$ rpki-client -vvf rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft File: O-7kvaWgSxBLHXLmAcMJONuktkQ.mft (raw, json) Hash identifier: m5aZe2LPmqf06Ju+ObwXRQCrJ3lrquE1H+YL4Nj3nqY= Subject key identifier: 24:4C:53:BD:32:5D:40:E9:CC:90:62:35:65:E4:22:9F:93:56:11:8B Authority key identifier: 3B:EE:E4:BD:A5:A0:4B:10:4B:1D:72:E6:01:C3:09:38:DB:A4:B6:44 Certificate issuer: /CN=A911D2A3/serialNumber=3BEEE4BDA5A04B104B1D72E601C30938DBA4B644 Certificate serial: 1538 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O-7kvaWgSxBLHXLmAcMJONuktkQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft Manifest number: 152C Signing time: Fri 22 Aug 2025 16:55:29 +0000 Manifest this update: Fri 22 Aug 2025 16:55:29 +0000 Manifest next update: Fri 29 Aug 2025 16:55:29 +0000 Files and hashes: 1: O-7kvaWgSxBLHXLmAcMJONuktkQ.crl (hash: WNAiTt49c8iZmzGqKyfF2AFCCff7SosNV5JU5iEn20c=) 2: D9EDB272C44C11ECA07C2D77C4F9AE02.roa (hash: Iuc0hvonCQ52vF8J3PK6U6v3ddTApNkT2+JlMCbgaDs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.crl rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O-7kvaWgSxBLHXLmAcMJONuktkQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 16:55:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5432 (0x1538) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911D2A3, serialNumber=3BEEE4BDA5A04B104B1D72E601C30938DBA4B644 Validity Not Before: Aug 22 16:55:29 2025 GMT Not After : Aug 29 16:55:29 2025 GMT Subject: CN=68a8a101-ca24 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:9a:89:7b:a0:b7:d3:ac:e6:7b:87:2a:9e:7d: 60:7d:a3:de:4b:2f:ad:53:f3:cd:d4:f0:01:60:89: 72:ee:b4:ce:a3:d8:c2:0e:12:fe:38:aa:0e:c5:d0: 5e:c5:89:e9:3d:70:cc:88:b5:9f:16:68:13:4e:da: 03:dc:b3:7f:38:98:d2:fb:c1:42:83:63:8f:b4:81: 00:47:77:2a:b3:4a:33:c8:a9:4a:67:2d:8f:26:93: 57:90:08:e6:19:d1:24:e8:37:65:46:6c:a4:ad:82: ae:2a:77:af:d3:78:e5:dc:4b:d5:25:e6:14:d5:75: 65:c2:49:68:85:bd:5d:6b:1d:79:94:f7:de:c4:90: e4:50:8f:2e:19:7c:65:70:74:2d:d3:20:96:e8:c8: 9f:97:ca:84:1c:c0:3a:1c:b4:bd:85:98:24:3d:63: 9f:4d:53:e1:54:14:bc:b4:95:75:27:29:4a:67:7b: dd:08:a4:94:19:69:67:c9:ee:39:fb:4c:9f:6f:26: 61:c7:3f:81:2e:a0:3c:c4:08:77:a8:b8:c4:ce:34: 8d:0c:8f:ae:ef:77:64:d7:b7:76:d1:b6:3d:31:97: 6f:0d:0c:79:27:01:49:89:56:25:1f:9a:de:24:99: 60:fa:02:18:87:c9:c4:98:7a:ec:de:fd:54:f2:f1: b2:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:4C:53:BD:32:5D:40:E9:CC:90:62:35:65:E4:22:9F:93:56:11:8B X509v3 Authority Key Identifier: keyid:3B:EE:E4:BD:A5:A0:4B:10:4B:1D:72:E6:01:C3:09:38:DB:A4:B6:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O-7kvaWgSxBLHXLmAcMJONuktkQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7f:da:b2:7d:20:ae:ba:10:5d:3d:ff:57:48:7b:1a:d0:c9:17: 32:e5:46:1c:d3:d5:2c:30:03:d7:03:ba:3a:bb:5f:bd:e6:19: 19:a6:65:c3:e5:fb:32:bb:13:20:48:77:95:ef:6e:3f:94:98: b2:20:c7:4f:63:d8:20:77:c8:0f:2e:8d:e0:56:bd:25:9e:82: 9c:24:05:0d:01:bc:73:dc:88:2d:d0:eb:24:4a:28:99:b8:5a: 6f:d2:24:e2:63:82:31:87:fd:24:f4:70:69:e6:b9:de:5e:38: 95:86:b6:01:20:ea:37:dd:c8:53:86:e7:19:7c:45:a4:1b:b9: b0:10:0c:cd:9d:58:ef:03:a8:1c:2e:ac:72:15:2e:bb:eb:3f: 69:03:59:05:95:28:e3:67:3b:f7:a0:bb:b8:11:e8:6d:7c:9f: 62:f7:c5:ca:07:53:e1:5c:c3:68:c6:b6:1a:1f:11:93:d4:65: b9:82:3e:15:6e:f2:25:26:df:24:b9:8d:16:7c:e5:0b:8d:c8: 19:f2:6c:ab:4d:49:6e:d1:7b:21:e3:38:dc:55:78:3f:67:46: c4:53:0b:4e:b6:90:48:21:8f:84:bb:4e:71:ff:cf:38:e4:7f: 82:27:d2:72:02:ab:ee:c6:36:1f:9e:98:6e:71:2c:3c:99:b1: 8e:2c:9b:76 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFTgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUQyQTMxMTAvBgNVBAUTKDNCRUVFNEJEQTVBMDRCMTA0QjFENzJFNjAxQzMwOTM4 REJBNEI2NDQwHhcNMjUwODIyMTY1NTI5WhcNMjUwODI5MTY1NTI5WjAYMRYwFAYD VQQDEw02OGE4YTEwMS1jYTI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvJqJe6C306zme4cqnn1gfaPeSy+tU/PN1PABYIly7rTOo9jCDhL+OKoOxdBe xYnpPXDMiLWfFmgTTtoD3LN/OJjS+8FCg2OPtIEAR3cqs0ozyKlKZy2PJpNXkAjm GdEk6DdlRmykrYKuKnev03jl3EvVJeYU1XVlwklohb1dax15lPfexJDkUI8uGXxl cHQt0yCW6Mifl8qEHMA6HLS9hZgkPWOfTVPhVBS8tJV1JylKZ3vdCKSUGWlnye45 +0yfbyZhxz+BLqA8xAh3qLjEzjSNDI+u73dk17d20bY9MZdvDQx5JwFJiVYlH5re JJlg+gIYh8nEmHrs3v1U8vGypQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCRMU70y XUDpzJBiNWXkIp+TVhGLMB8GA1UdIwQYMBaAFDvu5L2loEsQSx1y5gHDCTjbpLZE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDJBMy9GNkFDNjM4NjRF RkQxMUU4ODkyQjg2ODNDNEY5QUUwMi9PLTdrdmFXZ1N4QkxIWExtQWNNSk9OdWt0 a1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL08tN2t2YVdnU3hCTEhYTG1BY01KT051a3RrUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx RDJBMy9GNkFDNjM4NjRFRkQxMUU4ODkyQjg2ODNDNEY5QUUwMi9PLTdrdmFXZ1N4 QkxIWExtQWNNSk9OdWt0a1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB/2rJ9IK66EF09/1dIexrQyRcy5UYc09UsMAPXA7o6u1+95hkZpmXD 5fsyuxMgSHeV724/lJiyIMdPY9ggd8gPLo3gVr0lnoKcJAUNAbxz3Igt0OskSiiZ uFpv0iTiY4Ixh/0k9HBp5rneXjiVhrYBIOo33chThucZfEWkG7mwEAzNnVjvA6gc LqxyFS676z9pA1kFlSjjZzv3oLu4EehtfJ9i98XKB1PhXMNoxrYaHxGT1GW5gj4V bvIlJt8kuY0WfOULjcgZ8myrTUlu0Xsh4zjcVXg/Z0bEUwtOtpBIIY+Eu05x/884 5H+CJ9JyAqvuxjYfnphucSw8mbGOLJt2 -----END CERTIFICATE-----Generated at Sun Aug 24 04:50:29 2025 by rpki-client