$ rpki-client -vvf rpki.apnic.net/member_repository/A918C3B7/159A4AD0932511EEBE987F60C4F9AE02/OYN8tL7K9qYmyRaulgJBtgnmsgo.mft File: OYN8tL7K9qYmyRaulgJBtgnmsgo.mft (raw, json) Hash identifier: Jz//+Vg1D41YFB6LIKsVR2dI6U3mZ2VJHYVtZgLEfRw= Subject key identifier: 53:80:F4:32:7B:27:10:24:F0:F3:A7:39:E1:E5:18:92:D7:5F:E9:67 Authority key identifier: 39:83:7C:B4:BE:CA:F6:A6:26:C9:16:AE:96:02:41:B6:09:E6:B2:0A Certificate issuer: /CN=A918C3B7/serialNumber=39837CB4BECAF6A626C916AE960241B609E6B20A Certificate serial: 012A Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OYN8tL7K9qYmyRaulgJBtgnmsgo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918C3B7/159A4AD0932511EEBE987F60C4F9AE02/OYN8tL7K9qYmyRaulgJBtgnmsgo.mft Manifest number: 0128 Signing time: Thu 03 Jul 2025 04:45:54 +0000 Manifest this update: Thu 03 Jul 2025 04:45:53 +0000 Manifest next update: Thu 10 Jul 2025 04:45:53 +0000 Files and hashes: 1: OYN8tL7K9qYmyRaulgJBtgnmsgo.crl (hash: WJsOelcD0KLmgV2jGeoydOla6hfwXBMR4VXXyd+dVNU=) 2: C635D41E611411EF9B00D029C4F9AE02.roa (hash: rOwD6kKfHs7j3niSOFa7ZxwcRgpXDjpa8bFCR+QwO/w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918C3B7/159A4AD0932511EEBE987F60C4F9AE02/OYN8tL7K9qYmyRaulgJBtgnmsgo.crl rsync://rpki.apnic.net/member_repository/A918C3B7/159A4AD0932511EEBE987F60C4F9AE02/OYN8tL7K9qYmyRaulgJBtgnmsgo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OYN8tL7K9qYmyRaulgJBtgnmsgo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 298 (0x12a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918C3B7, serialNumber=39837CB4BECAF6A626C916AE960241B609E6B20A Validity Not Before: Jul 3 04:45:53 2025 GMT Not After : Jul 10 04:45:53 2025 GMT Subject: CN=68660b01-fc0a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:83:5f:ed:51:30:a0:3e:dd:e2:26:cd:6a:60: e3:de:ad:e3:3e:01:f4:6e:41:a9:9a:6a:0a:86:e6: 35:61:35:eb:c0:84:aa:2b:b0:e5:76:85:3e:2b:06: d6:4a:a8:95:d4:ca:09:42:7a:f0:59:69:cd:8a:6f: e8:33:b9:c4:2b:02:40:ef:cf:b3:c8:16:50:41:c5: 04:cc:fe:b2:05:9f:41:7d:c4:02:99:3f:0e:e9:9d: 52:67:2e:a7:60:53:e4:f5:21:f7:c6:34:21:54:25: 1c:08:f1:25:f1:52:25:68:8d:0b:6e:83:0c:89:01: 61:c9:3c:e2:b7:fe:c9:7e:4a:92:e3:5f:0d:63:a9: 6a:ae:3f:fe:fa:a1:ea:95:78:90:f4:5f:9f:de:1c: 4d:f1:d4:81:ab:b1:74:e9:a9:e3:16:5e:99:22:db: d1:b3:1b:63:4c:18:6e:3b:29:c9:0e:a6:32:2c:bc: 98:8d:78:f7:66:b9:76:0f:ee:d4:9c:9c:5f:96:cf: 15:32:1a:db:93:28:16:0b:ab:99:20:f9:7b:77:3b: a8:95:93:5d:06:f6:f5:fe:c6:d2:23:fa:6f:30:cc: c7:b7:b4:66:59:bb:b8:5d:84:b9:6b:d1:d8:90:e8: 3c:99:4c:ef:b2:17:d7:a6:ab:88:34:da:86:35:7c: 62:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:80:F4:32:7B:27:10:24:F0:F3:A7:39:E1:E5:18:92:D7:5F:E9:67 X509v3 Authority Key Identifier: keyid:39:83:7C:B4:BE:CA:F6:A6:26:C9:16:AE:96:02:41:B6:09:E6:B2:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918C3B7/159A4AD0932511EEBE987F60C4F9AE02/OYN8tL7K9qYmyRaulgJBtgnmsgo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OYN8tL7K9qYmyRaulgJBtgnmsgo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C3B7/159A4AD0932511EEBE987F60C4F9AE02/OYN8tL7K9qYmyRaulgJBtgnmsgo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 00:9b:3c:93:43:0c:40:49:cd:9b:4d:0e:df:35:a1:83:04:46: 8e:73:1d:7b:8a:62:9e:6d:de:20:4a:64:2a:14:0b:c3:d0:52: c8:7c:93:a6:0c:67:b9:19:e3:5a:c6:c9:3a:e3:58:00:83:15: 24:57:ac:de:4c:21:50:a1:4a:a8:80:7c:1b:6d:6e:e5:83:9a: 73:98:ee:23:92:d2:38:b4:53:57:5d:0e:3b:28:4a:1d:3f:8d: dd:3d:e6:a8:ca:88:19:5a:4e:82:cc:e5:db:08:5a:87:28:0b: ae:1d:30:25:82:46:66:5f:bf:d4:00:0e:b8:38:13:ca:f4:ab: 1d:b9:b8:f7:05:f2:b5:da:78:58:56:be:1e:36:99:2a:23:2c: f2:17:af:30:3d:be:1a:b6:a8:4c:1b:d4:9f:cf:5e:5f:59:2f: bd:ca:7f:43:53:43:9a:b5:05:bf:f6:61:25:23:5a:39:28:57: b5:4e:49:b0:22:b3:b9:cd:17:de:b0:79:35:2d:ed:de:bb:7e: 30:04:79:26:7a:7b:94:8c:78:ed:54:53:c9:e9:6c:b6:1c:09: bd:70:7c:6b:75:28:5e:5d:bb:45:1c:89:fd:f4:b0:ac:af:1d: 37:a4:47:75:d9:2b:b6:4e:21:a7:07:4f:28:01:70:98:3e:ed: 18:9c:6a:c9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEMzQjcxMTAvBgNVBAUTKDM5ODM3Q0I0QkVDQUY2QTYyNkM5MTZBRTk2MDI0MUI2 MDlFNkIyMEEwHhcNMjUwNzAzMDQ0NTUzWhcNMjUwNzEwMDQ0NTUzWjAYMRYwFAYD VQQDEw02ODY2MGIwMS1mYzBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs4Nf7VEwoD7d4ibNamDj3q3jPgH0bkGpmmoKhuY1YTXrwISqK7DldoU+KwbW SqiV1MoJQnrwWWnNim/oM7nEKwJA78+zyBZQQcUEzP6yBZ9BfcQCmT8O6Z1SZy6n YFPk9SH3xjQhVCUcCPEl8VIlaI0LboMMiQFhyTzit/7JfkqS418NY6lqrj/++qHq lXiQ9F+f3hxN8dSBq7F06anjFl6ZItvRsxtjTBhuOynJDqYyLLyYjXj3Zrl2D+7U nJxfls8VMhrbkygWC6uZIPl7dzuolZNdBvb1/sbSI/pvMMzHt7RmWbu4XYS5a9HY kOg8mUzvshfXpquINNqGNXxiVwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFOA9DJ7 JxAk8POnOeHlGJLXX+lnMB8GA1UdIwQYMBaAFDmDfLS+yvamJskWrpYCQbYJ5rIK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QzNCNy8xNTlBNEFEMDkz MjUxMUVFQkU5ODdGNjBDNEY5QUUwMi9PWU44dEw3SzlxWW15UmF1bGdKQnRnbm1z Z28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL09ZTjh0TDdLOXFZbXlSYXVsZ0pCdGdubXNnby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 QzNCNy8xNTlBNEFEMDkzMjUxMUVFQkU5ODdGNjBDNEY5QUUwMi9PWU44dEw3Szlx WW15UmF1bGdKQnRnbm1zZ28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAAmzyTQwxASc2bTQ7fNaGDBEaOcx17imKebd4gSmQqFAvD0FLIfJOm DGe5GeNaxsk641gAgxUkV6zeTCFQoUqogHwbbW7lg5pzmO4jktI4tFNXXQ47KEod P43dPeaoyogZWk6CzOXbCFqHKAuuHTAlgkZmX7/UAA64OBPK9Ksdubj3BfK12nhY Vr4eNpkqIyzyF68wPb4atqhMG9Sfz15fWS+9yn9DU0OatQW/9mElI1o5KFe1Tkmw IrO5zRfesHk1Le3eu34wBHkmenuUjHjtVFPJ6Wy2HAm9cHxrdSheXbtFHIn99LCs rx03pEd12Su2TiGnB08oAXCYPu0YnGrJ -----END CERTIFICATE-----Generated at Fri Jul 4 04:05:04 2025 by rpki-client