$ rpki-client -vvf rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft File: 3q8cjeT-PFHGkVP8r5_owq1vjiY.mft (raw, json) Hash identifier: GP3QutLegqMApggsubGcVGc14KtnyFh0VhA1q6vJjqE= Subject key identifier: C0:4D:71:6D:E1:5D:FA:D8:7D:88:BE:5E:F6:97:E5:8A:91:39:9B:69 Authority key identifier: DE:AF:1C:8D:E4:FE:3C:51:C6:91:53:FC:AF:9F:E8:C2:AD:6F:8E:26 Certificate issuer: /CN=A917AC33/serialNumber=DEAF1C8DE4FE3C51C69153FCAF9FE8C2AD6F8E26 Certificate serial: 0134 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3q8cjeT-PFHGkVP8r5_owq1vjiY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft Manifest number: 0131 Signing time: Sat 19 Jul 2025 04:45:23 +0000 Manifest this update: Sat 19 Jul 2025 04:45:22 +0000 Manifest next update: Sat 26 Jul 2025 04:45:22 +0000 Files and hashes: 1: 3q8cjeT-PFHGkVP8r5_owq1vjiY.crl (hash: jWRvfqQv+ZTuobZJqKosVrCL5BMcc8zT0+ncCrWmBkw=) 2: 1C2EA330925011EE9571EE40C4F9AE02.roa (hash: g1vuB/s+fKkz9lQDwgz7uwUHIIgwyYOpfROfbA+7Aro=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.crl rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3q8cjeT-PFHGkVP8r5_owq1vjiY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 04:45:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 308 (0x134) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917AC33, serialNumber=DEAF1C8DE4FE3C51C69153FCAF9FE8C2AD6F8E26 Validity Not Before: Jul 19 04:45:22 2025 GMT Not After : Jul 26 04:45:22 2025 GMT Subject: CN=687b22e3-992e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:c9:eb:c8:11:3f:f4:5b:be:8f:b7:37:79:59: 3c:d1:5a:51:49:11:ad:6a:48:cf:85:f1:5f:85:fe: 79:f1:6c:b6:e5:37:1a:b6:48:09:73:0e:48:62:4d: 0e:63:1e:6b:76:9e:3d:f1:24:1e:9e:76:58:30:66: ba:c4:66:40:39:5c:7a:0e:50:e1:12:63:a1:88:4a: 5c:72:fb:a7:57:21:6f:29:d3:81:d2:cf:83:06:43: 8d:41:46:bc:bc:e0:a4:16:0b:18:5b:19:f3:33:4a: a7:f4:80:08:7c:07:ba:f6:16:c7:02:7c:d3:b3:ee: 81:fd:e5:56:5e:8b:a4:b1:9c:ee:f3:a7:5e:32:f0: 80:72:4d:62:c1:79:e2:2c:c5:20:f0:1f:68:ea:67: 67:79:13:71:63:9b:74:b7:5c:32:b2:cf:53:fb:04: 5a:05:5a:4a:75:db:8c:38:e6:95:91:b5:cb:9f:14: ca:59:a1:f3:23:1d:f1:f5:71:e8:b6:7f:e1:4d:73: 52:e7:5f:61:1b:c0:8e:ac:14:03:18:f7:5a:86:e6: d5:0e:2c:6b:f7:4b:e1:a2:fd:4c:ca:88:cf:e2:6f: 89:9b:d7:63:0f:ae:e5:b3:13:a6:63:11:08:f5:ac: 9d:65:89:ac:9c:a1:32:af:20:c3:72:26:ae:71:bd: d3:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:4D:71:6D:E1:5D:FA:D8:7D:88:BE:5E:F6:97:E5:8A:91:39:9B:69 X509v3 Authority Key Identifier: keyid:DE:AF:1C:8D:E4:FE:3C:51:C6:91:53:FC:AF:9F:E8:C2:AD:6F:8E:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3q8cjeT-PFHGkVP8r5_owq1vjiY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3d:b1:fe:3c:5e:8f:8b:af:50:ba:3d:15:86:23:1d:dd:3b:0b: eb:0f:70:62:aa:24:3f:0b:35:9c:44:ac:c2:3a:12:e5:af:c1: 74:53:26:bd:0b:47:5b:94:6c:19:1b:1e:7a:44:32:63:ca:8d: 8b:1e:9b:e2:e6:6b:6c:e8:d0:ac:fc:aa:71:c7:93:3d:24:6f: 4d:01:f2:0a:25:58:bd:af:fc:f8:5b:f4:8f:14:fc:d8:16:94: 36:14:92:68:e9:e2:b1:c5:53:ca:32:55:24:b7:e9:3c:5b:14: e9:05:f8:ec:a6:49:4b:cf:27:e7:fd:ef:a5:ef:4c:3f:ad:f0: ac:c5:04:be:5d:ef:c0:22:10:46:ab:58:19:13:21:cd:0c:06: 8b:60:d7:c4:a6:07:ce:3e:68:8a:78:09:57:29:8f:b2:ea:db: 82:63:7a:bf:7a:0e:bd:c9:d8:0c:2e:4a:73:8a:12:d8:d5:51: f3:d7:38:af:5b:3d:f5:82:84:eb:b2:a7:3c:cf:3e:e3:8b:da: 86:93:62:d8:59:cb:9b:6e:00:ff:46:81:1d:f0:b3:67:71:bb: 3b:1c:24:8e:8b:3f:e3:af:32:d7:54:90:af:31:a8:d9:0f:57: cb:df:6c:c5:47:a1:78:15:9d:96:4c:1c:5c:c4:ce:fb:fb:95: ba:64:11:0e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICATQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0FDMzMxMTAvBgNVBAUTKERFQUYxQzhERTRGRTNDNTFDNjkxNTNGQ0FGOUZFOEMy QUQ2RjhFMjYwHhcNMjUwNzE5MDQ0NTIyWhcNMjUwNzI2MDQ0NTIyWjAYMRYwFAYD VQQDEw02ODdiMjJlMy05OTJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2MnryBE/9Fu+j7c3eVk80VpRSRGtakjPhfFfhf558Wy25TcatkgJcw5IYk0O Yx5rdp498SQennZYMGa6xGZAOVx6DlDhEmOhiEpccvunVyFvKdOB0s+DBkONQUa8 vOCkFgsYWxnzM0qn9IAIfAe69hbHAnzTs+6B/eVWXouksZzu86deMvCAck1iwXni LMUg8B9o6mdneRNxY5t0t1wyss9T+wRaBVpKdduMOOaVkbXLnxTKWaHzIx3x9XHo tn/hTXNS519hG8COrBQDGPdahubVDixr90vhov1MyojP4m+Jm9djD67lsxOmYxEI 9aydZYmsnKEyryDDciaucb3TjQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMBNcW3h XfrYfYi+XvaX5YqROZtpMB8GA1UdIwQYMBaAFN6vHI3k/jxRxpFT/K+f6MKtb44m MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QUMzMy9CMEJGQUMzNDky NEYxMUVFQThDMjI0NDBDNEY5QUUwMi8zcThjamVULVBGSEdrVlA4cjVfb3dxMXZq aVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNxOGNqZVQtUEZIR2tWUDhyNV9vd3ExdmppWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QUMzMy9CMEJGQUMzNDkyNEYxMUVFQThDMjI0NDBDNEY5QUUwMi8zcThjamVULVBG SEdrVlA4cjVfb3dxMXZqaVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA9sf48Xo+Lr1C6PRWGIx3dOwvrD3BiqiQ/CzWcRKzCOhLlr8F0Uya9 C0dblGwZGx56RDJjyo2LHpvi5mts6NCs/Kpxx5M9JG9NAfIKJVi9r/z4W/SPFPzY FpQ2FJJo6eKxxVPKMlUkt+k8WxTpBfjspklLzyfn/e+l70w/rfCsxQS+Xe/AIhBG q1gZEyHNDAaLYNfEpgfOPmiKeAlXKY+y6tuCY3q/eg69ydgMLkpzihLY1VHz1ziv Wz31goTrsqc8zz7ji9qGk2LYWcubbgD/RoEd8LNncbs7HCSOiz/jrzLXVJCvMajZ D1fL32zFR6F4FZ2WTBxcxM77+5W6ZBEO -----END CERTIFICATE-----Generated at Sun Jul 20 06:16:11 2025 by rpki-client