$ rpki-client -vvf rpki.apnic.net/member_repository/A917A67E/67B4CB841BD311EE965FEF38C4F9AE02/S3IqOmeTvzLJvPUuTncuCm86Yxk.mft File: S3IqOmeTvzLJvPUuTncuCm86Yxk.mft (raw, json) Hash identifier: cNeUIJFgWdxOrRfPx7PZYdiCNrHEODbIXk5SENydW3g= Subject key identifier: 49:F9:0D:8A:43:6F:D0:2D:F1:28:6B:4E:91:EB:13:A6:18:CA:C9:DC Authority key identifier: 4B:72:2A:3A:67:93:BF:32:C9:BC:F5:2E:4E:77:2E:0A:6F:3A:63:19 Certificate issuer: /CN=A917A67E/serialNumber=4B722A3A6793BF32C9BCF52E4E772E0A6F3A6319 Certificate serial: 01A1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S3IqOmeTvzLJvPUuTncuCm86Yxk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917A67E/67B4CB841BD311EE965FEF38C4F9AE02/S3IqOmeTvzLJvPUuTncuCm86Yxk.mft Manifest number: 019D Signing time: Tue 09 Sep 2025 03:25:45 +0000 Manifest this update: Tue 09 Sep 2025 03:25:45 +0000 Manifest next update: Tue 16 Sep 2025 03:25:45 +0000 Files and hashes: 1: S3IqOmeTvzLJvPUuTncuCm86Yxk.crl (hash: aNI5a5z5gremVTazWRPJXiJo2gXj6zi94lg76o8N6+M=) 2: E3901F981BD711EEB9597921C4F9AE02.roa (hash: sLVF2uLBYBc6LDSXH2VUz3ksriL+t2pMsQjafYLst9Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917A67E/67B4CB841BD311EE965FEF38C4F9AE02/S3IqOmeTvzLJvPUuTncuCm86Yxk.crl rsync://rpki.apnic.net/member_repository/A917A67E/67B4CB841BD311EE965FEF38C4F9AE02/S3IqOmeTvzLJvPUuTncuCm86Yxk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S3IqOmeTvzLJvPUuTncuCm86Yxk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 16 Sep 2025 03:25:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 417 (0x1a1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917A67E, serialNumber=4B722A3A6793BF32C9BCF52E4E772E0A6F3A6319 Validity Not Before: Sep 9 03:25:45 2025 GMT Not After : Sep 16 03:25:45 2025 GMT Subject: CN=68bf9e39-1a6a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:7a:28:d3:15:70:b8:c4:8a:de:56:16:6c:f1: 9b:a8:97:a4:4f:d3:da:7c:fc:0b:29:eb:f6:3d:ed: 02:f8:2d:7a:74:6d:89:c1:e9:4b:d2:06:41:4a:8e: de:44:40:50:db:69:59:2d:91:ae:cc:56:32:ff:63: dc:e3:8c:22:39:20:1d:68:f6:4e:7f:1b:a6:a7:ff: c3:c6:37:a7:20:ee:17:f6:b1:17:fb:c2:0c:77:fa: 76:51:e5:ba:ac:ee:80:82:72:04:36:c2:99:c5:d4: e2:49:bc:7f:d1:1d:c7:15:4e:58:c7:a6:2d:f1:30: 41:e3:24:8b:68:76:73:0a:e6:7f:ef:58:cc:b2:cb: b7:79:01:6f:0a:cd:52:db:a5:b6:b8:5a:25:a9:31: 62:77:fd:69:86:1f:e9:52:f3:57:5b:34:6d:4b:82: e3:d7:7c:05:2d:13:4f:37:14:1f:27:10:0d:49:73: 0a:c3:47:1b:46:a1:31:76:bd:5b:2c:e7:a1:69:17: 22:8e:23:77:f8:55:b4:e1:dc:df:be:af:cc:c6:2f: b4:df:cb:f0:5e:d7:fd:2d:92:99:84:1a:5b:c0:b3: 17:d5:75:d1:de:5d:40:94:91:d8:4b:fd:b2:97:2f: 13:63:9d:8d:24:b5:bf:36:6b:91:dd:51:b7:03:3d: 9e:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:F9:0D:8A:43:6F:D0:2D:F1:28:6B:4E:91:EB:13:A6:18:CA:C9:DC X509v3 Authority Key Identifier: keyid:4B:72:2A:3A:67:93:BF:32:C9:BC:F5:2E:4E:77:2E:0A:6F:3A:63:19 