$ rpki-client -vvf rpki.apnic.net/member_repository/A913B32D/86FD1388790A11EC8D0A2979C4F9AE02/OmiiIsLAz0FDDAlo0jCaqJPHSjs.mft File: OmiiIsLAz0FDDAlo0jCaqJPHSjs.mft (raw, json) Hash identifier: S5Q9qBzD4NFj/cSVxJa6ACdax0D7u6cYKc8JpVIoPJs= Subject key identifier: E7:AA:3A:FC:FA:5C:24:22:7B:35:7E:76:0C:BA:1D:EF:1D:E5:9A:E7 Authority key identifier: 3A:68:A2:22:C2:C0:CF:41:43:0C:09:68:D2:30:9A:A8:93:C7:4A:3B Certificate issuer: /CN=A913B32D/serialNumber=3A68A222C2C0CF41430C0968D2309AA893C74A3B Certificate serial: 0428 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OmiiIsLAz0FDDAlo0jCaqJPHSjs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913B32D/86FD1388790A11EC8D0A2979C4F9AE02/OmiiIsLAz0FDDAlo0jCaqJPHSjs.mft Manifest number: 0421 Signing time: Sat 23 Aug 2025 00:34:42 +0000 Manifest this update: Sat 23 Aug 2025 00:34:42 +0000 Manifest next update: Sat 30 Aug 2025 00:34:42 +0000 Files and hashes: 1: OmiiIsLAz0FDDAlo0jCaqJPHSjs.crl (hash: HMWe2QbLfRmJGaquxFT26mmqstvTYGCZjnaVCw8KND4=) 2: F2BB36DC790E11EC8EA0F77FC4F9AE02.roa (hash: 17t3m0KvoRjfHzLmSGQMixJ4h1po9W3fjkqykP9EfmA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913B32D/86FD1388790A11EC8D0A2979C4F9AE02/OmiiIsLAz0FDDAlo0jCaqJPHSjs.crl rsync://rpki.apnic.net/member_repository/A913B32D/86FD1388790A11EC8D0A2979C4F9AE02/OmiiIsLAz0FDDAlo0jCaqJPHSjs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OmiiIsLAz0FDDAlo0jCaqJPHSjs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 00:34:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1064 (0x428) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913B32D, serialNumber=3A68A222C2C0CF41430C0968D2309AA893C74A3B Validity Not Before: Aug 23 00:34:42 2025 GMT Not After : Aug 30 00:34:42 2025 GMT Subject: CN=68a90ca2-055c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:c8:81:fd:e1:fd:ab:e6:8a:53:d0:3d:f5:74: 4c:8e:cb:f7:ab:da:4f:55:c4:3c:40:76:c5:f7:40: 8b:f8:11:01:76:1f:ec:72:38:1c:10:b1:a2:d6:d0: ec:cd:2e:d1:9f:c6:67:de:67:0a:b2:a7:01:f7:e9: 18:24:d1:32:c2:9d:a4:da:4a:d0:41:e9:05:c3:48: 2d:c6:31:44:80:0a:ed:79:eb:ce:7f:39:9e:dd:a9: f1:03:00:8e:9e:45:9b:b7:c1:d2:7c:94:ad:02:87: 1b:4a:ad:7e:7b:b7:85:81:18:7e:f0:cf:91:63:e3: 3e:7f:37:cf:f5:82:e0:17:fc:80:7b:f3:8c:67:a3: 07:c2:70:fa:05:32:9f:14:7c:5c:63:9b:c5:73:e0: 27:47:2a:4a:70:66:0e:c8:1c:e2:a7:3e:e1:5d:90: 3e:b7:2e:6e:d1:a9:90:78:58:59:d5:4b:c2:8c:0d: 74:87:8b:de:d1:3c:07:c3:14:ed:fc:36:a3:4f:f2: 53:50:1c:79:15:88:d1:78:0d:4a:c5:d7:90:ce:a5: a5:ce:08:f5:f3:f5:39:e4:00:15:15:1b:28:93:9c: ed:a2:de:af:25:63:e2:0e:b8:e3:57:48:53:fc:30: 5c:18:a6:75:70:58:7c:a0:58:f4:16:45:c4:3e:7c: d9:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:AA:3A:FC:FA:5C:24:22:7B:35:7E:76:0C:BA:1D:EF:1D:E5:9A:E7 X509v3 Authority Key Identifier: keyid:3A:68:A2:22:C2:C0:CF:41:43:0C:09:68:D2:30:9A:A8:93:C7:4A:3B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913B32D/86FD1388790A11EC8D0A2979C4F9AE02/OmiiIsLAz0FDDAlo0jCaqJPHSjs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OmiiIsLAz0FDDAlo0jCaqJPHSjs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913B32D/86FD1388790A11EC8D0A2979C4F9AE02/OmiiIsLAz0FDDAlo0jCaqJPHSjs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 55:9e:b7:0c:5d:a5:05:1d:e2:ca:19:8d:b8:99:e9:af:b5:98: 7f:9c:ef:ee:41:74:7f:e6:6a:af:6d:02:7a:fb:2b:04:b0:01: a7:7b:ee:3b:87:b3:70:c8:6c:23:2d:27:7c:7d:a6:a5:f1:ae: b9:a6:c2:6a:48:10:cc:45:0a:18:6e:9d:f2:c5:6e:67:81:29: 7f:0e:8e:7f:22:56:b9:49:7c:b2:3d:09:11:b4:30:ce:8a:fb: 8c:7c:11:3f:5d:5b:3a:e6:20:ba:00:ca:f8:4d:4c:3f:9e:25: 42:3a:15:39:81:c2:6b:ef:21:8a:e6:b9:a0:47:84:71:70:76: 0a:2a:4a:f6:3a:ed:b8:4e:b0:69:5b:ee:89:53:57:d0:0e:4d: fb:18:28:3c:d7:5b:24:f8:70:dd:eb:6a:78:64:7d:42:1a:f7: fd:fb:86:5b:95:ed:2e:0f:c7:d1:d3:72:d3:50:4f:5d:bf:eb: e1:b7:80:75:4e:35:9f:0a:a9:32:c0:e0:21:d0:a9:7c:73:2d: 4a:b4:d6:cf:cf:5a:ff:5b:84:be:7b:6e:2e:44:b1:b6:96:64: c5:ff:d0:a6:a2:01:d4:2f:97:b0:61:fb:3c:45:b7:9f:80:c2: bd:a2:fb:13:78:77:8d:1f:ad:1b:51:8b:00:e7:5f:d6:b2:16: 0e:b8:4f:7c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBCgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0IzMkQxMTAvBgNVBAUTKDNBNjhBMjIyQzJDMENGNDE0MzBDMDk2OEQyMzA5QUE4 OTNDNzRBM0IwHhcNMjUwODIzMDAzNDQyWhcNMjUwODMwMDAzNDQyWjAYMRYwFAYD VQQDEw02OGE5MGNhMi0wNTVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0siB/eH9q+aKU9A99XRMjsv3q9pPVcQ8QHbF90CL+BEBdh/scjgcELGi1tDs zS7Rn8Zn3mcKsqcB9+kYJNEywp2k2krQQekFw0gtxjFEgArteevOfzme3anxAwCO nkWbt8HSfJStAocbSq1+e7eFgRh+8M+RY+M+fzfP9YLgF/yAe/OMZ6MHwnD6BTKf FHxcY5vFc+AnRypKcGYOyBzipz7hXZA+ty5u0amQeFhZ1UvCjA10h4ve0TwHwxTt /DajT/JTUBx5FYjReA1KxdeQzqWlzgj18/U55AAVFRsok5ztot6vJWPiDrjjV0hT /DBcGKZ1cFh8oFj0FkXEPnzZMQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOeqOvz6 XCQiezV+dgy6He8d5ZrnMB8GA1UdIwQYMBaAFDpooiLCwM9BQwwJaNIwmqiTx0o7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQjMyRC84NkZEMTM4ODc5 MEExMUVDOEQwQTI5NzlDNEY5QUUwMi9PbWlpSXNMQXowRkREQWxvMGpDYXFKUEhT anMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09taWlJc0xBejBGRERBbG8wakNhcUpQSFNqcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz QjMyRC84NkZEMTM4ODc5MEExMUVDOEQwQTI5NzlDNEY5QUUwMi9PbWlpSXNMQXow RkREQWxvMGpDYXFKUEhTanMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBVnrcMXaUFHeLKGY24memvtZh/nO/uQXR/5mqvbQJ6+ysEsAGne+47 h7NwyGwjLSd8faal8a65psJqSBDMRQoYbp3yxW5ngSl/Do5/Ila5SXyyPQkRtDDO ivuMfBE/XVs65iC6AMr4TUw/niVCOhU5gcJr7yGK5rmgR4RxcHYKKkr2Ou24TrBp W+6JU1fQDk37GCg811sk+HDd62p4ZH1CGvf9+4Zble0uD8fR03LTUE9dv+vht4B1 TjWfCqkywOAh0Kl8cy1KtNbPz1r/W4S+e24uRLG2lmTF/9CmogHUL5ewYfs8Rbef gMK9ovsTeHeNH60bUYsA51/WshYOuE98 -----END CERTIFICATE-----Generated at Sat Aug 23 17:20:38 2025 by rpki-client