$ rpki-client -vvf rpki.apnic.net/member_repository/A915802B/330CC3C4605011EA95776754C4F9AE02/OkN4D2xDLe5HSoqVaFkCgtvqXbM.mft File: OkN4D2xDLe5HSoqVaFkCgtvqXbM.mft (raw, json) Hash identifier: RrOoONP9staOeMoKgsXgItz8KYC2qXB8cXFyut+9c3k= Subject key identifier: 15:83:9E:0D:40:56:7F:7D:5D:9F:C7:29:EA:2A:39:09:0B:C1:80:70 Authority key identifier: 3A:43:78:0F:6C:43:2D:EE:47:4A:8A:95:68:59:02:82:DB:EA:5D:B3 Certificate issuer: /CN=A915802B/serialNumber=3A43780F6C432DEE474A8A9568590282DBEA5DB3 Certificate serial: 0AAA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OkN4D2xDLe5HSoqVaFkCgtvqXbM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915802B/330CC3C4605011EA95776754C4F9AE02/OkN4D2xDLe5HSoqVaFkCgtvqXbM.mft Manifest number: 0AA1 Signing time: Fri 22 Aug 2025 19:40:59 +0000 Manifest this update: Fri 22 Aug 2025 19:40:59 +0000 Manifest next update: Fri 29 Aug 2025 19:40:59 +0000 Files and hashes: 1: OkN4D2xDLe5HSoqVaFkCgtvqXbM.crl (hash: NRweDGIJkQLRliQmzNJx+8Q0uSW4QXDPwbXceuslfcc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915802B/330CC3C4605011EA95776754C4F9AE02/OkN4D2xDLe5HSoqVaFkCgtvqXbM.crl rsync://rpki.apnic.net/member_repository/A915802B/330CC3C4605011EA95776754C4F9AE02/OkN4D2xDLe5HSoqVaFkCgtvqXbM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OkN4D2xDLe5HSoqVaFkCgtvqXbM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 19:40:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2730 (0xaaa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915802B, serialNumber=3A43780F6C432DEE474A8A9568590282DBEA5DB3 Validity Not Before: Aug 22 19:40:59 2025 GMT Not After : Aug 29 19:40:59 2025 GMT Subject: CN=68a8c7cb-601a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:8b:87:de:1d:cc:98:23:ed:05:c5:8c:69:eb: 32:c0:8f:8c:ea:d0:e1:55:75:39:2c:97:a0:28:bf: 69:d7:2f:25:84:7e:ca:42:31:f6:de:17:7f:f6:eb: 41:d8:36:e5:be:2b:6b:35:62:05:05:a7:87:52:b8: f4:7f:c9:d6:5a:32:89:9d:aa:0a:46:9d:39:e5:ff: bb:84:7a:f6:96:82:29:0e:e2:53:3a:63:37:65:2d: 47:93:8a:2c:19:0d:1c:2e:ac:02:9d:48:e9:7d:a6: 22:56:c6:2b:21:f3:aa:f3:7f:fa:69:7b:bc:aa:16: e2:f7:88:0a:bb:7f:cd:32:a1:de:19:83:6e:0c:cf: da:3a:25:5f:50:1d:f1:52:dc:af:77:b3:fb:b5:9e: f8:e2:c5:d9:a7:5c:94:c9:95:1c:6e:d1:e4:d1:7d: 75:92:43:45:18:48:b1:14:75:78:a1:4a:fd:2b:12: c9:f7:2e:d1:f2:d1:c3:b1:6f:d6:c0:a2:2e:a6:12: e1:4b:9d:8e:c1:2b:74:d3:7f:72:f5:8b:23:81:e1: 04:80:51:ce:65:42:d2:3f:67:b9:79:7d:3b:5f:40: 73:a4:3a:9d:02:76:18:38:35:38:58:f0:cf:35:50: 1a:7f:1f:74:e4:06:e0:f1:ae:76:89:75:44:ac:e8: e3:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:83:9E:0D:40:56:7F:7D:5D:9F:C7:29:EA:2A:39:09:0B:C1:80:70 X509v3 Authority Key Identifier: keyid:3A:43:78:0F:6C:43:2D:EE:47:4A:8A:95:68:59:02:82:DB:EA:5D:B3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915802B/330CC3C4605011EA95776754C4F9AE02/OkN4D2xDLe5HSoqVaFkCgtvqXbM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OkN4D2xDLe5HSoqVaFkCgtvqXbM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915802B/330CC3C4605011EA95776754C4F9AE02/OkN4D2xDLe5HSoqVaFkCgtvqXbM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 49:e2:e3:11:9c:fc:d6:4e:6b:8e:0d:21:2e:9d:4d:76:f8:60: e0:c2:24:83:58:ba:bf:6c:d3:f1:ed:8d:bf:4d:d4:b7:39:08: 8c:ca:13:ea:f2:69:ca:59:5c:25:9b:6a:a9:82:36:a7:69:88: 81:67:35:18:78:0e:00:42:c9:ae:5b:29:cb:7c:57:79:65:5f: 53:ad:e2:5b:99:cf:c4:96:48:e9:79:e2:1f:56:2e:b7:2d:83: 6c:5c:0d:df:06:4e:14:e1:ee:c8:1a:cc:39:7b:7c:92:90:34: 78:78:da:53:20:94:98:69:9a:53:20:34:88:89:06:98:e3:41: 65:7c:31:6b:aa:c5:50:b4:23:a6:91:c2:ac:1a:bd:71:69:6d: 1d:f0:ea:07:fc:ac:5a:fc:71:c7:3b:a1:76:57:e0:d4:7d:3a: 60:41:6e:24:86:c4:b7:3b:17:ef:1d:66:d2:66:de:9f:3b:c7: 30:80:08:84:0e:33:dd:74:03:54:57:ae:a6:57:d6:72:92:1e: 76:16:1e:4d:24:67:f1:73:e2:bf:1a:c3:4d:7b:88:9e:f1:3f: 21:03:f6:86:76:f4:b6:94:4d:30:92:de:99:69:a8:b9:cd:74: 22:05:d8:9f:35:5a:3b:04:0b:42:cd:45:7a:8a:bc:71:61:5b: f1:71:e4:cc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCqowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTgwMkIxMTAvBgNVBAUTKDNBNDM3ODBGNkM0MzJERUU0NzRBOEE5NTY4NTkwMjgy REJFQTVEQjMwHhcNMjUwODIyMTk0MDU5WhcNMjUwODI5MTk0MDU5WjAYMRYwFAYD VQQDEw02OGE4YzdjYi02MDFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxYuH3h3MmCPtBcWMaesywI+M6tDhVXU5LJegKL9p1y8lhH7KQjH23hd/9utB 2DblvitrNWIFBaeHUrj0f8nWWjKJnaoKRp055f+7hHr2loIpDuJTOmM3ZS1Hk4os GQ0cLqwCnUjpfaYiVsYrIfOq83/6aXu8qhbi94gKu3/NMqHeGYNuDM/aOiVfUB3x Utyvd7P7tZ744sXZp1yUyZUcbtHk0X11kkNFGEixFHV4oUr9KxLJ9y7R8tHDsW/W wKIuphLhS52OwSt0039y9YsjgeEEgFHOZULSP2e5eX07X0BzpDqdAnYYODU4WPDP NVAafx905Abg8a52iXVErOjj4QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBWDng1A Vn99XZ/HKeoqOQkLwYBwMB8GA1UdIwQYMBaAFDpDeA9sQy3uR0qKlWhZAoLb6l2z MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODAyQi8zMzBDQzNDNDYw NTAxMUVBOTU3NzY3NTRDNEY5QUUwMi9Pa040RDJ4RExlNUhTb3FWYUZrQ2d0dnFY Yk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09rTjREMnhETGU1SFNvcVZhRmtDZ3R2cVhiTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 ODAyQi8zMzBDQzNDNDYwNTAxMUVBOTU3NzY3NTRDNEY5QUUwMi9Pa040RDJ4RExl NUhTb3FWYUZrQ2d0dnFYYk0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBJ4uMRnPzWTmuODSEunU12+GDgwiSDWLq/bNPx7Y2/TdS3OQiMyhPq 8mnKWVwlm2qpgjanaYiBZzUYeA4AQsmuWynLfFd5ZV9TreJbmc/ElkjpeeIfVi63 LYNsXA3fBk4U4e7IGsw5e3ySkDR4eNpTIJSYaZpTIDSIiQaY40FlfDFrqsVQtCOm kcKsGr1xaW0d8OoH/Kxa/HHHO6F2V+DUfTpgQW4khsS3OxfvHWbSZt6fO8cwgAiE DjPddANUV66mV9Zykh52Fh5NJGfxc+K/GsNNe4ie8T8hA/aGdvS2lE0wkt6Zaai5 zXQiBdifNVo7BAtCzUV6irxxYVvxceTM -----END CERTIFICATE-----Generated at Sat Aug 23 17:10:55 2025 by rpki-client