$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.mft File: PenT3_bgSP2QgUZQLk8I5Fbz2bw.mft (raw, json) Hash identifier: Cv0UkUHVVoDLU9HurmIewswJWdRC6QLGKEq4KouHDGo= Subject key identifier: CC:E4:13:D4:71:A2:A5:5C:C6:6A:4F:2F:51:B1:59:0C:6F:AE:3E:21 Authority key identifier: 3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC Certificate issuer: /CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC Certificate serial: 0868 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.mft Manifest number: 07CD Signing time: Fri 22 Aug 2025 21:54:35 +0000 Manifest this update: Fri 22 Aug 2025 21:54:35 +0000 Manifest next update: Fri 29 Aug 2025 21:54:35 +0000 Files and hashes: 1: PenT3_bgSP2QgUZQLk8I5Fbz2bw.crl (hash: 8xhqZuJuHnMxdo+SjRQOPgrsXq+sDES/6MwVDmyfXiU=) 2: 5CDB2402FD6D11EE951DE436C4F9AE02.roa (hash: JCIJiRdjoJPwGnugBIK3v/SX30S5Hj97puNSPDnZHa0=) 3: 0112375EA05411EDB043385AC4F9AE02.roa (hash: aBs0HSQclxaDqKZvgHQYQl981j8saXju4dpMEUuQAU4=) 4: E2FEA6DA3E5411EF9B398D2DC4F9AE02.roa (hash: Rtf4SCa2SLq1aWm8pt96fKW5kPl75H0zBH9P2CmsGlU=) 5: 5B2236E6FD6D11EE951DE436C4F9AE02.roa (hash: xyRyhhQBvFg1P0171dGNRFnwuXqCBoYXwtzjvJ6IHcw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.crl rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 21:54:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2152 (0x868) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CB7AB, serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC Validity Not Before: Aug 22 21:54:35 2025 GMT Not After : Aug 29 21:54:35 2025 GMT Subject: CN=68a8e71b-f2f4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:2f:c5:e6:e7:7d:93:99:a0:11:66:18:9c:d9: 26:0b:1d:7e:71:8a:79:74:50:35:50:43:16:f7:83: a4:47:78:8e:cc:22:3b:4b:2f:d9:8c:48:47:36:f5: 88:9f:2f:87:31:7b:8d:21:aa:a8:98:05:ef:c4:e3: 03:e7:93:66:09:18:9d:42:93:af:93:e4:36:9e:ca: d0:ad:54:d2:8d:25:f2:4c:07:8a:af:95:ef:58:d7: b8:5b:99:b4:92:67:d6:7e:67:24:57:48:a9:5b:c3: 83:ff:2a:dc:fe:76:4c:ca:0d:0e:ce:ff:52:ef:4e: b6:7f:6f:59:d3:1a:02:22:8c:33:d5:fb:0f:4c:30: ff:34:27:04:35:25:ce:fd:8d:1a:92:26:1a:6c:43: 23:84:15:ea:75:2b:eb:48:a2:e5:98:2b:3c:91:7a: 7c:83:7c:56:0f:82:61:bb:e9:4d:a6:54:96:92:52: 4f:2c:aa:39:b6:81:38:55:21:4c:25:4f:7a:19:15: 8c:71:ec:af:fb:39:9b:7b:3d:8b:6c:12:42:41:81: 4e:f5:d0:3f:a6:9b:cd:d7:5a:69:09:19:e7:51:48: 26:87:56:58:66:c3:f3:32:c2:a3:5d:c5:60:ee:c2: ba:11:b7:d4:29:13:64:ee:14:e3:d4:69:db:31:ce: 09:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:E4:13:D4:71:A2:A5:5C:C6:6A:4F:2F:51:B1:59:0C:6F:AE:3E:21 X509v3 