$ rpki-client -vvf rpki.apnic.net/member_repository/A918AAA1/8114C79C486E11EEA960942CC4F9AE02/oto2N9MlP4mX2I0L2NqVmPeD-ZE.mft File: oto2N9MlP4mX2I0L2NqVmPeD-ZE.mft (raw, json) Hash identifier: miVM+GHf6PaD+k9jsA2d5yaH5yinV+rBW85++gJb5x4= Subject key identifier: 50:CC:6B:88:ED:4B:D0:14:59:D2:7A:FF:7C:BF:27:3F:6A:DD:8A:52 Authority key identifier: A2:DA:36:37:D3:25:3F:89:97:D8:8D:0B:D8:DA:95:98:F7:83:F9:91 Certificate issuer: /CN=A918AAA1/serialNumber=A2DA3637D3253F8997D88D0BD8DA9598F783F991 Certificate serial: 0175 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oto2N9MlP4mX2I0L2NqVmPeD-ZE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918AAA1/8114C79C486E11EEA960942CC4F9AE02/oto2N9MlP4mX2I0L2NqVmPeD-ZE.mft Manifest number: 0172 Signing time: Sat 23 Aug 2025 03:54:36 +0000 Manifest this update: Sat 23 Aug 2025 03:54:35 +0000 Manifest next update: Sat 30 Aug 2025 03:54:35 +0000 Files and hashes: 1: oto2N9MlP4mX2I0L2NqVmPeD-ZE.crl (hash: ESnEDko+7BBvJ6IMkGJNnleo1dw0eu8XUC1kRQ9GTgk=) 2: E6EB2B10486E11EEB4D5FF2DC4F9AE02.roa (hash: 5JFgGi1zcqLdr4l1Ei+0uqRhphNnP2rP0bMb+qfmJXM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918AAA1/8114C79C486E11EEA960942CC4F9AE02/oto2N9MlP4mX2I0L2NqVmPeD-ZE.crl rsync://rpki.apnic.net/member_repository/A918AAA1/8114C79C486E11EEA960942CC4F9AE02/oto2N9MlP4mX2I0L2NqVmPeD-ZE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oto2N9MlP4mX2I0L2NqVmPeD-ZE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 03:54:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 373 (0x175) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918AAA1, serialNumber=A2DA3637D3253F8997D88D0BD8DA9598F783F991 Validity Not Before: Aug 23 03:54:35 2025 GMT Not After : Aug 30 03:54:35 2025 GMT Subject: CN=68a93b7c-99f9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:71:f6:30:72:d6:8e:57:71:f9:7d:da:e4:79: be:a6:9a:65:8b:c9:13:d4:e5:ba:5e:06:63:33:d0: 6f:d7:f8:85:f2:93:06:68:98:9d:e8:88:3f:3b:af: 7f:6d:45:ee:38:ac:06:f4:f6:74:2c:d5:cf:2a:e6: 3c:b9:96:94:5d:f5:5b:a4:06:17:74:2c:65:41:27: 9e:d5:27:5e:51:b7:d3:9e:c0:a1:25:19:d1:d9:87: 1c:75:e0:b8:7a:f4:27:c9:91:4d:c1:6f:e3:06:5d: 01:6f:ef:c9:2a:f3:8b:3f:a7:6a:0a:ff:c4:1a:4f: 55:7b:50:af:0c:d4:6c:ae:2b:c9:30:e6:a8:02:80: 7d:13:b8:57:fc:28:f6:20:12:4d:39:69:5c:91:cc: cc:c0:eb:d7:b5:81:2f:92:be:d7:47:8f:c0:10:ae: a8:de:20:73:6d:10:a9:9a:cc:87:d2:c3:0b:eb:9f: a1:77:7a:fc:4c:71:6e:62:91:cb:6f:25:66:e4:53: 17:03:dd:f5:4e:7e:13:a7:34:1d:49:fd:c0:02:0b: 7b:6c:cf:21:bb:da:90:5e:d8:17:ee:b9:db:6f:75: f1:78:59:f7:48:51:48:23:b6:7a:73:33:3e:9d:57: 41:dc:d4:71:44:e6:29:5f:b8:d1:7d:a2:34:81:1e: 20:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:CC:6B:88:ED:4B:D0:14:59:D2:7A:FF:7C:BF:27:3F:6A:DD:8A:52 X509v3 Authority Key Identifier: keyid:A2:DA:36:37:D3:25:3F:89:97:D8:8D:0B:D8:DA:95:98:F7:83:F9:91 