$ rpki-client -vvf rpki.apnic.net/member_repository/A915FDD9/BE7CAC12D6DE11EFB0474E1BC4F9AE02/A3iO4rrk2AXrzcpmGOLsGhilxOI.mft File: A3iO4rrk2AXrzcpmGOLsGhilxOI.mft (raw, json) Hash identifier: x2uWvEaqgJb2W+jvluzp9L3g+1fjyU43p2sWEhXlGL4= Subject key identifier: FE:E3:07:B5:96:DE:BE:94:32:E1:41:6C:D8:4B:9F:8E:06:F9:BB:73 Authority key identifier: 03:78:8E:E2:BA:E4:D8:05:EB:CD:CA:66:18:E2:EC:1A:18:A5:C4:E2 Certificate issuer: /CN=A915FDD9/serialNumber=03788EE2BAE4D805EBCDCA6618E2EC1A18A5C4E2 Certificate serial: 5D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A3iO4rrk2AXrzcpmGOLsGhilxOI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915FDD9/BE7CAC12D6DE11EFB0474E1BC4F9AE02/A3iO4rrk2AXrzcpmGOLsGhilxOI.mft Manifest number: 5D Signing time: Sat 19 Jul 2025 07:21:22 +0000 Manifest this update: Sat 19 Jul 2025 07:21:21 +0000 Manifest next update: Sat 26 Jul 2025 07:21:21 +0000 Files and hashes: 1: A3iO4rrk2AXrzcpmGOLsGhilxOI.crl (hash: xwoboiF32B7jUSM6V7c3EZ9irobqBX1YbxAUkQalmOE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915FDD9/BE7CAC12D6DE11EFB0474E1BC4F9AE02/A3iO4rrk2AXrzcpmGOLsGhilxOI.crl rsync://rpki.apnic.net/member_repository/A915FDD9/BE7CAC12D6DE11EFB0474E1BC4F9AE02/A3iO4rrk2AXrzcpmGOLsGhilxOI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A3iO4rrk2AXrzcpmGOLsGhilxOI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 07:21:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 93 (0x5d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915FDD9, serialNumber=03788EE2BAE4D805EBCDCA6618E2EC1A18A5C4E2 Validity Not Before: Jul 19 07:21:21 2025 GMT Not After : Jul 26 07:21:21 2025 GMT Subject: CN=687b4772-0450 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:c9:02:39:d9:55:c0:88:e3:e0:e7:a9:07:f9: 20:0b:56:56:94:19:a8:05:e4:5f:e9:15:37:7f:29: a4:19:6d:03:cd:08:cc:75:88:52:d1:d1:69:5b:95: 5f:91:89:7c:09:1e:1d:e6:c7:c4:f2:5b:8a:ac:1d: 8d:79:ed:48:86:05:0f:5c:ee:14:12:18:ff:73:30: fc:92:67:66:31:d9:8c:fe:ec:77:e4:7b:d0:f1:16: 32:a0:8c:ee:f3:b3:e5:77:fe:6f:18:45:f8:17:83: a7:8f:4e:8d:ae:00:63:19:b2:ec:51:20:55:c4:3e: a4:fa:a1:ce:43:17:09:37:38:75:b4:8e:56:5c:ae: a4:1c:07:1b:16:b1:7e:42:9d:9a:d4:c4:d9:d3:67: 3a:62:b0:ed:9b:16:ca:e3:3b:74:3b:ab:db:ee:a3: e3:7e:52:63:db:13:b5:5c:d2:d4:fb:34:f9:05:02: 94:c9:c0:d8:90:8a:2d:3a:76:ce:cf:d6:c3:4f:39: 4f:1b:bb:94:37:53:c2:46:67:55:07:23:a5:8f:b0: 0a:36:c9:12:d6:f4:5a:98:1e:78:7c:62:96:fd:e9: 9e:ec:c7:51:8d:da:23:50:ef:2e:77:04:a0:f3:e4: fc:0c:f2:d5:66:5c:d3:eb:69:02:b1:44:77:9d:f2: 18:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:E3:07:B5:96:DE:BE:94:32:E1:41:6C:D8:4B:9F:8E:06:F9:BB:73 X509v3 Authority Key Identifier: keyid:03:78:8E:E2:BA:E4:D8:05:EB:CD:CA:66:18:E2:EC:1A:18:A5:C4:E2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915FDD9/BE7CAC12D6DE11EFB0474E1BC4F9AE02/A3iO4rrk2AXrzcpmGOLsGhilxOI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A3iO4rrk2AXrzcpmGOLsGhilxOI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915FDD9/BE7CAC12D6DE11EFB0474E1BC4F9AE02/A3iO4rrk2AXrzcpmGOLsGhilxOI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 49:7e:9f:0e:f3:9a:f7:49:02:81:11:ea:fd:f6:7a:64:38:77: 35:5e:b5:90:42:40:7d:50:35:09:7d:e3:17:91:cd:30:38:c9: 24:0d:a3:94:f6:c3:ad:9c:ac:35:42:84:51:5f:5b:b2:ed:49: e5:a0:d9:71:15:e5:50:65:37:ad:c8:c7:b3:6d:ae:b6:72:28: 9b:d8:c8:65:50:06:1b:b7:15:c5:d7:e6:9c:3f:b5:dc:5d:0c: 60:e2:2a:61:72:7e:7b:93:13:f5:3c:95:7a:9d:a5:aa:5c:2a: 38:fc:00:b7:b9:53:be:5d:69:57:8c:08:aa:fd:0f:f7:ae:1e: 01:54:f3:ea:6b:f7:f5:9b:24:06:10:30:1d:26:5c:2f:fc:7c: a1:76:4e:c7:bc:7f:d2:23:20:65:e0:a6:d9:3f:c1:12:ba:55: 3d:fa:67:ee:98:41:19:a8:ad:64:60:ad:4c:52:6b:dc:e5:86: 55:bc:cf:a4:e5:02:e2:e1:44:09:38:01:aa:05:d6:79:28:19: a0:0f:43:57:b3:42:0d:4f:6c:17:06:bd:6d:70:71:f1:93:14: 81:d0:70:d3:21:d8:29:b5:40:26:ce:a0:0f:fa:4b:88:a3:a1: 1e:aa:3c:f7:70:92:77:79:01:5c:26:f3:3a:06:cb:12:61:14: 9a:cd:f6:d5 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBXTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 RkREOTExMC8GA1UEBRMoMDM3ODhFRTJCQUU0RDgwNUVCQ0RDQTY2MThFMkVDMUEx OEE1QzRFMjAeFw0yNTA3MTkwNzIxMjFaFw0yNTA3MjYwNzIxMjFaMBgxFjAUBgNV BAMTDTY4N2I0NzcyLTA0NTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDcyQI52VXAiOPg56kH+SALVlaUGagF5F/pFTd/KaQZbQPNCMx1iFLR0WlblV+R iXwJHh3mx8TyW4qsHY157UiGBQ9c7hQSGP9zMPySZ2Yx2Yz+7Hfke9DxFjKgjO7z s+V3/m8YRfgXg6ePTo2uAGMZsuxRIFXEPqT6oc5DFwk3OHW0jlZcrqQcBxsWsX5C nZrUxNnTZzpisO2bFsrjO3Q7q9vuo+N+UmPbE7Vc0tT7NPkFApTJwNiQii06ds7P 1sNPOU8bu5Q3U8JGZ1UHI6WPsAo2yRLW9FqYHnh8Ypb96Z7sx1GN2iNQ7y53BKDz 5PwM8tVmXNPraQKxRHed8hgBAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU/uMHtZbe vpQy4UFs2Eufjgb5u3MwHwYDVR0jBBgwFoAUA3iO4rrk2AXrzcpmGOLsGhilxOIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTVGREQ5L0JFN0NBQzEyRDZE RTExRUZCMDQ3NEUxQkM0RjlBRTAyL0EzaU80cnJrMkFYcnpjcG1HT0xzR2hpbHhP SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvQTNpTzRycmsyQVhyemNwbUdPTHNHaGlseE9JLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTVG REQ5L0JFN0NBQzEyRDZERTExRUZCMDQ3NEUxQkM0RjlBRTAyL0EzaU80cnJrMkFY cnpjcG1HT0xzR2hpbHhPSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEl+nw7zmvdJAoER6v32emQ4dzVetZBCQH1QNQl94xeRzTA4ySQNo5T2 w62crDVChFFfW7LtSeWg2XEV5VBlN63Ix7NtrrZyKJvYyGVQBhu3FcXX5pw/tdxd DGDiKmFyfnuTE/U8lXqdpapcKjj8ALe5U75daVeMCKr9D/euHgFU8+pr9/WbJAYQ MB0mXC/8fKF2Tse8f9IjIGXgptk/wRK6VT36Z+6YQRmorWRgrUxSa9zlhlW8z6Tl AuLhRAk4AaoF1nkoGaAPQ1ezQg1PbBcGvW1wcfGTFIHQcNMh2Cm1QCbOoA/6S4ij oR6qPPdwknd5AVwm8zoGyxJhFJrN9tU= -----END CERTIFICATE-----Generated at Sun Jul 20 12:05:43 2025 by rpki-client