$ rpki-client -vvf rpki.apnic.net/member_repository/A9194040/9B04A0F2A34011ECB3FA047BC4F9AE02/oHzT0QIaWMJAoSE3QAuXsYt5mNA.mft File: oHzT0QIaWMJAoSE3QAuXsYt5mNA.mft (raw, json) Hash identifier: DfDEj6fCD94lNDiWjxB9GO/UL6ajQmEn3th7F8HeQgA= Subject key identifier: B6:9E:D1:DB:FB:49:32:CE:51:77:B0:FA:F9:BD:94:88:35:45:85:DF Authority key identifier: A0:7C:D3:D1:02:1A:58:C2:40:A1:21:37:40:0B:97:B1:8B:79:98:D0 Certificate issuer: /CN=A9194040/serialNumber=A07CD3D1021A58C240A12137400B97B18B7998D0 Certificate serial: 03B9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oHzT0QIaWMJAoSE3QAuXsYt5mNA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9194040/9B04A0F2A34011ECB3FA047BC4F9AE02/oHzT0QIaWMJAoSE3QAuXsYt5mNA.mft Manifest number: 03B4 Signing time: Sat 23 Aug 2025 00:58:15 +0000 Manifest this update: Sat 23 Aug 2025 00:58:15 +0000 Manifest next update: Sat 30 Aug 2025 00:58:15 +0000 Files and hashes: 1: oHzT0QIaWMJAoSE3QAuXsYt5mNA.crl (hash: wtjJCpvqulIWrcgmwtBCnI5uraePOtVDRQyBrcCQXp4=) 2: D1E294C2A34411EC803D2585C4F9AE02.roa (hash: lJa/v3Ew27zEz3fGPQRNJii4SZZ7fJhhCVEdIkMKWNA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9194040/9B04A0F2A34011ECB3FA047BC4F9AE02/oHzT0QIaWMJAoSE3QAuXsYt5mNA.crl rsync://rpki.apnic.net/member_repository/A9194040/9B04A0F2A34011ECB3FA047BC4F9AE02/oHzT0QIaWMJAoSE3QAuXsYt5mNA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oHzT0QIaWMJAoSE3QAuXsYt5mNA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 00:58:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 953 (0x3b9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9194040, serialNumber=A07CD3D1021A58C240A12137400B97B18B7998D0 Validity Not Before: Aug 23 00:58:15 2025 GMT Not After : Aug 30 00:58:15 2025 GMT Subject: CN=68a91227-4da3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:04:29:12:fb:a2:55:51:04:c6:b3:a3:36:83: a0:ea:b2:f3:76:8e:05:1b:a8:b1:2e:07:5e:0e:73: f4:7f:08:47:ad:59:fb:9c:ca:ac:5e:a4:56:52:df: b5:db:e4:a8:ff:80:a3:35:91:2b:fe:8f:0c:3a:97: 23:cb:59:b4:52:ac:34:9f:a8:9b:3f:3d:fd:92:f1: d4:bf:02:02:57:9d:f2:7b:b5:67:8f:a2:9e:b7:63: 73:f4:55:1d:c0:22:91:a7:71:f8:14:d7:ad:4c:a9: 5a:8d:ac:0a:eb:f8:d1:5e:80:9e:9f:f0:4a:29:24: 56:ab:6b:52:74:7f:54:ec:34:ee:23:91:9a:0d:3a: 65:06:be:fd:1c:3a:2e:17:85:f6:25:51:9e:7a:5d: 79:b5:9c:96:56:3c:3f:c7:aa:3e:90:d3:c4:15:1d: 05:40:f4:13:40:54:60:98:e9:6b:a2:d0:ef:2f:7d: 60:71:cc:e1:48:75:ce:3b:1e:f9:54:c0:8c:76:62: 57:38:95:e8:c0:d5:2f:69:c9:98:73:71:03:ca:ed: e6:8c:94:08:54:84:e6:ac:66:af:b3:04:dd:08:7c: d5:2d:4f:a3:1d:5b:c3:79:33:b9:27:5a:f3:c8:ee: ef:29:6b:a3:17:f3:47:19:5b:c0:9b:31:42:c6:81: 3a:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:9E:D1:DB:FB:49:32:CE:51:77:B0:FA:F9:BD:94:88:35:45:85:DF X509v3 Authority Key Identifier: keyid:A0:7C:D3:D1:02:1A:58:C2:40:A1:21:37:40:0B:97:B1:8B:79:98:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9194040/9B04A0F2A34011ECB3FA047BC4F9AE02/oHzT0QIaWMJAoSE3QAuXsYt5mNA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oHzT0QIaWMJAoSE3QAuXsYt5mNA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9194040/9B04A0F2A34011ECB3FA047BC4F9AE02/oHzT0QIaWMJAoSE3QAuXsYt5mNA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b1:41:21:a2:79:94:a0:3b:9f:2b:8b:1a:d6:76:a5:15:b6:35: f6:2b:fc:8f:a2:7f:70:e8:8e:7e:aa:c4:80:6d:d8:14:b4:96: 38:25:b2:7a:2d:a1:5c:a3:f4:3e:db:86:ca:9a:d8:f3:95:13: 35:aa:62:2a:ec:97:f5:7b:86:fe:d8:4e:06:db:ad:d5:63:e5: 17:48:4a:2d:57:ce:a5:fe:87:0e:00:b7:d8:55:3b:55:ec:74: 89:cd:64:98:84:ef:68:d8:ea:c0:cb:50:e0:b9:ba:c1:a8:05: 63:d5:5c:6f:67:e8:9c:a8:94:f6:e7:6a:d5:ba:9e:d9:75:1e: 33:8a:72:c5:d8:27:36:c2:6d:64:ba:b1:7c:a5:72:8a:1f:fa: 7f:b7:73:ab:98:1f:4c:96:9f:21:09:57:8a:ed:5d:18:73:d1: cb:8f:f6:c7:89:0b:f3:7d:73:76:29:0a:7f:4f:33:f5:c9:a0: 59:a8:f0:ff:c8:9a:4b:cc:3c:13:f2:94:95:89:0f:28:c5:87: 90:8b:58:a0:23:ba:99:c2:f4:79:e1:22:6a:0f:57:2f:eb:fd: 28:1e:18:7e:be:0c:28:91:0f:be:83:71:88:73:e6:67:1e:ce: 13:eb:e4:68:19:b1:ee:d3:9d:82:c0:bd:1d:0b:3a:9a:3f:13: c5:34:37:7d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA7kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTQwNDAxMTAvBgNVBAUTKEEwN0NEM0QxMDIxQTU4QzI0MEExMjEzNzQwMEI5N0Ix OEI3OTk4RDAwHhcNMjUwODIzMDA1ODE1WhcNMjUwODMwMDA1ODE1WjAYMRYwFAYD VQQDEw02OGE5MTIyNy00ZGEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvAQpEvuiVVEExrOjNoOg6rLzdo4FG6ixLgdeDnP0fwhHrVn7nMqsXqRWUt+1 2+So/4CjNZEr/o8MOpcjy1m0Uqw0n6ibPz39kvHUvwICV53ye7Vnj6Ket2Nz9FUd wCKRp3H4FNetTKlajawK6/jRXoCen/BKKSRWq2tSdH9U7DTuI5GaDTplBr79HDou F4X2JVGeel15tZyWVjw/x6o+kNPEFR0FQPQTQFRgmOlrotDvL31gcczhSHXOOx75 VMCMdmJXOJXowNUvacmYc3EDyu3mjJQIVITmrGavswTdCHzVLU+jHVvDeTO5J1rz yO7vKWujF/NHGVvAmzFCxoE6eQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLae0dv7 STLOUXew+vm9lIg1RYXfMB8GA1UdIwQYMBaAFKB809ECGljCQKEhN0ALl7GLeZjQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NDA0MC85QjA0QTBGMkEz NDAxMUVDQjNGQTA0N0JDNEY5QUUwMi9vSHpUMFFJYVdNSkFvU0UzUUF1WHNZdDVt TkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29IelQwUUlhV01KQW9TRTNRQXVYc1l0NW1OQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NDA0MC85QjA0QTBGMkEzNDAxMUVDQjNGQTA0N0JDNEY5QUUwMi9vSHpUMFFJYVdN SkFvU0UzUUF1WHNZdDVtTkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCxQSGieZSgO58rixrWdqUVtjX2K/yPon9w6I5+qsSAbdgUtJY4JbJ6 LaFco/Q+24bKmtjzlRM1qmIq7Jf1e4b+2E4G263VY+UXSEotV86l/ocOALfYVTtV 7HSJzWSYhO9o2OrAy1DgubrBqAVj1VxvZ+icqJT252rVup7ZdR4zinLF2Cc2wm1k urF8pXKKH/p/t3OrmB9Mlp8hCVeK7V0Yc9HLj/bHiQvzfXN2KQp/TzP1yaBZqPD/ yJpLzDwT8pSViQ8oxYeQi1igI7qZwvR54SJqD1cv6/0oHhh+vgwokQ++g3GIc+Zn Hs4T6+RoGbHu052CwL0dCzqaPxPFNDd9 -----END CERTIFICATE-----Generated at Sun Aug 24 00:54:35 2025 by rpki-client