$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.mft File: 3rTAuQf6yhxdN3a9SUb0uqjKazA.mft (raw, json) Hash identifier: H3Cq/7XZbhhx5ngLztSCQ8Ze/W/MLeySBM4sJmS68hg= Subject key identifier: 9D:44:68:20:6F:06:82:9C:1C:D1:95:6C:62:0B:A9:55:A4:01:DD:C5 Authority key identifier: DE:B4:C0:B9:07:FA:CA:1C:5D:37:76:BD:49:46:F4:BA:A8:CA:6B:30 Certificate issuer: /CN=A91F3B5F/serialNumber=DEB4C0B907FACA1C5D3776BD4946F4BAA8CA6B30 Certificate serial: 39 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3rTAuQf6yhxdN3a9SUb0uqjKazA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.mft Manifest number: 38 Signing time: Mon 21 Jul 2025 07:47:48 +0000 Manifest this update: Mon 21 Jul 2025 07:47:48 +0000 Manifest next update: Mon 28 Jul 2025 07:47:48 +0000 Files and hashes: 1: 3rTAuQf6yhxdN3a9SUb0uqjKazA.crl (hash: /s3HTOMv6Tqisvqu/AypWuy8pzZurZSZHi9pV4zRiqk=) 2: 0B65C980136D11F09F542C81C4F9AE02.roa (hash: VBqh2E7rkd2+euZfBVuvn8Wuy6ZridPl7cQmEbFqT/k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.crl rsync://rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3rTAuQf6yhxdN3a9SUb0uqjKazA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 07:47:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57 (0x39) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F3B5F, serialNumber=DEB4C0B907FACA1C5D3776BD4946F4BAA8CA6B30 Validity Not Before: Jul 21 07:47:48 2025 GMT Not After : Jul 28 07:47:48 2025 GMT Subject: CN=687df0a4-649e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:d4:47:27:0f:e1:a7:b8:63:d1:ee:b9:21:b6: dd:df:66:c1:c1:fb:c6:b3:7c:b7:ca:a4:93:2c:a7: ec:fd:b7:72:fd:d5:f3:e4:0b:31:57:65:9b:5d:66: 7f:89:a5:c8:4d:b9:64:b1:48:c6:70:92:5d:bf:2e: a0:42:cd:cb:18:32:9a:20:37:ba:63:5e:c3:f9:b1: 0b:61:ec:8e:a1:e8:9e:d4:01:88:19:38:0b:b7:1d: 94:2d:13:3e:aa:c4:42:13:af:b3:19:2c:83:2a:69: fe:2a:ee:5f:e0:63:63:5f:81:e1:7f:90:ad:c4:3a: 6b:25:12:bb:3c:21:dc:c0:94:c8:34:b2:c0:53:af: 3b:94:9c:7d:43:25:38:2a:33:6c:cf:c8:82:be:ab: e5:ab:9e:2f:f3:f5:78:16:33:4f:3d:e7:1f:0d:37: 56:25:cf:e3:a0:81:1b:3b:b3:c0:d2:96:cc:0d:98: c8:b5:d0:59:63:20:5f:91:d0:81:0d:48:1a:16:ee: a3:c3:79:10:48:7c:d8:0e:3c:97:9c:d3:09:68:60: 32:78:a6:1c:42:f6:d4:03:a5:54:b7:61:f8:9f:af: d9:57:db:83:76:0f:06:fe:81:8c:be:35:18:55:e8: 46:53:c2:db:56:d0:70:42:64:47:7e:9c:98:e5:00: 3f:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:44:68:20:6F:06:82:9C:1C:D1:95:6C:62:0B:A9:55:A4:01:DD:C5 X509v3 Authority Key Identifier: keyid:DE:B4:C0:B9:07:FA:CA:1C:5D:37:76:BD:49:46:F4:BA:A8:CA:6B:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3rTAuQf6yhxdN3a9SUb0uqjKazA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 