$ rpki-client -vvf rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.mft File: dd3NDNRiWKwZGsOQoskl2MA1qFc.mft (raw, json) Hash identifier: 7ogR5nSg56rZ0GahdbDG+jQeIhAv5Wll6myz4kbt4Do= Subject key identifier: 90:C7:E4:EF:F9:8A:02:57:4A:35:7C:67:9F:F2:48:A4:BC:64:54:F1 Authority key identifier: 75:DD:CD:0C:D4:62:58:AC:19:1A:C3:90:A2:C9:25:D8:C0:35:A8:57 Certificate issuer: /CN=A917E04F/serialNumber=75DDCD0CD46258AC191AC390A2C925D8C035A857 Certificate serial: 0EA7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dd3NDNRiWKwZGsOQoskl2MA1qFc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.mft Manifest number: 0E9F Signing time: Fri 22 Aug 2025 17:47:31 +0000 Manifest this update: Fri 22 Aug 2025 17:47:30 +0000 Manifest next update: Fri 29 Aug 2025 17:47:30 +0000 Files and hashes: 1: dd3NDNRiWKwZGsOQoskl2MA1qFc.crl (hash: i1QeMJCn/shcBOXxtiKFR0fsj8AaHDE6Hl4WIJ2GpbU=) 2: 9C9389D4970311E9B7D3DE5AC4F9AE02.roa (hash: 0msFIFHq8Bi6Dy0orrBJDRYbRJioucs5FAZf2jEryJs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.crl rsync://rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dd3NDNRiWKwZGsOQoskl2MA1qFc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 17:47:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3751 (0xea7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E04F, serialNumber=75DDCD0CD46258AC191AC390A2C925D8C035A857 Validity Not Before: Aug 22 17:47:30 2025 GMT Not After : Aug 29 17:47:30 2025 GMT Subject: CN=68a8ad32-bf59 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:b2:0a:47:c5:27:9a:3a:d6:ed:e7:9d:35:fa: d8:1c:bb:11:17:23:5c:ed:e0:79:06:bf:d8:26:ff: a8:14:4b:01:ae:1e:6f:ff:df:ed:5a:3f:5e:6b:94: f6:a3:45:6f:2a:fb:16:23:c8:a6:b3:46:50:f2:9e: 52:cf:33:77:91:c3:dd:12:bc:a2:af:6c:1c:7c:6a: 6f:b3:87:e1:f0:cc:2a:fb:7a:4a:bc:63:08:96:52: 02:cf:47:97:dc:e3:3b:09:e6:0b:eb:28:f0:bb:02: 88:b9:04:61:5a:47:23:74:71:7a:fe:ca:07:65:cb: d1:81:11:fc:78:8f:de:7e:0d:4e:4a:aa:cf:11:54: 71:e4:2a:c2:be:24:b2:be:7b:3a:a3:79:d6:4a:7e: fe:99:40:2a:87:a1:a4:18:e9:f3:55:3a:e4:41:8f: 01:fc:78:17:9e:81:4a:e9:d7:ba:dc:38:ba:fb:b9: 8e:5b:30:56:c8:62:6c:da:8e:12:c1:c6:12:c4:4c: b9:85:8e:94:eb:04:04:47:df:e6:43:96:d2:7a:3f: 90:fa:3a:44:7e:4c:cf:0b:71:7c:44:80:00:33:f7: eb:0f:91:c2:65:cb:43:91:88:94:ac:ab:82:f9:4c: f3:43:56:6b:ac:b8:c9:5d:ff:de:ef:5a:d9:ae:df: 6a:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:C7:E4:EF:F9:8A:02:57:4A:35:7C:67:9F:F2:48:A4:BC:64:54:F1 X509v3 Authority Key Identifier: keyid:75:DD:CD:0C:D4:62:58:AC:19:1A:C3:90:A2:C9:25:D8:C0:35:A8:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dd3NDNRiWKwZGsOQoskl2MA1qFc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 75:ba:6c:a3:48:e4:84:04:cc:81:bd:cb:68:00:e8:21:a9:74: 2d:4f:19:13:a3:5e:d4:00:4e:ec:00:ef:31:45:41:5a:de:39: 77:44:13:a9:54:e9:f1:49:1d:89:5d:0c:0f:b9:7d:67:58:72: c7:e9:ba:3b:ca:21:6e:96:9e:22:b9:59:05:15:57:23:b1:ec: 4c:f2:64:fe:2a:fa:bd:f3:6e:78:cf:be:c6:9b:c7:b6:d5:9f: 9f:fe:be:6c:f9:85:ae:10:3a:48:b0:b2:3b:41:e0:ec:11:f2: 40:04:1d:9e:94:00:c7:2e:60:ba:e2:33:b4:bb:cd:03:1b:e4: 83:7f:d9:2b:0b:7a:6a:af:9f:f9:33:25:da:d2:44:f2:af:46: ee:8f:84:ac:91:fe:c8:62:16:3a:51:7c:d3:53:92:09:50:18: c3:c9:33:94:6a:c8:b1:e9:fd:87:55:45:04:64:87:4f:a0:b4: 3c:6e:2a:6d:9b:75:0d:0b:de:1e:70:14:f1:7e:5b:c6:4b:18: de:14:36:7d:6a:b1:7d:94:e0:0d:48:30:1c:1e:ff:96:2b:7b: a5:51:a2:e4:b8:3e:e9:62:8c:a4:a7:30:32:20:d9:1d:fa:7c: 68:bf:87:63:4e:7c:51:13:dc:3e:10:08:8f:6f:e1:6c:00:c0: 6a:ce:50:6a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDqcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0UwNEYxMTAvBgNVBAUTKDc1RERDRDBDRDQ2MjU4QUMxOTFBQzM5MEEyQzkyNUQ4 QzAzNUE4NTcwHhcNMjUwODIyMTc0NzMwWhcNMjUwODI5MTc0NzMwWjAYMRYwFAYD VQQDEw02OGE4YWQzMi1iZjU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqLIKR8UnmjrW7eedNfrYHLsRFyNc7eB5Br/YJv+oFEsBrh5v/9/tWj9ea5T2 o0VvKvsWI8ims0ZQ8p5SzzN3kcPdEryir2wcfGpvs4fh8Mwq+3pKvGMIllICz0eX 3OM7CeYL6yjwuwKIuQRhWkcjdHF6/soHZcvRgRH8eI/efg1OSqrPEVRx5CrCviSy vns6o3nWSn7+mUAqh6GkGOnzVTrkQY8B/HgXnoFK6de63Di6+7mOWzBWyGJs2o4S wcYSxEy5hY6U6wQER9/mQ5bSej+Q+jpEfkzPC3F8RIAAM/frD5HCZctDkYiUrKuC +UzzQ1ZrrLjJXf/e71rZrt9q7wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJDH5O/5 igJXSjV8Z5/ySKS8ZFTxMB8GA1UdIwQYMBaAFHXdzQzUYlisGRrDkKLJJdjANahX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTA0Ri80MTg1MzdGNDk3 MDMxMUU5QjRCN0IyNUFDNEY5QUUwMi9kZDNORE5SaVdLd1pHc09Rb3NrbDJNQTFx RmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2RkM05ETlJpV0t3WkdzT1Fvc2tsMk1BMXFGYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTA0Ri80MTg1MzdGNDk3MDMxMUU5QjRCN0IyNUFDNEY5QUUwMi9kZDNORE5SaVdL d1pHc09Rb3NrbDJNQTFxRmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB1umyjSOSEBMyBvctoAOghqXQtTxkTo17UAE7sAO8xRUFa3jl3RBOp VOnxSR2JXQwPuX1nWHLH6bo7yiFulp4iuVkFFVcjsexM8mT+Kvq98254z77Gm8e2 1Z+f/r5s+YWuEDpIsLI7QeDsEfJABB2elADHLmC64jO0u80DG+SDf9krC3pqr5/5 MyXa0kTyr0buj4Sskf7IYhY6UXzTU5IJUBjDyTOUasix6f2HVUUEZIdPoLQ8bipt m3UNC94ecBTxflvGSxjeFDZ9arF9lOANSDAcHv+WK3ulUaLkuD7pYoykpzAyINkd +nxov4djTnxRE9w+EAiPb+FsAMBqzlBq -----END CERTIFICATE-----Generated at Sat Aug 23 09:43:28 2025 by rpki-client