$ rpki-client -vvf rpki.apnic.net/member_repository/A917B520/8F9091D432B011EFA4CBF96AC4F9AE02/OAzWvMnhwR_sTuJ9qJOCTa21ISo.mft File: OAzWvMnhwR_sTuJ9qJOCTa21ISo.mft (raw, json) Hash identifier: MPDyV11TlL766U+GRourDGVLleU9T6l8UsvYq3DGB9Q= Subject key identifier: 84:7F:A1:AA:0E:6E:ED:2C:52:46:9B:F9:F6:26:3F:FD:0A:10:9A:42 Authority key identifier: 38:0C:D6:BC:C9:E1:C1:1F:EC:4E:E2:7D:A8:93:82:4D:AD:B5:21:2A Certificate issuer: /CN=A917B520/serialNumber=380CD6BCC9E1C11FEC4EE27DA893824DADB5212A Certificate serial: DF Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OAzWvMnhwR_sTuJ9qJOCTa21ISo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917B520/8F9091D432B011EFA4CBF96AC4F9AE02/OAzWvMnhwR_sTuJ9qJOCTa21ISo.mft Manifest number: DA Signing time: Thu 03 Jul 2025 03:28:01 +0000 Manifest this update: Thu 03 Jul 2025 03:28:00 +0000 Manifest next update: Thu 10 Jul 2025 03:28:00 +0000 Files and hashes: 1: OAzWvMnhwR_sTuJ9qJOCTa21ISo.crl (hash: HRmYawwWqAO6IFyeGzIWnVMCm6u3zGcRTXh7GvTIR/c=) 2: 9580A702548211EFAADB996FC4F9AE02.roa (hash: kSK29014IOAyTFM0toP6bnTMS2qsqnnHmN7R+iDPlF4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917B520/8F9091D432B011EFA4CBF96AC4F9AE02/OAzWvMnhwR_sTuJ9qJOCTa21ISo.crl rsync://rpki.apnic.net/member_repository/A917B520/8F9091D432B011EFA4CBF96AC4F9AE02/OAzWvMnhwR_sTuJ9qJOCTa21ISo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OAzWvMnhwR_sTuJ9qJOCTa21ISo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 223 (0xdf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917B520, serialNumber=380CD6BCC9E1C11FEC4EE27DA893824DADB5212A Validity Not Before: Jul 3 03:28:00 2025 GMT Not After : Jul 10 03:28:00 2025 GMT Subject: CN=6865f8c1-7533 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:e7:ba:be:15:ce:18:02:c8:c7:ae:83:d4:f6: 1f:4a:f3:0e:2c:a0:3b:a0:f3:0d:a2:10:58:b6:c3: a8:d5:26:18:96:82:12:e9:45:b7:63:4e:af:26:c5: c6:20:8d:4b:b9:41:e7:52:d5:ed:25:79:8a:42:85: 32:8a:d9:a7:95:da:18:b6:7c:48:9e:18:76:bc:50: ae:0d:8d:3d:81:58:5e:b8:08:a2:28:52:e9:a2:c4: 62:66:45:b4:12:2e:65:93:c3:c7:9f:10:98:66:08: f1:0e:94:19:00:61:99:f7:af:21:ea:c7:6c:7c:11: 87:81:48:0b:74:c7:a4:b8:d6:48:47:7f:3d:22:e7: e9:dc:b5:81:33:9f:28:a2:32:d3:70:6c:e0:c3:a6: 80:87:45:ee:d1:2c:21:e5:0d:c7:8f:84:3f:a8:a2: 17:af:0f:6d:8c:36:1d:ac:07:61:40:6e:62:f2:8b: 63:06:ea:70:5a:cf:76:b8:b5:d7:99:01:5b:34:d3: 2c:ac:5d:e3:96:4f:3b:7d:9a:3a:1c:ee:63:c8:e7: 7a:38:a8:11:a8:61:aa:7b:f6:c5:8d:36:78:fd:a5: 26:fb:c7:cb:1c:67:69:08:71:e9:1f:ef:30:3b:08: 2f:59:47:d4:5f:03:ae:a2:cf:d0:fe:e6:25:d2:60: b4:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:7F:A1:AA:0E:6E:ED:2C:52:46:9B:F9:F6:26:3F:FD:0A:10:9A:42 X509v3 Authority Key Identifier: keyid:38:0C:D6:BC:C9:E1:C1:1F:EC:4E:E2:7D:A8:93:82:4D:AD:B5:21:2A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917B520/8F9091D432B011EFA4CBF96AC4F9AE02/OAzWvMnhwR_sTuJ9qJOCTa21ISo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OAzWvMnhwR_sTuJ9qJOCTa21ISo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917B520/8F9091D432B011EFA4CBF96AC4F9AE02/OAzWvMnhwR_sTuJ9qJOCTa21ISo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 64:29:b9:9d:a6:f2:fe:c9:84:25:4e:43:b3:30:1b:44:9f:e5: ef:c2:86:37:d9:6c:5a:7b:91:17:8d:26:3c:fa:4f:b1:2c:97: 12:8c:e4:c6:be:ff:00:ed:3b:ed:5e:20:e3:e9:9f:5a:2b:6e: fb:52:8e:db:2b:1e:c1:ea:1e:d4:6f:25:24:fe:45:05:69:21: b5:e0:8c:42:c3:fe:72:52:29:58:f7:0f:55:8e:f1:05:a1:90: 0f:07:38:85:51:4a:f0:78:9f:fd:20:5d:ee:ff:86:46:9d:2e: ce:ba:4a:d0:13:1e:23:9d:b3:af:b6:9b:ef:c7:ce:0d:a8:78: 99:75:25:e6:2c:53:cb:db:25:2e:d1:f5:74:22:bb:b3:81:a8: cb:e3:9e:4e:9b:9c:f5:ad:89:5e:73:5e:fd:26:87:b0:60:64: e7:06:be:28:b9:6d:b3:09:29:3b:2b:ae:96:96:4d:10:70:4f: 81:8e:9f:b6:53:4a:32:da:2e:d7:87:6f:44:3a:4b:3b:42:9a: eb:22:e0:96:92:89:b3:c4:5b:10:06:00:c6:ca:87:f7:98:70: 97:6b:b3:32:57:3b:5a:62:cc:1d:ea:8c:68:86:2d:04:75:8a: ba:94:d1:40:36:eb:37:03:51:ab:18:44:42:12:df:0f:2d:f6: 93:1b:c9:c1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAN8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0I1MjAxMTAvBgNVBAUTKDM4MENENkJDQzlFMUMxMUZFQzRFRTI3REE4OTM4MjRE QURCNTIxMkEwHhcNMjUwNzAzMDMyODAwWhcNMjUwNzEwMDMyODAwWjAYMRYwFAYD VQQDEw02ODY1ZjhjMS03NTMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtOe6vhXOGALIx66D1PYfSvMOLKA7oPMNohBYtsOo1SYYloIS6UW3Y06vJsXG II1LuUHnUtXtJXmKQoUyitmnldoYtnxInhh2vFCuDY09gVheuAiiKFLposRiZkW0 Ei5lk8PHnxCYZgjxDpQZAGGZ968h6sdsfBGHgUgLdMekuNZIR389Iufp3LWBM58o ojLTcGzgw6aAh0Xu0Swh5Q3Hj4Q/qKIXrw9tjDYdrAdhQG5i8otjBupwWs92uLXX mQFbNNMsrF3jlk87fZo6HO5jyOd6OKgRqGGqe/bFjTZ4/aUm+8fLHGdpCHHpH+8w OwgvWUfUXwOuos/Q/uYl0mC0bwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIR/oaoO bu0sUkab+fYmP/0KEJpCMB8GA1UdIwQYMBaAFDgM1rzJ4cEf7E7ifaiTgk2ttSEq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QjUyMC84RjkwOTFENDMy QjAxMUVGQTRDQkY5NkFDNEY5QUUwMi9PQXpXdk1uaHdSX3NUdUo5cUpPQ1RhMjFJ U28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL09Beld2TW5od1Jfc1R1SjlxSk9DVGEyMUlTby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QjUyMC84RjkwOTFENDMyQjAxMUVGQTRDQkY5NkFDNEY5QUUwMi9PQXpXdk1uaHdS X3NUdUo5cUpPQ1RhMjFJU28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBkKbmdpvL+yYQlTkOzMBtEn+XvwoY32Wxae5EXjSY8+k+xLJcSjOTG vv8A7TvtXiDj6Z9aK277Uo7bKx7B6h7UbyUk/kUFaSG14IxCw/5yUilY9w9VjvEF oZAPBziFUUrweJ/9IF3u/4ZGnS7OukrQEx4jnbOvtpvvx84NqHiZdSXmLFPL2yUu 0fV0IruzgajL455Om5z1rYlec179JoewYGTnBr4ouW2zCSk7K66Wlk0QcE+Bjp+2 U0oy2i7Xh29EOks7QprrIuCWkomzxFsQBgDGyof3mHCXa7MyVztaYswd6oxohi0E dYq6lNFANus3A1GrGERCEt8PLfaTG8nB -----END CERTIFICATE-----Generated at Thu Jul 3 23:23:36 2025 by rpki-client