$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8458/F8AF1202F61511EA8377006CC4F9AE02/3W8BT4rUXahdDhbys3aHZ5REhbM.mft File: 3W8BT4rUXahdDhbys3aHZ5REhbM.mft (raw, json) Hash identifier: Mo+Sk63B5ZbFKisbEnepbDd2VkbZE9w5Qe27Yw8UREg= Subject key identifier: FC:84:46:A1:CD:98:42:1B:0C:BD:46:54:0E:45:39:E9:C5:DB:29:69 Authority key identifier: DD:6F:01:4F:8A:D4:5D:A8:5D:0E:16:F2:B3:76:87:67:94:44:85:B3 Certificate issuer: /CN=A91E8458/serialNumber=DD6F014F8AD45DA85D0E16F2B3768767944485B3 Certificate serial: 07E7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3W8BT4rUXahdDhbys3aHZ5REhbM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8458/F8AF1202F61511EA8377006CC4F9AE02/3W8BT4rUXahdDhbys3aHZ5REhbM.mft Manifest number: 07E1 Signing time: Sun 20 Jul 2025 21:09:23 +0000 Manifest this update: Sun 20 Jul 2025 21:09:23 +0000 Manifest next update: Sun 27 Jul 2025 21:09:23 +0000 Files and hashes: 1: 3W8BT4rUXahdDhbys3aHZ5REhbM.crl (hash: lndTuLvqdEmt1IwEX8WllJLE8g+KC6G/yIFaawHz1/M=) 2: FAE7339CF7B911EA91318653C4F9AE02.roa (hash: AWPlkT/VPOlTrND3SaqX87pYECk2GQcIiP0u70mzoFk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8458/F8AF1202F61511EA8377006CC4F9AE02/3W8BT4rUXahdDhbys3aHZ5REhbM.crl rsync://rpki.apnic.net/member_repository/A91E8458/F8AF1202F61511EA8377006CC4F9AE02/3W8BT4rUXahdDhbys3aHZ5REhbM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3W8BT4rUXahdDhbys3aHZ5REhbM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 21:09:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2023 (0x7e7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8458, serialNumber=DD6F014F8AD45DA85D0E16F2B3768767944485B3 Validity Not Before: Jul 20 21:09:23 2025 GMT Not After : Jul 27 21:09:23 2025 GMT Subject: CN=687d5b03-03c9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:32:9d:c2:ea:89:06:01:f9:7c:71:91:6c:76: 40:d8:08:55:8f:33:58:fd:72:79:7f:66:6e:8d:99: f5:69:c3:f5:1c:85:86:2e:2a:9e:47:f5:e3:9b:f6: d3:8c:64:95:24:a7:30:2f:4d:8b:2c:37:d9:16:f1: a4:04:3e:41:02:d7:3f:d5:db:b6:d5:fe:33:32:a7: 7b:e6:ed:32:77:51:f4:de:29:dc:21:97:8d:2e:1c: e1:0b:b8:ba:30:64:3d:cb:97:30:bc:88:c5:5c:79: 6c:15:a7:71:d3:57:a9:91:3e:c5:83:8a:13:a6:af: 12:4c:43:94:7e:d2:ec:32:9e:2c:79:58:62:dd:27: 95:e8:2e:19:62:9d:ce:32:1e:b3:02:a1:43:94:d4: cd:98:6b:e1:80:22:1b:ad:ac:7f:e5:3d:7d:e4:f5: 67:3e:c9:ce:7b:2f:86:42:3a:2d:53:44:d3:a6:42: 48:07:ab:83:dc:df:d1:8d:b2:7f:56:68:cd:5f:18: a4:57:fd:b7:05:58:ec:63:bc:a6:81:b4:ac:ff:e7: d0:44:f4:5d:f2:08:bf:da:b2:f9:f3:a1:9a:53:76: 91:c4:ba:b0:12:f8:20:c5:e3:c6:b8:a8:40:69:4a: 5c:3e:c4:1b:a8:4a:e4:3a:84:3f:e4:14:9a:6f:78: e1:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:84:46:A1:CD:98:42:1B:0C:BD:46:54:0E:45:39:E9:C5:DB:29:69 X509v3 Authority Key Identifier: keyid:DD:6F:01:4F:8A:D4:5D:A8:5D:0E:16:F2:B3:76:87:67:94:44:85:B3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8458/F8AF1202F61511EA8377006CC4F9AE02/3W8BT4rUXahdDhbys3aHZ5REhbM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3W8BT4rUXahdDhbys3aHZ5REhbM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8458/F8AF1202F61511EA8377006CC4F9AE02/3W8BT4rUXahdDhbys3aHZ5REhbM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 35:a7:a1:a9:1d:ea:e7:d6:67:b8:bd:1a:3c:2b:39:34:27:45: 3b:45:02:53:bc:52:96:1a:75:db:05:17:e8:d6:d0:4e:9c:1b: f3:7b:43:62:a5:d8:92:41:d0:f6:52:0a:66:8a:34:5e:75:1d: 50:a1:43:02:c3:48:cd:86:b0:95:be:e3:be:c3:68:1d:23:81: 87:bc:bd:61:ff:ae:ae:3d:fc:fc:db:11:7c:b4:73:c5:1d:24: b6:e9:9d:ca:88:5d:5c:b2:58:65:44:84:3c:d4:9f:78:81:1c: 3e:1c:c4:a3:d6:da:2e:a1:a8:b3:29:32:8c:ef:3c:4c:01:78: 1e:70:c0:84:6b:34:b1:74:17:f7:3f:a7:31:51:8f:f9:5b:00: 92:bb:06:01:62:7d:8c:a5:30:80:19:3b:49:64:5f:f7:d0:fb: fe:78:4d:d4:d1:da:bf:e5:65:85:04:71:e3:8e:20:11:69:f1: 37:80:6d:ab:24:09:de:18:fa:e5:60:c5:f3:25:58:44:c4:df: 4c:82:4d:aa:65:63:d5:9e:3c:0f:76:3a:b6:06:89:32:cd:ae: 9e:0c:36:4f:95:80:67:ab:ba:82:83:e7:c6:b7:41:ae:c1:ca: 50:bf:66:1e:b1:11:d4:53:47:c1:9c:f7:dd:4f:d1:32:56:65: db:23:c0:5b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB+cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTg0NTgxMTAvBgNVBAUTKERENkYwMTRGOEFENDVEQTg1RDBFMTZGMkIzNzY4NzY3 OTQ0NDg1QjMwHhcNMjUwNzIwMjEwOTIzWhcNMjUwNzI3MjEwOTIzWjAYMRYwFAYD VQQDEw02ODdkNWIwMy0wM2M5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtTKdwuqJBgH5fHGRbHZA2AhVjzNY/XJ5f2ZujZn1acP1HIWGLiqeR/Xjm/bT jGSVJKcwL02LLDfZFvGkBD5BAtc/1du21f4zMqd75u0yd1H03incIZeNLhzhC7i6 MGQ9y5cwvIjFXHlsFadx01epkT7Fg4oTpq8STEOUftLsMp4seVhi3SeV6C4ZYp3O Mh6zAqFDlNTNmGvhgCIbrax/5T195PVnPsnOey+GQjotU0TTpkJIB6uD3N/RjbJ/ VmjNXxikV/23BVjsY7ymgbSs/+fQRPRd8gi/2rL586GaU3aRxLqwEvggxePGuKhA aUpcPsQbqErkOoQ/5BSab3jhcQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPyERqHN mEIbDL1GVA5FOenF2ylpMB8GA1UdIwQYMBaAFN1vAU+K1F2oXQ4W8rN2h2eURIWz MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODQ1OC9GOEFGMTIwMkY2 MTUxMUVBODM3NzAwNkNDNEY5QUUwMi8zVzhCVDRyVVhhaGREaGJ5czNhSFo1UkVo Yk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNXOEJUNHJVWGFoZERoYnlzM2FIWjVSRWhiTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF ODQ1OC9GOEFGMTIwMkY2MTUxMUVBODM3NzAwNkNDNEY5QUUwMi8zVzhCVDRyVVhh aGREaGJ5czNhSFo1UkVoYk0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA1p6GpHern1me4vRo8Kzk0J0U7RQJTvFKWGnXbBRfo1tBOnBvze0Ni pdiSQdD2UgpmijRedR1QoUMCw0jNhrCVvuO+w2gdI4GHvL1h/66uPfz82xF8tHPF HSS26Z3KiF1cslhlRIQ81J94gRw+HMSj1touoaizKTKM7zxMAXgecMCEazSxdBf3 P6cxUY/5WwCSuwYBYn2MpTCAGTtJZF/30Pv+eE3U0dq/5WWFBHHjjiARafE3gG2r JAneGPrlYMXzJVhExN9Mgk2qZWPVnjwPdjq2Bokyza6eDDZPlYBnq7qCg+fGt0Gu wcpQv2YesRHUU0fBnPfdT9EyVmXbI8Bb -----END CERTIFICATE-----Generated at Mon Jul 21 07:13:07 2025 by rpki-client