$ rpki-client -vvf rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft File: 3q8cjeT-PFHGkVP8r5_owq1vjiY.mft (raw, json) Hash identifier: BZKdjj5QT9KanO2CBWH4BFxu+6lXszVwfqdcGoFSL2k= Subject key identifier: 28:ED:47:97:0E:54:46:93:CF:06:37:19:B9:D4:43:9B:C5:09:B1:85 Authority key identifier: DE:AF:1C:8D:E4:FE:3C:51:C6:91:53:FC:AF:9F:E8:C2:AD:6F:8E:26 Certificate issuer: /CN=A917AC33/serialNumber=DEAF1C8DE4FE3C51C69153FCAF9FE8C2AD6F8E26 Certificate serial: 012B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3q8cjeT-PFHGkVP8r5_owq1vjiY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft Manifest number: 0128 Signing time: Tue 01 Jul 2025 05:07:51 +0000 Manifest this update: Tue 01 Jul 2025 05:07:50 +0000 Manifest next update: Tue 08 Jul 2025 05:07:50 +0000 Files and hashes: 1: 3q8cjeT-PFHGkVP8r5_owq1vjiY.crl (hash: GWH4HkEwuMZypKllBdRPpkjYeJU1oyo2F77LeAguCuM=) 2: 1C2EA330925011EE9571EE40C4F9AE02.roa (hash: g1vuB/s+fKkz9lQDwgz7uwUHIIgwyYOpfROfbA+7Aro=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.crl rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3q8cjeT-PFHGkVP8r5_owq1vjiY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 05:07:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 299 (0x12b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917AC33, serialNumber=DEAF1C8DE4FE3C51C69153FCAF9FE8C2AD6F8E26 Validity Not Before: Jul 1 05:07:50 2025 GMT Not After : Jul 8 05:07:50 2025 GMT Subject: CN=68636d26-f614 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:bb:56:53:26:83:92:fd:b4:6f:c5:0e:f8:f0: 07:14:50:ac:96:4d:c5:f0:d2:e4:2d:12:20:3c:78: 1b:e4:25:3a:20:85:d4:74:73:59:35:c3:0b:1a:6d: fe:24:6b:c0:99:1b:d5:f5:3a:64:7f:64:ae:b6:c1: 33:ea:d3:d7:e5:f7:e7:6d:4f:7e:21:18:ad:a5:a1: d2:69:88:1f:fb:99:09:f5:89:cc:ff:21:37:81:2f: a8:e4:b6:f7:78:51:2a:c5:16:57:f6:fd:0b:6a:19: 2f:5a:97:d1:f2:a8:c5:28:b6:b1:e7:11:94:6d:ae: a1:44:49:d1:7e:70:6d:d4:9a:a7:ad:6e:04:ea:81: 6a:f5:00:e1:70:01:d1:57:51:bc:eb:39:76:94:d5: c2:66:14:40:70:d7:b0:01:5b:08:58:b6:6d:10:a9: 42:18:08:bf:b1:37:45:7f:ae:d2:48:d0:ef:47:8b: e3:25:11:bc:de:4b:6b:d9:50:c5:23:fd:54:97:7e: 83:4a:d4:b0:96:72:23:36:f6:5b:21:b5:55:d6:fd: 65:05:71:9f:84:d1:7e:3a:cb:12:03:50:12:28:44: ff:71:e1:f7:38:de:65:67:7f:75:0d:65:f3:56:b0: 97:d6:5b:2a:69:c5:c8:17:c0:d6:c1:0a:ef:7c:c7: 5c:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:ED:47:97:0E:54:46:93:CF:06:37:19:B9:D4:43:9B:C5:09:B1:85 X509v3 Authority Key Identifier: keyid:DE:AF:1C:8D:E4:FE:3C:51:C6:91:53:FC:AF:9F:E8:C2:AD:6F:8E:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3q8cjeT-PFHGkVP8r5_owq1vjiY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b1:89:72:17:8b:af:04:fb:7f:f7:1c:db:9f:81:65:aa:1d:61: 0b:8c:db:50:60:b1:40:0d:ae:9f:46:65:2f:f3:8e:a3:df:44: 63:8d:06:62:85:52:86:6a:7c:5e:35:8a:4e:28:7e:68:e0:27: 1c:15:e9:ab:5b:41:83:61:7d:98:7a:c0:1a:df:33:bd:06:2a: 6d:33:8a:2a:80:d3:a4:52:38:b7:d3:e2:fd:37:36:dc:1d:c3: 69:98:e7:cb:05:5f:9e:8d:bf:79:35:ad:68:aa:a2:11:90:5e: 7b:9e:7f:70:64:3c:53:23:d5:55:89:95:c3:c9:18:1b:a3:fb: e2:80:0c:a9:ae:a7:a2:21:cf:52:72:ae:45:24:64:3c:54:6d: 52:0e:af:fa:98:e3:63:f9:74:64:36:90:25:1c:1f:cf:a4:8c: 5e:0a:9a:9d:b0:40:47:a6:0c:7f:ae:63:52:3c:eb:e6:c1:de: a7:db:75:93:4f:d8:ae:69:9b:45:0c:3b:f0:d3:b7:fc:44:c4: 64:65:60:ff:88:30:79:56:72:05:f0:9c:05:e6:60:02:cf:28: b4:9f:a3:22:5a:f1:69:31:21:ba:c7:ed:ba:a7:18:9a:64:3a: 90:1f:68:c1:e1:15:bd:1c:d3:51:73:9f:53:e4:3d:77:53:87: 4b:d9:ee:93 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0FDMzMxMTAvBgNVBAUTKERFQUYxQzhERTRGRTNDNTFDNjkxNTNGQ0FGOUZFOEMy QUQ2RjhFMjYwHhcNMjUwNzAxMDUwNzUwWhcNMjUwNzA4MDUwNzUwWjAYMRYwFAYD VQQDEw02ODYzNmQyNi1mNjE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA57tWUyaDkv20b8UO+PAHFFCslk3F8NLkLRIgPHgb5CU6IIXUdHNZNcMLGm3+ JGvAmRvV9Tpkf2SutsEz6tPX5ffnbU9+IRitpaHSaYgf+5kJ9YnM/yE3gS+o5Lb3 eFEqxRZX9v0LahkvWpfR8qjFKLax5xGUba6hREnRfnBt1JqnrW4E6oFq9QDhcAHR V1G86zl2lNXCZhRAcNewAVsIWLZtEKlCGAi/sTdFf67SSNDvR4vjJRG83ktr2VDF I/1Ul36DStSwlnIjNvZbIbVV1v1lBXGfhNF+OssSA1ASKET/ceH3ON5lZ391DWXz VrCX1lsqacXIF8DWwQrvfMdcywIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCjtR5cO VEaTzwY3GbnUQ5vFCbGFMB8GA1UdIwQYMBaAFN6vHI3k/jxRxpFT/K+f6MKtb44m MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QUMzMy9CMEJGQUMzNDky NEYxMUVFQThDMjI0NDBDNEY5QUUwMi8zcThjamVULVBGSEdrVlA4cjVfb3dxMXZq aVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNxOGNqZVQtUEZIR2tWUDhyNV9vd3ExdmppWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QUMzMy9CMEJGQUMzNDkyNEYxMUVFQThDMjI0NDBDNEY5QUUwMi8zcThjamVULVBG SEdrVlA4cjVfb3dxMXZqaVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCxiXIXi68E+3/3HNufgWWqHWELjNtQYLFADa6fRmUv846j30RjjQZi hVKGanxeNYpOKH5o4CccFemrW0GDYX2YesAa3zO9BiptM4oqgNOkUji30+L9Nzbc HcNpmOfLBV+ejb95Na1oqqIRkF57nn9wZDxTI9VViZXDyRgbo/vigAyprqeiIc9S cq5FJGQ8VG1SDq/6mONj+XRkNpAlHB/PpIxeCpqdsEBHpgx/rmNSPOvmwd6n23WT T9iuaZtFDDvw07f8RMRkZWD/iDB5VnIF8JwF5mACzyi0n6MiWvFpMSG6x+26pxia ZDqQH2jB4RW9HNNRc59T5D13U4dL2e6T -----END CERTIFICATE-----Generated at Wed Jul 2 14:54:46 2025 by rpki-client