$ rpki-client -vvf rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft File: 3FejmXtffOj7ybTZiz1F1jMHcRg.mft (raw, json) Hash identifier: oqP/zkmx47t3ds1qeaKVX0pHiL0w0NXyunWkjS89TXI= Subject key identifier: B2:9B:06:66:BB:07:9B:3C:30:11:07:44:59:CC:1B:5F:1C:77:B5:C4 Authority key identifier: DC:57:A3:99:7B:5F:7C:E8:FB:C9:B4:D9:8B:3D:45:D6:33:07:71:18 Certificate issuer: /CN=A917CABB/serialNumber=DC57A3997B5F7CE8FBC9B4D98B3D45D633077118 Certificate serial: 0C33 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft Manifest number: 0C2C Signing time: Tue 22 Jul 2025 18:51:23 +0000 Manifest this update: Tue 22 Jul 2025 18:51:23 +0000 Manifest next update: Tue 29 Jul 2025 18:51:23 +0000 Files and hashes: 1: 3FejmXtffOj7ybTZiz1F1jMHcRg.crl (hash: Rx+tGDTfpTW+juddh4dsqiY5WGE/1MUcT+BZoPmn7ms=) 2: 17BA5658D1FA11EDA0A31C2FC4F9AE02.roa (hash: H306zJ6w0u++pxJwnmCEZeb1MJYQzvBqunxs7beIBF4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.crl rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Jul 2025 18:51:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3123 (0xc33) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917CABB, serialNumber=DC57A3997B5F7CE8FBC9B4D98B3D45D633077118 Validity Not Before: Jul 22 18:51:23 2025 GMT Not After : Jul 29 18:51:23 2025 GMT Subject: CN=687fddab-dfd9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:5b:e3:ea:6e:67:36:93:77:87:f4:05:23:9b: db:fd:2d:c9:cc:cd:a1:b8:65:b9:30:44:d4:0f:28: ab:ef:93:31:14:35:7f:66:3f:a5:1c:37:7b:bd:78: 4b:42:4f:f7:e1:5c:e2:8b:02:76:f9:1b:bb:67:0e: b7:67:e7:f7:bb:76:f7:46:1b:d8:92:2f:aa:f5:15: ed:64:75:ac:b8:2a:a1:30:68:64:7f:49:30:0d:c1: 30:63:5a:94:69:47:af:c5:19:19:cb:29:14:a3:94: 00:86:f3:af:24:26:c8:8b:03:cc:5a:fa:01:5f:85: ea:a0:ab:2a:19:69:38:7c:7f:9d:0d:b0:aa:b5:a0: 6c:a8:96:d5:d7:a8:ff:a1:4f:53:fb:0d:9d:90:be: e2:c8:7d:cb:98:64:ad:62:1a:84:c1:2d:f8:d0:31: f0:25:7d:a3:58:4c:b4:8c:b7:33:2f:21:3d:f4:cd: 71:16:35:49:94:e7:8b:4c:24:91:a9:49:a6:ec:87: 20:a4:53:fe:0d:f6:76:a5:1e:87:78:39:dc:80:30: 81:83:5b:0d:1a:b6:32:02:17:26:7e:b0:19:87:30: ad:79:dc:dd:80:b0:c1:97:e4:d0:47:d3:70:8b:bc: 06:09:72:43:74:5a:56:04:55:49:01:e5:43:78:70: 3d:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:9B:06:66:BB:07:9B:3C:30:11:07:44:59:CC:1B:5F:1C:77:B5:C4 X509v3 Authority Key Identifier: keyid:DC:57:A3:99:7B:5F:7C:E8:FB:C9:B4:D9:8B:3D:45:D6:33:07:71:18 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 