$ rpki-client -vvf rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/g3GOntShsiknnjylVdRNbh_KjMU.mft File: g3GOntShsiknnjylVdRNbh_KjMU.mft (raw, json) Hash identifier: aMI75mfdoJUYaAefzbgZ6jEQAH3GPigpFBV4jBa1aWk= Subject key identifier: 7B:B0:FE:93:25:33:DD:9B:2F:E4:32:76:4F:F4:D6:F0:D9:3C:02:23 Authority key identifier: 83:71:8E:9E:D4:A1:B2:29:27:9E:3C:A5:55:D4:4D:6E:1F:CA:8C:C5 Certificate issuer: /CN=A917A17B/serialNumber=83718E9ED4A1B229279E3CA555D44D6E1FCA8CC5 Certificate serial: 0C88 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g3GOntShsiknnjylVdRNbh_KjMU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/g3GOntShsiknnjylVdRNbh_KjMU.mft Manifest number: 0C7D Signing time: Thu 18 Sep 2025 18:36:35 +0000 Manifest this update: Thu 18 Sep 2025 18:36:34 +0000 Manifest next update: Thu 25 Sep 2025 18:36:34 +0000 Files and hashes: 1: g3GOntShsiknnjylVdRNbh_KjMU.crl (hash: DAdK7kVTXmmKuX+G0IyQzRv1W/9Ty2nhdmIxV1+TC68=) 2: A473C9A008F311EE98719810C4F9AE02.roa (hash: I+dyDrUC3DvMgCPW4jStqejUHX8a7vo0aXHEIsgKIwo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/g3GOntShsiknnjylVdRNbh_KjMU.crl rsync://rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/g3GOntShsiknnjylVdRNbh_KjMU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g3GOntShsiknnjylVdRNbh_KjMU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Sep 2025 18:36:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3208 (0xc88) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917A17B, serialNumber=83718E9ED4A1B229279E3CA555D44D6E1FCA8CC5 Validity Not Before: Sep 18 18:36:34 2025 GMT Not After : Sep 25 18:36:34 2025 GMT Subject: CN=68cc5132-aaf2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:e3:a4:a0:ad:91:8b:b4:92:50:87:48:7d:7e: e2:44:1b:dc:32:4d:20:5c:3a:60:40:e0:2a:76:0b: 2e:37:d8:06:5b:24:a5:d4:69:ec:79:bb:85:5a:ae: 5f:c7:fd:84:04:fd:79:bd:79:d0:1a:2e:33:87:53: d6:04:b2:85:18:ae:26:c7:04:5f:d7:26:b1:52:24: 08:20:36:cb:10:0e:c8:85:93:a7:ee:50:3f:4f:36: 6f:43:ee:02:1a:64:c9:07:70:35:38:28:4d:12:1a: 75:53:c6:76:b9:23:02:79:b3:05:a1:5b:09:69:c8: 3f:e3:dc:48:6f:42:bb:93:30:62:97:93:e8:ba:c0: 0f:5d:3f:98:73:a7:1b:d9:20:b3:77:e0:61:53:f7: 39:59:ed:ed:59:f5:12:b9:73:fa:7f:7f:91:7e:09: 0f:da:c3:26:03:d2:4c:9a:7c:0a:3f:ed:89:bc:b0: 27:87:96:59:a7:79:3f:ad:83:4f:bf:35:6b:90:e7: 3f:68:b3:8c:42:ca:3a:e4:78:46:97:1c:25:5b:12: 26:08:81:7e:5f:d1:d3:02:46:6a:cd:98:a6:e7:35: 54:bb:f4:52:dc:09:ec:24:f8:e0:0c:43:75:c7:74: 9a:c5:f9:ef:87:a2:1d:c9:40:61:64:d0:03:90:70: 4a:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:B0:FE:93:25:33:DD:9B:2F:E4:32:76:4F:F4:D6:F0:D9:3C:02:23 X509v3 Authority Key Identifier: