$ rpki-client -vvf rpki.apnic.net/member_repository/A9154AFB/78A04E4CE32F11E7B6CED42FC4F9AE02/1OMXbLn0iT50xOgF-n-12QpKewo.mft File: 1OMXbLn0iT50xOgF-n-12QpKewo.mft (raw, json) Hash identifier: bb1x8KCdxulYDbPTsdneFRWky+EHHXzr7y5oSHrO2YI= Subject key identifier: 91:8E:15:BF:CF:B9:73:78:9A:A6:29:AE:BD:AA:74:E4:D1:E5:EC:44 Authority key identifier: D4:E3:17:6C:B9:F4:89:3E:74:C4:E8:05:FA:7F:B5:D9:0A:4A:7B:0A Certificate issuer: /CN=A9154AFB/serialNumber=D4E3176CB9F4893E74C4E805FA7FB5D90A4A7B0A Certificate serial: 1752 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1OMXbLn0iT50xOgF-n-12QpKewo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9154AFB/78A04E4CE32F11E7B6CED42FC4F9AE02/1OMXbLn0iT50xOgF-n-12QpKewo.mft Manifest number: 173D Signing time: Mon 30 Jun 2025 16:46:34 +0000 Manifest this update: Mon 30 Jun 2025 16:46:34 +0000 Manifest next update: Mon 07 Jul 2025 16:46:34 +0000 Files and hashes: 1: 1OMXbLn0iT50xOgF-n-12QpKewo.crl (hash: yHOHMXEbBXQyQnQ707tqpOwD9Hxy1E9+rPgNhyRYqGM=) 2: 81368CD6594B11EE924DCC64C4F9AE02.roa (hash: XhkwHyloR+2rDxWbay2n/StJn5+0QtLglAfKwVMv/5o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9154AFB/78A04E4CE32F11E7B6CED42FC4F9AE02/1OMXbLn0iT50xOgF-n-12QpKewo.crl rsync://rpki.apnic.net/member_repository/A9154AFB/78A04E4CE32F11E7B6CED42FC4F9AE02/1OMXbLn0iT50xOgF-n-12QpKewo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1OMXbLn0iT50xOgF-n-12QpKewo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 16:46:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5970 (0x1752) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9154AFB, serialNumber=D4E3176CB9F4893E74C4E805FA7FB5D90A4A7B0A Validity Not Before: Jun 30 16:46:34 2025 GMT Not After : Jul 7 16:46:34 2025 GMT Subject: CN=6862bf6a-314f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:d2:f0:9f:2e:1b:6b:3f:c7:f9:7b:80:50:79: 62:52:dc:1d:cf:53:34:57:76:09:b9:90:b1:bb:cf: 33:92:27:5a:d4:13:93:9e:6d:aa:fd:03:ac:e4:7e: 9a:fc:6f:fa:bb:49:70:25:09:b4:ed:fc:fb:91:86: 8e:71:e2:6a:64:2b:fe:9a:26:9e:9b:64:44:13:27: cb:99:af:bf:6d:b8:5e:fc:c1:a4:92:0b:e4:2d:32: 4d:85:47:35:37:62:e6:24:7f:4a:00:0b:77:44:ec: dc:d8:f9:7c:13:6e:2d:a5:45:46:3a:6c:58:c8:e4: 26:7a:18:6a:d3:8d:cb:f9:2d:85:e0:3e:66:65:c7: 4e:bd:5e:87:23:c0:cb:e9:f8:20:7c:a6:ae:16:d6: 69:11:63:a1:46:a9:ca:c6:e3:1a:d1:31:17:2c:57: aa:bf:b3:a7:7f:89:78:32:85:e0:49:ca:85:b8:33: d3:19:94:9f:61:98:45:e6:56:e6:a6:a2:f8:fc:dc: 4d:2e:2d:b2:31:99:31:59:7f:6e:a8:ae:cb:5f:7a: a4:bb:15:5e:d5:a4:77:5c:80:e2:39:be:87:c6:e6: 49:ff:c2:77:f3:7f:9c:d2:f0:42:9b:b4:e3:b0:3c: dd:bc:e5:b3:cb:79:43:8e:12:8f:be:90:d9:6c:61: fb:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:8E:15:BF:CF:B9:73:78:9A:A6:29:AE:BD:AA:74:E4:D1:E5:EC:44 X509v3 Authority Key Identifier: keyid:D4:E3:17:6C:B9:F4:89:3E:74:C4:E8:05:FA:7F:B5:D9:0A:4A:7B:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9154AFB/78A04E4CE32F11E7B6CED42FC4F9AE02/1OMXbLn0iT50xOgF-n-12QpKewo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1OMXbLn0iT50xOgF-n-12QpKewo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9154AFB/78A04E4CE32F11E7B6CED42FC4F9AE02/1OMXbLn0iT50xOgF-n-12QpKewo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6d:75:74:5f:bf:60:f6:42:25:52:4a:bc:ac:38:39:7f:5e:df: 2e:60:da:99:2b:29:7b:3b:2d:cc:41:36:73:66:25:34:b6:4f: 8b:6c:c7:a2:01:d4:a8:1a:c7:4f:57:36:91:74:1e:1c:56:a3: 45:25:73:8d:d2:8f:d8:26:b8:a6:35:de:8a:ce:e4:17:c3:67: 53:bf:72:05:c2:6c:a0:fb:e1:d3:73:b6:a5:b3:f5:d0:e6:95: 90:d9:b3:4f:ff:fa:3e:c1:9a:9f:85:3c:04:e8:71:39:38:94: c7:ba:f5:cb:ed:b3:37:b5:4b:69:a8:5c:df:9d:2f:85:ce:48: c2:dd:5a:6b:6c:e7:a5:3e:d1:69:81:50:38:88:f6:3d:04:65: 6a:94:0a:ae:25:e8:03:84:85:5e:f6:a6:c0:b8:84:15:24:33: 29:72:5b:50:59:48:f1:e4:97:bc:74:1f:e7:e6:2e:99:6d:10: d4:c0:47:3c:1c:29:5b:c4:9c:57:b9:57:08:c3:4a:46:d0:a7: 05:3a:59:a1:2f:49:d1:75:f4:04:55:87:7e:0c:23:6f:ec:21: b2:d0:d5:6a:06:e0:61:13:e9:a7:7f:78:91:cb:1f:c8:a8:9b: a8:73:ae:80:90:b6:fb:7c:bf:82:19:1f:21:02:ba:84:7b:9a: d7:e5:b8:40 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICF1IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTRBRkIxMTAvBgNVBAUTKEQ0RTMxNzZDQjlGNDg5M0U3NEM0RTgwNUZBN0ZCNUQ5 MEE0QTdCMEEwHhcNMjUwNjMwMTY0NjM0WhcNMjUwNzA3MTY0NjM0WjAYMRYwFAYD VQQDEw02ODYyYmY2YS0zMTRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAq9Lwny4baz/H+XuAUHliUtwdz1M0V3YJuZCxu88zkida1BOTnm2q/QOs5H6a /G/6u0lwJQm07fz7kYaOceJqZCv+miaem2REEyfLma+/bbhe/MGkkgvkLTJNhUc1 N2LmJH9KAAt3ROzc2Pl8E24tpUVGOmxYyOQmehhq043L+S2F4D5mZcdOvV6HI8DL 6fggfKauFtZpEWOhRqnKxuMa0TEXLFeqv7Onf4l4MoXgScqFuDPTGZSfYZhF5lbm pqL4/NxNLi2yMZkxWX9uqK7LX3qkuxVe1aR3XIDiOb6HxuZJ/8J383+c0vBCm7Tj sDzdvOWzy3lDjhKPvpDZbGH70wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJGOFb/P uXN4mqYprr2qdOTR5exEMB8GA1UdIwQYMBaAFNTjF2y59Ik+dMToBfp/tdkKSnsK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NEFGQi83OEEwNEU0Q0Uz MkYxMUU3QjZDRUQ0MkZDNEY5QUUwMi8xT01YYkxuMGlUNTB4T2dGLW4tMTJRcEtl d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFPTVhiTG4waVQ1MHhPZ0Ytbi0xMlFwS2V3by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 NEFGQi83OEEwNEU0Q0UzMkYxMUU3QjZDRUQ0MkZDNEY5QUUwMi8xT01YYkxuMGlU NTB4T2dGLW4tMTJRcEtld28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBtdXRfv2D2QiVSSrysODl/Xt8uYNqZKyl7Oy3MQTZzZiU0tk+LbMei AdSoGsdPVzaRdB4cVqNFJXON0o/YJrimNd6KzuQXw2dTv3IFwmyg++HTc7als/XQ 5pWQ2bNP//o+wZqfhTwE6HE5OJTHuvXL7bM3tUtpqFzfnS+FzkjC3VprbOelPtFp gVA4iPY9BGVqlAquJegDhIVe9qbAuIQVJDMpcltQWUjx5Je8dB/n5i6ZbRDUwEc8 HClbxJxXuVcIw0pG0KcFOlmhL0nRdfQEVYd+DCNv7CGy0NVqBuBhE+mnf3iRyx/I qJuoc66AkLb7fL+CGR8hArqEe5rX5bhA -----END CERTIFICATE-----Generated at Tue Jul 1 00:52:05 2025 by rpki-client