$ rpki-client -vvf rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft File: 3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft (raw, json) Hash identifier: 0bK4UV2NvfdptorC5NpYOHUiMOKBZOfDAijFj1MlSM0= Subject key identifier: E7:B8:2B:1A:2C:B3:70:2B:B2:24:26:41:C4:E0:1C:61:0D:18:BB:6C Authority key identifier: DE:4C:E9:60:A3:93:0A:B4:C2:27:FC:E8:F8:57:C0:84:19:7F:08:D0 Certificate issuer: /CN=A918F1C9/serialNumber=DE4CE960A3930AB4C227FCE8F857C084197F08D0 Certificate serial: 78 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft Manifest number: 0A9B Signing time: Thu 18 Sep 2025 20:31:07 +0000 Manifest this update: Thu 18 Sep 2025 20:31:07 +0000 Manifest next update: Thu 25 Sep 2025 20:31:07 +0000 Files and hashes: 1: 3kzpYKOTCrTCJ_zo-FfAhBl_CNA.crl (hash: d2tA7UUBM+6wTGyZ+JvVJR/suuo4GMhPMCe/WrMP354=) 2: 93E4B52CE43E11EF91571D16C4F9AE02.roa (hash: bxEMXPw0Uf6AR6ksTo+EYnAV7IQpuoAnSjrI4XOmEWM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.crl rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Sep 2025 20:31:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 120 (0x78) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918F1C9, serialNumber=DE4CE960A3930AB4C227FCE8F857C084197F08D0 Validity Not Before: Sep 18 20:31:07 2025 GMT Not After : Sep 25 20:31:07 2025 GMT Subject: CN=68cc6c0b-cf68 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:cc:37:9b:ef:12:d8:bc:fe:fc:34:db:1f:b8: 41:f0:71:a0:fd:76:fe:0d:27:34:fe:4e:d4:dd:de: 5a:fb:30:e8:f8:d8:d0:9e:cf:4b:b7:4b:45:16:4d: 96:60:0a:86:fd:d7:50:9c:ce:a1:1b:4b:57:94:fa: 06:6a:ef:4b:db:ce:9f:0c:b8:a5:84:ad:8b:a6:c4: 9e:68:9b:48:ea:ba:0f:21:85:96:e9:51:bc:4f:e3: 26:37:b3:b0:0d:d4:ec:72:41:6a:b9:f7:d7:8e:28: 1b:07:dd:52:ad:7b:2d:62:42:e6:9e:68:1b:5c:4d: c8:a5:4f:37:8b:57:0c:ce:a3:b0:f2:1d:00:da:b9: fb:e4:9d:31:27:da:e5:ad:6d:28:a3:a6:a1:18:94: ef:82:af:99:4c:f5:84:b0:ef:ae:16:29:c5:6f:35: d0:02:4d:e2:98:9b:ee:f9:20:bf:a0:30:ae:02:7d: 20:93:28:29:fc:05:59:77:8b:c6:b3:ac:1c:a9:a3: 73:10:9a:f9:23:04:08:71:49:63:ba:1c:0a:fd:a4: 3a:ab:55:1a:bf:b6:ea:47:63:a7:77:f0:0b:11:29: 1c:59:2e:c8:bb:b5:a5:3b:f6:59:29:e0:e3:9c:67: 5a:9d:54:37:c2:67:84:9a:4f:07:43:5f:71:dc:13: ec:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:B8:2B:1A:2C:B3:70:2B:B2:24:26:41:C4:E0:1C:61:0D:18:BB:6C X509v3 Authority Key Identifier: keyid:DE:4C:E9:60:A3:93:0A:B4:C2:27:FC:E8:F8:57:C0:84:19:7F:08:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/3kzpYKOTCrTCJ_zo-FfAhBl_CNA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a5:f1:53:65:c3:06:33:07:c2:1a:fe:e8:a1:cb:15:f9:fb:05: 