$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.mft File: 3aSfQfYYpV-cp8_FW66nthbZV2I.mft (raw, json) Hash identifier: 0+JtNFD/oOOGt1O4TNah0zPf1DgZGuTbDIECyLXfqsw= Subject key identifier: 72:F0:8F:8B:48:6A:FD:BA:15:F8:46:D1:83:03:26:62:6B:6E:11:1F Authority key identifier: DD:A4:9F:41:F6:18:A5:5F:9C:A7:CF:C5:5B:AE:A7:B6:16:D9:57:62 Certificate issuer: /CN=A91A7273/serialNumber=DDA49F41F618A55F9CA7CFC55BAEA7B616D95762 Certificate serial: 71 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3aSfQfYYpV-cp8_FW66nthbZV2I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.mft Manifest number: 70 Signing time: Tue 09 Sep 2025 07:02:00 +0000 Manifest this update: Tue 09 Sep 2025 07:01:59 +0000 Manifest next update: Tue 16 Sep 2025 07:01:59 +0000 Files and hashes: 1: 3aSfQfYYpV-cp8_FW66nthbZV2I.crl (hash: 7BcTAs4YcmCpealEGKRDvN7GP/wtAU8YZQTqBCfopYY=) 2: 3958EEC642BB11F0B449BB81C4F9AE02.roa (hash: SygYrtM3v/MPPC9qe7TYDUy1/kulSQDEnXRN8vMuKwo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.crl rsync://rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3aSfQfYYpV-cp8_FW66nthbZV2I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 16 Sep 2025 07:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 113 (0x71) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A7273, serialNumber=DDA49F41F618A55F9CA7CFC55BAEA7B616D95762 Validity Not Before: Sep 9 07:01:59 2025 GMT Not After : Sep 16 07:01:59 2025 GMT Subject: CN=68bfd0e8-1649 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:7b:b3:f8:41:33:c0:04:84:a0:1d:0e:fa:d4: 02:80:a6:f0:30:6c:9f:0f:86:49:9f:b0:22:ce:9e: bf:d1:8f:db:a2:c0:2f:b8:7d:44:73:2d:fb:f7:17: de:08:d4:41:3e:22:b7:aa:33:46:2f:36:af:b7:60: 11:87:c7:fc:6a:5f:9b:35:9e:31:f3:45:f5:9e:58: fc:bd:67:4c:86:1b:68:bc:99:7d:ca:a4:9c:2c:c1: 9b:d7:f4:40:f0:fe:d3:c3:47:1d:84:be:03:03:15: 65:08:1a:e9:07:da:02:52:6b:dc:b9:ac:7c:35:8d: 42:22:3a:fb:bb:43:66:a5:01:8e:b9:2d:bb:86:d0: 91:4c:65:69:52:7c:7d:a0:36:27:93:89:ab:a3:1c: 69:b5:2f:0f:a9:cf:9c:64:26:7b:24:cb:92:0d:90: 0d:56:82:cc:a4:b6:41:b5:17:42:33:cc:da:a5:84: 96:df:3e:50:ac:16:c3:21:f6:7e:e6:8b:c8:3a:00: 66:bb:c3:d3:4d:7e:62:64:f2:cc:d3:02:e2:a6:7a: ec:49:6a:7e:e5:d9:95:63:fe:99:4e:4b:be:8f:f1: 5c:06:d0:a6:2c:77:fa:7a:ca:0a:69:b1:f4:69:97: 8b:0b:11:67:52:ce:e9:f1:a2:45:c8:dd:92:31:c3: 45:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:F0:8F:8B:48:6A:FD:BA:15:F8:46:D1:83:03:26:62:6B:6E:11:1F X509v3 Authority Key Identifier: keyid:DD:A4:9F:41:F6:18:A5:5F:9C:A7:CF:C5:5B:AE:A7:B6:16:D9:57:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3aSfQfYYpV-cp8_FW66nthbZV2I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 18:5d:2e:4d:c7:46:50:da:84:8f:04:86:4a:1e:b7:77:04:ff: 71:7a:ee:7c:17:1e:2e:15:b5:5a:18:47:bb:97:03:cb:e6:f6: 4b:5d:d8:d0:30:f1:55:d9:93:d2:bd:cf:40:7e:d2:1a:84:d1: 9d:b6:e3:ad:fc:60:84:40:ac:ce:38:ec:c8:d4:08:90:b7:6a: 23:13:c4:47:aa:f7:ee:9a:32:f7:a3:1e:b8:47:26:b8:8a:ed: bf:9c:d1:02:2d:2c:4e:82:8c:9c:cb:86:85:cb:a2:ba:fe:cf: ce:ed:1a:79:19:64:3f:bf:d1:f5:83:e0:0b:c0:95:5e:be:85: 8e:b5:d7:8d:b9:3d:f5:0f:9a:3a:e1:76:47:f2:e0:83:76:a3: e6:7b:76:38:8e:24:3f:b0:8c:ef:35:fc:3e:5d:85:30:a7:85: a6:8f:6e:df:e6:e0:1f:8a:c2:0f:e4:ca:78:49:de:c4:80:9a: 01:34:25:3f:2e:8d:62:ed:e1:df:89:33:ec:66:28:77:5e:40: 4c:db:41:59:34:c8:56:31:fa:af:45:5a:36:99:29:fc:ee:48: 4c:a8:09:16:aa:24:be:61:a7:52:e4:d3:59:f5:ed:3a:87:d4: b4:74:9c:70:1d:fc:99:7a:92:f4:da:e9:38:05:06:22:ba:80: 40:30:0e:a0 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBcTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB NzI3MzExMC8GA1UEBRMoRERBNDlGNDFGNjE4QTU1RjlDQTdDRkM1NUJBRUE3QjYx NkQ5NTc2MjAeFw0yNTA5MDkwNzAxNTlaFw0yNTA5MTYwNzAxNTlaMBgxFjAUBgNV BAMTDTY4YmZkMGU4LTE2NDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDAe7P4QTPABISgHQ761AKApvAwbJ8PhkmfsCLOnr/Rj9uiwC+4fURzLfv3F94I 1EE+IreqM0YvNq+3YBGHx/xqX5s1njHzRfWeWPy9Z0yGG2i8mX3KpJwswZvX9EDw /tPDRx2EvgMDFWUIGukH2gJSa9y5rHw1jUIiOvu7Q2alAY65LbuG0JFMZWlSfH2g NieTiaujHGm1Lw+pz5xkJnsky5INkA1WgsyktkG1F0IzzNqlhJbfPlCsFsMh9n7m i8g6AGa7w9NNfmJk8szTAuKmeuxJan7l2ZVj/plOS76P8VwG0KYsd/p6ygppsfRp l4sLEWdSzunxokXI3ZIxw0WJAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUcvCPi0hq /boV+EbRgwMmYmtuER8wHwYDVR0jBBgwFoAU3aSfQfYYpV+cp8/FW66nthbZV2Iw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE3MjczL0ZDNTA1MDBFRTc3 MTExRUY5REZCREQ1MEM0RjlBRTAyLzNhU2ZRZllZcFYtY3A4X0ZXNjZudGhiWlYy SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvM2FTZlFmWVlwVi1jcDhfRlc2Nm50aGJaVjJJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE3 MjczL0ZDNTA1MDBFRTc3MTExRUY5REZCREQ1MEM0RjlBRTAyLzNhU2ZRZllZcFYt Y3A4X0ZXNjZudGhiWlYySS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABhdLk3HRlDahI8Ehkoet3cE/3F67nwXHi4VtVoYR7uXA8vm9ktd2NAw 8VXZk9K9z0B+0hqE0Z224638YIRArM447MjUCJC3aiMTxEeq9+6aMvejHrhHJriK 7b+c0QItLE6CjJzLhoXLorr+z87tGnkZZD+/0fWD4AvAlV6+hY611425PfUPmjrh dkfy4IN2o+Z7djiOJD+wjO81/D5dhTCnhaaPbt/m4B+Kwg/kynhJ3sSAmgE0JT8u jWLt4d+JM+xmKHdeQEzbQVk0yFYx+q9FWjaZKfzuSEyoCRaqJL5hp1Lk01n17TqH 1LR0nHAd/Jl6kvTa6TgFBiK6gEAwDqA= -----END CERTIFICATE-----Generated at Tue Sep 9 13:18:08 2025 by rpki-client