$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.mft File: 3XyND0ePm-ar9znAT1tb5NyfYfg.mft (raw, json) Hash identifier: aJuQvodUDl9gc3zhas2MRevSnJRlyZdQNMlprK99gFE= Subject key identifier: 63:37:5B:44:45:30:12:5E:F3:68:2A:1E:F3:C6:E8:8D:31:2E:10:FB Authority key identifier: DD:7C:8D:0F:47:8F:9B:E6:AB:F7:39:C0:4F:5B:5B:E4:DC:9F:61:F8 Certificate issuer: /CN=A91B1E55/serialNumber=DD7C8D0F478F9BE6ABF739C04F5B5BE4DC9F61F8 Certificate serial: B4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3XyND0ePm-ar9znAT1tb5NyfYfg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.mft Manifest number: B2 Signing time: Fri 05 Sep 2025 06:27:09 +0000 Manifest this update: Fri 05 Sep 2025 06:27:09 +0000 Manifest next update: Fri 12 Sep 2025 06:27:08 +0000 Files and hashes: 1: 3XyND0ePm-ar9znAT1tb5NyfYfg.crl (hash: MMsca6+j146cqZOW2Mg+//F0vL+xKhV4oHGzVb/DpI4=) 2: EAF1E48478FA11EF9043060AC4F9AE02.roa (hash: Y94sd9E5GlcMt+lxymyuqjd3AEApdFlcMVQYEZaGYA0=) 3: EA810E6278FA11EF9043060AC4F9AE02.roa (hash: jUEy/iUbesTw/bKzIqKbuM3aQtOsfpKNSiK5hvDoL0g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.crl rsync://rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3XyND0ePm-ar9znAT1tb5NyfYfg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Sep 2025 06:27:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 180 (0xb4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B1E55, serialNumber=DD7C8D0F478F9BE6ABF739C04F5B5BE4DC9F61F8 Validity Not Before: Sep 5 06:27:09 2025 GMT Not After : Sep 12 06:27:08 2025 GMT Subject: CN=68ba82bd-63a7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:9e:54:87:7d:54:15:17:6a:7c:cf:63:33:9d: 8f:3f:84:a2:4e:8d:7b:a3:51:1e:dc:d2:29:98:98: a1:ca:22:8b:7d:48:87:9e:cb:5b:07:92:db:64:d1: cd:1b:3c:2a:34:68:30:db:8d:9a:e3:f0:ac:cb:2c: 5d:da:0b:87:ec:1d:19:df:91:58:22:67:4a:1f:4d: c2:75:2f:16:0b:5e:b0:6d:43:bf:ac:58:ff:39:4b: c2:9e:46:42:d6:3a:f5:9f:d0:c9:75:35:73:96:63: 92:86:a9:37:c8:52:e1:7d:f1:b7:50:da:69:f0:6d: c8:82:5c:9b:38:64:62:e5:fe:e3:18:4b:36:ab:08: e6:5d:af:fc:07:f6:fc:dc:f8:a6:34:ad:61:44:24: 44:fb:3d:f4:0c:bd:33:3b:4a:ed:e6:d7:9f:9a:e4: 7f:11:37:87:4b:5e:75:be:52:1b:e9:46:b8:ff:a3: 81:c8:67:d4:ce:13:7a:84:91:5b:a8:9c:ae:9b:ed: f5:d6:4b:0f:cd:0e:94:14:67:7c:b5:36:4b:a2:bb: 1f:e8:58:2d:96:64:20:81:b5:a3:d8:a3:a3:5b:70: d7:c0:3a:43:2a:cb:b6:ca:26:29:28:79:65:bb:78: 0a:18:a4:df:a9:12:f4:ec:e1:09:a8:15:8e:c0:72: b5:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:37:5B:44:45:30:12:5E:F3:68:2A:1E:F3:C6:E8:8D:31:2E:10:FB X509v3 Authority Key Identifier: keyid:DD:7C:8D:0F:47:8F:9B:E6:AB:F7:39:C0:4F:5B:5B:E4:DC:9F:61:F8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3XyND0ePm-ar9znAT1tb5NyfYfg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 08:33:b7:a6:83:35:69:ab:a4:c2:1e:a5:06:af:94:6c:39:b1: cf:67:06:8b:14:25:fd:31:4d:c4:82:72:c5:61:aa:09:71:b3: 7d:3a:23:58:3f:82:fc:07:2f:93:17:00:31:af:e3:9c:72:be: 04:23:e9:e0:b7:14:91:71:10:29:89:47:2a:99:ce:55:74:75: 00:c6:38:77:4d:d2:6a:3e:98:7d:38:cd:af:92:a8:29:36:22: 74:fd:9d:6e:e0:78:7d:6b:27:0c:78:f3:61:1c:26:0d:c0:da: dc:d2:b0:e8:9b:b1:83:1c:a5:6d:7d:c4:68:aa:04:68:7d:a3: eb:9c:18:6b:9c:c8:35:f7:17:3c:46:8d:5b:84:b6:92:7d:89: 3c:8e:11:4e:56:d7:6d:86:61:98:c8:da:a1:c9:95:92:bc:c8: 91:2d:14:25:6a:f5:1f:c1:90:92:b0:83:af:fd:6e:be:05:8f: bd:bb:b7:fe:0c:52:72:6f:4c:2b:13:d1:56:8d:db:73:04:66: bb:47:b1:b9:2f:9e:2c:ec:8f:5b:1b:39:bf:a0:79:da:d8:96: 49:20:b8:95:ec:92:89:c8:f2:b0:76:56:4c:b3:26:26:eb:aa: 7b:07:70:7c:31:d7:99:f6:30:7d:65:a0:3b:d7:03:99:59:9e: 56:11:66:8f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICALQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjFFNTUxMTAvBgNVBAUTKEREN0M4RDBGNDc4RjlCRTZBQkY3MzlDMDRGNUI1QkU0 REM5RjYxRjgwHhcNMjUwOTA1MDYyNzA5WhcNMjUwOTEyMDYyNzA4WjAYMRYwFAYD VQQDEw02OGJhODJiZC02M2E3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyZ5Uh31UFRdqfM9jM52PP4SiTo17o1Ee3NIpmJihyiKLfUiHnstbB5LbZNHN GzwqNGgw242a4/Csyyxd2guH7B0Z35FYImdKH03CdS8WC16wbUO/rFj/OUvCnkZC 1jr1n9DJdTVzlmOShqk3yFLhffG3UNpp8G3IglybOGRi5f7jGEs2qwjmXa/8B/b8 3PimNK1hRCRE+z30DL0zO0rt5tefmuR/ETeHS151vlIb6Ua4/6OByGfUzhN6hJFb qJyum+311ksPzQ6UFGd8tTZLorsf6FgtlmQggbWj2KOjW3DXwDpDKsu2yiYpKHll u3gKGKTfqRL07OEJqBWOwHK1qwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGM3W0RF MBJe82gqHvPG6I0xLhD7MB8GA1UdIwQYMBaAFN18jQ9Hj5vmq/c5wE9bW+Tcn2H4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMUU1NS80QzA5ODYyRTc4 RkExMUVGQTQ0RkU1ODZDNEY5QUUwMi8zWHlORDBlUG0tYXI5em5BVDF0YjVOeWZZ ZmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzNYeU5EMGVQbS1hcjl6bkFUMXRiNU55ZllmZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MUU1NS80QzA5ODYyRTc4RkExMUVGQTQ0RkU1ODZDNEY5QUUwMi8zWHlORDBlUG0t YXI5em5BVDF0YjVOeWZZZmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAIM7emgzVpq6TCHqUGr5RsObHPZwaLFCX9MU3EgnLFYaoJcbN9OiNY P4L8By+TFwAxr+Occr4EI+ngtxSRcRApiUcqmc5VdHUAxjh3TdJqPph9OM2vkqgp NiJ0/Z1u4Hh9aycMePNhHCYNwNrc0rDom7GDHKVtfcRoqgRofaPrnBhrnMg19xc8 Ro1bhLaSfYk8jhFOVtdthmGYyNqhyZWSvMiRLRQlavUfwZCSsIOv/W6+BY+9u7f+ DFJyb0wrE9FWjdtzBGa7R7G5L54s7I9bGzm/oHna2JZJILiV7JKJyPKwdlZMsyYm 66p7B3B8MdeZ9jB9ZaA71wOZWZ5WEWaP -----END CERTIFICATE-----Generated at Sat Sep 6 21:35:56 2025 by rpki-client