91:1b:f8:9f:e9:ab:04:7b:8d:1f:2b:7b:0a:30:bf:0f:c0:4a: a7:77:61:13:c9:29:e8:d5:6b:05:18:d9:34:00:9d:84:1b:5e: 47:f9:9b:3f:53:fd:a9:ac:e1:c6:20:2c:dc:a1:75:b6:c7:5f: c0:b3:74:fc:be:48:85:e2:3f:6d:be:f7:94:b0:5e:45:b5:0f: 8d:8e:0d:33:b4:e9:9d:77:51:a7:5d:41:1b:74:23:fc:10:87: 62:77:4c:94:54:61:79:71:be:e9:48:06:ad:82:74:69:63:a7: 58:91:46:d1:d1:bd:9c:14:5a:da:78:38:44:9e:e2:87:f3:b1: 09:80:1c:ee:a8:fa:26:da:25:10:51:df:86:c8:2e:66:30:9e: 38:3b:87:76:6c:06:f8:90:30:98:0e:7c:8e:9e:4d:c3:8f:e5: 73:95:f1:3d:61:36:fe:c3:d9:bf:91:c1:14:53:a6:53:b7:a2: 8d:00:f0:bf:43:90:9f:4f:09:d3:3f:76:7c:07:aa:0c:b8:bc: 48:d7:bd:3b:9e:2f:5e:fe:24:71:e4:c6:c9:6b:ac:27:13:d4: bc:4e:cb:c3:15:f2:ea:13:24:a8:f0:56:a2:c5:19:e3:c9:54: a3:c9:bf:66 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBeDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4 RjFDOTExMC8GA1UEBRMoREU0Q0U5NjBBMzkzMEFCNEMyMjdGQ0U4Rjg1N0MwODQx OTdGMDhEMDAeFw0yNTA5MTgyMDMxMDdaFw0yNTA5MjUyMDMxMDdaMBgxFjAUBgNV BAMTDTY4Y2M2YzBiLWNmNjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDozDeb7xLYvP78NNsfuEHwcaD9dv4NJzT+TtTd3lr7MOj42NCez0u3S0UWTZZg Cob911CczqEbS1eU+gZq70vbzp8MuKWErYumxJ5om0jqug8hhZbpUbxP4yY3s7AN 1OxyQWq599eOKBsH3VKtey1iQuaeaBtcTcilTzeLVwzOo7DyHQDaufvknTEn2uWt bSijpqEYlO+Cr5lM9YSw764WKcVvNdACTeKYm+75IL+gMK4CfSCTKCn8BVl3i8az rBypo3MQmvkjBAhxSWO6HAr9pDqrVRq/tupHY6d38AsRKRxZLsi7taU79lkp4OOc Z1qdVDfCZ4SaTwdDX3HcE+ydAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU57grGiyz cCuyJCZBxOAcYQ0Yu2wwHwYDVR0jBBgwFoAU3kzpYKOTCrTCJ/zo+FfAhBl/CNAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThGMUM5LzZBNTdBQjhDN0Y5 NTExRUFCMEVEODUzN0M0RjlBRTAyLzNrenBZS09UQ3JUQ0pfem8tRmZBaEJsX0NO QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvM2t6cFlLT1RDclRDSl96by1GZkFoQmxfQ05BLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThG MUM5LzZBNTdBQjhDN0Y5NTExRUFCMEVEODUzN0M0RjlBRTAyLzNrenBZS09UQ3JU Q0pfem8tRmZBaEJsX0NOQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKXxU2XDBjMHwhr+6KHLFfn7BZEb+J/pqwR7jR8rewowvw/ASqd3YRPJ KejVawUY2TQAnYQbXkf5mz9T/ams4cYgLNyhdbbHX8CzdPy+SIXiP22+95SwXkW1 D42ODTO06Z13UaddQRt0I/wQh2J3TJRUYXlxvulIBq2CdGljp1iRRtHRvZwUWtp4 OESe4ofzsQmAHO6o+ibaJRBR34bILmYwnjg7h3ZsBviQMJgOfI6eTcOP5XOV8T1h Nv7D2b+RwRRTplO3oo0A8L9DkJ9PCdM/dnwHqgy4vEjXvTueL17+JHHkxslrrCcT 1LxOy8MV8uoTJKjwVqLFGePJVKPJv2Y= -----END CERTIFICATE-----Generated at Fri Sep 19 04:06:33 2025 by rpki-client