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917A67E/67B4CB841BD311EE965FEF38C4F9AE02/S3IqOmeTvzLJvPUuTncuCm86Yxk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S3IqOmeTvzLJvPUuTncuCm86Yxk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A67E/67B4CB841BD311EE965FEF38C4F9AE02/S3IqOmeTvzLJvPUuTncuCm86Yxk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4d:38:e9:8a:1d:da:2e:dd:b1:02:54:5e:d6:6f:f5:60:9c:47: e3:02:1b:1f:d4:d1:f8:f5:62:bb:f1:b0:cc:19:41:d6:c0:f0: 60:e8:ca:f9:9c:78:40:e6:3e:cf:e9:3c:dd:2a:b8:30:4e:95: 56:81:36:bb:21:b7:ab:0a:19:78:2b:00:de:9b:cf:bc:79:6d: e6:2b:5f:69:70:ce:d6:29:16:5e:a7:17:cd:b3:5d:bb:e9:28: 42:4f:32:67:c6:01:e8:2a:6d:3b:11:ed:56:33:d0:8f:1c:8c: e5:ff:29:15:af:e4:32:70:78:b9:1c:27:2c:cb:f9:28:7f:f0: f6:74:b1:66:3a:a9:f3:a1:23:b2:c3:45:40:3c:1d:9b:09:51: d7:41:69:5c:76:03:97:53:c6:ab:1e:d5:08:76:81:21:e5:ea: 24:15:d9:73:aa:c7:83:ba:c6:17:32:d1:93:f5:a9:12:e2:cc: 7e:5f:9b:dd:74:45:7b:c4:ea:8d:1b:1f:5b:e7:11:dd:2c:7b: bc:e3:aa:66:d8:0c:a7:57:97:0f:5a:b2:41:a1:8a:be:08:dd: 2b:41:aa:48:3c:32:b0:40:61:ec:c5:af:35:b6:7f:07:25:4c: 03:8d:d1:9c:cb:f2:4f:43:bf:33:f3:25:52:92:d8:f0:ef:33: d6:92:3f:e8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAaEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0E2N0UxMTAvBgNVBAUTKDRCNzIyQTNBNjc5M0JGMzJDOUJDRjUyRTRFNzcyRTBB NkYzQTYzMTkwHhcNMjUwOTA5MDMyNTQ1WhcNMjUwOTE2MDMyNTQ1WjAYMRYwFAYD VQQDEw02OGJmOWUzOS0xYTZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvnoo0xVwuMSK3lYWbPGbqJekT9PafPwLKev2Pe0C+C16dG2JwelL0gZBSo7e REBQ22lZLZGuzFYy/2Pc44wiOSAdaPZOfxump//DxjenIO4X9rEX+8IMd/p2UeW6 rO6AgnIENsKZxdTiSbx/0R3HFU5Yx6Yt8TBB4ySLaHZzCuZ/71jMssu3eQFvCs1S 26W2uFolqTFid/1phh/pUvNXWzRtS4Lj13wFLRNPNxQfJxANSXMKw0cbRqExdr1b LOehaRcijiN3+FW04dzfvq/Mxi+038vwXtf9LZKZhBpbwLMX1XXR3l1AlJHYS/2y ly8TY52NJLW/NmuR3VG3Az2eywIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEn5DYpD b9At8ShrTpHrE6YYysncMB8GA1UdIwQYMBaAFEtyKjpnk78yybz1Lk53LgpvOmMZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTY3RS82N0I0Q0I4NDFC RDMxMUVFOTY1RkVGMzhDNEY5QUUwMi9TM0lxT21lVHZ6TEp2UFV1VG5jdUNtODZZ eGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1MzSXFPbWVUdnpMSnZQVXVUbmN1Q204Nll4ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QTY3RS82N0I0Q0I4NDFCRDMxMUVFOTY1RkVGMzhDNEY5QUUwMi9TM0lxT21lVHZ6 TEp2UFV1VG5jdUNtODZZeGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBNOOmKHdou3bECVF7Wb/VgnEfjAhsf1NH49WK78bDMGUHWwPBg6Mr5 nHhA5j7P6TzdKrgwTpVWgTa7IberChl4KwDem8+8eW3mK19pcM7WKRZepxfNs127 6ShCTzJnxgHoKm07Ee1WM9CPHIzl/ykVr+QycHi5HCcsy/kof/D2dLFmOqnzoSOy w0VAPB2bCVHXQWlcdgOXU8arHtUIdoEh5eokFdlzqseDusYXMtGT9akS4sx+X5vd dEV7xOqNGx9b5xHdLHu846pm2AynV5cPWrJBoYq+CN0rQapIPDKwQGHsxa81tn8H JUwDjdGcy/JPQ78z8yVSktjw7zPWkj/o -----END CERTIFICATE-----Generated at Tue Sep 9 23:40:40 2025 by rpki-client