$ rpki-client -vvf rpki.apnic.net/member_repository/A91A58AA/CA50C926240211F0961B646DC4F9AE02/I3Q0S3Gynw44NSDK_GyINQw1YWg.mft File: I3Q0S3Gynw44NSDK_GyINQw1YWg.mft (raw, json) Hash identifier: WnIQg1HM0+Rz0koMwOhmI8iaEYWOrgB2BcYPg65FbcE= Subject key identifier: 3A:E6:7F:22:56:F4:4A:9A:69:A6:07:A5:0C:33:5A:88:B7:3E:CF:F4 Authority key identifier: 23:74:34:4B:71:B2:9F:0E:38:35:20:CA:FC:6C:88:35:0C:35:61:68 Certificate issuer: /CN=A91A58AA/serialNumber=2374344B71B29F0E383520CAFC6C88350C356168 Certificate serial: 3C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I3Q0S3Gynw44NSDK_GyINQw1YWg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A58AA/CA50C926240211F0961B646DC4F9AE02/I3Q0S3Gynw44NSDK_GyINQw1YWg.mft Manifest number: 3C Signing time: Sat 23 Aug 2025 07:44:49 +0000 Manifest this update: Sat 23 Aug 2025 07:44:48 +0000 Manifest next update: Sat 30 Aug 2025 07:44:48 +0000 Files and hashes: 1: I3Q0S3Gynw44NSDK_GyINQw1YWg.crl (hash: jEKJlkCPRmVoBLPH7oBPt6+4GiUC87C17cJfGA6W2Kk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A58AA/CA50C926240211F0961B646DC4F9AE02/I3Q0S3Gynw44NSDK_GyINQw1YWg.crl rsync://rpki.apnic.net/member_repository/A91A58AA/CA50C926240211F0961B646DC4F9AE02/I3Q0S3Gynw44NSDK_GyINQw1YWg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I3Q0S3Gynw44NSDK_GyINQw1YWg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 07:44:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60 (0x3c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A58AA, serialNumber=2374344B71B29F0E383520CAFC6C88350C356168 Validity Not Before: Aug 23 07:44:48 2025 GMT Not After : Aug 30 07:44:48 2025 GMT Subject: CN=68a97171-3fef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:a9:ef:48:97:3f:c3:33:a1:29:d0:83:99:ab: 3d:6d:1c:52:3b:38:a6:e3:fb:0d:3e:a3:b4:8a:ac: a6:10:17:a6:93:4d:9e:51:b9:16:da:88:d8:fd:6a: 54:64:9f:3b:38:d5:33:26:e6:a0:f3:bb:19:a3:10: 59:1f:49:e9:b5:7c:de:97:1f:f3:f9:16:7f:80:93: a7:56:63:f7:30:df:d3:44:3d:6e:f9:72:ce:50:97: bb:dc:45:55:25:b4:4b:04:27:c7:1a:31:aa:aa:85: ef:ae:88:46:11:d2:56:f4:a1:9c:26:e8:f0:ae:45: e4:a5:92:a3:b5:9d:2a:9b:93:3c:81:2c:f5:f4:c4: c1:a2:17:e8:17:e5:40:49:e9:b9:87:e3:e9:71:71: f6:7e:27:4d:5f:61:73:e2:aa:63:fe:30:fa:47:4f: 48:c3:14:04:91:76:cc:aa:d9:71:31:fb:1a:e5:a2: b2:2e:0b:71:96:a0:ac:db:d6:57:e6:98:21:c5:12: 79:4c:c4:10:b3:b8:5e:f9:28:f1:da:31:e0:11:43: a4:67:a1:9e:5d:c2:08:ac:bb:e4:56:73:48:ec:1b: f4:e9:18:e5:b9:c2:a3:b1:a0:ea:5f:62:0b:5a:2d: 7b:d1:f9:49:ad:64:87:8d:f5:aa:41:c6:c9:be:fc: 5e:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:E6:7F:22:56:F4:4A:9A:69:A6:07:A5:0C:33:5A:88:B7:3E:CF:F4 X509v3 Authority Key Identifier: keyid:23:74:34:4B:71:B2:9F:0E:38:35:20:CA:FC:6C:88:35:0C:35:61:68 