$ rpki-client -vvf rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.mft File: dd3NDNRiWKwZGsOQoskl2MA1qFc.mft (raw, json) Hash identifier: GJU9eTgBBj6Yni3kKkYMO/KP06hA3IsZ7i9hbKc0/XU= Subject key identifier: CE:34:1E:E5:0E:7B:23:08:6A:9B:91:EC:3F:E0:A3:08:F8:66:7C:68 Authority key identifier: 75:DD:CD:0C:D4:62:58:AC:19:1A:C3:90:A2:C9:25:D8:C0:35:A8:57 Certificate issuer: /CN=A917E04F/serialNumber=75DDCD0CD46258AC191AC390A2C925D8C035A857 Certificate serial: 0E8D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dd3NDNRiWKwZGsOQoskl2MA1qFc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.mft Manifest number: 0E85 Signing time: Wed 02 Jul 2025 17:54:17 +0000 Manifest this update: Wed 02 Jul 2025 17:54:16 +0000 Manifest next update: Wed 09 Jul 2025 17:54:16 +0000 Files and hashes: 1: dd3NDNRiWKwZGsOQoskl2MA1qFc.crl (hash: iiQLQngtJSrKq9rUGQREyWBZUkyXIQ0Fe4yvbbp4K98=) 2: 9C9389D4970311E9B7D3DE5AC4F9AE02.roa (hash: 0msFIFHq8Bi6Dy0orrBJDRYbRJioucs5FAZf2jEryJs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.crl rsync://rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dd3NDNRiWKwZGsOQoskl2MA1qFc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 17:54:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3725 (0xe8d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E04F, serialNumber=75DDCD0CD46258AC191AC390A2C925D8C035A857 Validity Not Before: Jul 2 17:54:16 2025 GMT Not After : Jul 9 17:54:16 2025 GMT Subject: CN=68657249-a0a8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:88:b9:6e:80:c9:0b:6e:90:61:ef:8e:e9:f1: 51:16:ad:c8:11:a2:c9:00:9f:9a:93:34:bc:26:35: 0b:b9:46:6f:6a:41:77:23:1a:d0:f3:4a:e1:2a:35: 1e:df:40:93:ee:08:0e:40:06:ca:d9:17:fd:d4:8e: c4:3f:a4:26:b4:7c:7f:3c:6f:c5:56:65:fd:fb:c3: 72:3a:e0:b6:5b:5d:63:6f:76:44:28:d2:b2:ad:ad: 71:68:1a:d1:78:29:96:03:34:5a:d1:03:e5:bc:c0: 94:7d:2d:3d:db:b7:c6:a1:cb:0f:1c:b4:1b:c2:19: da:fe:7a:10:d4:eb:e5:81:c0:e6:0a:4c:da:72:28: 91:be:98:b4:fa:2a:37:39:c8:9b:65:3f:34:57:d4: 07:3e:55:96:28:b5:c6:be:49:af:71:2b:71:a8:aa: fd:31:55:f9:26:c0:bf:bc:80:37:bb:f2:41:89:23: ac:d2:e5:0c:cd:5f:63:87:50:db:f2:11:5e:24:9e: 8a:7d:2a:b3:00:56:30:fa:5a:71:a4:7b:9d:fe:65: 6f:9d:25:56:db:ae:8a:3e:4b:2c:b4:a8:e1:01:e6: 59:b1:ba:0f:f4:d6:61:04:37:1c:d0:8c:30:f1:9b: ca:a2:f3:c9:24:87:b4:e1:3e:94:90:ff:51:7c:bd: b0:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:34:1E:E5:0E:7B:23:08:6A:9B:91:EC:3F:E0:A3:08:F8:66:7C:68 X509v3 Authority Key Identifier: keyid:75:DD:CD:0C:D4:62:58:AC:19:1A:C3:90:A2:C9:25:D8:C0:35:A8:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dd3NDNRiWKwZGsOQoskl2MA1qFc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 04:f1:3b:68:ea:7a:3b:82:0a:61:9b:00:9a:b4:8b:f4:56:7b: 86:11:3c:9a:99:46:f7:80:1b:2a:c3:68:0a:11:9d:6b:fa:6b: d0:92:9d:dc:23:e7:6b:ea:7b:3e:de:bb:47:06:9d:1b:49:e5: e5:c2:67:f2:66:8f:76:0c:94:21:16:f6:46:3b:3f:e0:c0:a7: 07:a6:c4:6f:8a:9e:64:b8:74:20:24:35:23:76:5e:06:eb:d7: cb:aa:bb:6d:92:db:0d:e5:31:f1:c2:2a:de:21:7d:be:ee:79: 7f:22:97:f0:39:3b:ab:bd:c5:ed:23:1f:e2:89:96:57:27:12: 47:42:9f:21:ce:55:dd:62:fb:33:ba:71:33:ef:c9:a7:ed:aa: ec:61:e4:f1:c4:08:5d:fa:de:ac:29:18:93:2c:be:91:d0:99: c2:e1:f8:ec:16:f1:f6:e9:d1:26:bb:de:d1:53:81:aa:14:43: 7a:c8:f8:7a:c3:da:e3:ad:a2:e6:9f:63:c1:5b:39:0a:0c:56: 2f:25:1a:b1:8a:01:68:f9:26:51:45:db:70:7b:09:87:ac:d5: 0b:ed:0b:bf:f5:98:8a:29:f2:6b:2d:2a:64:67:7c:10:7b:fe: 38:a8:87:34:cd:f1:04:aa:9f:52:92:f5:9b:2e:d3:b9:25:ec: f4:5c:75:ca -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDo0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0UwNEYxMTAvBgNVBAUTKDc1RERDRDBDRDQ2MjU4QUMxOTFBQzM5MEEyQzkyNUQ4 QzAzNUE4NTcwHhcNMjUwNzAyMTc1NDE2WhcNMjUwNzA5MTc1NDE2WjAYMRYwFAYD VQQDEw02ODY1NzI0OS1hMGE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyIi5boDJC26QYe+O6fFRFq3IEaLJAJ+akzS8JjULuUZvakF3IxrQ80rhKjUe 30CT7ggOQAbK2Rf91I7EP6QmtHx/PG/FVmX9+8NyOuC2W11jb3ZEKNKyra1xaBrR eCmWAzRa0QPlvMCUfS0927fGocsPHLQbwhna/noQ1OvlgcDmCkzaciiRvpi0+io3 OcibZT80V9QHPlWWKLXGvkmvcStxqKr9MVX5JsC/vIA3u/JBiSOs0uUMzV9jh1Db 8hFeJJ6KfSqzAFYw+lpxpHud/mVvnSVW266KPksstKjhAeZZsboP9NZhBDcc0Iww 8ZvKovPJJIe04T6UkP9RfL2wlwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFM40HuUO eyMIapuR7D/gowj4ZnxoMB8GA1UdIwQYMBaAFHXdzQzUYlisGRrDkKLJJdjANahX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTA0Ri80MTg1MzdGNDk3 MDMxMUU5QjRCN0IyNUFDNEY5QUUwMi9kZDNORE5SaVdLd1pHc09Rb3NrbDJNQTFx RmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2RkM05ETlJpV0t3WkdzT1Fvc2tsMk1BMXFGYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTA0Ri80MTg1MzdGNDk3MDMxMUU5QjRCN0IyNUFDNEY5QUUwMi9kZDNORE5SaVdL d1pHc09Rb3NrbDJNQTFxRmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAE8Tto6no7ggphmwCatIv0VnuGETyamUb3gBsqw2gKEZ1r+mvQkp3c I+dr6ns+3rtHBp0bSeXlwmfyZo92DJQhFvZGOz/gwKcHpsRvip5kuHQgJDUjdl4G 69fLqrttktsN5THxwireIX2+7nl/IpfwOTurvcXtIx/iiZZXJxJHQp8hzlXdYvsz unEz78mn7arsYeTxxAhd+t6sKRiTLL6R0JnC4fjsFvH26dEmu97RU4GqFEN6yPh6 w9rjraLmn2PBWzkKDFYvJRqxigFo+SZRRdtwewmHrNUL7Qu/9ZiKKfJrLSpkZ3wQ e/44qIc0zfEEqp9SkvWbLtO5Jez0XHXK -----END CERTIFICATE-----Generated at Fri Jul 4 07:09:02 2025 by rpki-client