$ rpki-client -vvf rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/3qB5KN5ChJYNLNXo50cChCYLMmY.mft File: 3qB5KN5ChJYNLNXo50cChCYLMmY.mft (raw, json) Hash identifier: U6b7DLiJ8BCBcWHHdnxfr6nSXgPimg3EKfPFhesuKZA= Subject key identifier: 84:4D:00:3F:27:51:73:C8:2C:70:CD:4F:ED:4D:90:C0:84:6B:D8:3A Authority key identifier: DE:A0:79:28:DE:42:84:96:0D:2C:D5:E8:E7:47:02:84:26:0B:32:66 Certificate issuer: /CN=A9171AD3/serialNumber=DEA07928DE4284960D2CD5E8E7470284260B3266 Certificate serial: 08A4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3qB5KN5ChJYNLNXo50cChCYLMmY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/3qB5KN5ChJYNLNXo50cChCYLMmY.mft Manifest number: 089B Signing time: Thu 24 Jul 2025 20:45:19 +0000 Manifest this update: Thu 24 Jul 2025 20:45:18 +0000 Manifest next update: Thu 31 Jul 2025 20:45:18 +0000 Files and hashes: 1: 3qB5KN5ChJYNLNXo50cChCYLMmY.crl (hash: kfxper2uds8k7q5iqlWTuCYho9GuCgIf3jT8zbETbNU=) 2: 186A811414CD11F0AB0B2C0CC4F9AE02.roa (hash: 9tc8Ga8JfnoWYOg9jj5aEvP7RbMQoDEn79rxtZ5FqHw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/3qB5KN5ChJYNLNXo50cChCYLMmY.crl rsync://rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/3qB5KN5ChJYNLNXo50cChCYLMmY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3qB5KN5ChJYNLNXo50cChCYLMmY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 31 Jul 2025 20:45:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2212 (0x8a4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9171AD3, serialNumber=DEA07928DE4284960D2CD5E8E7470284260B3266 Validity Not Before: Jul 24 20:45:18 2025 GMT Not After : Jul 31 20:45:18 2025 GMT Subject: CN=68829b5e-008a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:ad:75:cd:28:ec:67:02:60:4a:bc:4a:9b:34: 72:cf:f2:42:d4:cb:15:8f:6b:39:b8:52:da:47:74: d2:89:0b:f0:8a:cf:86:e8:6d:c3:78:9a:10:7b:e1: 91:a3:dd:d5:a1:99:c3:b2:3c:51:3b:36:f2:bf:5b: 3f:5b:9c:37:3a:c9:cc:4e:8e:72:e9:47:fc:f3:55: 51:65:1f:16:e7:9a:ca:19:71:ba:a1:c9:83:19:e2: c4:ec:12:1c:09:3a:a8:47:e1:5f:4a:d3:16:9d:06: 88:18:10:ea:c3:81:40:27:43:f6:0a:4e:bc:dc:21: 47:ea:75:46:13:14:ce:3a:47:25:60:81:f5:84:ab: d2:63:47:b5:20:dc:b0:ad:fd:23:0a:6a:9a:4e:e6: 31:4f:f3:44:8b:4a:3c:a9:30:b5:27:1b:b9:95:61: db:6c:f3:e4:a5:33:ea:6a:02:86:2f:45:c4:da:51: 84:49:d4:d9:64:6c:a5:e7:c2:dc:ee:15:3c:d9:e3: da:ce:b7:83:47:4f:2a:bb:57:6b:6c:86:35:42:a1: f5:83:ee:be:eb:63:ee:bd:c8:84:98:5c:b3:26:68: a8:e9:01:3f:fd:25:85:40:05:5e:62:5c:16:7c:37: ad:25:b0:cc:d8:a3:4d:65:9b:f8:41:c8:2f:7a:ff: 32:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:4D:00:3F:27:51:73:C8:2C:70:CD:4F:ED:4D:90:C0:84:6B:D8:3A X509v3 Authority Key Identifier: keyid:DE:A0:79:28:DE:42:84:96:0D:2C:D5:E8:E7:47:02:84:26:0B:32:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/3qB5KN5ChJYNLNXo50cChCYLMmY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3qB5KN5ChJYNLNXo50cChCYLMmY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/3qB5KN5ChJYNLNXo50cChCYLMmY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 86:6a:3c:ce:c3:8a:2a:a8:d5:f8:cc:2c:fb:c2:8d:62:a9:fe: dd:45:85:32:1f:7a:a6:f5:58:cc:56:6e:34:55:d7:9a:a4:20: 6a:30:2d:b2:d5:cf:ec:00:a5:95:16:be:9d:1c:e6:b0:51:3b: 5b:e7:d3:55:b5:38:2c:72:f7:66:c1:ac:65:8f:b9:d4:93:45: 90:9c:b4:f5:51:cc:ef:a5:69:07:06:69:f3:94:a9:90:a5:4c: be:18:de:0f:91:96:29:b0:0a:d8:c5:97:79:68:64:e5:97:95: 6b:c1:bb:76:b4:f4:c6:2b:7b:a8:25:ba:26:4d:bf:f1:7b:04: eb:27:2c:59:fd:07:16:d8:d4:3d:c2:ce:b0:c1:df:16:de:c6: d7:bb:83:bb:3f:d9:00:96:0e:97:87:b3:e1:6b:82:76:33:30: c9:5c:8f:f9:cd:4a:d6:2e:a7:41:35:05:1e:61:b1:1b:e5:62: 47:84:e9:95:86:ab:63:61:02:7a:b2:ca:fe:34:f5:83:a7:8b: 51:7c:73:9f:eb:2b:b9:6e:96:32:5a:11:06:d2:cd:71:1b:ac: 8e:9f:12:aa:56:89:4e:2c:db:d7:b1:ca:9d:57:b5:96:ae:e8: 99:57:e1:57:f4:c6:ee:90:94:3a:89:e7:7d:5f:30:83:9a:f3: 42:fc:6e:d2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCKQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzFBRDMxMTAvBgNVBAUTKERFQTA3OTI4REU0Mjg0OTYwRDJDRDVFOEU3NDcwMjg0 MjYwQjMyNjYwHhcNMjUwNzI0MjA0NTE4WhcNMjUwNzMxMjA0NTE4WjAYMRYwFAYD VQQDEw02ODgyOWI1ZS0wMDhhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzq11zSjsZwJgSrxKmzRyz/JC1MsVj2s5uFLaR3TSiQvwis+G6G3DeJoQe+GR o93VoZnDsjxROzbyv1s/W5w3OsnMTo5y6Uf881VRZR8W55rKGXG6ocmDGeLE7BIc CTqoR+FfStMWnQaIGBDqw4FAJ0P2Ck683CFH6nVGExTOOkclYIH1hKvSY0e1INyw rf0jCmqaTuYxT/NEi0o8qTC1Jxu5lWHbbPPkpTPqagKGL0XE2lGESdTZZGyl58Lc 7hU82ePazreDR08qu1drbIY1QqH1g+6+62PuvciEmFyzJmio6QE//SWFQAVeYlwW fDetJbDM2KNNZZv4Qcgvev8yZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIRNAD8n UXPILHDNT+1NkMCEa9g6MB8GA1UdIwQYMBaAFN6geSjeQoSWDSzV6OdHAoQmCzJm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MUFEMy8wQkM0Rjg0MEMx QjIxMUVBODMyNzg3NjdDNEY5QUUwMi8zcUI1S041Q2hKWU5MTlhvNTBjQ2hDWUxN bVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNxQjVLTjVDaEpZTkxOWG81MGNDaENZTE1tWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MUFEMy8wQkM0Rjg0MEMxQjIxMUVBODMyNzg3NjdDNEY5QUUwMi8zcUI1S041Q2hK WU5MTlhvNTBjQ2hDWUxNbVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCGajzOw4oqqNX4zCz7wo1iqf7dRYUyH3qm9VjMVm40VdeapCBqMC2y 1c/sAKWVFr6dHOawUTtb59NVtTgscvdmwaxlj7nUk0WQnLT1UczvpWkHBmnzlKmQ pUy+GN4PkZYpsArYxZd5aGTll5Vrwbt2tPTGK3uoJbomTb/xewTrJyxZ/QcW2NQ9 ws6wwd8W3sbXu4O7P9kAlg6Xh7Pha4J2MzDJXI/5zUrWLqdBNQUeYbEb5WJHhOmV hqtjYQJ6ssr+NPWDp4tRfHOf6yu5bpYyWhEG0s1xG6yOnxKqVolOLNvXscqdV7WW ruiZV+FX9MbukJQ6ied9XzCDmvNC/G7S -----END CERTIFICATE-----Generated at Sat Jul 26 02:00:14 2025 by rpki-client