$ rpki-client -vvf rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft File: 3FejmXtffOj7ybTZiz1F1jMHcRg.mft (raw, json) Hash identifier: HNZS4HrflDjOUgnBNhFcqJKhhFHSyx44XHuSjKEW7mg= Subject key identifier: 50:26:43:0C:E4:4A:A2:90:0C:11:78:24:1E:EF:75:0C:AC:13:8B:C5 Authority key identifier: DC:57:A3:99:7B:5F:7C:E8:FB:C9:B4:D9:8B:3D:45:D6:33:07:71:18 Certificate issuer: /CN=A917CABB/serialNumber=DC57A3997B5F7CE8FBC9B4D98B3D45D633077118 Certificate serial: 0C51 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft Manifest number: 0C4A Signing time: Thu 18 Sep 2025 18:47:26 +0000 Manifest this update: Thu 18 Sep 2025 18:47:26 +0000 Manifest next update: Thu 25 Sep 2025 18:47:26 +0000 Files and hashes: 1: 3FejmXtffOj7ybTZiz1F1jMHcRg.crl (hash: 2+h/O0HwncenGcdzyn91TKzR+qf91WDPClwbvz0hjL0=) 2: 17BA5658D1FA11EDA0A31C2FC4F9AE02.roa (hash: H306zJ6w0u++pxJwnmCEZeb1MJYQzvBqunxs7beIBF4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.crl rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Sep 2025 18:47:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3153 (0xc51) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917CABB, serialNumber=DC57A3997B5F7CE8FBC9B4D98B3D45D633077118 Validity Not Before: Sep 18 18:47:26 2025 GMT Not After : Sep 25 18:47:26 2025 GMT Subject: CN=68cc53be-58b9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:eb:51:b0:55:29:a7:a3:e7:35:4d:37:b9:35: b0:27:14:ae:0e:6b:96:6d:4f:4c:ad:3d:88:cb:bb: 23:91:15:b7:b3:38:7c:56:82:32:3b:1f:40:78:85: d5:ab:d0:f5:9a:bc:33:eb:8d:3c:89:31:dc:59:88: 9c:44:95:58:ba:7f:5e:42:75:62:13:f9:ac:31:e8: 98:48:b9:bf:82:f1:5b:36:bf:75:c0:bb:f5:b5:82: 7c:e8:e0:86:f7:e8:49:1c:47:5c:ca:2d:49:e9:90: 00:f4:b6:1f:17:c9:b7:4f:81:82:41:c6:d4:45:e6: 5c:83:ba:4a:3c:ca:77:be:7d:07:83:7e:d6:35:13: 1c:c2:02:d0:bf:d1:88:31:55:c8:40:e6:2e:fb:da: a5:50:23:cf:03:3f:23:13:10:ab:45:b2:30:3f:1e: aa:a7:f5:14:b6:e6:0a:42:f5:6d:b8:76:30:35:f7: e1:9a:c0:cb:da:2d:60:32:fe:0c:8d:3c:7f:19:8d: 00:5c:b6:cf:9f:98:0e:78:a8:8c:70:d9:e4:77:be: 12:eb:2d:ad:21:a3:1b:c8:78:ae:b9:b2:34:d2:35: 0c:6f:5b:44:e4:46:3f:36:c7:8f:ea:85:3a:6f:3e: d1:38:d8:f2:ca:7b:65:d2:63:cb:95:72:47:b2:41: 1a:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:26:43:0C:E4:4A:A2:90:0C:11:78:24:1E:EF:75:0C:AC:13:8B:C5 X509v3 Authority Key Identifier: keyid:DC:57:A3:99:7B:5F:7C:E8:FB:C9:B4:D9:8B:3D:45:D6:33:07:71:18 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b1:25:aa:95:2f:54:a2:15:7c:8a:26:57:9d:fb:47:1b:87:96: