$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8282/061AAB52FBFE11EFB5520A12C4F9AE02/n3tC7xjTQv3Vap_cXz2AHi0sGrc.mft File: n3tC7xjTQv3Vap_cXz2AHi0sGrc.mft (raw, json) Hash identifier: 42/9o0/scjfx+eLtOYZcrm5sgM+lBtB/tvi5YOcCBxM= Subject key identifier: B6:91:DC:B9:79:8C:97:77:58:0A:C5:E7:41:99:93:03:BE:05:D4:ED Authority key identifier: 9F:7B:42:EF:18:D3:42:FD:D5:6A:9F:DC:5F:3D:80:1E:2D:2C:1A:B7 Certificate issuer: /CN=A91F8282/serialNumber=9F7B42EF18D342FDD56A9FDC5F3D801E2D2C1AB7 Certificate serial: 3E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n3tC7xjTQv3Vap_cXz2AHi0sGrc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F8282/061AAB52FBFE11EFB5520A12C4F9AE02/n3tC7xjTQv3Vap_cXz2AHi0sGrc.mft Manifest number: 3D Signing time: Tue 01 Jul 2025 08:18:48 +0000 Manifest this update: Tue 01 Jul 2025 08:18:47 +0000 Manifest next update: Tue 08 Jul 2025 08:18:47 +0000 Files and hashes: 1: n3tC7xjTQv3Vap_cXz2AHi0sGrc.crl (hash: Vif2+JJloU+N8lrpSQMd9Of0r52djzsPmB2b3XrB1Uw=) 2: 05EBB6CEFEF811EFB0C52572C4F9AE02.roa (hash: hHpuvEEfCl4OhjB2zfY/eTXHBtooIatBX5e91JuXgS8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F8282/061AAB52FBFE11EFB5520A12C4F9AE02/n3tC7xjTQv3Vap_cXz2AHi0sGrc.crl rsync://rpki.apnic.net/member_repository/A91F8282/061AAB52FBFE11EFB5520A12C4F9AE02/n3tC7xjTQv3Vap_cXz2AHi0sGrc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n3tC7xjTQv3Vap_cXz2AHi0sGrc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 08:18:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62 (0x3e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F8282, serialNumber=9F7B42EF18D342FDD56A9FDC5F3D801E2D2C1AB7 Validity Not Before: Jul 1 08:18:47 2025 GMT Not After : Jul 8 08:18:47 2025 GMT Subject: CN=686399e8-5434 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:6f:ad:df:c4:f5:a7:14:df:a1:18:75:df:38: 1c:e0:06:24:b7:a9:75:a0:9f:4e:08:bc:72:8b:65: 33:ef:f1:ce:bf:61:ad:9d:3c:a3:fe:57:43:d2:d2: 52:40:43:48:48:3e:4a:4c:1a:0c:0f:5b:04:a0:73: a3:0a:ca:0d:be:e4:5e:67:61:d8:e2:78:ae:b4:95: ec:76:24:0a:34:5c:25:e3:f4:d7:cc:80:36:aa:c4: 88:70:bb:ba:2f:bb:37:93:54:24:a0:b6:14:3e:1b: ae:c8:1c:ec:87:ed:38:90:f7:0d:32:4a:3b:27:f4: 7f:0a:a6:50:33:7a:92:8e:5f:47:f0:79:fc:b0:db: 47:6f:08:e7:f0:08:29:a4:8b:b5:e4:52:1d:b7:47: d9:69:46:11:13:ab:ee:81:08:ef:6a:ed:18:90:c2: 04:ab:0a:77:e0:f6:a5:8b:29:f9:66:74:4a:47:7f: c7:4f:c0:28:f1:09:94:93:f6:41:7e:46:a6:19:1e: 37:cc:c5:c3:db:d5:5e:d3:06:a9:0a:a5:ce:64:23: 7e:e6:83:54:41:dc:7a:35:c0:83:f2:4c:26:6d:47: d5:4e:8d:15:05:25:bf:ef:67:37:25:93:dc:7a:63: 95:fe:15:53:ab:2f:e4:a3:51:0e:5a:79:29:67:21: 7c:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:91:DC:B9:79:8C:97:77:58:0A:C5:E7:41:99:93:03:BE:05:D4:ED X509v3 Authority Key Identifier: keyid:9F:7B:42:EF:18:D3:42:FD:D5:6A:9F:DC:5F:3D:80:1E:2D:2C:1A:B7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F8282/061AAB52FBFE11EFB5520A12C4F9AE02/n3tC7xjTQv3Vap_cXz2AHi0sGrc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n3tC7xjTQv3Vap_cXz2AHi0sGrc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8282/061AAB52FBFE11EFB5520A12C4F9AE02/n3tC7xjTQv3Vap_cXz2AHi0sGrc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 52:5e:a4:37:df:22:4f:63:fe:75:ac:18:1c:21:81:bf:8e:b2: 8d:b5:18:94:33:6f:da:e0:d1:46:09:41:dc:9b:9e:75:11:71: 79:db:dc:93:ea:ef:0b:6f:22:3c:16:cf:6c:59:fb:c9:f8:d1: 83:30:ee:c8:c8:95:fe:b0:ca:4c:2d:9a:f3:f8:a3:0c:e3:d4: fd:81:d4:73:4b:ec:a3:5e:b7:7a:f8:83:64:a1:37:72:39:4b: ed:97:97:a0:2f:bb:4e:39:42:c5:e0:84:7c:be:b6:30:54:93: f4:96:46:5e:a3:9e:3b:9f:2c:51:94:06:15:ee:83:50:ba:e2: 7a:ad:ce:ad:2c:26:9c:bb:32:21:ee:c2:db:e2:3e:9c:e8:78: 80:46:4c:f9:ec:4e:c3:4f:3c:ee:08:4f:4f:3b:f0:a0:eb:d4: 48:30:99:a0:d3:59:a0:3c:fa:8d:db:f6:fb:06:fa:43:64:d8: 57:1f:fc:60:0f:9d:b5:39:50:45:53:c6:a7:7c:9e:60:7c:46: 5b:2c:d8:95:f6:e2:c5:ab:03:1f:33:8d:ff:2c:8f:98:50:f1: 7f:34:cd:6e:aa:8d:13:5c:ec:cf:14:ea:31:b1:d7:a6:32:00: 25:b0:63:8f:23:30:2c:8b:67:f6:68:3d:e9:cc:27:1c:a1:fb: d7:af:cb:ae -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBPjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG ODI4MjExMC8GA1UEBRMoOUY3QjQyRUYxOEQzNDJGREQ1NkE5RkRDNUYzRDgwMUUy RDJDMUFCNzAeFw0yNTA3MDEwODE4NDdaFw0yNTA3MDgwODE4NDdaMBgxFjAUBgNV BAMTDTY4NjM5OWU4LTU0MzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDHb63fxPWnFN+hGHXfOBzgBiS3qXWgn04IvHKLZTPv8c6/Ya2dPKP+V0PS0lJA Q0hIPkpMGgwPWwSgc6MKyg2+5F5nYdjieK60lex2JAo0XCXj9NfMgDaqxIhwu7ov uzeTVCSgthQ+G67IHOyH7TiQ9w0ySjsn9H8KplAzepKOX0fwefyw20dvCOfwCCmk i7XkUh23R9lpRhETq+6BCO9q7RiQwgSrCnfg9qWLKflmdEpHf8dPwCjxCZST9kF+ RqYZHjfMxcPb1V7TBqkKpc5kI37mg1RB3Ho1wIPyTCZtR9VOjRUFJb/vZzclk9x6 Y5X+FVOrL+SjUQ5aeSlnIXyRAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUtpHcuXmM l3dYCsXnQZmTA74F1O0wHwYDVR0jBBgwFoAUn3tC7xjTQv3Vap/cXz2AHi0sGrcw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY4MjgyLzA2MUFBQjUyRkJG RTExRUZCNTUyMEExMkM0RjlBRTAyL24zdEM3eGpUUXYzVmFwX2NYejJBSGkwc0dy Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvbjN0Qzd4alRRdjNWYXBfY1h6MkFIaTBzR3JjLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY4 MjgyLzA2MUFBQjUyRkJGRTExRUZCNTUyMEExMkM0RjlBRTAyL24zdEM3eGpUUXYz VmFwX2NYejJBSGkwc0dyYy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAFJepDffIk9j/nWsGBwhgb+Oso21GJQzb9rg0UYJQdybnnURcXnb3JPq 7wtvIjwWz2xZ+8n40YMw7sjIlf6wykwtmvP4owzj1P2B1HNL7KNet3r4g2ShN3I5 S+2Xl6Avu045QsXghHy+tjBUk/SWRl6jnjufLFGUBhXug1C64nqtzq0sJpy7MiHu wtviPpzoeIBGTPnsTsNPPO4IT0878KDr1EgwmaDTWaA8+o3b9vsG+kNk2Fcf/GAP nbU5UEVTxqd8nmB8Rlss2JX24sWrAx8zjf8sj5hQ8X80zW6qjRNc7M8U6jGx16Yy ACWwY48jMCyLZ/ZoPenMJxyh+9evy64= -----END CERTIFICATE-----Generated at Tue Jul 1 19:00:00 2025 by rpki-client