22:d1:e8:9a:37:bc:c7:5a:4f:83:8e:5d:d4:23:da:f1:0d:da: e6:27:29:ae:fe:8e:d7:a2:d5:7d:7a:37:c8:10:99:04:a8:8a: 65:fd:5a:5d:62:56:bc:74:08:00:5c:59:f0:cf:c9:a6:01:ee: 90:d9:f3:df:e1:8e:e3:f6:4f:c4:07:b0:a5:72:a3:24:0c:78: 39:8a:69:1c:c8:43:80:61:69:39:30:5c:1d:2a:a0:67:a0:3b: 38:1b:b9:0e:fd:36:f4:2b:f7:5f:ea:00:f6:d8:06:1e:22:ea: 68:d4:c1:a8:1c:de:97:3a:c0:66:58:aa:f5:85:8b:c3:ea:e3: c7:d8:6b:2f:b2:c6:18:72:37:b2:25:2a:26:e5:75:b2:3c:7b: bb:2b:b4:d3:47:70:41:2f:1d:cf:e5:5b:5f:ba:25:1f:eb:d8: 92:34:c1:5d:21:49:73:52:37:ed:73:0f:8e:9d:7e:fb:87:0d: 77:f7:4d:ca:35:8e:94:5a:82:de:ab:ec:20:e8:f3:b1:55:a1: 20:d4:a5:db:da:bb:c6:cb:5b:4c:f6:75:a5:23:ff:87:f4:c8: a7:d1:60:23:27:24:62:1a:d7:08:9c:61:26:15:ce:9d:60:05: 61:93:cb:83:b9:d4:fe:c1:f3:a7:25:76:c5:57:d5:f1:5f:f0: 56:5c:72:23 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDDMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0NBQkIxMTAvBgNVBAUTKERDNTdBMzk5N0I1RjdDRThGQkM5QjREOThCM0Q0NUQ2 MzMwNzcxMTgwHhcNMjUwNzIyMTg1MTIzWhcNMjUwNzI5MTg1MTIzWjAYMRYwFAYD VQQDEw02ODdmZGRhYi1kZmQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtVvj6m5nNpN3h/QFI5vb/S3JzM2huGW5METUDyir75MxFDV/Zj+lHDd7vXhL Qk/34VziiwJ2+Ru7Zw63Z+f3u3b3RhvYki+q9RXtZHWsuCqhMGhkf0kwDcEwY1qU aUevxRkZyykUo5QAhvOvJCbIiwPMWvoBX4XqoKsqGWk4fH+dDbCqtaBsqJbV16j/ oU9T+w2dkL7iyH3LmGStYhqEwS340DHwJX2jWEy0jLczLyE99M1xFjVJlOeLTCSR qUmm7IcgpFP+DfZ2pR6HeDncgDCBg1sNGrYyAhcmfrAZhzCtedzdgLDBl+TQR9Nw i7wGCXJDdFpWBFVJAeVDeHA90QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLKbBma7 B5s8MBEHRFnMG18cd7XEMB8GA1UdIwQYMBaAFNxXo5l7X3zo+8m02Ys9RdYzB3EY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Q0FCQi8wNzY3NUYxRTBG NjkxMUVBQTlENTI2NTBDNEY5QUUwMi8zRmVqbVh0ZmZPajd5YlRaaXoxRjFqTUhj UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNGZWptWHRmZk9qN3liVFppejFGMWpNSGNSZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 Q0FCQi8wNzY3NUYxRTBGNjkxMUVBQTlENTI2NTBDNEY5QUUwMi8zRmVqbVh0ZmZP ajd5YlRaaXoxRjFqTUhjUmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAi0eiaN7zHWk+Djl3UI9rxDdrmJymu/o7XotV9ejfIEJkEqIpl/Vpd Yla8dAgAXFnwz8mmAe6Q2fPf4Y7j9k/EB7ClcqMkDHg5imkcyEOAYWk5MFwdKqBn oDs4G7kO/Tb0K/df6gD22AYeIupo1MGoHN6XOsBmWKr1hYvD6uPH2GsvssYYcjey JSom5XWyPHu7K7TTR3BBLx3P5VtfuiUf69iSNMFdIUlzUjftcw+OnX77hw13903K NY6UWoLeq+wg6POxVaEg1KXb2rvGy1tM9nWlI/+H9Min0WAjJyRiGtcInGEmFc6d YAVhk8uDudT+wfOnJXbFV9XxX/BWXHIj -----END CERTIFICATE-----Generated at Thu Jul 24 04:59:37 2025 by rpki-client