b8:dc:36:01:71:1e:32:a0:75:83:57:46:5f:c3:92:74:d9:8e: a1:e8:47:26:99:0c:70:c1:06:a5:fc:a6:fe:67:2c:3d:a5:c2: 36:eb:94:b6:69:f7:84:26:2a:9c:ea:2d:18:e6:17:46:be:d7: eb:6a:c5:f4:6b:35:b0:5a:1d:84:d5:06:df:82:c8:ac:ec:a7: 27:7b:3d:b1:a3:ab:af:8c:4d:30:cf:88:9f:da:f2:ad:d0:b8: 83:a4:14:15:91:43:41:99:bd:f0:95:a7:60:fd:14:6d:54:96: f2:9e:bc:c3:e5:f1:03:72:30:aa:5b:ec:1f:3a:48:cf:48:47: 4a:16:30:64:1e:be:36:00:05:75:39:67:ea:3e:1d:6c:65:5e: f7:b6:a9:da:a3:fb:18:48:4c:fb:61:83:57:eb:2c:4c:91:7a: 93:9f:4e:7c:e7:0c:86:ec:6b:09:4d:1e:31:09:2b:6f:c0:17: 91:68:73:6c:11:91:c8:2f:05:eb:4e:a4:24:ed:a3:9b:12:b4: 06:e0:57:5d:88:20:23:2e:df:c0:62:5d:6e:09:3e:ed:cc:c1: 6b:3b:5a:d4:00:aa:ef:09:1b:ba:b6:79:dc:68:31:eb:7e:ca: c3:57:ac:90 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDFEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0NBQkIxMTAvBgNVBAUTKERDNTdBMzk5N0I1RjdDRThGQkM5QjREOThCM0Q0NUQ2 MzMwNzcxMTgwHhcNMjUwOTE4MTg0NzI2WhcNMjUwOTI1MTg0NzI2WjAYMRYwFAYD VQQDEw02OGNjNTNiZS01OGI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApOtRsFUpp6PnNU03uTWwJxSuDmuWbU9MrT2Iy7sjkRW3szh8VoIyOx9AeIXV q9D1mrwz6408iTHcWYicRJVYun9eQnViE/msMeiYSLm/gvFbNr91wLv1tYJ86OCG 9+hJHEdcyi1J6ZAA9LYfF8m3T4GCQcbUReZcg7pKPMp3vn0Hg37WNRMcwgLQv9GI MVXIQOYu+9qlUCPPAz8jExCrRbIwPx6qp/UUtuYKQvVtuHYwNffhmsDL2i1gMv4M jTx/GY0AXLbPn5gOeKiMcNnkd74S6y2tIaMbyHiuubI00jUMb1tE5EY/NseP6oU6 bz7RONjyyntl0mPLlXJHskEaFwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFAmQwzk SqKQDBF4JB7vdQysE4vFMB8GA1UdIwQYMBaAFNxXo5l7X3zo+8m02Ys9RdYzB3EY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Q0FCQi8wNzY3NUYxRTBG NjkxMUVBQTlENTI2NTBDNEY5QUUwMi8zRmVqbVh0ZmZPajd5YlRaaXoxRjFqTUhj UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNGZWptWHRmZk9qN3liVFppejFGMWpNSGNSZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 Q0FCQi8wNzY3NUYxRTBGNjkxMUVBQTlENTI2NTBDNEY5QUUwMi8zRmVqbVh0ZmZP ajd5YlRaaXoxRjFqTUhjUmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCxJaqVL1SiFXyKJled+0cbh5a43DYBcR4yoHWDV0Zfw5J02Y6h6Ecm mQxwwQal/Kb+Zyw9pcI265S2afeEJiqc6i0Y5hdGvtfrasX0azWwWh2E1Qbfgsis 7Kcnez2xo6uvjE0wz4if2vKt0LiDpBQVkUNBmb3wladg/RRtVJbynrzD5fEDcjCq W+wfOkjPSEdKFjBkHr42AAV1OWfqPh1sZV73tqnao/sYSEz7YYNX6yxMkXqTn058 5wyG7GsJTR4xCStvwBeRaHNsEZHILwXrTqQk7aObErQG4FddiCAjLt/AYl1uCT7t zMFrO1rUAKrvCRu6tnncaDHrfsrDV6yQ -----END CERTIFICATE-----Generated at Thu Sep 18 20:34:36 2025 by rpki-client