$ rpki-client -vvf rpki.apnic.net/member_repository/A918AAA1/8114C79C486E11EEA960942CC4F9AE02/oto2N9MlP4mX2I0L2NqVmPeD-ZE.mft File: oto2N9MlP4mX2I0L2NqVmPeD-ZE.mft (raw, json) Hash identifier: 5/hDlYjaQAXJkH9ldV8Rd0gQzFEjncardcqUK3gK86E= Subject key identifier: A4:4A:EF:6C:D5:D1:BC:A6:17:56:40:4E:4D:E0:CC:ED:54:4B:D3:E0 Authority key identifier: A2:DA:36:37:D3:25:3F:89:97:D8:8D:0B:D8:DA:95:98:F7:83:F9:91 Certificate issuer: /CN=A918AAA1/serialNumber=A2DA3637D3253F8997D88D0BD8DA9598F783F991 Certificate serial: 0158 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oto2N9MlP4mX2I0L2NqVmPeD-ZE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918AAA1/8114C79C486E11EEA960942CC4F9AE02/oto2N9MlP4mX2I0L2NqVmPeD-ZE.mft Manifest number: 0156 Signing time: Thu 03 Jul 2025 04:09:59 +0000 Manifest this update: Thu 03 Jul 2025 04:09:58 +0000 Manifest next update: Thu 10 Jul 2025 04:09:58 +0000 Files and hashes: 1: oto2N9MlP4mX2I0L2NqVmPeD-ZE.crl (hash: 2URFFgvlMTOVx6KPvcJxsmARvjgTIp4lxMtsF6z1PvU=) 2: E6EB2B10486E11EEB4D5FF2DC4F9AE02.roa (hash: P1qwhAicU6zPENCwTGFasnrb3+NFivcUL5Wq4dABBCM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918AAA1/8114C79C486E11EEA960942CC4F9AE02/oto2N9MlP4mX2I0L2NqVmPeD-ZE.crl rsync://rpki.apnic.net/member_repository/A918AAA1/8114C79C486E11EEA960942CC4F9AE02/oto2N9MlP4mX2I0L2NqVmPeD-ZE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oto2N9MlP4mX2I0L2NqVmPeD-ZE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 344 (0x158) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918AAA1, serialNumber=A2DA3637D3253F8997D88D0BD8DA9598F783F991 Validity Not Before: Jul 3 04:09:58 2025 GMT Not After : Jul 10 04:09:58 2025 GMT Subject: CN=68660297-ec54 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:41:ff:86:79:72:a0:2e:17:75:c6:30:74:23: 9b:70:82:30:07:26:a5:77:fb:3f:67:f9:1e:b2:6a: bb:99:c0:99:96:34:2f:e8:9b:c8:00:10:79:c6:5b: a7:cf:13:53:67:bc:24:e8:93:3f:3c:f7:1c:7d:35: 94:55:15:62:46:b6:c5:3e:94:86:a6:7c:c5:5d:97: e4:8f:2d:79:e1:e4:dd:e4:12:33:7e:2e:a5:a4:31: 83:2d:a1:f9:f7:a4:a7:64:bc:e8:09:b0:f8:f0:1c: 23:3f:08:16:c4:ca:16:f4:be:9f:d3:ef:4d:b0:5e: 6c:6a:7e:46:e7:3e:b8:a0:8c:0d:03:1d:67:38:c0: 8c:1c:2d:b4:ae:61:90:f0:9d:05:ba:b3:37:83:12: 55:ab:01:6e:72:52:db:f7:01:0b:a4:73:39:bd:a9: 81:5c:4b:49:bd:d1:16:05:b6:58:5d:d9:75:cf:a6: 70:a2:54:ee:76:17:f3:01:47:74:9f:33:dd:07:2d: 63:9b:d0:5c:dc:52:d3:2f:b3:db:67:a6:74:8a:47: ae:28:23:c7:42:23:2f:f6:0a:21:7c:42:6f:eb:2d: 70:4b:e5:c8:84:0f:c1:d0:0d:18:75:92:d2:bd:65: ec:9c:a0:05:82:d4:8b:14:07:4a:02:b6:9b:8b:a1: f5:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:4A:EF:6C:D5:D1:BC:A6:17:56:40:4E:4D:E0:CC:ED:54:4B:D3:E0 X509v3 Authority Key Identifier: keyid:A2:DA:36:37:D3:25:3F:89:97:D8:8D:0B:D8:DA:95:98:F7:83:F9:91 