$ rpki-client -vvf rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/5D3SMzFr8OKboG0g3sJdtMwRbgg.mft File: 5D3SMzFr8OKboG0g3sJdtMwRbgg.mft (raw, json) Hash identifier: kupvVkyr1uoXj/H5U8w6zYn3vT04AqJXlYOyFS86rB8= Subject key identifier: 20:90:84:00:EC:C4:46:B1:69:0A:8B:E3:7C:F1:B8:CE:19:D4:AC:A1 Authority key identifier: E4:3D:D2:33:31:6B:F0:E2:9B:A0:6D:20:DE:C2:5D:B4:CC:11:6E:08 Certificate issuer: /CN=A9120AC1/serialNumber=E43DD233316BF0E29BA06D20DEC25DB4CC116E08 Certificate serial: 04F0 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5D3SMzFr8OKboG0g3sJdtMwRbgg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/5D3SMzFr8OKboG0g3sJdtMwRbgg.mft Manifest number: 04E4 Signing time: Fri 05 Sep 2025 00:02:56 +0000 Manifest this update: Fri 05 Sep 2025 00:02:55 +0000 Manifest next update: Fri 12 Sep 2025 00:02:55 +0000 Files and hashes: 1: 5D3SMzFr8OKboG0g3sJdtMwRbgg.crl (hash: cST7eunf4ohnrwJ02NL7XZ97teRUUmotADnm0woGpsQ=) 2: 3A2A80AE3C8311ECA86D031EC4F9AE02.roa (hash: aUDrwRtGsUzrY00Rmj3XgznPDP2fmFZxHTp5GIqGdmE=) 3: 579B33AE886F11F0A02D4009C4F9AE02.roa (hash: YP1QtoS6tJ0tfsbd9mqDdJjDX65W26gYVq3o6iBYRuU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/5D3SMzFr8OKboG0g3sJdtMwRbgg.crl rsync://rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/5D3SMzFr8OKboG0g3sJdtMwRbgg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5D3SMzFr8OKboG0g3sJdtMwRbgg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Sep 2025 00:02:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1264 (0x4f0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9120AC1, serialNumber=E43DD233316BF0E29BA06D20DEC25DB4CC116E08 Validity Not Before: Sep 5 00:02:55 2025 GMT Not After : Sep 12 00:02:55 2025 GMT Subject: CN=68ba28af-46ea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:b7:76:ab:93:c1:0b:70:52:c2:3e:64:51:52: bf:f6:51:09:cb:f9:2c:2a:c6:6f:da:62:d5:cb:00: 48:4c:c3:3d:b2:cd:3a:73:93:9f:e6:8e:42:13:41: f6:80:74:92:16:a0:1f:0d:b5:cb:6d:67:2f:c0:c2: e4:ec:4c:11:12:72:c1:35:01:d9:81:73:80:64:a8: c2:62:f0:52:62:62:93:38:27:56:9d:a0:ed:49:ff: 75:14:56:d9:06:61:0c:3e:42:58:27:12:70:da:52: 1b:3e:a5:7b:a7:f8:be:c4:27:4e:11:e1:75:da:70: 8b:78:21:24:8d:4a:70:57:a4:66:96:44:95:19:f2: a2:50:bd:94:6f:d9:57:f4:72:af:83:56:72:db:84: be:13:ab:3d:80:50:e8:04:5e:1e:cf:46:93:7f:b9: 02:a7:89:ec:84:21:34:76:52:18:72:d3:af:8b:ac: 2b:11:d9:69:b6:bf:04:65:1d:51:c4:7c:c4:d3:02: 72:fe:8c:c5:28:75:91:22:b4:b6:fa:cf:38:d8:04: a4:67:47:91:4e:3e:61:24:87:2d:6f:58:46:ce:d2: 00:7f:fd:f8:0b:64:af:cc:c1:32:00:f6:fa:26:86: 85:67:4c:c5:ad:f8:ce:78:86:c5:d2:29:38:e9:f4: 9a:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:90:84:00:EC:C4:46:B1:69:0A:8B:E3:7C:F1:B8:CE:19:D4:AC:A1 X509v3 Authority Key Identifier: keyid:E4:3D:D2:33:31:6B:F0:E2:9B:A0:6D:20:DE:C2:5D:B4:CC:11:6E:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/5D3SMzFr8OKboG0g3sJdtMwRbgg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5D3SMzFr8OKboG0g3sJdtMwRbgg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/5D3SMzFr8OKboG0g3sJdtMwRbgg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 90:64:a8:11:7e:c9:f3:a2:1c:88:9d:67:5f:51:8b:d9:f9:b6: 8c:11:12:c2:42:29:6f:7a:84:34:21:06:3c:d6:50:ee:2a:c8: 2f:af:23:53:1b:9b:b0:4d:4d:a0:8a:a0:92:df:f6:23:12:b1: 02:5a:08:f2:fa:97:59:be:30:2e:d2:76:9a:3d:ab:7e:82:bb: 29:67:36:8e:6c:9c:dd:6a:e5:9e:e6:aa:c2:e2:28:e1:44:5c: ba:a3:90:27:b0:a8:65:cc:1f:e4:01:19:39:75:d2:73:8a:39: 0c:33:6c:31:f6:bd:fc:c0:9f:8c:44:d1:fc:65:27:4e:31:e0: ee:f1:ad:14:34:07:26:37:3f:89:54:b6:53:01:9c:1d:d6:ec: 7f:22:af:f9:ab:1a:2c:34:27:fb:61:16:11:c8:4c:1f:6e:13: f5:7f:e7:5d:c5:7d:7a:cf:7a:a3:6b:ac:e5:27:8d:a7:12:64: b1:b7:4a:b6:fc:09:cd:e9:ac:f2:6d:ce:81:5f:75:68:e7:ff: 1a:2f:e0:30:75:fc:c9:73:2d:62:e5:30:a4:a6:f8:8e:4c:3c: b0:bf:f6:60:d0:c6:ae:30:a5:86:c7:cd:79:85:d5:35:cd:ac: e6:a5:89:07:d6:c1:cd:61:a8:bd:74:b9:25:be:0f:16:ac:de: 8b:49:39:98 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBPAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjBBQzExMTAvBgNVBAUTKEU0M0REMjMzMzE2QkYwRTI5QkEwNkQyMERFQzI1REI0 Q0MxMTZFMDgwHhcNMjUwOTA1MDAwMjU1WhcNMjUwOTEyMDAwMjU1WjAYMRYwFAYD VQQDEw02OGJhMjhhZi00NmVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr7d2q5PBC3BSwj5kUVK/9lEJy/ksKsZv2mLVywBITMM9ss06c5Of5o5CE0H2 gHSSFqAfDbXLbWcvwMLk7EwREnLBNQHZgXOAZKjCYvBSYmKTOCdWnaDtSf91FFbZ BmEMPkJYJxJw2lIbPqV7p/i+xCdOEeF12nCLeCEkjUpwV6RmlkSVGfKiUL2Ub9lX 9HKvg1Zy24S+E6s9gFDoBF4ez0aTf7kCp4nshCE0dlIYctOvi6wrEdlptr8EZR1R xHzE0wJy/ozFKHWRIrS2+s842ASkZ0eRTj5hJIctb1hGztIAf/34C2SvzMEyAPb6 JoaFZ0zFrfjOeIbF0ik46fSaRQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCCQhADs xEaxaQqL43zxuM4Z1KyhMB8GA1UdIwQYMBaAFOQ90jMxa/Dim6BtIN7CXbTMEW4I MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMEFDMS8zRTlBNEFFMDMw OTcxMUVDQjI4NUE2NEJDNEY5QUUwMi81RDNTTXpGcjhPS2JvRzBnM3NKZHRNd1Ji Z2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzVEM1NNekZyOE9LYm9HMGczc0pkdE13UmJnZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MEFDMS8zRTlBNEFFMDMwOTcxMUVDQjI4NUE2NEJDNEY5QUUwMi81RDNTTXpGcjhP S2JvRzBnM3NKZHRNd1JiZ2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCQZKgRfsnzohyInWdfUYvZ+baMERLCQilveoQ0IQY81lDuKsgvryNT G5uwTU2giqCS3/YjErECWgjy+pdZvjAu0naaPat+grspZzaObJzdauWe5qrC4ijh RFy6o5AnsKhlzB/kARk5ddJzijkMM2wx9r38wJ+MRNH8ZSdOMeDu8a0UNAcmNz+J VLZTAZwd1ux/Iq/5qxosNCf7YRYRyEwfbhP1f+ddxX16z3qja6zlJ42nEmSxt0q2 /AnN6azybc6BX3Vo5/8aL+AwdfzJcy1i5TCkpviOTDywv/Zg0MauMKWGx815hdU1 zazmpYkH1sHNYai9dLklvg8WrN6LSTmY -----END CERTIFICATE-----Generated at Sat Sep 6 21:12:12 2025 by rpki-client