$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.mft File: 3rTAuQf6yhxdN3a9SUb0uqjKazA.mft (raw, json) Hash identifier: jIeEebqBHQHHz+j8d00hULNcwVKocbAdKGn56rjO5Ro= Subject key identifier: C8:A6:34:35:7B:B7:3C:72:8A:7C:0E:13:AD:34:88:0E:93:D4:CD:DA Authority key identifier: DE:B4:C0:B9:07:FA:CA:1C:5D:37:76:BD:49:46:F4:BA:A8:CA:6B:30 Certificate issuer: /CN=A91F3B5F/serialNumber=DEB4C0B907FACA1C5D3776BD4946F4BAA8CA6B30 Certificate serial: 4B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3rTAuQf6yhxdN3a9SUb0uqjKazA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.mft Manifest number: 4A Signing time: Sat 23 Aug 2025 07:37:48 +0000 Manifest this update: Sat 23 Aug 2025 07:37:47 +0000 Manifest next update: Sat 30 Aug 2025 07:37:47 +0000 Files and hashes: 1: 3rTAuQf6yhxdN3a9SUb0uqjKazA.crl (hash: 8R0OYSs4frYDTwaX+9kKNPWgX12pqVyNvAoVGbS/Z/I=) 2: 0B65C980136D11F09F542C81C4F9AE02.roa (hash: VBqh2E7rkd2+euZfBVuvn8Wuy6ZridPl7cQmEbFqT/k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.crl rsync://rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3rTAuQf6yhxdN3a9SUb0uqjKazA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 06:10:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75 (0x4b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F3B5F, serialNumber=DEB4C0B907FACA1C5D3776BD4946F4BAA8CA6B30 Validity Not Before: Aug 23 07:37:47 2025 GMT Not After : Aug 30 07:37:47 2025 GMT Subject: CN=68a96fcc-6872 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:29:f5:2d:03:0e:2f:b5:6a:46:24:63:e5:78: 79:5a:1d:13:0e:18:f9:17:e0:b9:0c:81:55:73:de: 8e:11:58:9d:1d:e6:9d:f4:e0:2a:ed:d4:be:2a:c6: 80:5b:eb:b6:e2:20:99:da:1a:8c:4f:0f:e5:31:4e: f7:f6:32:29:54:20:ae:ed:db:57:e3:ad:a0:7c:e3: ad:f0:c5:0f:b0:c4:5c:f4:62:85:07:ad:f7:cd:5d: cd:3b:24:60:4b:b8:29:dd:4e:97:fa:b5:09:b5:9a: fb:ac:62:8c:3c:59:fc:cd:e2:79:37:2b:ec:6e:3b: 0b:fa:b4:e4:a7:7f:c8:92:58:77:4a:36:0d:6a:c7: 00:ac:b2:f3:72:a7:fb:46:74:40:30:05:af:fe:24: a6:e3:d7:c8:29:8e:b3:46:31:55:26:ca:11:a0:50: dd:f8:6c:ec:8b:8e:9d:16:e1:19:95:fe:6d:2a:14: b7:4e:60:dc:96:17:09:a3:11:f8:69:b8:f8:f2:57: 0c:69:0a:b1:dd:5b:00:9c:23:77:ba:fb:1e:32:29: 8d:82:4c:ab:5a:e8:96:25:61:05:64:ed:59:b9:b0: bc:d7:f2:e4:a6:2f:0b:65:48:06:4e:c2:15:ff:b3: b3:d9:bc:fa:2e:fe:b5:7e:d9:04:8c:3c:21:97:2c: cb:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:A6:34:35:7B:B7:3C:72:8A:7C:0E:13:AD:34:88:0E:93:D4:CD:DA X509v3 Authority Key Identifier: keyid:DE:B4:C0:B9:07:FA:CA:1C:5D:37:76:BD:49:46:F4:BA:A8:CA:6B:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3rTAuQf6yhxdN3a9SUb0uqjKazA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 