$ rpki-client -vvf rpki.apnic.net/member_repository/A916C473/FEAE12A25DDF11F0A5BFD66FC4F9AE02/-3sFh4NlHpP6MN2W1iZebi81JVQ.mft File: -3sFh4NlHpP6MN2W1iZebi81JVQ.mft (raw, json) Hash identifier: GCWOho+zA3BEgkDL25vdqWJjSuv2qg65M5qE8tlVRJo= Subject key identifier: 37:7F:46:B6:A9:64:94:71:81:21:3D:82:D9:09:C9:8C:AA:B5:EC:35 Authority key identifier: FB:7B:05:87:83:65:1E:93:FA:30:DD:96:D6:26:5E:6E:2F:35:25:54 Certificate issuer: /CN=A916C473/serialNumber=FB7B058783651E93FA30DD96D6265E6E2F352554 Certificate serial: 21 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-3sFh4NlHpP6MN2W1iZebi81JVQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916C473/FEAE12A25DDF11F0A5BFD66FC4F9AE02/-3sFh4NlHpP6MN2W1iZebi81JVQ.mft Manifest number: 20 Signing time: Sun 07 Sep 2025 08:22:39 +0000 Manifest this update: Sun 07 Sep 2025 08:22:38 +0000 Manifest next update: Sun 14 Sep 2025 08:22:38 +0000 Files and hashes: 1: -3sFh4NlHpP6MN2W1iZebi81JVQ.crl (hash: kMEIUh4/lywopzvrnBM6aMIJNR8m+YPpcKKIZWoY1lI=) 2: 2BB9711E5DE111F09B775D76C4F9AE02.roa (hash: p5eDJJHEh4Ku0YkaqmxVa+vpX9QHKpmMPC5rYwtTVzI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916C473/FEAE12A25DDF11F0A5BFD66FC4F9AE02/-3sFh4NlHpP6MN2W1iZebi81JVQ.crl rsync://rpki.apnic.net/member_repository/A916C473/FEAE12A25DDF11F0A5BFD66FC4F9AE02/-3sFh4NlHpP6MN2W1iZebi81JVQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-3sFh4NlHpP6MN2W1iZebi81JVQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 14 Sep 2025 08:22:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33 (0x21) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916C473, serialNumber=FB7B058783651E93FA30DD96D6265E6E2F352554 Validity Not Before: Sep 7 08:22:38 2025 GMT Not After : Sep 14 08:22:38 2025 GMT Subject: CN=68bd40ce-7001 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:f6:56:ad:dc:c8:c9:19:69:1f:95:54:f9:db: 34:40:58:01:a7:76:71:83:62:dc:d5:92:da:c2:03: aa:fe:29:77:0f:fb:0e:41:bc:7e:54:cf:58:a9:11: 2b:01:4c:67:fb:5b:0a:b6:f8:33:95:ca:e9:c9:4a: 40:3f:bf:ca:c8:83:55:ab:a3:fc:3d:0c:08:7a:44: fc:54:51:28:bb:f8:ff:a8:e3:f3:34:50:29:55:40: ec:40:45:5c:a7:68:38:83:36:3f:bf:f3:3f:6f:94: fe:91:e6:35:b3:ae:ae:97:dc:8f:35:17:bf:fd:a7: 5f:e6:68:71:ef:11:33:61:3e:20:4c:d4:ed:3a:e7: ff:89:f4:66:42:a9:34:a5:18:dd:06:6c:2f:ed:1f: 47:ca:9f:53:38:f5:06:db:c1:99:42:6a:f7:70:98: af:d4:8b:6f:36:4e:31:6b:64:c8:55:ad:15:3a:b5: 0e:a5:de:be:72:dc:97:c3:d0:5b:97:fd:f2:ff:71: 31:7b:9f:13:8b:28:1a:87:e7:ac:3d:77:a0:09:84: 60:27:a7:22:5d:3b:1c:50:02:f3:79:e9:30:aa:a7: b1:0b:85:6b:0d:eb:da:4c:61:84:13:21:e6:d7:40: 16:42:7f:0a:01:bd:07:5b:03:a4:dd:fc:53:63:78: 83:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:7F:46:B6:A9:64:94:71:81:21:3D:82:D9:09:C9:8C:AA:B5:EC:35 X509v3 Authority Key Identifier: keyid:FB:7B:05:87:83:65:1E:93:FA:30:DD:96:D6:26:5E:6E:2F:35:25:54 