$ rpki-client -vvf rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft File: O-7kvaWgSxBLHXLmAcMJONuktkQ.mft (raw, json) Hash identifier: 7ghvbXhZ3zykT1sys6HxY8fO7hLqQph1sT0FQwab3lk= Subject key identifier: 3A:0D:BB:08:DB:66:51:DE:9C:5A:7B:FB:56:A1:81:94:C5:C6:5D:81 Authority key identifier: 3B:EE:E4:BD:A5:A0:4B:10:4B:1D:72:E6:01:C3:09:38:DB:A4:B6:44 Certificate issuer: /CN=A911D2A3/serialNumber=3BEEE4BDA5A04B104B1D72E601C30938DBA4B644 Certificate serial: 1519 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O-7kvaWgSxBLHXLmAcMJONuktkQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft Manifest number: 150E Signing time: Wed 02 Jul 2025 16:58:57 +0000 Manifest this update: Wed 02 Jul 2025 16:58:57 +0000 Manifest next update: Wed 09 Jul 2025 16:58:57 +0000 Files and hashes: 1: O-7kvaWgSxBLHXLmAcMJONuktkQ.crl (hash: +JridKZbyY4IkXeh8QVHhz+1rQan4hJ59vBGr7HNeXo=) 2: D9EDB272C44C11ECA07C2D77C4F9AE02.roa (hash: +ky1f68JVI+WJMPyIx0Bvw2IHS7jWAofaiHUOQbQU/4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.crl rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O-7kvaWgSxBLHXLmAcMJONuktkQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 16:58:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5401 (0x1519) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911D2A3, serialNumber=3BEEE4BDA5A04B104B1D72E601C30938DBA4B644 Validity Not Before: Jul 2 16:58:57 2025 GMT Not After : Jul 9 16:58:57 2025 GMT Subject: CN=68656551-27b3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:96:91:97:ef:72:7d:57:b7:51:b4:30:33:b4: b0:0e:92:76:2d:33:d8:06:a8:03:c6:0f:ec:19:69: 4a:84:2a:ff:1a:07:96:7d:0c:17:d4:64:0f:e8:f6: 54:31:8b:05:67:69:cf:ed:0b:57:85:c1:72:59:bc: 00:6b:58:62:c8:79:d8:20:44:53:28:30:70:dc:69: dc:99:8e:8a:e3:51:2a:da:bf:5e:9c:73:40:af:4d: 8d:08:29:c0:ab:53:0b:4a:f2:52:11:c3:2a:a5:e9: 16:66:ef:f9:5a:ba:20:eb:87:2e:6b:33:62:0b:00: 6a:24:bb:d3:d2:b0:76:b3:cf:3b:25:81:1e:08:56: aa:62:1e:7c:ab:e5:05:50:e5:e1:ee:0c:fd:f0:9e: f2:1d:d7:77:24:18:cc:d9:6c:fb:70:e2:6a:3e:cf: 05:85:50:19:d3:42:ac:60:c9:61:db:80:e1:07:fc: 83:09:c0:14:81:4f:d3:53:a4:9d:16:98:ad:94:d3: 30:af:fb:12:88:b1:73:52:42:29:10:c7:49:81:b8: 9a:96:ea:6b:5b:f9:6f:fc:9e:2c:41:01:86:5c:df: ae:2e:47:c6:be:be:52:6a:a6:53:40:6b:57:7c:a1: c0:90:83:4c:b7:41:3c:02:f5:ed:a3:b5:77:b8:97: ac:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:0D:BB:08:DB:66:51:DE:9C:5A:7B:FB:56:A1:81:94:C5:C6:5D:81 X509v3 Authority Key Identifier: keyid:3B:EE:E4:BD:A5:A0:4B:10:4B:1D:72:E6:01:C3:09:38:DB:A4:B6:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O-7kvaWgSxBLHXLmAcMJONuktkQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 83:91:a4:44:dd:68:e9:57:86:55:7c:d3:75:77:6e:02:16:c7: 10:4a:da:fe:3e:04:4e:54:48:63:7e:02:2a:70:6e:1d:55:6c: 55:40:55:a1:fe:2f:ce:75:36:6b:0a:1f:be:65:cb:6c:03:ad: 11:51:e2:c5:3f:f0:07:cb:9f:89:4e:78:36:bf:a8:3e:fe:ab: 1d:ab:20:bc:17:21:2e:c2:d4:5b:b2:0a:27:15:07:76:f4:4e: e6:79:5a:f6:8c:bb:2a:a8:2a:d1:2a:f7:07:a9:01:6b:df:7f: da:1c:54:83:e9:86:4f:5b:b1:3a:d1:d7:9a:3c:78:35:c1:cf: 9a:1b:1c:05:cc:a4:3b:4a:b9:8a:b4:e9:7d:07:e5:33:dc:6a: aa:15:9f:07:e4:d8:ae:a9:3a:05:58:6f:57:ff:27:4d:56:ec: 2a:4b:ac:15:07:97:de:3b:6f:e1:5f:68:d4:42:5f:09:53:29: 7c:0e:44:c4:6e:2c:c0:28:2b:85:f1:4e:d4:4f:32:fe:93:63: 51:0d:e2:78:c8:08:68:fa:05:7e:85:0d:af:35:08:53:f9:d2: 9e:5c:83:a0:f1:02:4d:f9:08:4e:91:c6:b2:ef:c8:7c:35:32: 26:76:26:d2:f5:ef:f2:06:45:92:d4:82:1d:f1:ad:9c:54:4a: 82:86:ca:42 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFRkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUQyQTMxMTAvBgNVBAUTKDNCRUVFNEJEQTVBMDRCMTA0QjFENzJFNjAxQzMwOTM4 REJBNEI2NDQwHhcNMjUwNzAyMTY1ODU3WhcNMjUwNzA5MTY1ODU3WjAYMRYwFAYD VQQDEw02ODY1NjU1MS0yN2IzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuZaRl+9yfVe3UbQwM7SwDpJ2LTPYBqgDxg/sGWlKhCr/GgeWfQwX1GQP6PZU MYsFZ2nP7QtXhcFyWbwAa1hiyHnYIERTKDBw3GncmY6K41Eq2r9enHNAr02NCCnA q1MLSvJSEcMqpekWZu/5Wrog64cuazNiCwBqJLvT0rB2s887JYEeCFaqYh58q+UF UOXh7gz98J7yHdd3JBjM2Wz7cOJqPs8FhVAZ00KsYMlh24DhB/yDCcAUgU/TU6Sd FpitlNMwr/sSiLFzUkIpEMdJgbialuprW/lv/J4sQQGGXN+uLkfGvr5SaqZTQGtX fKHAkINMt0E8AvXto7V3uJesLQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDoNuwjb ZlHenFp7+1ahgZTFxl2BMB8GA1UdIwQYMBaAFDvu5L2loEsQSx1y5gHDCTjbpLZE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDJBMy9GNkFDNjM4NjRF RkQxMUU4ODkyQjg2ODNDNEY5QUUwMi9PLTdrdmFXZ1N4QkxIWExtQWNNSk9OdWt0 a1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL08tN2t2YVdnU3hCTEhYTG1BY01KT051a3RrUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx RDJBMy9GNkFDNjM4NjRFRkQxMUU4ODkyQjg2ODNDNEY5QUUwMi9PLTdrdmFXZ1N4 QkxIWExtQWNNSk9OdWt0a1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCDkaRE3WjpV4ZVfNN1d24CFscQStr+PgROVEhjfgIqcG4dVWxVQFWh /i/OdTZrCh++ZctsA60RUeLFP/AHy5+JTng2v6g+/qsdqyC8FyEuwtRbsgonFQd2 9E7meVr2jLsqqCrRKvcHqQFr33/aHFSD6YZPW7E60deaPHg1wc+aGxwFzKQ7SrmK tOl9B+Uz3GqqFZ8H5NiuqToFWG9X/ydNVuwqS6wVB5feO2/hX2jUQl8JUyl8DkTE bizAKCuF8U7UTzL+k2NRDeJ4yAho+gV+hQ2vNQhT+dKeXIOg8QJN+QhOkcay78h8 NTImdibS9e/yBkWS1IId8a2cVEqChspC -----END CERTIFICATE-----Generated at Thu Jul 3 21:54:33 2025 by rpki-client