$ rpki-client -vvf rpki.apnic.net/member_repository/A91B569E/2525C7C84D2511EDA6DDD22EC4F9AE02/3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.mft File: 3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.mft (raw, json) Hash identifier: tZaDR8PmD6lwIXtpnfTVE4LD6gSF4X6gkY1uwjDdTKI= Subject key identifier: 2D:B1:03:18:75:EB:13:FA:07:A7:81:C6:82:22:4E:14:CD:51:1B:90 Authority key identifier: DC:B8:39:31:9F:D5:2E:AD:9F:CB:97:78:29:84:FD:1F:D4:49:2C:17 Certificate issuer: /CN=A91B569E/serialNumber=DCB839319FD52EAD9FCB97782984FD1FD4492C17 Certificate serial: 0228 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B569E/2525C7C84D2511EDA6DDD22EC4F9AE02/3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.mft Manifest number: 0220 Signing time: Thu 21 Aug 2025 02:12:15 +0000 Manifest this update: Thu 21 Aug 2025 02:12:14 +0000 Manifest next update: Thu 28 Aug 2025 02:12:14 +0000 Files and hashes: 1: 3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.crl (hash: 2ZbzMduYLXs5SARndaVofLlt16TtwQ1Ld3BMD6dQz7o=) 2: 0CDAA8EEE86611EFA5152A24C4F9AE02.roa (hash: lUMcuws+kkSP+r54F6XS/v0f47726g1ZKxyTfmh7RHY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B569E/2525C7C84D2511EDA6DDD22EC4F9AE02/3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.crl rsync://rpki.apnic.net/member_repository/A91B569E/2525C7C84D2511EDA6DDD22EC4F9AE02/3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Aug 2025 02:12:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 552 (0x228) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B569E, serialNumber=DCB839319FD52EAD9FCB97782984FD1FD4492C17 Validity Not Before: Aug 21 02:12:14 2025 GMT Not After : Aug 28 02:12:14 2025 GMT Subject: CN=68a6807e-adf4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:4c:47:71:31:ab:6b:91:68:d8:80:b6:f4:b2: e6:0f:89:c0:46:25:a2:66:93:26:1e:9b:78:d6:d5: a7:a1:bb:e3:71:e7:a9:ea:35:df:9b:7d:59:ba:bb: be:7f:25:e6:fb:d3:d0:8e:9d:67:a3:b4:59:65:8c: 73:b6:3d:88:54:f2:f1:11:57:27:14:67:70:a5:80: 9e:dc:cd:a8:b4:63:c5:8c:45:90:19:31:8d:af:9e: 2a:61:d2:5f:74:27:e3:dd:48:0e:03:fd:d1:99:28: 7c:d0:b0:ff:da:85:f1:00:a3:a8:88:11:30:65:3d: 86:24:78:ff:5f:b5:4a:53:50:d2:58:86:da:b1:8f: 22:ca:ab:60:6e:66:f8:d5:08:14:1d:04:b6:b3:17: e5:5d:15:f8:c5:1e:d4:79:7a:9f:5c:1e:70:c1:03: 7b:8a:43:2f:8a:9d:4b:61:ac:ec:6b:32:0b:9f:a6: f9:5f:83:3f:86:e2:15:20:e7:2b:c4:fb:d9:a0:b2: 5a:1b:a6:c9:6e:c8:47:d9:7b:33:4c:fe:dc:9e:f6: dc:c9:2c:cf:d5:18:c3:b5:cc:bb:ef:ce:3b:4d:d5: 02:38:9d:56:a2:da:0a:0d:e8:96:9f:86:29:63:3e: dd:07:d8:cb:a4:1a:f4:34:33:33:f4:cd:96:4c:ab: 8a:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:B1:03:18:75:EB:13:FA:07:A7:81:C6:82:22:4E:14:CD:51:1B:90 X509v3 Authority Key Identifier: keyid:DC:B8:39:31:9F:D5:2E:AD:9F:CB:97:78:29:84:FD:1F:D4:49:2C:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B569E/2525C7C84D2511EDA6DDD22EC4F9AE02/3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B569E/2525C7C84D2511EDA6DDD22EC4F9AE02/3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7f:7c:77:f3:79:52:33:00:ab:30:0a:23:de:d1:58:fd:33:9d: 4f:76:d6:4c:b9:0d:0a:2f:40:97:87:d6:80:db:bc:a2:7d:d6: 40:9b:71:41:2e:2e:68:db:08:2b:6d:73:9b:09:12:93:2b:50: c9:ef:ea:a4:3f:61:c1:e9:cb:6a:1c:72:06:e5:80:72:11:9c: e3:36:dd:0e:10:d7:05:b2:81:75:9c:e5:5e:8c:65:26:62:2f: 26:db:14:7e:b5:47:f0:58:1a:9a:a0:c5:0e:ed:1f:1c:cf:84: 34:9c:1d:4a:76:6a:18:2d:a8:6b:24:38:79:9e:8c:d3:ba:fc: ef:f9:07:54:4a:73:83:61:97:75:71:b9:49:f0:b9:e5:71:1c: 90:98:06:95:6d:02:c2:fa:fd:87:85:8b:ae:cb:9c:b3:64:c5: 36:11:77:87:19:92:23:c9:3e:6c:88:1f:89:aa:c9:dd:00:95: 25:a6:de:79:4d:4d:1c:52:7b:13:7d:f0:24:d8:ef:5f:46:f3: 7a:37:7a:db:fe:6a:13:55:32:fe:90:1f:c3:3d:ff:ee:1f:e1: 5b:25:f6:ec:62:4e:fa:c0:ff:e9:8d:31:8a:c1:c3:23:6a:30: 6f:3a:c4:e8:be:67:58:78:18:0a:42:93:26:c3:c3:d6:c9:de: 0e:b9:58:aa -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAigwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjU2OUUxMTAvBgNVBAUTKERDQjgzOTMxOUZENTJFQUQ5RkNCOTc3ODI5ODRGRDFG RDQ0OTJDMTcwHhcNMjUwODIxMDIxMjE0WhcNMjUwODI4MDIxMjE0WjAYMRYwFAYD VQQDEw02OGE2ODA3ZS1hZGY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt0xHcTGra5Fo2IC29LLmD4nARiWiZpMmHpt41tWnobvjceep6jXfm31Zuru+ fyXm+9PQjp1no7RZZYxztj2IVPLxEVcnFGdwpYCe3M2otGPFjEWQGTGNr54qYdJf dCfj3UgOA/3RmSh80LD/2oXxAKOoiBEwZT2GJHj/X7VKU1DSWIbasY8iyqtgbmb4 1QgUHQS2sxflXRX4xR7UeXqfXB5wwQN7ikMvip1LYazsazILn6b5X4M/huIVIOcr xPvZoLJaG6bJbshH2XszTP7cnvbcySzP1RjDtcy77847TdUCOJ1WotoKDeiWn4Yp Yz7dB9jLpBr0NDMz9M2WTKuKZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC2xAxh1 6xP6B6eBxoIiThTNURuQMB8GA1UdIwQYMBaAFNy4OTGf1S6tn8uXeCmE/R/USSwX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNTY5RS8yNTI1QzdDODRE MjUxMUVEQTZEREQyMkVDNEY5QUUwMi8zTGc1TVpfVkxxMmZ5NWQ0S1lUOUg5UkpM QmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNMZzVNWl9WTHEyZnk1ZDRLWVQ5SDlSSkxCYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NTY5RS8yNTI1QzdDODREMjUxMUVEQTZEREQyMkVDNEY5QUUwMi8zTGc1TVpfVkxx MmZ5NWQ0S1lUOUg5UkpMQmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB/fHfzeVIzAKswCiPe0Vj9M51PdtZMuQ0KL0CXh9aA27yifdZAm3FB Li5o2wgrbXObCRKTK1DJ7+qkP2HB6ctqHHIG5YByEZzjNt0OENcFsoF1nOVejGUm Yi8m2xR+tUfwWBqaoMUO7R8cz4Q0nB1KdmoYLahrJDh5nozTuvzv+QdUSnODYZd1 cblJ8LnlcRyQmAaVbQLC+v2HhYuuy5yzZMU2EXeHGZIjyT5siB+JqsndAJUlpt55 TU0cUnsTffAk2O9fRvN6N3rb/moTVTL+kB/DPf/uH+FbJfbsYk76wP/pjTGKwcMj ajBvOsTovmdYeBgKQpMmw8PWyd4OuViq -----END CERTIFICATE-----Generated at Fri Aug 22 16:15:04 2025 by rpki-client