 23:22:50 2025 by rpki-client