$ rpki-client -vvf rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft File: OxaIpfe3JKr754IKLGPZey6o5SI.mft (raw, json) Hash identifier: VpHUxLIiVsNev5LDk5HLDZAEzvOzNN6xoHBYyEV/6kY= Subject key identifier: 42:1C:C1:A4:47:EF:BB:DB:00:98:0F:81:25:90:D1:CB:5D:38:DC:84 Authority key identifier: 3B:16:88:A5:F7:B7:24:AA:FB:E7:82:0A:2C:63:D9:7B:2E:A8:E5:22 Certificate issuer: /CN=A91772FA/serialNumber=3B1688A5F7B724AAFBE7820A2C63D97B2EA8E522 Certificate serial: 034E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OxaIpfe3JKr754IKLGPZey6o5SI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft Manifest number: 0346 Signing time: Sat 23 Aug 2025 01:17:07 +0000 Manifest this update: Sat 23 Aug 2025 01:17:07 +0000 Manifest next update: Sat 30 Aug 2025 01:17:07 +0000 Files and hashes: 1: OxaIpfe3JKr754IKLGPZey6o5SI.crl (hash: hactNv1G9hm8lQybVFYhobnlo9RZdaTuIVfH7ecZZ8A=) 2: 2D613294CD7611EC83259862C4F9AE02.roa (hash: HUqC6JNil8MpabByxXZUWUh1z061818LFUdkHBUaghY=) 3: EF8CB49CD78F11EC91680D49C4F9AE02.roa (hash: m1T9GaVF/kOA3y3lDclBiCBdGMqPbCm1SzZbjGctr8o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.crl rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OxaIpfe3JKr754IKLGPZey6o5SI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 01:17:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 846 (0x34e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91772FA, serialNumber=3B1688A5F7B724AAFBE7820A2C63D97B2EA8E522 Validity Not Before: Aug 23 01:17:07 2025 GMT Not After : Aug 30 01:17:07 2025 GMT Subject: CN=68a91693-4219 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:ec:64:01:d5:0f:a6:04:1a:9f:6d:5d:0a:ff: c0:16:7d:ba:af:e5:42:1d:6d:32:d0:76:4e:c2:d4: fa:64:3e:fe:8b:60:cb:38:aa:ff:30:f7:57:f0:c0: a8:b5:e8:0e:91:84:4d:b2:50:47:d5:2e:a9:1f:11: 2c:8f:ed:e7:e0:3d:49:42:c6:78:13:9a:8b:61:de: 4c:d5:91:c6:00:86:ec:9b:a3:06:82:33:35:4b:f7: e2:ed:7b:eb:33:5a:82:8a:7c:df:64:ff:29:11:86: 58:97:0b:69:b2:65:38:d4:2b:e7:f3:7a:93:22:ee: 57:de:97:ce:ab:02:26:d3:76:cb:32:49:3a:e3:7c: bc:9e:d7:30:1b:f3:e9:34:dd:5a:ad:e0:75:a3:3b: 41:02:19:b1:af:db:53:d6:92:c5:cb:80:c3:93:c5: ef:11:bf:10:97:36:8c:d3:ca:e7:82:2d:89:6d:d1: bd:04:64:d3:ad:24:64:39:9c:d9:5a:dc:a1:ef:53: 2b:bb:e1:e5:f5:2c:3e:ac:1c:ff:ac:7f:7e:1c:f0: 57:a8:a0:24:3f:52:f6:8e:f2:dc:0e:ae:a6:9d:96: 0f:8b:b1:1d:2a:87:e8:bb:ef:01:97:85:ca:74:56: b4:65:89:ad:51:54:12:1c:6e:28:e6:17:36:e4:66: 5c:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:1C:C1:A4:47:EF:BB:DB:00:98:0F:81:25:90:D1:CB:5D:38:DC:84 X509v3 Authority Key Identifier: keyid:3B:16:88:A5:F7:B7:24:AA:FB:E7:82:0A:2C:63:D9:7B:2E:A8:E5:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OxaIpfe3JKr754IKLGPZey6o5SI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5e:67:64:0e:6c:0a:74:63:da:2d:a0:04:56:93:97:48:bf:33: e4:62:7a:82:c6:31:4c:f5:f7:3b:b7:aa:38:7c:97:1e:28:61: b0:c5:c3:7b:0e:ea:7d:8b:5c:f7:41:af:76:f6:1d:de:f9:1a: c6:e3:3c:4d:d6:89:d3:da:d6:fe:8a:ea:53:35:94:56:c0:52: 6b:e1:07:62:8b:b5:9b:08:79:c6:2c:07:8a:71:a2:17:56:53: 32:a5:38:6c:12:60:e8:d3:6b:d0:e3:85:c9:c0:3a:31:f3:4c: 33:f0:9d:fc:1c:e0:96:85:14:70:55:d0:19:c9:e7:4a:90:cc: 43:27:3b:57:41:12:d8:85:6b:b3:d1:56:96:6b:1f:27:6b:2f: e5:cf:98:71:eb:a8:0c:61:6b:e2:53:0a:aa:b5:35:15:62:d7: 54:bf:65:7f:d0:1f:36:84:63:0d:0f:9f:4c:2f:20:79:06:fb: d2:8e:ca:2c:94:b9:9d:06:e9:68:ba:32:45:3e:6a:e7:7a:50: f8:8a:93:2a:19:09:b1:5f:81:88:97:fe:ee:6c:6c:16:1c:94: 4a:12:55:d9:9d:e8:4c:1a:4d:8a:c7:c5:79:ac:a0:c6:08:5e: 6c:a0:0c:a0:18:be:75:7f:b9:84:4b:46:c3:32:78:50:da:4a: 59:ed:be:d4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA04wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzcyRkExMTAvBgNVBAUTKDNCMTY4OEE1RjdCNzI0QUFGQkU3ODIwQTJDNjNEOTdC MkVBOEU1MjIwHhcNMjUwODIzMDExNzA3WhcNMjUwODMwMDExNzA3WjAYMRYwFAYD VQQDEw02OGE5MTY5My00MjE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs+xkAdUPpgQan21dCv/AFn26r+VCHW0y0HZOwtT6ZD7+i2DLOKr/MPdX8MCo tegOkYRNslBH1S6pHxEsj+3n4D1JQsZ4E5qLYd5M1ZHGAIbsm6MGgjM1S/fi7Xvr M1qCinzfZP8pEYZYlwtpsmU41Cvn83qTIu5X3pfOqwIm03bLMkk643y8ntcwG/Pp NN1areB1oztBAhmxr9tT1pLFy4DDk8XvEb8QlzaM08rngi2JbdG9BGTTrSRkOZzZ Wtyh71Mru+Hl9Sw+rBz/rH9+HPBXqKAkP1L2jvLcDq6mnZYPi7EdKofou+8Bl4XK dFa0ZYmtUVQSHG4o5hc25GZcHQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEIcwaRH 77vbAJgPgSWQ0ctdONyEMB8GA1UdIwQYMBaAFDsWiKX3tySq++eCCixj2XsuqOUi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NzJGQS9ENzI0NDU2MkNE NzMxMUVDQTBBQTgwNjFDNEY5QUUwMi9PeGFJcGZlM0pLcjc1NElLTEdQWmV5Nm81 U0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL094YUlwZmUzSktyNzU0SUtMR1BaZXk2bzVTSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 NzJGQS9ENzI0NDU2MkNENzMxMUVDQTBBQTgwNjFDNEY5QUUwMi9PeGFJcGZlM0pL cjc1NElLTEdQWmV5Nm81U0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBeZ2QObAp0Y9otoARWk5dIvzPkYnqCxjFM9fc7t6o4fJceKGGwxcN7 Dup9i1z3Qa929h3e+RrG4zxN1onT2tb+iupTNZRWwFJr4Qdii7WbCHnGLAeKcaIX VlMypThsEmDo02vQ44XJwDox80wz8J38HOCWhRRwVdAZyedKkMxDJztXQRLYhWuz 0VaWax8nay/lz5hx66gMYWviUwqqtTUVYtdUv2V/0B82hGMND59MLyB5BvvSjsos lLmdBuloujJFPmrnelD4ipMqGQmxX4GIl/7ubGwWHJRKElXZnehMGk2Kx8V5rKDG CF5soAygGL51f7mES0bDMnhQ2kpZ7b7U -----END CERTIFICATE-----Generated at Sat Aug 23 10:40:36 2025 by rpki-client