$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.mft File: 3rTAuQf6yhxdN3a9SUb0uqjKazA.mft (raw, json) Hash identifier: 8OnvCCstBO83S+i51GKK+5VVy0Li+hDkUA3yWVjJjN8= Subject key identifier: B9:71:0E:86:C4:83:92:E2:9D:1B:AF:E8:23:D5:9B:6C:95:01:6F:BB Authority key identifier: DE:B4:C0:B9:07:FA:CA:1C:5D:37:76:BD:49:46:F4:BA:A8:CA:6B:30 Certificate issuer: /CN=A91F3B5F/serialNumber=DEB4C0B907FACA1C5D3776BD4946F4BAA8CA6B30 Certificate serial: 32 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3rTAuQf6yhxdN3a9SUb0uqjKazA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.mft Manifest number: 31 Signing time: Mon 07 Jul 2025 08:03:51 +0000 Manifest this update: Mon 07 Jul 2025 08:03:51 +0000 Manifest next update: Mon 14 Jul 2025 08:03:50 +0000 Files and hashes: 1: 3rTAuQf6yhxdN3a9SUb0uqjKazA.crl (hash: aZfpBy62lJ16s12bQYBsZo3/f6wHcnVY6IMc/tmyp0s=) 2: 0B65C980136D11F09F542C81C4F9AE02.roa (hash: VBqh2E7rkd2+euZfBVuvn8Wuy6ZridPl7cQmEbFqT/k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.crl rsync://rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3rTAuQf6yhxdN3a9SUb0uqjKazA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 14 Jul 2025 08:03:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50 (0x32) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F3B5F, serialNumber=DEB4C0B907FACA1C5D3776BD4946F4BAA8CA6B30 Validity Not Before: Jul 7 08:03:51 2025 GMT Not After : Jul 14 08:03:50 2025 GMT Subject: CN=686b7f67-6db1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:a0:8a:02:7e:37:5f:c8:b0:32:cb:04:a4:e2: c3:e9:8e:cb:c4:6a:65:b7:6d:ae:f7:9a:d2:8a:1e: 14:20:c9:e5:79:f1:70:25:68:5c:82:8b:07:c4:0d: e2:b4:e0:e2:57:16:e8:9e:1f:93:4a:ec:40:ea:e4: 43:44:6d:74:ca:65:04:7f:12:11:05:b5:3a:9b:40: 82:27:93:43:ee:df:3d:0d:d9:79:ba:56:11:a9:a5: bd:9b:31:ed:a2:cb:a7:fd:69:a1:8d:10:86:78:05: d2:43:83:c6:89:d7:2b:83:d8:32:d7:3c:41:d4:85: f9:91:15:11:ee:7c:44:a2:36:d0:c9:2e:6d:41:5c: f6:39:33:86:69:0e:38:7c:ab:d7:d8:b3:9b:14:a0: f8:38:c3:9b:2c:99:cd:39:d9:20:85:1a:90:67:a6: 27:df:62:b4:6e:6d:2f:ae:96:9c:9e:5d:3f:1b:8d: 14:f4:06:4c:07:ca:98:4e:ab:7a:8d:1b:30:63:36: 53:97:ac:5e:cb:df:54:64:0c:c2:fb:4e:fc:0a:3b: c9:03:e8:5a:21:c9:4d:d5:38:7b:3d:ce:56:f0:d4: 7d:a3:12:21:98:b9:4f:43:14:bd:ac:65:b4:f5:f9: dc:17:1f:24:46:04:8a:53:36:b6:a9:ba:0d:47:82: c5:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:71:0E:86:C4:83:92:E2:9D:1B:AF:E8:23:D5:9B:6C:95:01:6F:BB X509v3 Authority Key Identifier: keyid:DE:B4:C0:B9:07:FA:CA:1C:5D:37:76:BD:49:46:F4:BA:A8:CA:6B:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3rTAuQf6yhxdN3a9SUb0uqjKazA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3B5F/B170C912136611F082E3C50DC4F9AE02/3rTAuQf6yhxdN3a9SUb0uqjKazA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5f:2f:45:3d:26:b8:63:4a:93:93:86:06:a2:62:3f:64:bc:de: 81:b6:9a:ce:f8:29:93:b0:81:68:bb:9e:0d:05:ec:10:93:29: 76:13:56:5a:fa:63:18:5f:ef:29:ea:30:17:d6:ed:d2:57:32: 9b:5e:f4:ed:be:3d:72:f6:f5:39:36:20:6c:0a:0e:6f:50:72: d5:56:c4:4f:47:e9:66:e1:1d:9f:ed:dc:e2:1c:50:3b:9d:ec: 48:4f:7e:e6:35:be:c3:82:39:1a:73:7a:3a:e2:b9:28:eb:ba: 79:b4:e9:44:75:7f:22:cd:6b:5f:26:c2:43:97:7c:3b:cc:f9: 9c:4c:31:dd:8e:88:b6:d5:59:5f:e7:62:89:1c:24:3d:52:48: 81:ee:92:1d:80:5f:f2:1e:f6:c5:9b:ad:9e:22:db:3c:95:71: d6:ba:ad:bb:49:f8:1e:ca:14:22:b9:4e:5b:79:e4:69:94:01: fb:9d:76:ff:a7:74:be:4c:0f:58:dd:dd:5c:b9:f6:93:88:02: 72:05:fd:54:74:a7:d2:97:17:e8:ba:e0:d8:65:0d:ee:27:f1: c5:79:44:ab:13:e4:96:a7:99:78:be:e8:a6:53:49:d9:25:3b: e7:8a:07:63:ac:6d:15:d0:a2:bb:4b:b0:db:22:38:00:99:28: 2f:5c:dd:ce -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBMjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG M0I1RjExMC8GA1UEBRMoREVCNEMwQjkwN0ZBQ0ExQzVEMzc3NkJENDk0NkY0QkFB OENBNkIzMDAeFw0yNTA3MDcwODAzNTFaFw0yNTA3MTQwODAzNTBaMBgxFjAUBgNV BAMTDTY4NmI3ZjY3LTZkYjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDBoIoCfjdfyLAyywSk4sPpjsvEamW3ba73mtKKHhQgyeV58XAlaFyCiwfEDeK0 4OJXFuieH5NK7EDq5ENEbXTKZQR/EhEFtTqbQIInk0Pu3z0N2Xm6VhGppb2bMe2i y6f9aaGNEIZ4BdJDg8aJ1yuD2DLXPEHUhfmRFRHufESiNtDJLm1BXPY5M4ZpDjh8 q9fYs5sUoPg4w5ssmc052SCFGpBnpiffYrRubS+ulpyeXT8bjRT0BkwHyphOq3qN GzBjNlOXrF7L31RkDML7TvwKO8kD6FohyU3VOHs9zlbw1H2jEiGYuU9DFL2sZbT1 +dwXHyRGBIpTNrapug1HgsWFAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUuXEOhsSD kuKdG6/oI9WbbJUBb7swHwYDVR0jBBgwFoAU3rTAuQf6yhxdN3a9SUb0uqjKazAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYzQjVGL0IxNzBDOTEyMTM2 NjExRjA4MkUzQzUwREM0RjlBRTAyLzNyVEF1UWY2eWh4ZE4zYTlTVWIwdXFqS2F6 QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvM3JUQXVRZjZ5aHhkTjNhOVNVYjB1cWpLYXpBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYz QjVGL0IxNzBDOTEyMTM2NjExRjA4MkUzQzUwREM0RjlBRTAyLzNyVEF1UWY2eWh4 ZE4zYTlTVWIwdXFqS2F6QS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAF8vRT0muGNKk5OGBqJiP2S83oG2ms74KZOwgWi7ng0F7BCTKXYTVlr6 Yxhf7ynqMBfW7dJXMpte9O2+PXL29Tk2IGwKDm9QctVWxE9H6WbhHZ/t3OIcUDud 7EhPfuY1vsOCORpzejriuSjrunm06UR1fyLNa18mwkOXfDvM+ZxMMd2OiLbVWV/n YokcJD1SSIHukh2AX/Ie9sWbrZ4i2zyVcda6rbtJ+B7KFCK5Tlt55GmUAfuddv+n dL5MD1jd3Vy59pOIAnIF/VR0p9KXF+i64NhlDe4n8cV5RKsT5JanmXi+6KZTSdkl O+eKB2OsbRXQortLsNsiOACZKC9c3c4= -----END CERTIFICATE-----Generated at Wed Jul 9 09:47:05 2025 by rpki-client