$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/Okb7D0D2nV4dt10oUfBAwZ9m8iw.mft File: Okb7D0D2nV4dt10oUfBAwZ9m8iw.mft (raw, json) Hash identifier: 0eiH8s5TPdTDt1afPBItPCHXgIBnEqs53A5SMeEl8Q8= Subject key identifier: 01:E9:C1:92:22:3B:56:2A:54:1D:4E:5E:A6:98:06:E5:04:C6:95:17 Authority key identifier: 3A:46:FB:0F:40:F6:9D:5E:1D:B7:5D:28:51:F0:40:C1:9F:66:F2:2C Certificate issuer: /CN=A91ACD4D/serialNumber=3A46FB0F40F69D5E1DB75D2851F040C19F66F22C Certificate serial: 1643 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Okb7D0D2nV4dt10oUfBAwZ9m8iw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/Okb7D0D2nV4dt10oUfBAwZ9m8iw.mft Manifest number: 1633 Signing time: Wed 02 Jul 2025 16:51:15 +0000 Manifest this update: Wed 02 Jul 2025 16:51:14 +0000 Manifest next update: Wed 09 Jul 2025 16:51:14 +0000 Files and hashes: 1: Okb7D0D2nV4dt10oUfBAwZ9m8iw.crl (hash: 1M530OKHZgpFNKeWaUyuFbJa6uWVHdyRgGOsUbCWaqA=) 2: 268ECB3ED5BD11E894FFC250C4F9AE02.roa (hash: w3oachy62b9vS7wqwD6D3HohJubENRLKhLvYOw/CqsQ=) 3: 3DE1DBC4D81011EC892E8A79C4F9AE02.roa (hash: P/jVLVKJm35tcLY3WNaJuQCIeip3WppGMETv/Tz90FE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/Okb7D0D2nV4dt10oUfBAwZ9m8iw.crl rsync://rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/Okb7D0D2nV4dt10oUfBAwZ9m8iw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Okb7D0D2nV4dt10oUfBAwZ9m8iw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 16:51:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5699 (0x1643) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ACD4D, serialNumber=3A46FB0F40F69D5E1DB75D2851F040C19F66F22C Validity Not Before: Jul 2 16:51:14 2025 GMT Not After : Jul 9 16:51:14 2025 GMT Subject: CN=68656383-2d9d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:3c:24:db:1a:02:66:e9:9c:63:f3:3a:c2:54: eb:78:06:d0:07:31:e8:d3:96:c7:39:f0:92:a3:ac: a5:d9:40:9a:56:49:44:4e:e4:cd:80:f2:cd:cb:02: 7b:16:13:8e:29:c5:80:bc:1c:17:13:dd:71:e7:ab: a6:77:b1:27:14:fb:21:86:71:3c:43:38:13:6d:ac: fd:6e:93:a0:32:d6:c7:a0:a6:72:ff:ce:83:d2:de: 3d:48:db:f6:b9:28:f3:b1:54:4e:93:54:19:3c:7a: b3:03:97:70:3e:7e:56:1e:08:51:7e:20:97:5e:d6: 3b:3a:27:27:31:e5:82:c0:c1:6b:16:be:cf:90:23: d1:4f:c0:f2:9d:1e:6b:6e:c6:2e:b0:4e:a1:25:bf: b1:9f:29:59:90:3f:c1:e7:f1:08:3f:67:33:09:8b: 18:66:fb:e9:43:0a:13:fe:7d:11:aa:23:0b:59:d4: 7d:2b:16:13:93:d0:a7:e9:76:f8:9f:1a:0b:3c:5d: 13:05:40:2b:1d:93:37:b6:25:32:10:3b:7b:90:5b: ca:3d:52:d4:9a:19:96:dd:19:38:0c:11:25:db:80: 50:2f:86:0c:97:c8:8a:fe:41:87:d1:53:cf:9c:c3: c7:a2:d6:3a:b9:7e:18:8e:66:29:e4:f1:19:d5:6c: 