keyid:83:71:8E:9E:D4:A1:B2:29:27:9E:3C:A5:55:D4:4D:6E:1F:CA:8C:C5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/g3GOntShsiknnjylVdRNbh_KjMU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g3GOntShsiknnjylVdRNbh_KjMU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/g3GOntShsiknnjylVdRNbh_KjMU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 37:95:fa:c7:c2:a3:cf:c0:56:a6:82:c7:6c:4f:12:97:e1:17: a5:da:4c:c5:40:b5:6e:d1:22:b4:8a:4d:d7:e4:40:d6:39:42: b6:f5:14:e9:2e:d5:eb:92:89:7a:60:e4:ba:7a:c2:85:4d:02: 28:f0:7e:08:df:df:e6:71:1a:9c:f1:61:90:54:23:9c:5f:28: 02:49:aa:a6:98:92:7e:9c:c3:c6:2b:59:fb:2c:99:9d:a1:3b: b4:9d:10:01:bd:32:be:7b:14:c6:42:be:5f:7a:f1:cd:37:68: 52:dc:f2:61:5e:46:bd:94:ff:97:4b:1e:38:26:88:51:4d:3d: b6:ef:41:75:4d:c2:5c:c9:c3:c4:b1:5a:7c:e1:c9:92:9a:0a: 18:f2:4f:f5:1a:41:8e:6e:af:3c:58:f7:ac:9a:54:37:8f:bc: eb:24:3d:07:0f:8a:2f:04:56:d5:d7:0b:fc:0c:b6:00:d5:d7: d8:e5:62:94:96:d2:fc:99:5b:7c:e0:2a:65:d2:3c:75:31:5b: 85:5c:c2:a8:74:ea:d9:8d:74:e8:cb:e8:cd:3a:47:cd:5b:c9: 23:b7:0b:37:6c:ca:ac:7c:38:43:16:d6:ed:ba:8c:35:3f:d0: 2f:0a:03:3c:fb:73:76:fd:3b:b7:13:9a:a4:fe:8c:63:5d:bc: e2:d8:25:8e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDIgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0ExN0IxMTAvBgNVBAUTKDgzNzE4RTlFRDRBMUIyMjkyNzlFM0NBNTU1RDQ0RDZF MUZDQThDQzUwHhcNMjUwOTE4MTgzNjM0WhcNMjUwOTI1MTgzNjM0WjAYMRYwFAYD VQQDEw02OGNjNTEzMi1hYWYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtuOkoK2Ri7SSUIdIfX7iRBvcMk0gXDpgQOAqdgsuN9gGWySl1GnsebuFWq5f x/2EBP15vXnQGi4zh1PWBLKFGK4mxwRf1yaxUiQIIDbLEA7IhZOn7lA/TzZvQ+4C GmTJB3A1OChNEhp1U8Z2uSMCebMFoVsJacg/49xIb0K7kzBil5PousAPXT+Yc6cb 2SCzd+BhU/c5We3tWfUSuXP6f3+RfgkP2sMmA9JMmnwKP+2JvLAnh5ZZp3k/rYNP vzVrkOc/aLOMQso65HhGlxwlWxImCIF+X9HTAkZqzZim5zVUu/RS3AnsJPjgDEN1 x3Saxfnvh6IdyUBhZNADkHBKFQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHuw/pMl M92bL+Qydk/01vDZPAIjMB8GA1UdIwQYMBaAFINxjp7UobIpJ548pVXUTW4fyozF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTE3Qi84NTM5NUQ2RTA2 RDMxMUVBQkE1RDVBNDlDNEY5QUUwMi9nM0dPbnRTaHNpa25uanlsVmRSTmJoX0tq TVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2czR09udFNoc2lrbm5qeWxWZFJOYmhfS2pNVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QTE3Qi84NTM5NUQ2RTA2RDMxMUVBQkE1RDVBNDlDNEY5QUUwMi9nM0dPbnRTaHNp a25uanlsVmRSTmJoX0tqTVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA3lfrHwqPPwFamgsdsTxKX4Rel2kzFQLVu0SK0ik3X5EDWOUK29RTp LtXrkol6YOS6esKFTQIo8H4I39/mcRqc8WGQVCOcXygCSaqmmJJ+nMPGK1n7LJmd oTu0nRABvTK+exTGQr5fevHNN2hS3PJhXka9lP+XSx44JohRTT2270F1TcJcycPE sVp84cmSmgoY8k/1GkGObq88WPesmlQ3j7zrJD0HD4ovBFbV1wv8DLYA1dfY5WKU ltL8mVt84Cpl0jx1MVuFXMKodOrZjXToy+jNOkfNW8kjtws3bMqsfDhDFtbtuow1 P9AvCgM8+3N2/Tu3E5qk/oxjXbzi2CWO -----END CERTIFICATE-----Generated at Thu Sep 18 20:52:32 2025 by rpki-client