$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8458/F8AF1202F61511EA8377006CC4F9AE02/3W8BT4rUXahdDhbys3aHZ5REhbM.mft File: 3W8BT4rUXahdDhbys3aHZ5REhbM.mft (raw, json) Hash identifier: twJTk/SiXbaw7aMLuUviGAPmVHt/CZJ2ELxy4XsCRdA= Subject key identifier: 9E:2E:37:0F:FB:A3:BB:01:C8:58:37:E6:2D:8D:98:04:7F:2F:DF:4C Authority key identifier: DD:6F:01:4F:8A:D4:5D:A8:5D:0E:16:F2:B3:76:87:67:94:44:85:B3 Certificate issuer: /CN=A91E8458/serialNumber=DD6F014F8AD45DA85D0E16F2B3768767944485B3 Certificate serial: 07F8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3W8BT4rUXahdDhbys3aHZ5REhbM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8458/F8AF1202F61511EA8377006CC4F9AE02/3W8BT4rUXahdDhbys3aHZ5REhbM.mft Manifest number: 07F2 Signing time: Fri 22 Aug 2025 21:07:15 +0000 Manifest this update: Fri 22 Aug 2025 21:07:15 +0000 Manifest next update: Fri 29 Aug 2025 21:07:15 +0000 Files and hashes: 1: 3W8BT4rUXahdDhbys3aHZ5REhbM.crl (hash: rYwdeCpnae1ptSJHYsdli3fOemKeF8Gj/r4fcET5jno=) 2: FAE7339CF7B911EA91318653C4F9AE02.roa (hash: AWPlkT/VPOlTrND3SaqX87pYECk2GQcIiP0u70mzoFk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8458/F8AF1202F61511EA8377006CC4F9AE02/3W8BT4rUXahdDhbys3aHZ5REhbM.crl rsync://rpki.apnic.net/member_repository/A91E8458/F8AF1202F61511EA8377006CC4F9AE02/3W8BT4rUXahdDhbys3aHZ5REhbM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3W8BT4rUXahdDhbys3aHZ5REhbM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 21:07:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2040 (0x7f8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8458, serialNumber=DD6F014F8AD45DA85D0E16F2B3768767944485B3 Validity Not Before: Aug 22 21:07:15 2025 GMT Not After : Aug 29 21:07:15 2025 GMT Subject: CN=68a8dc03-1300 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:47:a5:6e:3f:ae:63:55:64:d1:bd:59:92:6f: 1b:f5:64:e1:bb:92:93:b7:6d:b8:9c:bd:dd:f6:74: df:a2:d7:3b:fa:c3:90:33:fe:91:c7:16:b4:80:51: 19:19:7f:67:cc:dc:b7:44:1a:b8:58:93:a0:c2:20: 22:ff:02:82:39:5e:aa:18:45:90:78:5e:b9:da:6e: 55:b0:88:7e:22:60:b2:1b:bb:fb:52:65:0e:91:2d: 60:77:11:ba:6b:d7:92:33:6b:e2:6b:be:50:f8:46: fe:90:89:08:1f:d8:0a:7e:47:a7:f8:ef:4c:ee:c5: 77:e2:e1:47:9e:b7:f4:db:29:fb:f0:35:a8:3f:4f: 29:3d:03:d7:30:bc:60:1f:0f:3f:a3:45:e9:ed:28: aa:af:28:81:9d:19:c3:40:4f:c7:e3:92:69:8e:d2: ba:fd:db:38:06:ef:95:ce:c9:50:5b:96:ca:3b:f8: 0d:41:3a:0e:79:83:fd:c2:92:71:2c:e6:79:79:79: 77:3e:56:f7:d5:23:6b:8e:06:79:51:96:a9:b4:48: 8d:9f:90:4e:d1:de:57:1d:a8:e6:a9:fd:1e:70:43: 1e:18:13:78:3f:06:6b:78:ec:ba:7e:96:2c:b8:87: ef:46:3f:13:14:ca:1c:3c:23:2f:e1:a5:86:c2:a2: a9:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:2E:37:0F:FB:A3:BB:01:C8:58:37:E6:2D:8D:98:04:7F:2F:DF:4C X509v3 Authority Key Identifier: keyid:DD:6F:01:4F:8A:D4:5D:A8:5D:0E:16:F2:B3:76:87:67:94:44:85:B3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8458/F8AF1202F61511EA8377006CC4F9AE02/3W8BT4rUXahdDhbys3aHZ5REhbM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3W8BT4rUXahdDhbys3aHZ5REhbM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8458/F8AF1202F61511EA8377006CC4F9AE02/3W8BT4rUXahdDhbys3aHZ5REhbM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 49:d0:e7:c2:1d:52:32:67:5f:7c:7a:a5:91:96:2b:06:13:59: 38:3c:28:c4:f8:77:1e:11:b8:40:79:05:78:66:7c:b2:a1:22: ef:78:38:79:ce:ae:2e:b7:44:cc:fc:de:c6:82:fa:a3:c4:17: 5f:be:f0:fa:e2:d6:53:b1:5f:13:d2:38:7c:4d:99:10:ee:90: 96:df:37:75:11:64:93:4a:1e:44:03:84:31:74:5d:cc:f4:0d: 04:3a:7b:56:dc:01:3b:ed:26:38:58:d3:8f:d3:56:46:80:0d: c3:01:c4:72:31:9c:ff:31:61:bb:03:66:de:48:2c:7c:d5:25: 33:7a:1f:6f:40:7c:c7:61:91:a7:5a:5d:97:8a:67:0d:00:11: 5a:7e:22:47:e7:f7:53:99:9e:d4:d9:40:3c:b3:8a:a8:e9:9c: 1d:d2:4f:5c:f9:1f:a2:e3:7e:48:5a:5d:e1:61:15:06:ce:50: 5a:e4:aa:af:a8:58:6e:fd:63:99:ee:5e:69:53:e0:38:ac:63: 5b:fb:a4:ad:25:0a:2b:b9:31:48:02:7c:49:99:cd:17:60:43: c3:f5:6d:69:11:c2:e5:c8:89:64:14:99:9d:5f:7f:37:fa:6e: 43:d6:72:af:d7:11:83:b2:0a:69:da:f7:92:0a:ce:09:e2:0d: 44:78:a2:24 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB/gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTg0NTgxMTAvBgNVBAUTKERENkYwMTRGOEFENDVEQTg1RDBFMTZGMkIzNzY4NzY3 OTQ0NDg1QjMwHhcNMjUwODIyMjEwNzE1WhcNMjUwODI5MjEwNzE1WjAYMRYwFAYD VQQDEw02OGE4ZGMwMy0xMzAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwEelbj+uY1Vk0b1Zkm8b9WThu5KTt224nL3d9nTfotc7+sOQM/6Rxxa0gFEZ GX9nzNy3RBq4WJOgwiAi/wKCOV6qGEWQeF652m5VsIh+ImCyG7v7UmUOkS1gdxG6 a9eSM2via75Q+Eb+kIkIH9gKfken+O9M7sV34uFHnrf02yn78DWoP08pPQPXMLxg Hw8/o0Xp7SiqryiBnRnDQE/H45JpjtK6/ds4Bu+VzslQW5bKO/gNQToOeYP9wpJx LOZ5eXl3Plb31SNrjgZ5UZaptEiNn5BO0d5XHajmqf0ecEMeGBN4PwZreOy6fpYs uIfvRj8TFMocPCMv4aWGwqKp5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ4uNw/7 o7sByFg35i2NmAR/L99MMB8GA1UdIwQYMBaAFN1vAU+K1F2oXQ4W8rN2h2eURIWz MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODQ1OC9GOEFGMTIwMkY2 MTUxMUVBODM3NzAwNkNDNEY5QUUwMi8zVzhCVDRyVVhhaGREaGJ5czNhSFo1UkVo Yk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNXOEJUNHJVWGFoZERoYnlzM2FIWjVSRWhiTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF ODQ1OC9GOEFGMTIwMkY2MTUxMUVBODM3NzAwNkNDNEY5QUUwMi8zVzhCVDRyVVhh aGREaGJ5czNhSFo1UkVoYk0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBJ0OfCHVIyZ198eqWRlisGE1k4PCjE+HceEbhAeQV4ZnyyoSLveDh5 zq4ut0TM/N7GgvqjxBdfvvD64tZTsV8T0jh8TZkQ7pCW3zd1EWSTSh5EA4QxdF3M 9A0EOntW3AE77SY4WNOP01ZGgA3DAcRyMZz/MWG7A2beSCx81SUzeh9vQHzHYZGn Wl2XimcNABFafiJH5/dTmZ7U2UA8s4qo6Zwd0k9c+R+i435IWl3hYRUGzlBa5Kqv qFhu/WOZ7l5pU+A4rGNb+6StJQoruTFIAnxJmc0XYEPD9W1pEcLlyIlkFJmdX383 +m5D1nKv1xGDsgpp2veSCs4J4g1EeKIk -----END CERTIFICATE-----Generated at Sat Aug 23 19:38:20 2025 by rpki-client