$ rpki-client -vvf rpki.apnic.net/member_repository/A91B8C13/D06117160B2D11EE867E6A17C4F9AE02/3SNdNwiQmzPViUtMzckQXGH9Fq4.mft File: 3SNdNwiQmzPViUtMzckQXGH9Fq4.mft (raw, json) Hash identifier: t0dNdPQTDYLukkkf1GLL3yppy+R8efZgGERD2ZXXMCA= Subject key identifier: 9D:4B:CF:7D:E7:18:C0:C1:4E:9F:C5:9D:49:27:3E:18:9C:B3:AB:7F Authority key identifier: DD:23:5D:37:08:90:9B:33:D5:89:4B:4C:CD:C9:10:5C:61:FD:16:AE Certificate issuer: /CN=A91B8C13/serialNumber=DD235D3708909B33D5894B4CCDC9105C61FD16AE Certificate serial: 01A7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3SNdNwiQmzPViUtMzckQXGH9Fq4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B8C13/D06117160B2D11EE867E6A17C4F9AE02/3SNdNwiQmzPViUtMzckQXGH9Fq4.mft Manifest number: 01A6 Signing time: Tue 02 Sep 2025 15:23:53 +0000 Manifest this update: Tue 02 Sep 2025 15:23:52 +0000 Manifest next update: Tue 09 Sep 2025 15:23:52 +0000 Files and hashes: 1: 3SNdNwiQmzPViUtMzckQXGH9Fq4.crl (hash: Fx4C+cNESHkv1ghuciqkRk7pqE8RImHWISmHmyntpX4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B8C13/D06117160B2D11EE867E6A17C4F9AE02/3SNdNwiQmzPViUtMzckQXGH9Fq4.crl rsync://rpki.apnic.net/member_repository/A91B8C13/D06117160B2D11EE867E6A17C4F9AE02/3SNdNwiQmzPViUtMzckQXGH9Fq4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3SNdNwiQmzPViUtMzckQXGH9Fq4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 15:23:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 423 (0x1a7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B8C13, serialNumber=DD235D3708909B33D5894B4CCDC9105C61FD16AE Validity Not Before: Sep 2 15:23:52 2025 GMT Not After : Sep 9 15:23:52 2025 GMT Subject: CN=68b70c09-2833 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:6d:ea:04:bc:1c:cf:a3:2a:ed:c5:88:09:bc: b6:98:e5:d9:b7:ca:57:94:1a:f1:a8:e6:02:99:fa: a0:4d:cc:03:a5:67:87:51:66:57:e2:51:dd:1a:70: ec:d8:1a:28:72:ee:29:65:5c:70:73:aa:ea:c1:0a: 93:99:69:24:05:53:00:82:c8:b7:63:30:f3:bf:87: 93:2e:d7:67:ea:23:3d:ff:2f:f3:5e:48:46:cb:8f: 82:cf:5d:fd:44:f9:de:b2:30:c9:6c:8d:64:73:a6: 24:d3:f0:d4:51:d7:eb:8f:26:21:fe:61:5e:0b:ad: c8:e9:7c:82:ea:a2:53:74:ab:58:5b:a7:68:4c:78: b8:1b:a6:cc:db:ef:c7:a3:72:a9:fa:ac:56:93:08: 29:f9:f2:e7:fd:81:b5:6f:2d:c8:69:dc:bc:ba:9a: 9b:ac:3e:ca:fe:86:65:b0:80:cd:17:ce:b4:50:c1: e9:73:14:ca:1d:3c:b4:6f:96:51:59:11:00:bd:34: 0f:05:bf:9a:ef:8b:a0:79:25:c4:9d:f9:73:b5:42: df:bb:bd:a7:92:ac:b0:43:7a:04:f0:c2:2a:5b:d5: 11:a0:c6:fd:12:17:0f:06:f2:1b:fc:43:66:ff:08: 96:98:df:03:98:55:51:0f:2f:65:4c:95:70:b4:dd: 25:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:4B:CF:7D:E7:18:C0:C1:4E:9F:C5:9D:49:27:3E:18:9C:B3:AB:7F X509v3 Authority Key Identifier: keyid:DD:23:5D:37:08:90:9B:33:D5:89:4B:4C:CD:C9:10:5C:61:FD:16:AE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B8C13/D06117160B2D11EE867E6A17C4F9AE02/3SNdNwiQmzPViUtMzckQXGH9Fq4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3SNdNwiQmzPViUtMzckQXGH9Fq4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B8C13/D06117160B2D11EE867E6A17C4F9AE02/3SNdNwiQmzPViUtMzckQXGH9Fq4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0d:d9:4e:c8:cb:70:35:3b:1a:cc:88:35:35:87:7a:b4:9e:09: 22:60:4e:9d:3a:66:c6:69:7a:b9:6a:dd:af:49:e0:77:36:b4: 43:4a:3e:07:f0:78:de:98:85:52:58:77:d2:fa:21:77:35:bb: 61:d5:50:80:c7:9e:4d:11:10:9f:86:dc:e5:a8:68:12:bc:51: 42:fb:2d:5f:0c:87:cc:b0:e3:e4:b1:ce:94:a4:28:12:dc:ef: b0:b7:1d:ed:76:96:a5:f3:21:90:9a:36:98:fc:cf:d5:98:3b: 36:df:fd:f9:a8:10:3f:d9:fa:39:61:5c:d5:c2:75:08:bb:78: ce:8b:c8:24:ff:89:8f:52:e2:ac:8f:0d:c0:20:7e:fe:6d:9e: 55:6a:6b:d0:f8:d7:cb:d9:c9:1d:ae:6a:e1:b0:76:cb:e4:12: 94:34:9a:3c:8f:39:a9:20:47:59:ee:99:12:f0:dd:cf:de:40: 51:21:29:e8:49:22:cf:c8:43:04:d5:7a:e4:62:b7:27:bf:74: 3b:ec:cc:13:77:0c:ed:e0:c9:44:1f:18:6c:70:be:94:61:ba: 56:2b:5b:db:58:48:06:9d:6d:93:ad:4f:14:6d:65:43:19:fa: b9:06:b5:9a:ec:25:cd:3e:d5:af:30:e0:ce:de:76:54:94:28: 99:f2:03:3d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAacwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjhDMTMxMTAvBgNVBAUTKEREMjM1RDM3MDg5MDlCMzNENTg5NEI0Q0NEQzkxMDVD NjFGRDE2QUUwHhcNMjUwOTAyMTUyMzUyWhcNMjUwOTA5MTUyMzUyWjAYMRYwFAYD VQQDEw02OGI3MGMwOS0yODMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA323qBLwcz6Mq7cWICby2mOXZt8pXlBrxqOYCmfqgTcwDpWeHUWZX4lHdGnDs 2Boocu4pZVxwc6rqwQqTmWkkBVMAgsi3YzDzv4eTLtdn6iM9/y/zXkhGy4+Cz139 RPnesjDJbI1kc6Yk0/DUUdfrjyYh/mFeC63I6XyC6qJTdKtYW6doTHi4G6bM2+/H o3Kp+qxWkwgp+fLn/YG1by3Iady8upqbrD7K/oZlsIDNF860UMHpcxTKHTy0b5ZR WREAvTQPBb+a74ugeSXEnflztULfu72nkqywQ3oE8MIqW9URoMb9EhcPBvIb/ENm /wiWmN8DmFVRDy9lTJVwtN0lJwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ1Lz33n GMDBTp/FnUknPhics6t/MB8GA1UdIwQYMBaAFN0jXTcIkJsz1YlLTM3JEFxh/Rau MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOEMxMy9EMDYxMTcxNjBC MkQxMUVFODY3RTZBMTdDNEY5QUUwMi8zU05kTndpUW16UFZpVXRNemNrUVhHSDlG cTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzNTTmROd2lRbXpQVmlVdE16Y2tRWEdIOUZxNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC OEMxMy9EMDYxMTcxNjBCMkQxMUVFODY3RTZBMTdDNEY5QUUwMi8zU05kTndpUW16 UFZpVXRNemNrUVhHSDlGcTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAN2U7Iy3A1OxrMiDU1h3q0ngkiYE6dOmbGaXq5at2vSeB3NrRDSj4H 8HjemIVSWHfS+iF3Nbth1VCAx55NERCfhtzlqGgSvFFC+y1fDIfMsOPksc6UpCgS 3O+wtx3tdpal8yGQmjaY/M/VmDs23/35qBA/2fo5YVzVwnUIu3jOi8gk/4mPUuKs jw3AIH7+bZ5VamvQ+NfL2ckdrmrhsHbL5BKUNJo8jzmpIEdZ7pkS8N3P3kBRISno SSLPyEME1XrkYrcnv3Q77MwTdwzt4MlEHxhscL6UYbpWK1vbWEgGnW2TrU8UbWVD Gfq5BrWa7CXNPtWvMODO3nZUlCiZ8gM9 -----END CERTIFICATE-----Generated at Thu Sep 4 13:56:47 2025 by rpki-client