$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4ED0/92B3CD5A58CF11EA85E8594DC4F9AE02/oJyi0xsWv6WEp1jDp9UfrNIVGwI.mft File: oJyi0xsWv6WEp1jDp9UfrNIVGwI.mft (raw, json) Hash identifier: 4s56u74QvrF6aagTZtOqb2QwAJ5W+bBLkz5owWw90M0= Subject key identifier: B8:BF:37:1F:CD:22:3C:27:9F:CF:24:FC:7C:06:82:92:5B:9A:77:C9 Authority key identifier: A0:9C:A2:D3:1B:16:BF:A5:84:A7:58:C3:A7:D5:1F:AC:D2:15:1B:02 Certificate issuer: /CN=A91A4ED0/serialNumber=A09CA2D31B16BFA584A758C3A7D51FACD2151B02 Certificate serial: 0AB3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oJyi0xsWv6WEp1jDp9UfrNIVGwI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A4ED0/92B3CD5A58CF11EA85E8594DC4F9AE02/oJyi0xsWv6WEp1jDp9UfrNIVGwI.mft Manifest number: 0AA9 Signing time: Wed 02 Jul 2025 19:46:15 +0000 Manifest this update: Wed 02 Jul 2025 19:46:14 +0000 Manifest next update: Wed 09 Jul 2025 19:46:14 +0000 Files and hashes: 1: oJyi0xsWv6WEp1jDp9UfrNIVGwI.crl (hash: eWq565/C1mBQH9LAcawxOypcBJPsESYo7J555LKdUuM=) 2: 52F59E403B4111ECABFD2186C4F9AE02.roa (hash: iGeCqjea5TKx5w3j1RMFWZOzP6n/8IBkqpNhUcYz96Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A4ED0/92B3CD5A58CF11EA85E8594DC4F9AE02/oJyi0xsWv6WEp1jDp9UfrNIVGwI.crl rsync://rpki.apnic.net/member_repository/A91A4ED0/92B3CD5A58CF11EA85E8594DC4F9AE02/oJyi0xsWv6WEp1jDp9UfrNIVGwI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oJyi0xsWv6WEp1jDp9UfrNIVGwI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 19:46:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2739 (0xab3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A4ED0, serialNumber=A09CA2D31B16BFA584A758C3A7D51FACD2151B02 Validity Not Before: Jul 2 19:46:14 2025 GMT Not After : Jul 9 19:46:14 2025 GMT Subject: CN=68658c87-5028 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:a9:3c:f6:a0:91:a1:f5:a9:f5:0c:70:c9:e4: 47:be:d3:78:0a:63:3c:47:a8:f2:61:69:2c:3f:7a: 29:ff:ff:25:d7:69:69:b0:86:0a:ac:39:26:90:51: de:a1:5d:c3:2e:1c:00:bc:57:74:9b:37:3c:80:ab: 46:36:fb:94:c7:92:33:e0:f7:21:0a:8c:ad:6d:3d: af:31:e7:5b:2e:3a:72:8a:55:b7:c3:9f:75:cb:03: 7f:b4:c2:55:05:73:33:ba:6c:15:47:ad:73:33:f6: fc:42:24:67:6b:6f:51:94:7f:9d:24:c3:1c:3d:73: 31:c1:88:f3:81:f8:fc:ae:1b:f9:91:40:2d:2f:26: fa:a4:4b:92:e2:46:17:1a:e7:8e:ef:e8:c6:c4:eb: 57:6c:ca:6f:cb:a7:8a:9b:b4:e5:6d:22:00:1f:e4: 50:54:d7:77:a5:06:a1:75:f0:82:b2:c9:a0:8a:aa: 73:f1:d7:71:8e:0d:f0:c1:61:e1:81:81:b6:d5:54: 98:b4:e6:ff:53:76:c2:54:b8:b6:64:9d:83:86:75: d0:43:a5:ea:c0:80:09:3d:ae:b8:16:86:3d:ad:c5: 42:85:4f:be:2d:a6:5a:02:a6:ef:e4:08:90:3c:20: 1b:78:31:44:4a:ac:0e:e6:1e:b1:7d:95:38:5a:7b: 2b:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:BF:37:1F:CD:22:3C:27:9F:CF:24:FC:7C:06:82:92:5B:9A:77:C9 X509v3 Authority Key Identifier: keyid:A0:9C:A2:D3:1B:16:BF:A5:84:A7:58:C3:A7:D5:1F:AC:D2:15:1B:02 