$ rpki-client -vvf rpki.apnic.net/member_repository/A91A840E/DA10FF6662EE11E3AAD99F835911EA32/f3UA8ZRiBwd03Is7S5avThubtUU.mft File: f3UA8ZRiBwd03Is7S5avThubtUU.mft (raw, json) Hash identifier: Ab0DdQPrZG53Z/O95Vhlyzuk7XHCDJq1td38OkVR+to= Subject key identifier: 2F:CF:FA:70:E9:BB:E9:F4:C4:E3:D5:37:A9:76:ED:98:57:91:17:41 Authority key identifier: 7F:75:00:F1:94:62:07:07:74:DC:8B:3B:4B:96:AF:4E:1B:9B:B5:45 Certificate issuer: /CN=A91A840E/serialNumber=7F7500F19462070774DC8B3B4B96AF4E1B9BB545 Certificate serial: 2E38 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f3UA8ZRiBwd03Is7S5avThubtUU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A840E/DA10FF6662EE11E3AAD99F835911EA32/f3UA8ZRiBwd03Is7S5avThubtUU.mft Manifest number: 2E38 Signing time: Sun 24 Aug 2025 15:27:40 +0000 Manifest this update: Sun 24 Aug 2025 15:27:39 +0000 Manifest next update: Sun 31 Aug 2025 15:27:39 +0000 Files and hashes: 1: f3UA8ZRiBwd03Is7S5avThubtUU.crl (hash: xKED4ncF/TxOER/z63Yda974qTY4M+jXV+h/Kw2g7Pg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A840E/DA10FF6662EE11E3AAD99F835911EA32/f3UA8ZRiBwd03Is7S5avThubtUU.crl rsync://rpki.apnic.net/member_repository/A91A840E/DA10FF6662EE11E3AAD99F835911EA32/f3UA8ZRiBwd03Is7S5avThubtUU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f3UA8ZRiBwd03Is7S5avThubtUU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 31 Aug 2025 15:27:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11832 (0x2e38) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A840E, serialNumber=7F7500F19462070774DC8B3B4B96AF4E1B9BB545 Validity Not Before: Aug 24 15:27:39 2025 GMT Not After : Aug 31 15:27:39 2025 GMT Subject: CN=68ab2f6b-b57a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:22:a0:09:3b:0b:86:07:0b:ad:83:a8:f5:65: 99:22:32:7d:dc:bf:f0:b6:7e:ca:c6:a8:9f:dd:99: 83:b4:b8:93:40:5f:99:c8:9a:99:e4:b2:64:f3:49: fb:a4:d5:88:5e:af:05:10:92:b6:3d:fe:92:3a:12: f3:be:a5:f3:5a:34:72:ab:3a:56:2f:3d:30:e0:87: e8:1e:45:96:43:cf:68:8c:5d:c7:c3:24:2f:b7:ce: d0:23:dd:46:3e:46:37:23:17:a5:31:9b:9e:01:13: ef:49:f4:95:f8:c3:ab:2a:ef:d4:c9:1b:5c:ce:20: ad:0e:d5:96:81:38:dc:1a:42:3e:6b:54:d0:9f:a2: 33:d2:bc:4a:0b:59:e0:9f:b2:b2:f4:b4:86:af:cc: 39:aa:b0:cf:77:58:06:39:16:c9:b6:b6:0a:cf:89: 60:e1:82:80:03:b3:c5:bf:58:a0:68:4a:81:2b:62: 0b:df:bd:2c:11:9b:ae:d9:7f:9f:9f:64:a2:57:f0: 11:8e:ed:6d:6d:83:20:37:d8:ac:8d:d7:9b:81:27: 96:de:26:90:f2:ce:bb:21:8f:e2:b4:92:17:66:5b: 0b:22:72:ef:ea:10:0b:63:c3:9c:66:aa:f1:2f:f2: e5:02:cd:27:16:29:1e:e2:07:1a:9c:c8:d7:af:1d: 80:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:CF:FA:70:E9:BB:E9:F4:C4:E3:D5:37:A9:76:ED:98:57:91:17:41 X509v3 Authority Key Identifier: keyid:7F:75:00:F1:94:62:07:07:74:DC:8B:3B:4B:96:AF:4E:1B:9B:B5:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A840E/DA10FF6662EE11E3AAD99F835911EA32/f3UA8ZRiBwd03Is7S5avThubtUU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f3UA8ZRiBwd03Is7S5avThubtUU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A840E/DA10FF6662EE11E3AAD99F835911EA32/f3UA8ZRiBwd03Is7S5avThubtUU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9f:3c:e1:17:79:30:4f:65:c6:43:49:fd:06:35:cc:dd:60:70: ed:40:44:67:5d:b1:e6:b1:20:a4:4b:bb:8f:4f:1e:fb:f6:dd: 13:97:34:75:49:f1:a1:30:2b:a8:9b:85:de:63:3d:de:aa:dc: 36:70:6c:70:92:bd:9d:b1:d3:64:b0:6d:8e:85:5a:59:cd:47: 9b:f8:d6:29:4d:3c:ff:8c:c1:12:84:ce:6d:f3:e8:6e:bf:48: cf:03:ac:ed:fc:74:b4:0c:8f:5b:d6:22:c0:f6:6d:8b:15:65: 9e:d2:5a:31:88:0f:44:fb:c7:58:e5:47:85:01:e1:56:9a:98: f5:af:f7:ec:8a:1e:63:86:db:4e:51:d3:68:0b:79:8f:24:5b: df:26:24:59:db:2b:14:32:0f:85:18:67:09:0f:fe:51:06:7f: db:2c:73:ea:2f:46:9d:6b:95:47:55:9f:88:bc:63:2b:f1:a6: 6e:99:7b:60:96:06:02:75:98:0e:8b:7f:68:75:2f:e6:b2:44: 51:40:2d:26:4c:ba:5c:29:5d:62:f8:39:6d:c3:db:67:c1:51: 09:f7:40:a9:49:3f:f7:e6:5a:bc:2e:f3:12:cf:e9:8a:a0:11: 46:59:07:4b:1f:aa:d1:86:28:11:0f:d4:a6:58:7e:bb:4b:0a: 04:3a:79:31 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICLjgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTg0MEUxMTAvBgNVBAUTKDdGNzUwMEYxOTQ2MjA3MDc3NERDOEIzQjRCOTZBRjRF MUI5QkI1NDUwHhcNMjUwODI0MTUyNzM5WhcNMjUwODMxMTUyNzM5WjAYMRYwFAYD VQQDEw02OGFiMmY2Yi1iNTdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmiKgCTsLhgcLrYOo9WWZIjJ93L/wtn7Kxqif3ZmDtLiTQF+ZyJqZ5LJk80n7 pNWIXq8FEJK2Pf6SOhLzvqXzWjRyqzpWLz0w4IfoHkWWQ89ojF3HwyQvt87QI91G PkY3IxelMZueARPvSfSV+MOrKu/UyRtcziCtDtWWgTjcGkI+a1TQn6Iz0rxKC1ng n7Ky9LSGr8w5qrDPd1gGORbJtrYKz4lg4YKAA7PFv1igaEqBK2IL370sEZuu2X+f n2SiV/ARju1tbYMgN9isjdebgSeW3iaQ8s67IY/itJIXZlsLInLv6hALY8OcZqrx L/LlAs0nFike4gcanMjXrx2ARQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC/P+nDp u+n0xOPVN6l27ZhXkRdBMB8GA1UdIwQYMBaAFH91APGUYgcHdNyLO0uWr04bm7VF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBODQwRS9EQTEwRkY2NjYy RUUxMUUzQUFEOTlGODM1OTExRUEzMi9mM1VBOFpSaUJ3ZDAzSXM3UzVhdlRodWJ0 VVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2YzVUE4WlJpQndkMDNJczdTNWF2VGh1YnRVVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB ODQwRS9EQTEwRkY2NjYyRUUxMUUzQUFEOTlGODM1OTExRUEzMi9mM1VBOFpSaUJ3 ZDAzSXM3UzVhdlRodWJ0VVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCfPOEXeTBPZcZDSf0GNczdYHDtQERnXbHmsSCkS7uPTx779t0TlzR1 SfGhMCuom4XeYz3eqtw2cGxwkr2dsdNksG2OhVpZzUeb+NYpTTz/jMEShM5t8+hu v0jPA6zt/HS0DI9b1iLA9m2LFWWe0loxiA9E+8dY5UeFAeFWmpj1r/fsih5jhttO UdNoC3mPJFvfJiRZ2ysUMg+FGGcJD/5RBn/bLHPqL0ada5VHVZ+IvGMr8aZumXtg lgYCdZgOi39odS/mskRRQC0mTLpcKV1i+Dltw9tnwVEJ90CpST/35lq8LvMSz+mK oBFGWQdLH6rRhigRD9SmWH67SwoEOnkx -----END CERTIFICATE-----Generated at Sun Aug 24 21:52:12 2025 by rpki-client