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918AAA1/8114C79C486E11EEA960942CC4F9AE02/oto2N9MlP4mX2I0L2NqVmPeD-ZE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oto2N9MlP4mX2I0L2NqVmPeD-ZE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918AAA1/8114C79C486E11EEA960942CC4F9AE02/oto2N9MlP4mX2I0L2NqVmPeD-ZE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b5:dd:9a:7f:ce:f3:55:df:01:89:71:f5:3f:90:28:7c:28:57: ea:63:47:98:89:5d:e2:0f:12:3b:c9:12:9a:a8:da:9e:16:6d: 54:d0:3f:e0:26:98:8f:85:12:9d:e1:2d:34:4c:d6:d8:72:f6: 2b:2c:a3:65:e9:68:a1:f6:5b:e5:b4:35:f6:c3:5a:0c:99:80: 19:de:08:9d:6a:d3:7c:bc:6f:53:c8:e6:41:c6:09:37:b3:6e: f0:a7:8b:ed:14:75:e0:b6:a1:4a:6b:9c:d5:58:1b:de:46:d1: c2:37:96:8d:d6:d9:fc:0a:43:fa:dc:9b:df:34:15:19:8a:19: 62:3b:e4:d7:3e:c4:a7:70:55:27:fc:9c:37:f9:c9:43:4e:58: f4:84:ee:92:b5:7e:4d:12:00:c5:75:16:ef:0e:2d:31:d2:b9: 08:02:8a:97:4d:d3:aa:53:93:bf:e9:b5:41:0b:55:63:f3:97: 25:b8:f9:60:57:a3:1b:b7:0f:16:ec:8c:f3:8d:fe:37:67:b3: 64:dd:e1:e3:71:6b:81:24:81:8d:5c:68:33:7c:62:74:49:39: 14:33:d4:bf:fd:08:5c:dd:a3:44:16:3f:a9:0f:30:a4:df:3e: 88:92:31:f9:d2:17:84:e7:7c:e7:a7:93:76:50:51:ce:1d:15: 23:03:7d:d0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAXUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEFBQTExMTAvBgNVBAUTKEEyREEzNjM3RDMyNTNGODk5N0Q4OEQwQkQ4REE5NTk4 Rjc4M0Y5OTEwHhcNMjUwODIzMDM1NDM1WhcNMjUwODMwMDM1NDM1WjAYMRYwFAYD VQQDEw02OGE5M2I3Yy05OWY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqXH2MHLWjldx+X3a5Hm+pppli8kT1OW6XgZjM9Bv1/iF8pMGaJid6Ig/O69/ bUXuOKwG9PZ0LNXPKuY8uZaUXfVbpAYXdCxlQSee1SdeUbfTnsChJRnR2YccdeC4 evQnyZFNwW/jBl0Bb+/JKvOLP6dqCv/EGk9Ve1CvDNRsrivJMOaoAoB9E7hX/Cj2 IBJNOWlckczMwOvXtYEvkr7XR4/AEK6o3iBzbRCpmsyH0sML65+hd3r8THFuYpHL byVm5FMXA931Tn4TpzQdSf3AAgt7bM8hu9qQXtgX7rnbb3XxeFn3SFFII7Z6czM+ nVdB3NRxROYpX7jRfaI0gR4gtwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFDMa4jt S9AUWdJ6/3y/Jz9q3YpSMB8GA1UdIwQYMBaAFKLaNjfTJT+Jl9iNC9jalZj3g/mR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QUFBMS84MTE0Qzc5QzQ4 NkUxMUVFQTk2MDk0MkNDNEY5QUUwMi9vdG8yTjlNbFA0bVgySTBMMk5xVm1QZUQt WkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL290bzJOOU1sUDRtWDJJMEwyTnFWbVBlRC1aRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 QUFBMS84MTE0Qzc5QzQ4NkUxMUVFQTk2MDk0MkNDNEY5QUUwMi9vdG8yTjlNbFA0 bVgySTBMMk5xVm1QZUQtWkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC13Zp/zvNV3wGJcfU/kCh8KFfqY0eYiV3iDxI7yRKaqNqeFm1U0D/g JpiPhRKd4S00TNbYcvYrLKNl6Wih9lvltDX2w1oMmYAZ3gidatN8vG9TyOZBxgk3 s27wp4vtFHXgtqFKa5zVWBveRtHCN5aN1tn8CkP63JvfNBUZihliO+TXPsSncFUn /Jw3+clDTlj0hO6StX5NEgDFdRbvDi0x0rkIAoqXTdOqU5O/6bVBC1Vj85cluPlg V6Mbtw8W7Izzjf43Z7Nk3eHjcWuBJIGNXGgzfGJ0STkUM9S//Qhc3aNEFj+pDzCk 3z6IkjH50heE53znp5N2UFHOHRUjA33Q -----END CERTIFICATE-----Generated at Sat Aug 23 21:34:07 2025 by rpki-client