92:f1:63:eb:8d:82:4e:10:78:9e:18:bf:ac:a0:c1:07:d3:ee: 5d:bf:f0:a7:72:66:e8:f0:9c:0b:88:39:c3:b1:e6:c0:d7:9c: ad:8e:3c:18:72:c2:2b:b4:0c:1a:cc:a5:a0:44:82:25:45:29: 8a:9a:18:b7:6e:e0:ec:14:bd:8a:b8:46:7d:a2:fb:0a:fe:89: 6a:b8:31:d3:fa:28:6a:5c:77:53:3f:6c:01:ae:b7:df:e3:57: 97:c0:b7:2e:53:fc:0d:cc:dc:5f:11:48:fc:aa:f7:9c:38:4f: 9f:95:75:9e:e2:21:20:4f:15:01:f9:bd:c5:d6:6f:b7:17:b4: b1:4f:08:a1:97:f1:9d:30:eb:ec:56:29:b1:ae:df:7d:38:74: 78:c9:fd:f6:52:34:25:fd:e4:58:3c:93:67:91:8e:3a:ef:be: 70:da:f8:4f:11:18:31:f9:60:f4:40:80:b9:cc:86:44:56:63: 79:80:ad:ea:d5:63:c5:c0:78:d9:a7:6d:aa:94:10:80:34:ed: fd:d2:48:07:bc:d6:e7:81:6e:b7:7d:9a:4f:4e:b7:8f:9c:fc: 24:61:46:d9:3a:6a:1c:f7:78:de:d0:66:7a:6d:31:c8:ca:b3: 6c:2b:7e:d5:1e:c7:2d:98:a4:09:39:11:03:37:0a:40:d0:1c: 2b:d8:3f:78 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBSzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG M0I1RjExMC8GA1UEBRMoREVCNEMwQjkwN0ZBQ0ExQzVEMzc3NkJENDk0NkY0QkFB OENBNkIzMDAeFw0yNTA4MjMwNzM3NDdaFw0yNTA4MzAwNzM3NDdaMBgxFjAUBgNV BAMTDTY4YTk2ZmNjLTY4NzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDAKfUtAw4vtWpGJGPleHlaHRMOGPkX4LkMgVVz3o4RWJ0d5p304Crt1L4qxoBb 67biIJnaGoxPD+UxTvf2MilUIK7t21fjraB8463wxQ+wxFz0YoUHrffNXc07JGBL uCndTpf6tQm1mvusYow8WfzN4nk3K+xuOwv6tOSnf8iSWHdKNg1qxwCssvNyp/tG dEAwBa/+JKbj18gpjrNGMVUmyhGgUN34bOyLjp0W4RmV/m0qFLdOYNyWFwmjEfhp uPjyVwxpCrHdWwCcI3e6+x4yKY2CTKta6JYlYQVk7Vm5sLzX8uSmLwtlSAZOwhX/ s7PZvPou/rV+2QSMPCGXLMsPAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUyKY0NXu3 PHKKfA4TrTSIDpPUzdowHwYDVR0jBBgwFoAU3rTAuQf6yhxdN3a9SUb0uqjKazAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYzQjVGL0IxNzBDOTEyMTM2 NjExRjA4MkUzQzUwREM0RjlBRTAyLzNyVEF1UWY2eWh4ZE4zYTlTVWIwdXFqS2F6 QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvM3JUQXVRZjZ5aHhkTjNhOVNVYjB1cWpLYXpBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYz QjVGL0IxNzBDOTEyMTM2NjExRjA4MkUzQzUwREM0RjlBRTAyLzNyVEF1UWY2eWh4 ZE4zYTlTVWIwdXFqS2F6QS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAJLxY+uNgk4QeJ4Yv6ygwQfT7l2/8KdyZujwnAuIOcOx5sDXnK2OPBhy wiu0DBrMpaBEgiVFKYqaGLdu4OwUvYq4Rn2i+wr+iWq4MdP6KGpcd1M/bAGut9/j V5fAty5T/A3M3F8RSPyq95w4T5+VdZ7iISBPFQH5vcXWb7cXtLFPCKGX8Z0w6+xW KbGu3304dHjJ/fZSNCX95Fg8k2eRjjrvvnDa+E8RGDH5YPRAgLnMhkRWY3mArerV Y8XAeNmnbaqUEIA07f3SSAe81ueBbrd9mk9Ot4+c/CRhRtk6ahz3eN7QZnptMcjK s2wrftUexy2YpAk5EQM3CkDQHCvYP3g= -----END CERTIFICATE-----Generated at Sat Aug 23 10:39:49 2025 by rpki-client