$ rpki-client -vvf rpki.apnic.net/member_repository/A918C3B7/159A4AD0932511EEBE987F60C4F9AE02/OYN8tL7K9qYmyRaulgJBtgnmsgo.mft File: OYN8tL7K9qYmyRaulgJBtgnmsgo.mft (raw, json) Hash identifier: 7ezqEUCMArPzYIBbHjK/ll7BDX7X+mx6SDtZsZWFWJY= Subject key identifier: D4:3B:3A:00:00:24:1F:BD:C1:76:67:4C:5A:F2:F6:6E:B7:50:E2:DF Authority key identifier: 39:83:7C:B4:BE:CA:F6:A6:26:C9:16:AE:96:02:41:B6:09:E6:B2:0A Certificate issuer: /CN=A918C3B7/serialNumber=39837CB4BECAF6A626C916AE960241B609E6B20A Certificate serial: 0144 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OYN8tL7K9qYmyRaulgJBtgnmsgo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918C3B7/159A4AD0932511EEBE987F60C4F9AE02/OYN8tL7K9qYmyRaulgJBtgnmsgo.mft Manifest number: 0142 Signing time: Sat 23 Aug 2025 04:30:20 +0000 Manifest this update: Sat 23 Aug 2025 04:30:19 +0000 Manifest next update: Sat 30 Aug 2025 04:30:19 +0000 Files and hashes: 1: OYN8tL7K9qYmyRaulgJBtgnmsgo.crl (hash: /arR48KMn3lHeTNrgA93HftSBqS9rNsxQC8hd9XxKhc=) 2: C635D41E611411EF9B00D029C4F9AE02.roa (hash: rOwD6kKfHs7j3niSOFa7ZxwcRgpXDjpa8bFCR+QwO/w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918C3B7/159A4AD0932511EEBE987F60C4F9AE02/OYN8tL7K9qYmyRaulgJBtgnmsgo.crl rsync://rpki.apnic.net/member_repository/A918C3B7/159A4AD0932511EEBE987F60C4F9AE02/OYN8tL7K9qYmyRaulgJBtgnmsgo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OYN8tL7K9qYmyRaulgJBtgnmsgo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 04:30:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 324 (0x144) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918C3B7, serialNumber=39837CB4BECAF6A626C916AE960241B609E6B20A Validity Not Before: Aug 23 04:30:19 2025 GMT Not After : Aug 30 04:30:19 2025 GMT Subject: CN=68a943db-2178 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:74:11:88:4f:c6:7a:8e:8f:95:39:3c:d8:13: de:62:07:85:bc:cf:a6:52:ba:63:0f:49:a2:d3:69: 9e:ad:bd:89:03:69:7a:a2:09:23:e4:9e:ef:51:b0: c9:20:02:40:66:00:0c:52:68:88:f8:7d:df:f1:94: 99:e5:03:b7:c3:c7:61:20:ff:e8:5b:f7:80:8d:e4: 6f:7f:85:eb:ee:ad:cc:d9:a0:59:a0:38:f4:ad:e0: 88:8a:0e:68:9f:4b:18:cb:fb:8b:49:5f:1d:2e:7d: 55:08:ab:62:50:94:0a:af:30:0e:af:77:ab:4b:66: 8f:34:bc:d8:e4:40:b7:ca:1c:57:89:d7:c4:98:e7: 7f:c5:f5:ff:dd:03:8a:5e:df:30:57:2f:db:3b:41: ce:5e:56:5b:56:c4:be:dc:28:75:57:2d:96:56:80: 98:3c:a4:ae:1d:90:32:ef:f6:c5:82:c8:58:10:05: 8c:ed:e2:84:f2:34:ac:a4:b8:28:58:32:55:ee:43: 30:e3:2e:ec:63:c5:2d:6d:f6:82:ab:9c:6c:99:bf: c4:d4:60:f6:95:60:fc:0f:13:88:7b:80:99:96:27: 2e:8a:07:f4:cd:5b:f5:6a:2a:da:0f:64:b7:60:cd: bf:d7:b5:d0:b7:27:1d:5d:8b:8d:07:cd:79:93:ac: d9:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:3B:3A:00:00:24:1F:BD:C1:76:67:4C:5A:F2:F6:6E:B7:50:E2:DF X509v3 Authority Key Identifier: keyid:39:83:7C:B4:BE:CA:F6:A6:26:C9:16:AE:96:02:41:B6:09:E6:B2:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918C3B7/159A4AD0932511EEBE987F60C4F9AE02/OYN8tL7K9qYmyRaulgJBtgnmsgo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OYN8tL7K9qYmyRaulgJBtgnmsgo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C3B7/159A4AD0932511EEBE987F60C4F9AE02/OYN8tL7K9qYmyRaulgJBtgnmsgo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 35:12:c4:23:37:eb:ee:16:9e:7f:d9:ba:2e:d2:14:ec:e3:35: 2e:b9:72:06:25:a4:32:a8:91:ed:f3:10:19:19:9d:c2:22:3f: 89:82:82:c0:1c:0b:22:45:a2:24:cb:c2:c2:2d:94:21:05:4a: aa:2f:41:d0:a5:15:5f:7b:93:78:1e:37:3f:a6:a1:11:b8:f3: a4:bc:3f:b2:0f:7f:38:2e:62:63:11:39:fe:07:e0:d7:d5:e6: 58:4c:21:13:33:06:94:ea:c3:fb:db:a5:e2:53:67:49:6c:e2: 22:e6:79:9b:59:64:cb:63:c2:f2:c0:35:0b:71:82:fa:29:5c: 89:36:e9:d4:06:9f:43:9c:17:93:47:82:70:a2:45:3b:84:ab: 1f:87:dc:4a:cb:05:c7:ec:41:be:03:24:11:d3:3f:93:48:9c: e6:8d:8c:76:19:9e:19:8b:a2:1d:45:1b:ca:ad:de:cf:f4:bd: 4c:e9:ae:4c:b9:09:f0:bc:99:08:f1:11:bd:69:44:e7:4a:c5: 3a:69:2b:b0:8f:45:b8:43:6b:0a:b5:be:fa:31:0d:9b:2f:a6: fb:d8:e3:df:56:37:21:99:01:96:80:77:5f:10:29:6a:a6:ee: 0d:20:3f:28:e6:e2:64:e0:7b:5e:65:f5:07:cd:e1:0e:20:9f: 66:20:30:af -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEMzQjcxMTAvBgNVBAUTKDM5ODM3Q0I0QkVDQUY2QTYyNkM5MTZBRTk2MDI0MUI2 MDlFNkIyMEEwHhcNMjUwODIzMDQzMDE5WhcNMjUwODMwMDQzMDE5WjAYMRYwFAYD VQQDEw02OGE5NDNkYi0yMTc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy3QRiE/Geo6PlTk82BPeYgeFvM+mUrpjD0mi02merb2JA2l6ogkj5J7vUbDJ IAJAZgAMUmiI+H3f8ZSZ5QO3w8dhIP/oW/eAjeRvf4Xr7q3M2aBZoDj0reCIig5o n0sYy/uLSV8dLn1VCKtiUJQKrzAOr3erS2aPNLzY5EC3yhxXidfEmOd/xfX/3QOK Xt8wVy/bO0HOXlZbVsS+3Ch1Vy2WVoCYPKSuHZAy7/bFgshYEAWM7eKE8jSspLgo WDJV7kMw4y7sY8UtbfaCq5xsmb/E1GD2lWD8DxOIe4CZlicuigf0zVv1airaD2S3 YM2/17XQtycdXYuNB815k6zZvQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNQ7OgAA JB+9wXZnTFry9m63UOLfMB8GA1UdIwQYMBaAFDmDfLS+yvamJskWrpYCQbYJ5rIK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QzNCNy8xNTlBNEFEMDkz MjUxMUVFQkU5ODdGNjBDNEY5QUUwMi9PWU44dEw3SzlxWW15UmF1bGdKQnRnbm1z Z28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL09ZTjh0TDdLOXFZbXlSYXVsZ0pCdGdubXNnby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 QzNCNy8xNTlBNEFEMDkzMjUxMUVFQkU5ODdGNjBDNEY5QUUwMi9PWU44dEw3Szlx WW15UmF1bGdKQnRnbm1zZ28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA1EsQjN+vuFp5/2bou0hTs4zUuuXIGJaQyqJHt8xAZGZ3CIj+JgoLA HAsiRaIky8LCLZQhBUqqL0HQpRVfe5N4Hjc/pqERuPOkvD+yD384LmJjETn+B+DX 1eZYTCETMwaU6sP726XiU2dJbOIi5nmbWWTLY8LywDULcYL6KVyJNunUBp9DnBeT R4JwokU7hKsfh9xKywXH7EG+AyQR0z+TSJzmjYx2GZ4Zi6IdRRvKrd7P9L1M6a5M uQnwvJkI8RG9aUTnSsU6aSuwj0W4Q2sKtb76MQ2bL6b72OPfVjchmQGWgHdfEClq pu4NID8o5uJk4HteZfUHzeEOIJ9mIDCv -----END CERTIFICATE-----Generated at Sat Aug 23 10:54:37 2025 by rpki-client