00:0c:99:3b:d1:14:93:0c:73:07:c6:7c:08:34:60:a7:59:f5: 50:67:65:8d:2d:64:08:2c:a8:02:7b:77:a1:76:02:e9:66:88: d5:94:1d:31:71:dd:20:c6:6c:0e:ed:be:4e:06:56:ea:e7:b2: da:bd:b7:c6:85:e4:35:c4:b6:25:3c:82:3a:c9:3b:70:90:ce: 6b:1c:ba:e7:e5:47:76:b8:e5:3b:79:c8:e0:d2:40:47:16:79: 6a:ca:78:9a:25:f7:75:58:9b:71:d6:ee:76:34:b5:77:6f:d7: 4c:01:7b:f8:fa:59:4e:3d:c2:75:26:e4:7c:a8:b6:9d:b9:af: fd:16:21:0c:ab:fd:54:07:37:1d:54:1c:8d:ce:70:bb:6a:2d: d9:68:1e:d6:5c:d9:2b:d5:6c:f3:b4:14:f2:80:fd:05:8c:74: a4:9e:c0:62:60:33:40:0d:c1:22:84:69:fa:1c:29:e0:2d:b3: d7:93:49:a1:70:b6:87:16:e3:d1:14:49:ed:fa:f9:81:64:32: 68:e3:44:bc:f1:bc:c3:42:fb:bc:ab:8c:29:06:33:0d:60:24: 4b:81:25:53:87:ce:a4:02:c6:33:6c:38:30:6c:e8:eb:83:b1: 7d:2f:96:f8:f4:1b:cf:cf:3c:30:a1:86:5f:fa:a2:34:4e:c8: 32:e2:12:78 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBOTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG M0I1RjExMC8GA1UEBRMoREVCNEMwQjkwN0ZBQ0ExQzVEMzc3NkJENDk0NkY0QkFB OENBNkIzMDAeFw0yNTA3MjEwNzQ3NDhaFw0yNTA3MjgwNzQ3NDhaMBgxFjAUBgNV BAMTDTY4N2RmMGE0LTY0OWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDP1EcnD+GnuGPR7rkhtt3fZsHB+8azfLfKpJMsp+z9t3L91fPkCzFXZZtdZn+J pchNuWSxSMZwkl2/LqBCzcsYMpogN7pjXsP5sQth7I6h6J7UAYgZOAu3HZQtEz6q xEITr7MZLIMqaf4q7l/gY2NfgeF/kK3EOmslErs8IdzAlMg0ssBTrzuUnH1DJTgq M2zPyIK+q+Wrni/z9XgWM0895x8NN1Ylz+OggRs7s8DSlswNmMi10FljIF+R0IEN SBoW7qPDeRBIfNgOPJec0wloYDJ4phxC9tQDpVS3Yfifr9lX24N2Dwb+gYy+NRhV 6EZTwttW0HBCZEd+nJjlAD97AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUnURoIG8G gpwc0ZVsYgupVaQB3cUwHwYDVR0jBBgwFoAU3rTAuQf6yhxdN3a9SUb0uqjKazAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYzQjVGL0IxNzBDOTEyMTM2 NjExRjA4MkUzQzUwREM0RjlBRTAyLzNyVEF1UWY2eWh4ZE4zYTlTVWIwdXFqS2F6 QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvM3JUQXVRZjZ5aHhkTjNhOVNVYjB1cWpLYXpBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYz QjVGL0IxNzBDOTEyMTM2NjExRjA4MkUzQzUwREM0RjlBRTAyLzNyVEF1UWY2eWh4 ZE4zYTlTVWIwdXFqS2F6QS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAAAMmTvRFJMMcwfGfAg0YKdZ9VBnZY0tZAgsqAJ7d6F2AulmiNWUHTFx 3SDGbA7tvk4GVurnstq9t8aF5DXEtiU8gjrJO3CQzmscuuflR3a45Tt5yODSQEcW eWrKeJol93VYm3HW7nY0tXdv10wBe/j6WU49wnUm5Hyotp25r/0WIQyr/VQHNx1U HI3OcLtqLdloHtZc2SvVbPO0FPKA/QWMdKSewGJgM0ANwSKEafocKeAts9eTSaFw tocW49EUSe36+YFkMmjjRLzxvMNC+7yrjCkGMw1gJEuBJVOHzqQCxjNsODBs6OuD sX0vlvj0G8/PPDChhl/6ojROyDLiEng= -----END CERTIFICATE-----Generated at Mon Jul 21 12:47:11 2025 by rpki-client