$ rpki-client -vvf rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/g3GOntShsiknnjylVdRNbh_KjMU.mft File: g3GOntShsiknnjylVdRNbh_KjMU.mft (raw, json) Hash identifier: XgM/gFlTsNRFWQT5oY60lTu7dUmLvw7dIYPJETvUDG0= Subject key identifier: 8A:1F:B8:AB:C6:82:A5:41:03:82:70:8D:10:CE:EE:7B:80:ED:C2:1C Authority key identifier: 83:71:8E:9E:D4:A1:B2:29:27:9E:3C:A5:55:D4:4D:6E:1F:CA:8C:C5 Certificate issuer: /CN=A917A17B/serialNumber=83718E9ED4A1B229279E3CA555D44D6E1FCA8CC5 Certificate serial: 0C68 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g3GOntShsiknnjylVdRNbh_KjMU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/g3GOntShsiknnjylVdRNbh_KjMU.mft Manifest number: 0C5D Signing time: Fri 18 Jul 2025 18:38:24 +0000 Manifest this update: Fri 18 Jul 2025 18:38:23 +0000 Manifest next update: Fri 25 Jul 2025 18:38:23 +0000 Files and hashes: 1: g3GOntShsiknnjylVdRNbh_KjMU.crl (hash: mq7a4SkV4YPPT67A785jiy9aGe7o8I6Qxvxv2JCL1Gc=) 2: A473C9A008F311EE98719810C4F9AE02.roa (hash: I+dyDrUC3DvMgCPW4jStqejUHX8a7vo0aXHEIsgKIwo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/g3GOntShsiknnjylVdRNbh_KjMU.crl rsync://rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/g3GOntShsiknnjylVdRNbh_KjMU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g3GOntShsiknnjylVdRNbh_KjMU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 18:38:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3176 (0xc68) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917A17B, serialNumber=83718E9ED4A1B229279E3CA555D44D6E1FCA8CC5 Validity Not Before: Jul 18 18:38:23 2025 GMT Not After : Jul 25 18:38:23 2025 GMT Subject: CN=687a94a0-3da0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:48:47:30:78:9d:c2:79:f1:aa:de:1c:a3:01: 66:0e:eb:e4:a4:23:4b:fc:9c:4d:04:01:06:5a:f3: 06:c2:a5:0c:12:0f:44:a5:f8:fd:d2:af:16:f0:a9: f6:cf:eb:89:e8:c2:94:b7:cd:9a:c6:6c:e7:f8:b3: 32:2f:f4:86:c5:1a:49:1f:e6:11:5f:f3:e4:f2:0c: 0a:9c:41:73:ae:bb:c2:c9:75:64:b1:4a:b6:07:94: 68:0c:87:c5:c0:1e:c1:13:c0:1f:91:77:78:0a:8d: 5a:84:fd:62:51:9e:c3:cc:63:f7:51:01:53:11:e6: d8:d3:94:c1:ea:2c:f8:f8:cb:57:7b:3d:f2:11:38: 54:5d:19:b4:cf:53:1d:4b:87:d7:f3:21:65:90:cc: d2:5e:71:e1:c4:4d:ef:33:f7:a3:dc:6c:a9:f8:df: fb:b9:63:b3:6e:80:40:67:4c:57:c0:84:49:3f:7e: ce:a8:ee:fd:f3:95:58:32:c9:d0:6b:9f:f4:06:58: 4c:77:ca:9b:b3:b8:51:4c:59:f8:8d:14:ab:15:86: a0:38:72:ea:81:26:50:b5:84:34:27:42:29:94:67: eb:05:a9:80:0b:81:9d:96:0d:6d:9b:4a:ea:df:ae: 02:9d:19:fc:eb:f0:3d:61:13:35:fb:67:f6:9b:c9: 61:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:1F:B8:AB:C6:82:A5:41:03:82:70:8D:10:CE:EE:7B:80:ED:C2:1C X509v3 Authority Key Identifier: keyid:83:71:8E:9E:D4:A1:B2:29:27:9E:3C:A5:55:D4:4D:6E:1F:CA:8C:C5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/g3GOntShsiknnjylVdRNbh_KjMU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g3GOntShsiknnjylVdRNbh_KjMU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/g3GOntShsiknnjylVdRNbh_KjMU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9e:84:b4:fe:e9:e7:2b:a8:eb:49:91:65:2f:2b:87:a7:df:db: 29:d0:3d:13:b2:c3:0f:7b:ee:11:13:12:ae:8a:e0:90:a1:32: 57:13:49:a2:3f:88:10:b5:65:56:90:9f:28:2d:61:9d:12:6f: 30:a3:fb:88:e0:19:da:3c:93:59:e2:e3:7c:7e:11:df:f7:08: be:70:e0:ed:e0:c9:1c:40:b1:4a:cc:56:6a:1e:77:8e:e0:ad: 7c:bd:a4:11:7c:1c:6c:52:7b:8d:ac:e1:dd:38:d1:ea:86:9a: dc:b2:57:d3:82:44:82:70:c9:70:c7:04:7e:e6:63:40:0c:eb: a9:ee:78:8f:0e:c1:d6:7e:dd:db:6f:6a:16:8e:45:3f:9b:9f: f2:82:6f:d0:16:7f:c4:1f:4d:ca:c2:d0:f7:6f:70:a0:34:26: 7c:87:a5:ef:0a:f2:1c:da:10:ff:82:e9:46:6f:30:72:ce:be: a0:1a:24:e2:e8:92:11:58:ae:ec:65:ec:7a:aa:d3:02:ae:2b: 60:91:eb:65:0e:91:19:c2:21:4f:ce:eb:77:25:0f:21:75:49: 48:cc:c6:84:ce:e6:41:de:de:67:fa:3b:74:6d:8a:73:b1:91: 8e:5e:e5:a5:12:54:60:7a:95:59:2d:3a:ff:12:02:aa:e9:f6: 64:d3:e3:08 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDGgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0ExN0IxMTAvBgNVBAUTKDgzNzE4RTlFRDRBMUIyMjkyNzlFM0NBNTU1RDQ0RDZF MUZDQThDQzUwHhcNMjUwNzE4MTgzODIzWhcNMjUwNzI1MTgzODIzWjAYMRYwFAYD VQQDEw02ODdhOTRhMC0zZGEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqUhHMHidwnnxqt4cowFmDuvkpCNL/JxNBAEGWvMGwqUMEg9Epfj90q8W8Kn2 z+uJ6MKUt82axmzn+LMyL/SGxRpJH+YRX/Pk8gwKnEFzrrvCyXVksUq2B5RoDIfF wB7BE8AfkXd4Co1ahP1iUZ7DzGP3UQFTEebY05TB6iz4+MtXez3yEThUXRm0z1Md S4fX8yFlkMzSXnHhxE3vM/ej3Gyp+N/7uWOzboBAZ0xXwIRJP37OqO7985VYMsnQ a5/0BlhMd8qbs7hRTFn4jRSrFYagOHLqgSZQtYQ0J0IplGfrBamAC4Gdlg1tm0rq 364CnRn86/A9YRM1+2f2m8lhawIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIofuKvG gqVBA4JwjRDO7nuA7cIcMB8GA1UdIwQYMBaAFINxjp7UobIpJ548pVXUTW4fyozF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTE3Qi84NTM5NUQ2RTA2 RDMxMUVBQkE1RDVBNDlDNEY5QUUwMi9nM0dPbnRTaHNpa25uanlsVmRSTmJoX0tq TVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2czR09udFNoc2lrbm5qeWxWZFJOYmhfS2pNVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QTE3Qi84NTM5NUQ2RTA2RDMxMUVBQkE1RDVBNDlDNEY5QUUwMi9nM0dPbnRTaHNp a25uanlsVmRSTmJoX0tqTVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCehLT+6ecrqOtJkWUvK4en39sp0D0TssMPe+4RExKuiuCQoTJXE0mi P4gQtWVWkJ8oLWGdEm8wo/uI4BnaPJNZ4uN8fhHf9wi+cODt4MkcQLFKzFZqHneO 4K18vaQRfBxsUnuNrOHdONHqhprcslfTgkSCcMlwxwR+5mNADOup7niPDsHWft3b b2oWjkU/m5/ygm/QFn/EH03KwtD3b3CgNCZ8h6XvCvIc2hD/gulGbzByzr6gGiTi 6JIRWK7sZex6qtMCritgketlDpEZwiFPzut3JQ8hdUlIzMaEzuZB3t5n+jt0bYpz sZGOXuWlElRgepVZLTr/EgKq6fZk0+MI -----END CERTIFICATE-----Generated at Sun Jul 20 11:37:42 2025 by rpki-client