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916C473/FEAE12A25DDF11F0A5BFD66FC4F9AE02/-3sFh4NlHpP6MN2W1iZebi81JVQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-3sFh4NlHpP6MN2W1iZebi81JVQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C473/FEAE12A25DDF11F0A5BFD66FC4F9AE02/-3sFh4NlHpP6MN2W1iZebi81JVQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4c:13:5f:02:2e:c9:e0:fd:f6:d4:61:af:00:e3:d0:96:82:e2: 1b:32:2e:1f:9b:9a:3c:8a:01:5c:2f:2d:ac:98:74:9e:c6:e2: 2c:fb:08:75:52:00:6f:83:8e:84:57:26:8a:6f:3b:0d:40:56: bf:ed:5b:60:c8:6f:82:d4:cc:a3:37:9a:a1:58:30:63:33:49: 6f:09:f8:87:58:66:6e:ba:fd:26:f1:f5:6b:25:df:ce:9d:b3: 7f:89:23:69:40:08:7d:2e:f2:94:a9:1b:04:88:8b:3f:56:5f: 79:23:ed:ee:89:0c:e9:f3:30:8d:96:b8:cb:b4:58:51:87:11: 7b:96:4d:c4:64:65:db:7f:4b:65:39:b9:c0:73:8c:cd:f4:69: 1c:64:11:48:1d:bc:b2:71:01:28:f3:5b:95:73:97:79:9e:51: df:86:91:ce:d6:91:90:cc:ad:cc:0e:21:34:bd:29:bb:a0:3a: a7:84:8b:50:70:47:2c:e0:e2:ee:de:41:5e:45:eb:eb:aa:c5: 8b:a5:b3:90:1b:20:46:db:ba:3d:d0:b6:e5:4b:05:74:7f:96: 50:d5:75:b0:bb:c3:bf:e8:e8:7c:ae:77:c4:46:20:c7:14:d9: 82:bb:aa:7a:c9:97:4b:83:c1:c8:e5:94:6c:2a:1c:4c:1c:4c: 61:ac:10:16 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBITANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 QzQ3MzExMC8GA1UEBRMoRkI3QjA1ODc4MzY1MUU5M0ZBMzBERDk2RDYyNjVFNkUy RjM1MjU1NDAeFw0yNTA5MDcwODIyMzhaFw0yNTA5MTQwODIyMzhaMBgxFjAUBgNV BAMTDTY4YmQ0MGNlLTcwMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDb9lat3MjJGWkflVT52zRAWAGndnGDYtzVktrCA6r+KXcP+w5BvH5Uz1ipESsB TGf7Wwq2+DOVyunJSkA/v8rIg1Wro/w9DAh6RPxUUSi7+P+o4/M0UClVQOxARVyn aDiDNj+/8z9vlP6R5jWzrq6X3I81F7/9p1/maHHvETNhPiBM1O065/+J9GZCqTSl GN0GbC/tH0fKn1M49QbbwZlCavdwmK/Ui282TjFrZMhVrRU6tQ6l3r5y3JfD0FuX /fL/cTF7nxOLKBqH56w9d6AJhGAnpyJdOxxQAvN56TCqp7ELhWsN69pMYYQTIebX QBZCfwoBvQdbA6Td/FNjeIMDAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUN39Gtqlk lHGBIT2C2QnJjKq17DUwHwYDVR0jBBgwFoAU+3sFh4NlHpP6MN2W1iZebi81JVQw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTZDNDczL0ZFQUUxMkEyNURE RjExRjBBNUJGRDY2RkM0RjlBRTAyLy0zc0ZoNE5sSHBQNk1OMlcxaVplYmk4MUpW US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvLTNzRmg0TmxIcFA2TU4yVzFpWmViaTgxSlZRLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTZD NDczL0ZFQUUxMkEyNURERjExRjBBNUJGRDY2RkM0RjlBRTAyLy0zc0ZoNE5sSHBQ Nk1OMlcxaVplYmk4MUpWUS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEwTXwIuyeD99tRhrwDj0JaC4hsyLh+bmjyKAVwvLayYdJ7G4iz7CHVS AG+DjoRXJopvOw1AVr/tW2DIb4LUzKM3mqFYMGMzSW8J+IdYZm66/Sbx9Wsl386d s3+JI2lACH0u8pSpGwSIiz9WX3kj7e6JDOnzMI2WuMu0WFGHEXuWTcRkZdt/S2U5 ucBzjM30aRxkEUgdvLJxASjzW5Vzl3meUd+Gkc7WkZDMrcwOITS9KbugOqeEi1Bw Ryzg4u7eQV5F6+uqxYuls5AbIEbbuj3QtuVLBXR/llDVdbC7w7/o6Hyud8RGIMcU 2YK7qnrJl0uDwcjllGwqHEwcTGGsEBY= -----END CERTIFICATE-----Generated at Tue Sep 9 07:15:02 2025 by rpki-client