$ rpki-client -vvf rpki.apnic.net/member_repository/A91FA56C/DDDE8C4864FF11EFA5A81158C4F9AE02/3HVZ7loiUGA5czj8qjgD_6pLI1c.mft File: 3HVZ7loiUGA5czj8qjgD_6pLI1c.mft (raw, json) Hash identifier: Qqj6PVaGCotXprpcgptA1m6R50IQ6/AXwCfKn+IrLMU= Subject key identifier: 2F:FC:18:74:0C:E4:C2:44:C3:55:EA:C6:0C:0B:12:9A:38:B6:B4:34 Authority key identifier: DC:75:59:EE:5A:22:50:60:39:73:38:FC:AA:38:03:FF:AA:4B:23:57 Certificate issuer: /CN=A91FA56C/serialNumber=DC7559EE5A225060397338FCAA3803FFAA4B2357 Certificate serial: BE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3HVZ7loiUGA5czj8qjgD_6pLI1c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FA56C/DDDE8C4864FF11EFA5A81158C4F9AE02/3HVZ7loiUGA5czj8qjgD_6pLI1c.mft Manifest number: BC Signing time: Sat 23 Aug 2025 06:08:56 +0000 Manifest this update: Sat 23 Aug 2025 06:08:55 +0000 Manifest next update: Sat 30 Aug 2025 06:08:55 +0000 Files and hashes: 1: 3HVZ7loiUGA5czj8qjgD_6pLI1c.crl (hash: 22HoERnK9mHBM2WElRvD+5HZNk4P70J+lzfjaBExOvQ=) 2: 6E16949065A011EFA4AA8E6BC4F9AE02.roa (hash: oWQYGFiOVrig6e7wgMi2E0kAg4y2iK2+1Mn5HCvnfk8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FA56C/DDDE8C4864FF11EFA5A81158C4F9AE02/3HVZ7loiUGA5czj8qjgD_6pLI1c.crl rsync://rpki.apnic.net/member_repository/A91FA56C/DDDE8C4864FF11EFA5A81158C4F9AE02/3HVZ7loiUGA5czj8qjgD_6pLI1c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3HVZ7loiUGA5czj8qjgD_6pLI1c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 06:08:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 190 (0xbe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA56C, serialNumber=DC7559EE5A225060397338FCAA3803FFAA4B2357 Validity Not Before: Aug 23 06:08:55 2025 GMT Not After : Aug 30 06:08:55 2025 GMT Subject: CN=68a95af7-bcbc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:0e:64:81:21:2c:69:9e:97:64:2e:51:ef:6e: 99:99:79:21:fe:54:d6:a1:46:35:47:a6:23:45:67: 61:9e:aa:73:cc:2c:28:c6:df:22:6f:fa:f6:02:b9: 6f:0f:72:e7:af:85:6e:73:9f:54:71:4d:cc:94:68: 63:aa:e1:0b:36:cc:bb:51:0a:23:80:22:e9:0e:db: bc:37:17:cf:54:4b:d3:64:ca:1b:4f:03:db:3c:00: 17:4d:1f:7f:ef:52:c0:b2:ab:0f:c8:d3:a7:66:bb: 96:66:a4:d2:9b:5d:19:9f:69:9e:a0:70:e7:8f:fb: 84:95:c5:09:a2:96:3d:ef:61:4d:80:be:57:be:22: 1a:23:2e:de:d4:f4:9e:26:1b:96:e5:fe:0e:37:7c: 13:fe:3c:f0:f4:bb:c6:2e:d2:4e:92:a0:f2:0e:ad: c2:1a:47:a7:3d:97:53:c1:57:52:aa:22:b1:c3:3c: 0f:cc:da:93:45:af:68:6f:4c:37:0e:98:bf:a0:a7: 29:06:6c:75:5e:dd:1b:bc:39:13:70:b8:9f:87:fb: 8f:78:27:4a:c4:a6:dd:8d:d1:fe:a7:5f:f9:7e:61: 87:23:9e:fb:5f:26:dc:ea:5c:c2:a6:14:3d:70:d8: d6:7b:3a:e7:69:70:41:07:77:05:51:d4:4b:86:16: 41:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:FC:18:74:0C:E4:C2:44:C3:55:EA:C6:0C:0B:12:9A:38:B6:B4:34 X509v3 Authority Key Identifier: keyid:DC:75:59:EE:5A:22:50:60:39:73:38:FC:AA:38:03:FF:AA:4B:23:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FA56C/DDDE8C4864FF11EFA5A81158C4F9AE02/3HVZ7loiUGA5czj8qjgD_6pLI1c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3HVZ7loiUGA5czj8qjgD_6pLI1c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FA56C/DDDE8C4864FF11EFA5A81158C4F9AE02/3HVZ7loiUGA5czj8qjgD_6pLI1c.