$ rpki-client -vvf rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft File: 3q8cjeT-PFHGkVP8r5_owq1vjiY.mft (raw, json) Hash identifier: DlIIxVphpz2RUC0qWmqIt4x25h+tpCiw+EER05A0mYc= Subject key identifier: 18:FC:E6:5C:B6:3D:CF:BC:5B:9C:A7:BA:6D:57:8E:99:34:ED:60:65 Authority key identifier: DE:AF:1C:8D:E4:FE:3C:51:C6:91:53:FC:AF:9F:E8:C2:AD:6F:8E:26 Certificate issuer: /CN=A917AC33/serialNumber=DEAF1C8DE4FE3C51C69153FCAF9FE8C2AD6F8E26 Certificate serial: 0154 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3q8cjeT-PFHGkVP8r5_owq1vjiY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft Manifest number: 0151 Signing time: Fri 19 Sep 2025 04:45:26 +0000 Manifest this update: Fri 19 Sep 2025 04:45:26 +0000 Manifest next update: Fri 26 Sep 2025 04:45:26 +0000 Files and hashes: 1: 3q8cjeT-PFHGkVP8r5_owq1vjiY.crl (hash: kPyh9Hysq5yr6XFcZdf5c68RW9r5QCZavF+5/s7+O6I=) 2: 1C2EA330925011EE9571EE40C4F9AE02.roa (hash: g1vuB/s+fKkz9lQDwgz7uwUHIIgwyYOpfROfbA+7Aro=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.crl rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3q8cjeT-PFHGkVP8r5_owq1vjiY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 26 Sep 2025 04:45:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 340 (0x154) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917AC33, serialNumber=DEAF1C8DE4FE3C51C69153FCAF9FE8C2AD6F8E26 Validity Not Before: Sep 19 04:45:26 2025 GMT Not After : Sep 26 04:45:26 2025 GMT Subject: CN=68ccdfe6-da1b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:2b:9b:2e:24:5a:7e:e3:52:bc:0e:3e:95:cc: 23:97:c0:14:1c:fa:5e:55:3b:bd:f1:42:2d:88:16: c6:3b:30:3b:5d:fc:c1:68:36:fa:69:b3:da:a3:0f: b9:8c:3d:7c:f7:e3:08:a3:df:7f:d1:a3:5d:e0:4f: 63:7f:54:3a:cc:2a:9b:88:31:a0:4f:30:61:de:f6: 37:a7:9e:06:7f:f1:2b:65:f1:3f:59:2c:47:87:77: d7:6d:26:1a:0f:8d:7c:a7:cd:8b:f2:42:b2:10:82: 7e:5a:4c:ad:04:60:b9:27:d1:e7:9f:bc:2a:ca:f8: e4:20:c4:55:43:71:69:ec:a1:4a:1f:c6:b1:af:76: 0f:d8:5f:ad:bf:a4:ba:49:56:e9:80:2d:85:bd:2a: 60:bf:06:31:c0:bb:6a:67:3f:d6:68:e9:e9:22:cb: db:a0:d2:1d:56:52:4d:20:3e:b3:1c:71:1f:99:24: d2:dc:55:b9:90:52:29:de:0d:ea:18:19:1f:29:5b: 3f:9e:50:23:4c:03:91:4f:a8:2e:04:9b:b2:7f:94: d0:e5:71:b5:93:67:08:b1:d0:1a:d4:eb:3c:de:39: 38:c1:c4:b2:48:4a:1b:46:58:75:30:2e:bd:52:cf: 41:5e:69:75:a2:c8:42:ad:ca:6b:71:de:69:f5:b6: d9:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:FC:E6:5C:B6:3D:CF:BC:5B:9C:A7:BA:6D:57:8E:99:34:ED:60:65 X509v3 Authority Key Identifier: keyid:DE:AF:1C:8D:E4:FE:3C:51:C6:91:53:FC:AF:9F:E8:C2:AD:6F:8E:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3q8cjeT-PFHGkVP8r5_owq1vjiY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption d0:5d:0b:cc:fc:8c:a5:f2:3e:20:6c:e6:99:b8:09:46:21:5a: e0:95:3d:53:23:a9:f5:cf:1f:63:42:d9:dd:2b:0d:71:89:7f: 33:d7:f6:b0:c5:3f:da:4f:03:53:22:ec:ae:30:37:7f:04:f9: 4a:ba:45:35:c3:10:99:6d:80:40:88:b2:7a:fc:12:c9:b3:08: eb:67:68:d0:28:d1:30:3e:7a:46:a6:73:74:02:a1:5c:7b:1f: 4d:8f:f9:d2:87:e3:5b:c5:a8:b5:c4:59:be:84:02:70:23:a3: f4:07:c1:30:43:49:b3:e3:2b:64:3f:f1:bf:0b:5d:39:9d:6b: e8:35:e5:51:b1:3c:9f:6e:7e:62:45:b2:e5:4e:bf:52:b2:1a: 66:8e:95:fa:98:11:62:1b:e6:32:22:a7:19:45:ba:c9:3c:59: ac:22:ba:25:33:f3:7a:e1:eb:3b:68:d8:34:6c:39:c8:b5:65: 6e:f7:1a:26:cd:9f:af:ec:57:7e:ba:43:9f:0c:33:87:63:80: 9b:c9:34:05:68:d6:3a:9b:fa:33:03:cb:e1:82:6d:39:b9:1b: 38:26:bd:dc:77:ac:4d:0e:9b:17:66:23:d8:77:1a:ce:75:ff: 1b:47:3e:8d:18:11:67:16:86:40:db:ff:c6:26:9a:29:07:37: b8:d2:d3:b7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAVQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0FDMzMxMTAvBgNVBAUTKERFQUYxQzhERTRGRTNDNTFDNjkxNTNGQ0FGOUZFOEMy QUQ2RjhFMjYwHhcNMjUwOTE5MDQ0NTI2WhcNMjUwOTI2MDQ0NTI2WjAYMRYwFAYD VQQDEw02OGNjZGZlNi1kYTFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4iubLiRafuNSvA4+lcwjl8AUHPpeVTu98UItiBbGOzA7XfzBaDb6abPaow+5 jD189+MIo99/0aNd4E9jf1Q6zCqbiDGgTzBh3vY3p54Gf/ErZfE/WSxHh3fXbSYa D418p82L8kKyEIJ+WkytBGC5J9Hnn7wqyvjkIMRVQ3Fp7KFKH8axr3YP2F+tv6S6 SVbpgC2FvSpgvwYxwLtqZz/WaOnpIsvboNIdVlJNID6zHHEfmSTS3FW5kFIp3g3q GBkfKVs/nlAjTAORT6guBJuyf5TQ5XG1k2cIsdAa1Os83jk4wcSySEobRlh1MC69 Us9BXml1oshCrcprcd5p9bbZWwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBj85ly2 Pc+8W5ynum1Xjpk07WBlMB8GA1UdIwQYMBaAFN6vHI3k/jxRxpFT/K+f6MKtb44m MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QUMzMy9CMEJGQUMzNDky NEYxMUVFQThDMjI0NDBDNEY5QUUwMi8zcThjamVULVBGSEdrVlA4cjVfb3dxMXZq aVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNxOGNqZVQtUEZIR2tWUDhyNV9vd3ExdmppWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QUMzMy9CMEJGQUMzNDkyNEYxMUVFQThDMjI0NDBDNEY5QUUwMi8zcThjamVULVBG SEdrVlA4cjVfb3dxMXZqaVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDQXQvM/Iyl8j4gbOaZuAlGIVrglT1TI6n1zx9jQtndKw1xiX8z1/aw xT/aTwNTIuyuMDd/BPlKukU1wxCZbYBAiLJ6/BLJswjrZ2jQKNEwPnpGpnN0AqFc ex9Nj/nSh+Nbxai1xFm+hAJwI6P0B8EwQ0mz4ytkP/G/C105nWvoNeVRsTyfbn5i RbLlTr9SshpmjpX6mBFiG+YyIqcZRbrJPFmsIrolM/N64es7aNg0bDnItWVu9xom zZ+v7Fd+ukOfDDOHY4CbyTQFaNY6m/ozA8vhgm05uRs4Jr3cd6xNDpsXZiPYdxrO df8bRz6NGBFnFoZA2//GJpopBze40tO3 -----END CERTIFICATE-----Generated at Fri Sep 19 16:43:32 2025 by rpki-client