$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF85B/C713C2FE61D511EEBAA04A5EC4F9AE02/3DHPX8nyg0g327s2g8uK9kKrSnw.mft File: 3DHPX8nyg0g327s2g8uK9kKrSnw.mft (raw, json) Hash identifier: Gk1tZVRmqrVmLInyh6uSKBCPx+nAar+BN5WVftRvyus= Subject key identifier: 12:D7:54:A6:9E:1C:49:39:C0:E3:AE:42:3C:DF:34:78:CE:F5:44:FE Authority key identifier: DC:31:CF:5F:C9:F2:83:48:37:DB:BB:36:83:CB:8A:F6:42:AB:4A:7C Certificate issuer: /CN=A91DF85B/serialNumber=DC31CF5FC9F2834837DBBB3683CB8AF642AB4A7C Certificate serial: 0173 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3DHPX8nyg0g327s2g8uK9kKrSnw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DF85B/C713C2FE61D511EEBAA04A5EC4F9AE02/3DHPX8nyg0g327s2g8uK9kKrSnw.mft Manifest number: 0170 Signing time: Fri 19 Sep 2025 04:19:59 +0000 Manifest this update: Fri 19 Sep 2025 04:19:59 +0000 Manifest next update: Fri 26 Sep 2025 04:19:59 +0000 Files and hashes: 1: 3DHPX8nyg0g327s2g8uK9kKrSnw.crl (hash: 2COw5B+wYYl6wBbu7pIsMzlfQ4E2wj7xpPAJt3qOgRU=) 2: EE28B64661D611EE9C66300EC4F9AE02.roa (hash: aEwpt3FN/b3agcSqsy028NBcRbgaV2C2DNdzwhDgaUQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DF85B/C713C2FE61D511EEBAA04A5EC4F9AE02/3DHPX8nyg0g327s2g8uK9kKrSnw.crl rsync://rpki.apnic.net/member_repository/A91DF85B/C713C2FE61D511EEBAA04A5EC4F9AE02/3DHPX8nyg0g327s2g8uK9kKrSnw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3DHPX8nyg0g327s2g8uK9kKrSnw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 26 Sep 2025 04:19:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 371 (0x173) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DF85B, serialNumber=DC31CF5FC9F2834837DBBB3683CB8AF642AB4A7C Validity Not Before: Sep 19 04:19:59 2025 GMT Not After : Sep 26 04:19:59 2025 GMT Subject: CN=68ccd9ef-1441 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:12:2e:76:f1:32:e5:10:5b:fc:67:7e:80:6e: 65:dc:ee:2b:d8:2a:0e:da:06:43:bf:2a:6a:9a:b5: 56:26:f3:1f:23:b7:95:87:c1:40:b1:9d:4c:d6:53: bb:55:f5:77:9e:40:12:6c:26:20:e1:fc:47:46:9c: a6:57:d3:9a:90:d5:7b:f8:b3:b0:af:cc:43:47:62: c4:09:89:d3:fd:b8:56:42:3a:8e:46:17:cb:2a:d2: 9d:37:64:10:9b:82:61:fb:9f:15:a0:e3:9d:46:2d: 45:dd:2d:ec:6d:a2:75:51:e3:3f:98:7b:07:a1:91: 80:5f:ca:88:92:9e:06:68:8d:12:4e:5f:56:93:71: f9:40:88:10:b1:2a:1e:17:aa:cf:a6:1a:a5:4a:fd: 0c:d2:f9:6a:c7:3a:d1:1b:f3:d3:b8:8d:d3:00:96: 6f:20:36:63:44:8e:7a:49:9f:1c:10:ce:9f:78:9b: 86:d8:f2:84:d1:29:e8:7e:8a:84:8a:c3:0d:99:f8: 45:aa:05:e5:81:53:47:9f:92:65:58:9f:84:9b:63: 8b:a3:98:7c:33:a0:8e:6c:25:f3:13:cd:7f:6e:f7: df:ba:8f:fa:de:ed:ec:14:13:bf:ed:3f:1a:5b:16: 07:53:bd:0e:9e:7d:cb:02:42:25:87:97:e9:fe:92: 62:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:D7:54:A6:9E:1C:49:39:C0:E3:AE:42:3C:DF:34:78:CE:F5:44:FE X509v3 Authority Key Identifier: keyid:DC:31:CF:5F:C9:F2:83:48:37:DB:BB:36:83:CB:8A:F6:42:AB:4A:7C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DF85B/C713C2FE61D511EEBAA04A5EC4F9AE02/3DHPX8nyg0g327s2g8uK9kKrSnw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3DHPX8nyg0g327s2g8uK9kKrSnw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF85B/C713C2FE61D511EEBAA04A5EC4F9AE02/3DHPX8nyg0g327s2g8uK9kKrSnw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2f:fb:cc:d2:86:e6:e1:a6:4a:59:68:4c:80:cc:0d:ef:7a:7b: 70:ac:6c:26:b5:a9:ac:8a:08:72:e5:04:7f:10:89:84:cd:78: a2:64:b7:29:a2:63:03:e3:f6:8a:d8:fc:b0:85:75:7d:fd:7b: c7:f0:b0:de:10:50:37:3c:e1:c0:ea:10:d0:69:7f:90:a4:a3: 71:bf:7d:86:4e:e0:37:5c:0c:79:72:5a:71:e6:3e:0d:75:85: 55:33:e8:9b:11:90:11:dd:ee:27:42:bc:c8:9c:37:67:f2:90: 81:9f:df:dc:86:e1:fc:af:c2:1d:f7:45:8c:f9:f0:37:34:ac: 39:bc:04:b9:e0:54:b9:a6:da:3b:90:6f:d8:88:2d:ed:cf:99: 3c:f9:e5:54:ad:0d:15:83:bf:ef:f5:ec:fa:20:48:df:9c:dc: 1d:60:77:d1:a9:23:13:f4:a6:bd:7b:6f:06:c8:af:23:ae:ec: ff:f2:48:dc:83:74:96:7b:d7:5d:f2:5e:aa:60:36:8b:80:b5: 37:a4:c4:e5:8c:fb:c9:a9:6f:a3:b5:ce:7e:5f:85:f4:f7:5d: c1:95:5a:47:63:07:46:4d:14:0c:34:bb:d9:ab:f4:c3:99:ac: 12:7a:12:5b:63:41:c7:f7:d8:57:17:f0:54:67:40:78:cf:4c: 70:f1:26:2b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAXMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REY4NUIxMTAvBgNVBAUTKERDMzFDRjVGQzlGMjgzNDgzN0RCQkIzNjgzQ0I4QUY2 NDJBQjRBN0MwHhcNMjUwOTE5MDQxOTU5WhcNMjUwOTI2MDQxOTU5WjAYMRYwFAYD VQQDEw02OGNjZDllZi0xNDQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7BIudvEy5RBb/Gd+gG5l3O4r2CoO2gZDvypqmrVWJvMfI7eVh8FAsZ1M1lO7 VfV3nkASbCYg4fxHRpymV9OakNV7+LOwr8xDR2LECYnT/bhWQjqORhfLKtKdN2QQ m4Jh+58VoOOdRi1F3S3sbaJ1UeM/mHsHoZGAX8qIkp4GaI0STl9Wk3H5QIgQsSoe F6rPphqlSv0M0vlqxzrRG/PTuI3TAJZvIDZjRI56SZ8cEM6feJuG2PKE0SnofoqE isMNmfhFqgXlgVNHn5JlWJ+Em2OLo5h8M6CObCXzE81/bvffuo/63u3sFBO/7T8a WxYHU70Onn3LAkIlh5fp/pJikwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBLXVKae HEk5wOOuQjzfNHjO9UT+MB8GA1UdIwQYMBaAFNwxz1/J8oNIN9u7NoPLivZCq0p8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERjg1Qi9DNzEzQzJGRTYx RDUxMUVFQkFBMDRBNUVDNEY5QUUwMi8zREhQWDhueWcwZzMyN3MyZzh1SzlrS3JT bncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNESFBYOG55ZzBnMzI3czJnOHVLOWtLclNudy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE Rjg1Qi9DNzEzQzJGRTYxRDUxMUVFQkFBMDRBNUVDNEY5QUUwMi8zREhQWDhueWcw ZzMyN3MyZzh1SzlrS3JTbncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAv+8zShubhpkpZaEyAzA3ventwrGwmtamsighy5QR/EImEzXiiZLcp omMD4/aK2PywhXV9/XvH8LDeEFA3POHA6hDQaX+QpKNxv32GTuA3XAx5clpx5j4N dYVVM+ibEZAR3e4nQrzInDdn8pCBn9/chuH8r8Id90WM+fA3NKw5vAS54FS5pto7 kG/YiC3tz5k8+eVUrQ0Vg7/v9ez6IEjfnNwdYHfRqSMT9Ka9e28GyK8jruz/8kjc g3SWe9dd8l6qYDaLgLU3pMTljPvJqW+jtc5+X4X0913BlVpHYwdGTRQMNLvZq/TD mawSehJbY0HH99hXF/BUZ0B4z0xw8SYr -----END CERTIFICATE-----Generated at Fri Sep 19 10:37:49 2025 by rpki-client