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918AAA1/8114C79C486E11EEA960942CC4F9AE02/oto2N9MlP4mX2I0L2NqVmPeD-ZE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oto2N9MlP4mX2I0L2NqVmPeD-ZE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918AAA1/8114C79C486E11EEA960942CC4F9AE02/oto2N9MlP4mX2I0L2NqVmPeD-ZE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ac:c1:23:97:dd:7c:cc:3c:32:7f:0e:39:b4:25:64:9b:2b:77: 45:90:47:6e:47:36:63:fc:a9:34:51:1e:d2:6c:50:7a:c0:2c: 48:89:e9:e9:27:9f:25:87:1b:03:21:e9:c7:92:20:2d:82:76: fb:da:7d:8b:0d:09:fd:7b:65:0d:24:6c:07:72:c7:74:bd:68: b9:05:95:5e:e1:69:14:78:b1:d4:52:0c:a4:5d:2f:1a:0a:e0: f9:19:02:22:fb:5f:09:02:78:b4:a9:b2:7d:7f:0c:13:7d:76: f3:50:3e:48:af:1f:68:db:97:cd:dc:0b:2a:73:60:e6:0d:d1: 0b:66:b1:ea:0d:71:ed:fd:73:f8:27:ec:c0:c0:06:56:8e:cd: bd:40:c2:7e:15:8c:63:77:b8:e0:1b:54:75:50:5f:6b:06:77: 46:84:8b:6d:98:fc:4a:9b:b6:0d:1a:dc:90:d7:6a:8a:f9:ca: 3b:01:5f:54:ae:90:87:f2:1f:c2:46:3a:8a:9b:04:56:f6:ac: 14:61:70:e9:53:c7:4e:b9:bc:c7:b7:20:a5:2d:61:08:e5:d5: 2e:e3:fc:7e:38:47:ba:b3:37:60:0e:5d:3d:ff:38:cc:9e:d1: 01:fe:10:78:cd:36:cb:23:65:18:d2:a4:cd:c2:d1:81:1b:22: 59:ef:fa:01 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAVgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEFBQTExMTAvBgNVBAUTKEEyREEzNjM3RDMyNTNGODk5N0Q4OEQwQkQ4REE5NTk4 Rjc4M0Y5OTEwHhcNMjUwNzAzMDQwOTU4WhcNMjUwNzEwMDQwOTU4WjAYMRYwFAYD VQQDEw02ODY2MDI5Ny1lYzU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzkH/hnlyoC4XdcYwdCObcIIwByald/s/Z/kesmq7mcCZljQv6JvIABB5xlun zxNTZ7wk6JM/PPccfTWUVRViRrbFPpSGpnzFXZfkjy154eTd5BIzfi6lpDGDLaH5 96SnZLzoCbD48BwjPwgWxMoW9L6f0+9NsF5san5G5z64oIwNAx1nOMCMHC20rmGQ 8J0FurM3gxJVqwFuclLb9wELpHM5vamBXEtJvdEWBbZYXdl1z6ZwolTudhfzAUd0 nzPdBy1jm9Bc3FLTL7PbZ6Z0ikeuKCPHQiMv9gohfEJv6y1wS+XIhA/B0A0YdZLS vWXsnKAFgtSLFAdKArabi6H1jQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKRK72zV 0bymF1ZATk3gzO1US9PgMB8GA1UdIwQYMBaAFKLaNjfTJT+Jl9iNC9jalZj3g/mR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QUFBMS84MTE0Qzc5QzQ4 NkUxMUVFQTk2MDk0MkNDNEY5QUUwMi9vdG8yTjlNbFA0bVgySTBMMk5xVm1QZUQt WkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL290bzJOOU1sUDRtWDJJMEwyTnFWbVBlRC1aRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 QUFBMS84MTE0Qzc5QzQ4NkUxMUVFQTk2MDk0MkNDNEY5QUUwMi9vdG8yTjlNbFA0 bVgySTBMMk5xVm1QZUQtWkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCswSOX3XzMPDJ/Djm0JWSbK3dFkEduRzZj/Kk0UR7SbFB6wCxIienp J58lhxsDIenHkiAtgnb72n2LDQn9e2UNJGwHcsd0vWi5BZVe4WkUeLHUUgykXS8a CuD5GQIi+18JAni0qbJ9fwwTfXbzUD5Irx9o25fN3Asqc2DmDdELZrHqDXHt/XP4 J+zAwAZWjs29QMJ+FYxjd7jgG1R1UF9rBndGhIttmPxKm7YNGtyQ12qK+co7AV9U rpCH8h/CRjqKmwRW9qwUYXDpU8dOubzHtyClLWEI5dUu4/x+OEe6szdgDl09/zjM ntEB/hB4zTbLI2UY0qTNwtGBGyJZ7/oB -----END CERTIFICATE-----Generated at Thu Jul 3 06:00:36 2025 by rpki-client