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A4ED0/92B3CD5A58CF11EA85E8594DC4F9AE02/oJyi0xsWv6WEp1jDp9UfrNIVGwI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oJyi0xsWv6WEp1jDp9UfrNIVGwI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4ED0/92B3CD5A58CF11EA85E8594DC4F9AE02/oJyi0xsWv6WEp1jDp9UfrNIVGwI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2d:67:57:36:73:99:2b:7b:01:bb:10:89:30:2c:7e:21:be:a8: c1:4b:cd:92:62:c4:76:56:4a:34:12:e2:ce:91:e1:e3:c3:05: 58:f9:ca:67:88:cd:45:5a:64:06:2a:e6:62:3e:93:0d:d8:95: ed:34:d2:81:65:85:83:3f:4f:01:6d:79:47:b7:10:27:56:57: 72:2d:ec:ea:62:cb:d8:0b:7c:e5:be:b9:13:7a:95:cb:e5:5c: 86:e2:2d:c3:60:cc:18:cd:79:fd:c0:31:90:70:7e:24:42:50: 9b:a7:64:ad:89:71:be:8f:6a:e9:5d:ec:6d:af:de:81:d5:c6: 51:c5:b3:9d:d1:18:67:f6:13:f5:eb:3b:e3:42:83:4e:25:ee: 75:08:d4:c5:d0:5a:8a:db:b8:cc:e1:80:a8:0d:a0:33:71:7c: 74:29:f2:4b:a8:fd:0c:36:01:45:dc:23:8d:37:bb:90:58:c8: e6:5f:c5:10:4e:02:4d:1f:5d:43:3b:64:63:0c:93:79:72:57: 99:02:c6:66:96:c0:d1:ae:14:73:8d:5b:05:cb:01:9a:d6:ce: 5f:50:27:7d:2f:1b:bb:6e:05:c7:8e:ed:35:60:cf:d8:b7:41: cf:ae:5a:f7:bb:bd:f5:5f:72:d8:54:6f:44:e8:8c:ac:ae:65: 50:01:cd:14 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCrMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTRFRDAxMTAvBgNVBAUTKEEwOUNBMkQzMUIxNkJGQTU4NEE3NThDM0E3RDUxRkFD RDIxNTFCMDIwHhcNMjUwNzAyMTk0NjE0WhcNMjUwNzA5MTk0NjE0WjAYMRYwFAYD VQQDEw02ODY1OGM4Ny01MDI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvqk89qCRofWp9QxwyeRHvtN4CmM8R6jyYWksP3op//8l12lpsIYKrDkmkFHe oV3DLhwAvFd0mzc8gKtGNvuUx5Iz4PchCoytbT2vMedbLjpyilW3w591ywN/tMJV BXMzumwVR61zM/b8QiRna29RlH+dJMMcPXMxwYjzgfj8rhv5kUAtLyb6pEuS4kYX GueO7+jGxOtXbMpvy6eKm7TlbSIAH+RQVNd3pQahdfCCssmgiqpz8ddxjg3wwWHh gYG21VSYtOb/U3bCVLi2ZJ2DhnXQQ6XqwIAJPa64FoY9rcVChU++LaZaAqbv5AiQ PCAbeDFESqwO5h6xfZU4WnsrHQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLi/Nx/N Ijwnn88k/HwGgpJbmnfJMB8GA1UdIwQYMBaAFKCcotMbFr+lhKdYw6fVH6zSFRsC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNEVEMC85MkIzQ0Q1QTU4 Q0YxMUVBODVFODU5NERDNEY5QUUwMi9vSnlpMHhzV3Y2V0VwMWpEcDlVZnJOSVZH d0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29KeWkweHNXdjZXRXAxakRwOVVmck5JVkd3SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NEVEMC85MkIzQ0Q1QTU4Q0YxMUVBODVFODU5NERDNEY5QUUwMi9vSnlpMHhzV3Y2 V0VwMWpEcDlVZnJOSVZHd0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAtZ1c2c5krewG7EIkwLH4hvqjBS82SYsR2Vko0EuLOkeHjwwVY+cpn iM1FWmQGKuZiPpMN2JXtNNKBZYWDP08BbXlHtxAnVldyLezqYsvYC3zlvrkTepXL 5VyG4i3DYMwYzXn9wDGQcH4kQlCbp2StiXG+j2rpXextr96B1cZRxbOd0Rhn9hP1 6zvjQoNOJe51CNTF0FqK27jM4YCoDaAzcXx0KfJLqP0MNgFF3CONN7uQWMjmX8UQ TgJNH11DO2RjDJN5cleZAsZmlsDRrhRzjVsFywGa1s5fUCd9Lxu7bgXHju01YM/Y t0HPrlr3u731X3LYVG9E6IysrmVQAc0U -----END CERTIFICATE-----Generated at Fri Jul 4 10:50:00 2025 by rpki-client