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 30:98:31:13:1a:4f:77:ae:2f:a1:9b:6b:93:e3:4e:bc:76:25: 91:6c:bc:66:c0:04:45:26:d4:3a:90:17:9e:00:2a:6f:4d:72: c3:3f:e5:6f:ac:ae:89:7d:4d:17:cf:f6:25:92:f6:22:58:4b: 6e:f6:85:9b:06:95:a3:c8:02:c3:1f:ae:5b:15:33:ef:26:43: 3b:63:da:5d:5a:1c:c9:c2:25:3b:6e:8c:29:81:d6:81:a3:78: b3:08:88:f4:79:24:04:85:c9:c0:6e:84:dc:34:f4:27:52:54: bd:99:a6:3b:b9:12:85:f2:8e:63:f0:88:0a:43:13:55:1d:15: 29:8f:92:a2:af:df:5e:21:2c:27:8c:91:21:f3:12:b2:94:50: 44:b6:3f:a1:de:90:4f:5c:f0:3d:94:d2:1c:8e:d9:c2:ab:cf: 41:2f:72:82:b9:4b:81:9f:b5:47:46:52:9e:39:b8:52:c7:7a: f0:52:c6:8c:11:e6:f5:54:0e:49:85:34:7a:a2:50:82:31:11: d2:2a:a9:83:4b:b3:99:63:0f:06:1d:17:56:15:b8:f2:91:2a: 88:80:d4:a1:ce:01:79:54:db:29:b1:32:76:2d:d3:09:68:3e: c1:a7:b9:81:ed:15:84:e6:64:4f:4c:6d:86:0b:82:5a:0e:41: e4:c8:91:b2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAL4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkE1NkMxMTAvBgNVBAUTKERDNzU1OUVFNUEyMjUwNjAzOTczMzhGQ0FBMzgwM0ZG QUE0QjIzNTcwHhcNMjUwODIzMDYwODU1WhcNMjUwODMwMDYwODU1WjAYMRYwFAYD VQQDEw02OGE5NWFmNy1iY2JjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxw5kgSEsaZ6XZC5R726ZmXkh/lTWoUY1R6YjRWdhnqpzzCwoxt8ib/r2Arlv D3Lnr4Vuc59UcU3MlGhjquELNsy7UQojgCLpDtu8NxfPVEvTZMobTwPbPAAXTR9/ 71LAsqsPyNOnZruWZqTSm10Zn2meoHDnj/uElcUJopY972FNgL5XviIaIy7e1PSe JhuW5f4ON3wT/jzw9LvGLtJOkqDyDq3CGkenPZdTwVdSqiKxwzwPzNqTRa9ob0w3 Dpi/oKcpBmx1Xt0bvDkTcLifh/uPeCdKxKbdjdH+p1/5fmGHI577Xybc6lzCphQ9 cNjWezrnaXBBB3cFUdRLhhZBaQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC/8GHQM 5MJEw1XqxgwLEpo4trQ0MB8GA1UdIwQYMBaAFNx1We5aIlBgOXM4/Ko4A/+qSyNX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQTU2Qy9ERERFOEM0ODY0 RkYxMUVGQTVBODExNThDNEY5QUUwMi8zSFZaN2xvaVVHQTVjemo4cWpnRF82cExJ MWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNIVlo3bG9pVUdBNWN6ajhxamdEXzZwTEkxYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QTU2Qy9ERERFOEM0ODY0RkYxMUVGQTVBODExNThDNEY5QUUwMi8zSFZaN2xvaVVH QTVjemo4cWpnRF82cExJMWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAwmDETGk93ri+hm2uT4068diWRbLxmwARFJtQ6kBeeACpvTXLDP+Vv rK6JfU0Xz/YlkvYiWEtu9oWbBpWjyALDH65bFTPvJkM7Y9pdWhzJwiU7bowpgdaB o3izCIj0eSQEhcnAboTcNPQnUlS9maY7uRKF8o5j8IgKQxNVHRUpj5Kir99eISwn jJEh8xKylFBEtj+h3pBPXPA9lNIcjtnCq89BL3KCuUuBn7VHRlKeObhSx3rwUsaM Eeb1VA5JhTR6olCCMRHSKqmDS7OZYw8GHRdWFbjykSqIgNShzgF5VNspsTJ2LdMJ aD7Bp7mB7RWE5mRPTG2GC4JaDkHkyJGy -----END CERTIFICATE-----Generated at Sun Aug 24 22:02:49 2025 by rpki-client