$ rpki-client -vvf rpki.apnic.net/member_repository/A91187C1/2631C8B4570A11F0B538CF65C4F9AE02/orn_7UcMW3HFLztks7btpBm-E7M.mft File: orn_7UcMW3HFLztks7btpBm-E7M.mft (raw, json) Hash identifier: f+Kf0nlK5Q6Dq4Dp2uL+4xsz96OYTd0p/mmUIjvbp4A= Subject key identifier: 26:98:72:66:1A:7E:90:5F:1B:58:EA:0A:0E:81:83:D5:FA:6A:33:82 Authority key identifier: A2:B9:FF:ED:47:0C:5B:71:C5:2F:3B:64:B3:B6:ED:A4:19:BE:13:B3 Certificate issuer: /CN=A91187C1/serialNumber=A2B9FFED470C5B71C52F3B64B3B6EDA419BE13B3 Certificate serial: 20 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/orn_7UcMW3HFLztks7btpBm-E7M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91187C1/2631C8B4570A11F0B538CF65C4F9AE02/orn_7UcMW3HFLztks7btpBm-E7M.mft Manifest number: 1F Signing time: Sat 23 Aug 2025 08:07:23 +0000 Manifest this update: Sat 23 Aug 2025 08:07:22 +0000 Manifest next update: Sat 30 Aug 2025 08:07:22 +0000 Files and hashes: 1: orn_7UcMW3HFLztks7btpBm-E7M.crl (hash: 72hw492TQf5xF57RSyYTybLj4p4w1Rn625CfVj5C19s=) 2: C265A63A571211F092B99F2AC4F9AE02.roa (hash: mdIvnywtfDJvKSbbhgc4qSg7/SJGPr319lK/wnjqr9k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91187C1/2631C8B4570A11F0B538CF65C4F9AE02/orn_7UcMW3HFLztks7btpBm-E7M.crl rsync://rpki.apnic.net/member_repository/A91187C1/2631C8B4570A11F0B538CF65C4F9AE02/orn_7UcMW3HFLztks7btpBm-E7M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/orn_7UcMW3HFLztks7btpBm-E7M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 06:10:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32 (0x20) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91187C1, serialNumber=A2B9FFED470C5B71C52F3B64B3B6EDA419BE13B3 Validity Not Before: Aug 23 08:07:22 2025 GMT Not After : Aug 30 08:07:22 2025 GMT Subject: CN=68a976ba-6e31 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:18:dd:e4:a4:92:df:35:1d:56:4b:79:e3:70: c2:f5:6a:a3:f7:27:3f:0f:84:87:a7:e1:85:70:ff: 8e:87:18:3d:90:5f:97:a6:b5:d4:3e:04:67:11:80: d4:ce:e0:bc:5d:e4:87:98:2c:46:11:38:a9:c2:0c: ae:32:97:b4:3f:16:97:a0:1a:62:c5:dc:24:c4:c2: a7:e4:4e:b7:9e:25:9e:62:69:94:44:b3:c1:33:8a: 83:d3:69:49:11:d3:ed:b6:0b:6a:cf:8e:3b:22:34: 99:e6:34:98:b6:eb:f5:8c:01:07:62:59:84:27:95: 87:a1:07:3d:77:5f:af:67:30:d8:e7:75:8e:d6:4b: 27:69:36:c8:35:b6:20:28:9d:f7:ab:a4:4e:b4:42: 21:12:c4:af:59:b0:fd:af:2a:fd:9a:39:ea:f4:da: 08:68:fb:fe:ec:1b:a6:15:32:f5:ab:bb:9a:77:89: 1f:fc:24:8f:f6:49:26:7f:2c:a2:6a:c6:22:e7:01: 82:9b:38:df:01:5a:93:9c:c0:ff:b5:72:dc:5e:a0: a5:50:9b:43:2b:84:b0:3b:b1:f8:74:23:31:64:83: 57:7f:93:b3:ad:84:90:86:e7:7d:18:df:c9:a0:e6: f9:4f:99:f0:34:d6:b6:68:02:b4:8a:86:29:4f:ca: 78:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:98:72:66:1A:7E:90:5F:1B:58:EA:0A:0E:81:83:D5:FA:6A:33:82 X509v3 Authority Key Identifier: keyid:A2:B9:FF:ED:47:0C:5B:71:C5:2F:3B:64:B3:B6:ED:A4:19:BE:13:B3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91187C1/2631C8B4570A11F0B538CF65C4F9AE02/orn_7UcMW3HFLztks7btpBm-E7M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/orn_7UcMW3HFLztks7btpBm-E7M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91187C1/2631C8B4570A11F0B538CF65C4F9AE02/orn_7UcMW3HFLztks7btpBm-E7M.