Authority Key Identifier: keyid:3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption aa:80:a9:bc:0c:f0:94:37:89:fa:c1:94:9f:3e:b3:62:24:41: 0f:a8:90:ed:b5:92:59:a8:f6:25:40:27:34:45:db:b6:0e:2a: a6:6d:01:76:a2:ef:2c:48:1f:a3:57:a5:97:34:a6:01:82:a4: 6e:63:39:13:90:25:b2:ce:4e:6f:2e:ad:b2:ca:cc:91:5f:da: 6b:df:b4:cc:f3:56:29:4e:81:ca:7d:3d:54:83:02:8f:1f:5a: 51:2a:5e:20:f6:f4:c1:bc:e0:b8:f2:e1:3b:26:d8:2f:6e:02: 6c:25:94:80:20:7e:90:91:df:0e:50:24:d5:81:01:99:15:2e: cb:b4:e6:7b:63:52:75:06:2c:69:1d:ce:ad:a9:5e:61:bb:ff: 07:5d:26:f8:d4:7e:1b:08:fe:29:97:b0:e3:26:2c:c4:d4:fe: cc:ae:0f:c2:d9:05:a6:09:71:14:2b:ed:54:ae:c5:20:3e:f5: 53:23:60:5b:63:40:38:00:68:a6:ef:29:d7:a1:6e:d4:50:9f: af:d3:8a:07:71:f0:25:f7:9f:c1:db:f0:8c:26:26:5a:15:75: 8a:07:ae:7f:b5:f7:05:96:99:e6:ea:a3:e0:d5:4a:27:fd:ec: b7:25:d4:c6:97:65:0e:d5:ab:de:c5:fb:6c:3f:ee:d6:7a:0c: 9a:d0:6b:d5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCGgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0I3QUIxMTAvBgNVBAUTKDNERTlEM0RGRjZFMDQ4RkQ5MDgxNDY1MDJFNEYwOEU0 NTZGM0Q5QkMwHhcNMjUwODIyMjE1NDM1WhcNMjUwODI5MjE1NDM1WjAYMRYwFAYD VQQDEw02OGE4ZTcxYi1mMmY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyC/F5ud9k5mgEWYYnNkmCx1+cYp5dFA1UEMW94OkR3iOzCI7Sy/ZjEhHNvWI ny+HMXuNIaqomAXvxOMD55NmCRidQpOvk+Q2nsrQrVTSjSXyTAeKr5XvWNe4W5m0 kmfWfmckV0ipW8OD/yrc/nZMyg0Ozv9S7062f29Z0xoCIowz1fsPTDD/NCcENSXO /Y0akiYabEMjhBXqdSvrSKLlmCs8kXp8g3xWD4Jhu+lNplSWklJPLKo5toE4VSFM JU96GRWMceyv+zmbez2LbBJCQYFO9dA/ppvN11ppCRnnUUgmh1ZYZsPzMsKjXcVg 7sK6EbfUKRNk7hTj1GnbMc4JhQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMzkE9Rx oqVcxmpPL1GxWQxvrj4hMB8GA1UdIwQYMBaAFD3p09/24Ej9kIFGUC5PCORW89m8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjdBQi81Njc4NjU2ODQw MDkxMUVCQTM3NDIyNUJDNEY5QUUwMi9QZW5UM19iZ1NQMlFnVVpRTGs4STVGYnoy YncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BlblQzX2JnU1AyUWdVWlFMazhJNUZiejJidy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD QjdBQi81Njc4NjU2ODQwMDkxMUVCQTM3NDIyNUJDNEY5QUUwMi9QZW5UM19iZ1NQ MlFnVVpRTGs4STVGYnoyYncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCqgKm8DPCUN4n6wZSfPrNiJEEPqJDttZJZqPYlQCc0Rdu2DiqmbQF2 ou8sSB+jV6WXNKYBgqRuYzkTkCWyzk5vLq2yysyRX9pr37TM81YpToHKfT1UgwKP H1pRKl4g9vTBvOC48uE7JtgvbgJsJZSAIH6Qkd8OUCTVgQGZFS7LtOZ7Y1J1Bixp Hc6tqV5hu/8HXSb41H4bCP4pl7DjJizE1P7Mrg/C2QWmCXEUK+1UrsUgPvVTI2Bb Y0A4AGim7ynXoW7UUJ+v04oHcfAl95/B2/CMJiZaFXWKB65/tfcFlpnm6qPg1Uon /ey3JdTGl2UO1avexftsP+7Wegya0GvV -----END CERTIFICATE-----Generated at Sat Aug 23 10:29:08 2025 by rpki-client