$ rpki-client -vvf rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/3qB5KN5ChJYNLNXo50cChCYLMmY.mft File: 3qB5KN5ChJYNLNXo50cChCYLMmY.mft (raw, json) Hash identifier: RUtfoU+Gt9wFJsQIjDj2vbipnzwkfNRv9ExRZX/65PY= Subject key identifier: E7:40:08:4B:88:E0:81:C7:CB:AB:B1:69:65:1F:EB:BC:2C:49:5B:0A Authority key identifier: DE:A0:79:28:DE:42:84:96:0D:2C:D5:E8:E7:47:02:84:26:0B:32:66 Certificate issuer: /CN=A9171AD3/serialNumber=DEA07928DE4284960D2CD5E8E7470284260B3266 Certificate serial: 08A3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3qB5KN5ChJYNLNXo50cChCYLMmY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/3qB5KN5ChJYNLNXo50cChCYLMmY.mft Manifest number: 089A Signing time: Tue 22 Jul 2025 20:49:01 +0000 Manifest this update: Tue 22 Jul 2025 20:49:01 +0000 Manifest next update: Tue 29 Jul 2025 20:49:01 +0000 Files and hashes: 1: 3qB5KN5ChJYNLNXo50cChCYLMmY.crl (hash: jugYZIttkph2skIY+9rnfEO1L5IldQAzOXDvbJadlZ4=) 2: 186A811414CD11F0AB0B2C0CC4F9AE02.roa (hash: 9tc8Ga8JfnoWYOg9jj5aEvP7RbMQoDEn79rxtZ5FqHw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/3qB5KN5ChJYNLNXo50cChCYLMmY.crl rsync://rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/3qB5KN5ChJYNLNXo50cChCYLMmY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3qB5KN5ChJYNLNXo50cChCYLMmY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Jul 2025 20:49:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2211 (0x8a3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9171AD3, serialNumber=DEA07928DE4284960D2CD5E8E7470284260B3266 Validity Not Before: Jul 22 20:49:01 2025 GMT Not After : Jul 29 20:49:01 2025 GMT Subject: CN=687ff93d-a0a2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:9f:2a:71:ab:20:b5:a2:cb:e7:10:41:8a:fa: 66:c4:8e:2d:23:7f:11:12:d8:ca:c6:39:70:18:63: 45:1f:bc:ca:b3:15:9c:69:a5:e4:e8:1b:64:2c:95: 9f:a4:c0:d8:67:8d:87:9f:6a:b6:d7:e5:4d:17:f1: fb:67:47:67:94:4b:4d:d5:48:8a:b8:32:1c:48:c8: 63:fd:a7:12:c8:c1:d2:98:4d:10:82:44:fa:a4:37: 74:dc:c0:18:44:07:a6:d7:43:1d:0b:90:af:f7:a8: 64:41:55:d1:e3:d0:c4:73:62:85:62:fb:16:46:f9: 62:94:18:97:be:ce:01:98:d4:df:32:d1:65:f8:e5: 2a:0a:4d:58:a5:dc:32:4d:22:a0:99:5e:2a:ba:15: 23:1f:c3:31:ab:e1:e1:81:12:78:72:75:79:0f:d6: 5f:57:18:8e:e0:dd:ea:8c:a5:78:5b:bc:92:35:77: 8a:63:b9:e3:5e:67:09:fb:62:9e:c1:2f:f6:e8:cf: 21:dc:95:9a:9e:87:23:a6:c3:ca:1a:c8:52:5c:af: 88:2d:04:81:d6:95:76:1c:23:20:34:ea:30:ab:13: 51:05:98:6d:78:c1:a9:99:1c:1e:7d:7e:97:8b:a8: d1:3b:20:47:33:89:66:b8:76:27:fa:6c:a3:02:42: e0:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:40:08:4B:88:E0:81:C7:CB:AB:B1:69:65:1F:EB:BC:2C:49:5B:0A X509v3 Authority Key Identifier: keyid:DE:A0:79:28:DE:42:84:96:0D:2C:D5:E8:E7:47:02:84:26:0B:32:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/3qB5KN5ChJYNLNXo50cChCYLMmY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3qB5KN5ChJYNLNXo50cChCYLMmY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/3qB5KN5ChJYNLNXo50cChCYLMmY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 36:e8:bb:ae:89:4c:04:64:37:8b:b3:2a:ca:fa:84:f7:ff:71: f8:a3:c0:30:94:fa:18:9e:30:90:ef:7e:f6:58:44:ea:20:74: 4a:7e:36:30:f5:6b:e9:cb:b8:87:79:32:53:d5:c5:e1:21:f6: 6d:eb:6b:91:aa:c8:df:68:96:a9:5c:fb:00:83:53:07:62:94: 1e:85:29:a7:29:72:d9:f4:61:5c:7e:7c:9f:43:9a:ce:cf:5f: 0a:68:d9:b4:db:9a:5e:75:d8:4e:46:32:7d:11:e6:69:58:c2: 59:67:9b:ca:14:ae:00:85:2a:27:74:13:f7:aa:10:9a:19:c1: c4:2b:53:83:f6:dd:5e:17:6a:ec:74:5a:09:eb:84:4d:50:e1: 2e:cd:fa:fc:21:4e:5c:95:47:b8:fd:d9:c0:c5:ca:c6:55:32: fd:7e:b3:3f:a0:95:7e:4e:83:4e:57:d0:fa:87:56:6e:13:ec: fb:ba:5c:61:19:b7:22:9e:ca:ed:3d:bd:fb:63:cb:cc:b4:cf: fd:6d:d7:a0:64:07:9d:a6:56:76:ec:8f:c2:c1:cd:80:63:02: 09:1b:bc:4d:c0:3d:e9:67:7f:14:8c:50:bd:d2:dd:e3:4c:0f: 0f:3f:81:61:d6:92:24:43:90:64:4a:2f:d8:f1:dc:50:b1:20: 83:53:07:ee -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCKMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzFBRDMxMTAvBgNVBAUTKERFQTA3OTI4REU0Mjg0OTYwRDJDRDVFOEU3NDcwMjg0 MjYwQjMyNjYwHhcNMjUwNzIyMjA0OTAxWhcNMjUwNzI5MjA0OTAxWjAYMRYwFAYD VQQDEw02ODdmZjkzZC1hMGEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0Z8qcasgtaLL5xBBivpmxI4tI38REtjKxjlwGGNFH7zKsxWcaaXk6BtkLJWf pMDYZ42Hn2q21+VNF/H7Z0dnlEtN1UiKuDIcSMhj/acSyMHSmE0QgkT6pDd03MAY RAem10MdC5Cv96hkQVXR49DEc2KFYvsWRvlilBiXvs4BmNTfMtFl+OUqCk1Ypdwy TSKgmV4quhUjH8Mxq+HhgRJ4cnV5D9ZfVxiO4N3qjKV4W7ySNXeKY7njXmcJ+2Ke wS/26M8h3JWanocjpsPKGshSXK+ILQSB1pV2HCMgNOowqxNRBZhteMGpmRwefX6X i6jROyBHM4lmuHYn+myjAkLgPQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOdACEuI 4IHHy6uxaWUf67wsSVsKMB8GA1UdIwQYMBaAFN6geSjeQoSWDSzV6OdHAoQmCzJm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MUFEMy8wQkM0Rjg0MEMx QjIxMUVBODMyNzg3NjdDNEY5QUUwMi8zcUI1S041Q2hKWU5MTlhvNTBjQ2hDWUxN bVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNxQjVLTjVDaEpZTkxOWG81MGNDaENZTE1tWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MUFEMy8wQkM0Rjg0MEMxQjIxMUVBODMyNzg3NjdDNEY5QUUwMi8zcUI1S041Q2hK WU5MTlhvNTBjQ2hDWUxNbVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA26LuuiUwEZDeLsyrK+oT3/3H4o8AwlPoYnjCQ7372WETqIHRKfjYw 9Wvpy7iHeTJT1cXhIfZt62uRqsjfaJapXPsAg1MHYpQehSmnKXLZ9GFcfnyfQ5rO z18KaNm025peddhORjJ9EeZpWMJZZ5vKFK4AhSondBP3qhCaGcHEK1OD9t1eF2rs dFoJ64RNUOEuzfr8IU5clUe4/dnAxcrGVTL9frM/oJV+ToNOV9D6h1ZuE+z7ulxh GbcinsrtPb37Y8vMtM/9bdegZAedplZ27I/Cwc2AYwIJG7xNwD3pZ38UjFC90t3j TA8PP4Fh1pIkQ5BkSi/Y8dxQsSCDUwfu -----END CERTIFICATE-----Generated at Thu Jul 24 05:02:07 2025 by rpki-client