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 59:ee:80:3f:db:48:e2:bf:a0:e2:d4:ff:cb:ff:2b:02:d2:fc: 70:21:be:a7:52:79:3c:e5:90:75:f3:3a:c3:a6:be:4a:df:48: 2a:2f:54:fd:18:de:61:30:41:6b:93:36:1c:46:1a:37:7e:c6: 63:57:a0:31:95:74:cc:46:0c:bb:79:de:69:71:76:eb:b7:b5: 24:40:37:8f:3e:4d:5a:08:82:34:51:41:1e:f2:58:7c:1f:39: 24:65:9d:8b:6b:1e:ec:d2:ba:29:77:6e:1e:f5:1b:7a:b3:46: af:6f:c7:0d:4a:9e:10:0c:b4:db:cd:17:b7:d8:5b:0a:8a:9d: c7:3f:3d:c5:57:f7:6b:64:f4:ca:b5:22:32:7d:8f:d7:b8:8e: ed:dd:63:e7:90:f0:61:6f:9d:0b:a1:cd:f0:a5:46:54:c2:59: 42:48:c2:a3:38:5e:6c:4f:4d:04:62:bb:2d:32:5b:1f:13:55: 47:9e:25:a3:5e:29:62:78:f5:2a:25:3e:ab:f7:a4:6e:4b:2f: 48:9b:cf:c4:0d:0c:80:04:a2:dc:9b:75:9d:17:f5:25:0f:1d: 28:e0:90:af:49:98:e1:de:f5:b6:a8:21:b2:41:77:68:7f:d1: 6c:5b:17:81:e0:5c:25:f2:a4:0c:12:70:e1:76:75:fe:ab:df: f7:4d:13:f7 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBIDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx ODdDMTExMC8GA1UEBRMoQTJCOUZGRUQ0NzBDNUI3MUM1MkYzQjY0QjNCNkVEQTQx OUJFMTNCMzAeFw0yNTA4MjMwODA3MjJaFw0yNTA4MzAwODA3MjJaMBgxFjAUBgNV BAMTDTY4YTk3NmJhLTZlMzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC6GN3kpJLfNR1WS3njcML1aqP3Jz8PhIen4YVw/46HGD2QX5emtdQ+BGcRgNTO 4Lxd5IeYLEYROKnCDK4yl7Q/FpegGmLF3CTEwqfkTreeJZ5iaZREs8EzioPTaUkR 0+22C2rPjjsiNJnmNJi26/WMAQdiWYQnlYehBz13X69nMNjndY7WSydpNsg1tiAo nferpE60QiESxK9ZsP2vKv2aOer02gho+/7sG6YVMvWru5p3iR/8JI/2SSZ/LKJq xiLnAYKbON8BWpOcwP+1ctxeoKVQm0MrhLA7sfh0IzFkg1d/k7OthJCG530Y38mg 5vlPmfA01rZoArSKhilPyniVAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUJphyZhp+ kF8bWOoKDoGD1fpqM4IwHwYDVR0jBBgwFoAUorn/7UcMW3HFLztks7btpBm+E7Mw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTE4N0MxLzI2MzFDOEI0NTcw QTExRjBCNTM4Q0Y2NUM0RjlBRTAyL29ybl83VWNNVzNIRkx6dGtzN2J0cEJtLUU3 TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvb3JuXzdVY01XM0hGTHp0a3M3YnRwQm0tRTdNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTE4 N0MxLzI2MzFDOEI0NTcwQTExRjBCNTM4Q0Y2NUM0RjlBRTAyL29ybl83VWNNVzNI Rkx6dGtzN2J0cEJtLUU3TS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAFnugD/bSOK/oOLU/8v/KwLS/HAhvqdSeTzlkHXzOsOmvkrfSCovVP0Y 3mEwQWuTNhxGGjd+xmNXoDGVdMxGDLt53mlxduu3tSRAN48+TVoIgjRRQR7yWHwf OSRlnYtrHuzSuil3bh71G3qzRq9vxw1KnhAMtNvNF7fYWwqKncc/PcVX92tk9Mq1 IjJ9j9e4ju3dY+eQ8GFvnQuhzfClRlTCWUJIwqM4XmxPTQRiuy0yWx8TVUeeJaNe KWJ49SolPqv3pG5LL0ibz8QNDIAEotybdZ0X9SUPHSjgkK9JmOHe9baoIbJBd2h/ 0WxbF4HgXCXypAwScOF2df6r3/dNE/c= -----END CERTIFICATE-----Generated at Sat Aug 23 11:03:06 2025 by rpki-client