$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.mft File: 3aSfQfYYpV-cp8_FW66nthbZV2I.mft (raw, json) Hash identifier: xekTS/OfneOzhQ5NDhbryHKx6LR9Es1GZ/4WH999LT0= Subject key identifier: 23:00:6D:D0:79:91:85:71:66:3E:78:4C:AF:E3:CC:19:56:78:12:64 Authority key identifier: DD:A4:9F:41:F6:18:A5:5F:9C:A7:CF:C5:5B:AE:A7:B6:16:D9:57:62 Certificate issuer: /CN=A91A7273/serialNumber=DDA49F41F618A55F9CA7CFC55BAEA7B616D95762 Certificate serial: 68 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3aSfQfYYpV-cp8_FW66nthbZV2I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.mft Manifest number: 67 Signing time: Sat 23 Aug 2025 07:15:10 +0000 Manifest this update: Sat 23 Aug 2025 07:15:09 +0000 Manifest next update: Sat 30 Aug 2025 07:15:09 +0000 Files and hashes: 1: 3aSfQfYYpV-cp8_FW66nthbZV2I.crl (hash: SFuVxssOBj2QPrtdPOSO1Ic3NIh0kxsERPphC2lqYa0=) 2: 3958EEC642BB11F0B449BB81C4F9AE02.roa (hash: SygYrtM3v/MPPC9qe7TYDUy1/kulSQDEnXRN8vMuKwo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.crl rsync://rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3aSfQfYYpV-cp8_FW66nthbZV2I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 07:15:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 104 (0x68) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A7273, serialNumber=DDA49F41F618A55F9CA7CFC55BAEA7B616D95762 Validity Not Before: Aug 23 07:15:09 2025 GMT Not After : Aug 30 07:15:09 2025 GMT Subject: CN=68a96a7e-f975 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:89:9a:43:1f:59:da:96:d4:b3:33:5b:65:50: 53:62:5f:80:2b:55:f2:5a:41:bb:09:2a:f3:ac:b9: 3a:d4:93:10:50:eb:74:1c:6f:52:5a:b6:4a:2c:45: 5f:60:1e:ce:c6:23:17:f2:ab:11:0e:05:d0:8d:13: dc:88:d2:05:aa:bc:cb:41:f2:3f:80:1c:e5:f7:de: 0a:9a:23:08:8b:c2:86:2a:9f:11:d0:54:ae:3c:94: 01:e1:40:b2:c3:61:d5:32:37:e6:30:95:1f:93:84: 3b:0e:e3:8b:74:41:cd:ea:2f:40:80:63:d0:cb:53: d2:72:a1:72:62:22:e8:82:87:7f:75:1a:00:2d:2b: 2f:51:fc:57:d5:3f:c7:44:53:7a:a7:ec:42:fe:23: 8f:1e:34:7e:b6:00:1b:58:35:30:a3:49:ea:ea:bd: 06:a1:76:80:3d:c9:d9:1e:09:fe:ff:be:5a:f4:2c: 95:ae:47:7d:52:38:48:6e:1f:75:72:d2:12:10:4b: fb:b4:f2:0e:61:41:28:45:3b:cf:8e:68:99:1c:40: 57:84:c6:85:57:f5:d5:34:a0:ba:ec:99:98:0d:72: c9:62:54:23:1c:84:61:8e:fc:15:90:bd:43:e6:a2: 4b:af:e8:6e:04:ca:71:9b:1e:4c:30:cc:48:f2:ee: e6:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:00:6D:D0:79:91:85:71:66:3E:78:4C:AF:E3:CC:19:56:78:12:64 X509v3 Authority Key Identifier: keyid:DD:A4:9F:41:F6:18:A5:5F:9C:A7:CF:C5:5B:AE:A7:B6:16:D9:57:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3aSfQfYYpV-cp8_FW66nthbZV2I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption e7:b3:89:c4:95:06:ac:bb:75:d2:2f:3d:a7:fe:f1:e7:a5:f4: eb:f1:61:d5:25:1e:ae:05:42:a2:a3:4f:eb:a5:62:f2:f0:f7: 2a:59:39:65:bc:a0:52:e1:89:4a:b8:55:e5:95:60:79:bd:55: ac:ea:04:96:36:8b:c3:35:4b:60:38:66:11:5a:0e:d6:8a:b2: 90:73:95:1c:98:07:ed:b5:20:ad:83:68:df:c1:bd:ed:73:fa: 8a:1e:88:f7:01:2b:f9:d2:3d:cc:4d:0e:ca:c7:c2:36:c1:04: 45:e9:44:1b:8b:3a:88:d8:33:09:d3:d1:3b:b7:f5:bd:fc:0c: 98:c1:15:33:1a:2a:d1:db:5f:18:20:f8:b9:12:b4:93:8c:91: 3f:fd:bc:0e:b2:be:4d:2f:b0:21:13:6a:2d:46:95:33:75:bf: b3:c5:83:be:7b:1d:cb:52:d9:c2:3e:67:b8:51:e1:d2:cd:55: 77:7f:35:19:2c:bc:71:53:86:34:ce:0e:63:ad:c0:a5:bf:34: 51:7b:72:d3:31:fc:17:c7:f2:f9:51:10:2f:8c:54:a3:b0:64: 40:c8:5b:8f:b4:a6:f4:0a:8e:30:93:01:d6:85:1e:3b:d0:00: fd:96:0b:3e:e1:d8:30:dc:a7:f0:77:6e:ef:a2:28:37:3a:1f: af:43:eb:12 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBaDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB NzI3MzExMC8GA1UEBRMoRERBNDlGNDFGNjE4QTU1RjlDQTdDRkM1NUJBRUE3QjYx NkQ5NTc2MjAeFw0yNTA4MjMwNzE1MDlaFw0yNTA4MzAwNzE1MDlaMBgxFjAUBgNV BAMTDTY4YTk2YTdlLWY5NzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDJiZpDH1naltSzM1tlUFNiX4ArVfJaQbsJKvOsuTrUkxBQ63Qcb1JatkosRV9g Hs7GIxfyqxEOBdCNE9yI0gWqvMtB8j+AHOX33gqaIwiLwoYqnxHQVK48lAHhQLLD YdUyN+YwlR+ThDsO44t0Qc3qL0CAY9DLU9JyoXJiIuiCh391GgAtKy9R/FfVP8dE U3qn7EL+I48eNH62ABtYNTCjSerqvQahdoA9ydkeCf7/vlr0LJWuR31SOEhuH3Vy 0hIQS/u08g5hQShFO8+OaJkcQFeExoVX9dU0oLrsmZgNcsliVCMchGGO/BWQvUPm okuv6G4EynGbHkwwzEjy7uYDAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUIwBt0HmR hXFmPnhMr+PMGVZ4EmQwHwYDVR0jBBgwFoAU3aSfQfYYpV+cp8/FW66nthbZV2Iw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE3MjczL0ZDNTA1MDBFRTc3 MTExRUY5REZCREQ1MEM0RjlBRTAyLzNhU2ZRZllZcFYtY3A4X0ZXNjZudGhiWlYy SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvM2FTZlFmWVlwVi1jcDhfRlc2Nm50aGJaVjJJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE3 MjczL0ZDNTA1MDBFRTc3MTExRUY5REZCREQ1MEM0RjlBRTAyLzNhU2ZRZllZcFYt Y3A4X0ZXNjZudGhiWlYySS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAOezicSVBqy7ddIvPaf+8eel9OvxYdUlHq4FQqKjT+ulYvLw9ypZOWW8 oFLhiUq4VeWVYHm9VazqBJY2i8M1S2A4ZhFaDtaKspBzlRyYB+21IK2DaN/Bve1z +ooeiPcBK/nSPcxNDsrHwjbBBEXpRBuLOojYMwnT0Tu39b38DJjBFTMaKtHbXxgg +LkStJOMkT/9vA6yvk0vsCETai1GlTN1v7PFg757HctS2cI+Z7hR4dLNVXd/NRks vHFThjTODmOtwKW/NFF7ctMx/BfH8vlREC+MVKOwZEDIW4+0pvQKjjCTAdaFHjvQ AP2WCz7h2DDcp/B3bu+iKDc6H69D6xI= -----END CERTIFICATE-----Generated at Sat Aug 23 22:33:22 2025 by rpki-client