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A58AA/CA50C926240211F0961B646DC4F9AE02/I3Q0S3Gynw44NSDK_GyINQw1YWg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I3Q0S3Gynw44NSDK_GyINQw1YWg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A58AA/CA50C926240211F0961B646DC4F9AE02/I3Q0S3Gynw44NSDK_GyINQw1YWg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 72:5e:3e:bb:84:33:31:36:16:5d:e9:2e:88:96:20:66:a7:0c: c4:94:b2:82:2d:37:ca:5c:eb:fc:46:6e:99:bf:b1:85:ef:50: bd:82:ee:d8:a8:a9:db:c2:7c:1a:cb:5f:da:8e:c1:19:aa:e1: bd:d1:79:99:15:8c:b8:e3:fe:e6:25:5e:a9:7e:dd:4d:67:6d: f0:7e:f2:90:c2:06:e4:64:af:51:97:8e:28:03:f6:d5:23:75: a4:33:12:79:7b:69:0b:5e:e4:6b:2a:37:e1:30:bf:23:2d:34: 93:86:ab:70:4e:cd:c3:60:4d:45:79:ff:8d:b8:f2:1e:16:4c: 58:89:d7:bc:c0:86:74:9d:38:9a:c0:06:81:70:41:5f:24:e3: cf:d1:39:93:82:67:30:2d:e3:3b:86:64:12:3a:1a:e1:92:69: 24:19:67:bb:57:69:94:c0:92:8c:8f:28:dd:f9:b9:01:87:e0: 86:66:ed:56:32:db:a9:1a:92:de:42:e3:53:84:ca:0a:3c:66: 95:59:44:0e:ec:fe:b7:53:13:ff:e4:04:df:bc:20:2f:70:91: 1e:a2:d3:a1:2e:be:80:6f:fe:cc:64:2f:20:83:a8:6a:da:67: 80:a1:59:17:9b:33:9d:2b:6a:1b:e1:b3:ce:29:f2:71:ba:61: d2:43:de:ef -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBPDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB NThBQTExMC8GA1UEBRMoMjM3NDM0NEI3MUIyOUYwRTM4MzUyMENBRkM2Qzg4MzUw QzM1NjE2ODAeFw0yNTA4MjMwNzQ0NDhaFw0yNTA4MzAwNzQ0NDhaMBgxFjAUBgNV BAMTDTY4YTk3MTcxLTNmZWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC+qe9Ilz/DM6Ep0IOZqz1tHFI7OKbj+w0+o7SKrKYQF6aTTZ5RuRbaiNj9alRk nzs41TMm5qDzuxmjEFkfSem1fN6XH/P5Fn+Ak6dWY/cw39NEPW75cs5Ql7vcRVUl tEsEJ8caMaqqhe+uiEYR0lb0oZwm6PCuReSlkqO1nSqbkzyBLPX0xMGiF+gX5UBJ 6bmH4+lxcfZ+J01fYXPiqmP+MPpHT0jDFASRdsyq2XEx+xrlorIuC3GWoKzb1lfm mCHFEnlMxBCzuF75KPHaMeARQ6RnoZ5dwgisu+RWc0jsG/TpGOW5wqOxoOpfYgta LXvR+UmtZIeN9apBxsm+/F6PAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUOuZ/Ilb0 SppppgelDDNaiLc+z/QwHwYDVR0jBBgwFoAUI3Q0S3Gynw44NSDK/GyINQw1YWgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE1OEFBL0NBNTBDOTI2MjQw MjExRjA5NjFCNjQ2REM0RjlBRTAyL0kzUTBTM0d5bnc0NE5TREtfR3lJTlF3MVlX Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvSTNRMFMzR3ludzQ0TlNES19HeUlOUXcxWVdnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE1 OEFBL0NBNTBDOTI2MjQwMjExRjA5NjFCNjQ2REM0RjlBRTAyL0kzUTBTM0d5bnc0 NE5TREtfR3lJTlF3MVlXZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHJePruEMzE2Fl3pLoiWIGanDMSUsoItN8pc6/xGbpm/sYXvUL2C7tio qdvCfBrLX9qOwRmq4b3ReZkVjLjj/uYlXql+3U1nbfB+8pDCBuRkr1GXjigD9tUj daQzEnl7aQte5GsqN+EwvyMtNJOGq3BOzcNgTUV5/4248h4WTFiJ17zAhnSdOJrA BoFwQV8k48/ROZOCZzAt4zuGZBI6GuGSaSQZZ7tXaZTAkoyPKN35uQGH4IZm7VYy 26kakt5C41OEygo8ZpVZRA7s/rdTE//kBN+8IC9wkR6i06EuvoBv/sxkLyCDqGra Z4ChWRebM50rahvhs84p8nG6YdJD3u8= -----END CERTIFICATE-----Generated at Sat Aug 23 15:14:22 2025 by rpki-client