7c:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:E9:C1:92:22:3B:56:2A:54:1D:4E:5E:A6:98:06:E5:04:C6:95:17 X509v3 Authority Key Identifier: keyid:3A:46:FB:0F:40:F6:9D:5E:1D:B7:5D:28:51:F0:40:C1:9F:66:F2:2C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/Okb7D0D2nV4dt10oUfBAwZ9m8iw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Okb7D0D2nV4dt10oUfBAwZ9m8iw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/Okb7D0D2nV4dt10oUfBAwZ9m8iw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 89:d7:15:e2:cc:06:83:aa:2f:bf:36:77:cc:7a:7c:44:a7:63: 50:1f:87:f0:09:14:c3:b7:f6:19:78:6d:4b:7b:0d:a8:54:5b: 4b:08:eb:51:9a:16:03:a9:06:4d:f7:ef:ad:b6:0a:70:59:7d: 59:14:0a:d5:53:b8:47:a6:df:52:2a:e3:39:97:d6:72:5f:5e: 9a:09:a7:eb:77:e3:ea:f2:bf:8e:2c:1a:6b:fc:ac:ab:6e:2e: d1:8b:a9:f1:73:70:cf:99:66:c7:32:d1:3c:a7:f9:48:d8:9e: 1e:51:5c:d1:a3:88:4d:8f:1a:cf:6b:3c:15:94:88:27:78:83: 19:7a:44:6a:e7:34:ba:d3:5e:67:42:75:b0:eb:10:cd:ed:fb: 67:24:67:ef:86:0e:aa:2a:bd:f9:2e:40:1d:16:4a:bf:21:63: 84:7b:de:00:63:6e:af:04:1a:23:35:ac:cd:40:28:ed:a0:7d: 58:5b:b2:8b:d3:6f:cb:54:1f:75:ea:e7:ef:d8:23:54:43:a4: 7a:fd:4e:b2:58:f6:2a:6b:f7:d4:b4:ac:ab:d6:43:f3:dc:cb: 95:10:c6:a8:56:d8:8c:07:6b:78:f5:aa:d4:29:66:aa:71:87: 8f:0a:5f:57:52:ad:c1:eb:27:76:70:08:83:28:a4:38:ae:e3: 9a:1e:b3:e7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFkMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUNENEQxMTAvBgNVBAUTKDNBNDZGQjBGNDBGNjlENUUxREI3NUQyODUxRjA0MEMx OUY2NkYyMkMwHhcNMjUwNzAyMTY1MTE0WhcNMjUwNzA5MTY1MTE0WjAYMRYwFAYD VQQDEw02ODY1NjM4My0yZDlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1Dwk2xoCZumcY/M6wlTreAbQBzHo05bHOfCSo6yl2UCaVklETuTNgPLNywJ7 FhOOKcWAvBwXE91x56umd7EnFPshhnE8QzgTbaz9bpOgMtbHoKZy/86D0t49SNv2 uSjzsVROk1QZPHqzA5dwPn5WHghRfiCXXtY7OicnMeWCwMFrFr7PkCPRT8DynR5r bsYusE6hJb+xnylZkD/B5/EIP2czCYsYZvvpQwoT/n0RqiMLWdR9KxYTk9Cn6Xb4 nxoLPF0TBUArHZM3tiUyEDt7kFvKPVLUmhmW3Rk4DBEl24BQL4YMl8iK/kGH0VPP nMPHotY6uX4YjmYp5PEZ1Wx8WwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAHpwZIi O1YqVB1OXqaYBuUExpUXMB8GA1UdIwQYMBaAFDpG+w9A9p1eHbddKFHwQMGfZvIs MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0Q0RC8xMzdEMDBENDE2 MEUxMUU4ODUyQzQzN0VDNEY5QUUwMi9Pa2I3RDBEMm5WNGR0MTBvVWZCQXdaOW04 aXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09rYjdEMEQyblY0ZHQxMG9VZkJBd1o5bThpdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB Q0Q0RC8xMzdEMDBENDE2MEUxMUU4ODUyQzQzN0VDNEY5QUUwMi9Pa2I3RDBEMm5W NGR0MTBvVWZCQXdaOW04aXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCJ1xXizAaDqi+/NnfMenxEp2NQH4fwCRTDt/YZeG1Lew2oVFtLCOtR mhYDqQZN9++ttgpwWX1ZFArVU7hHpt9SKuM5l9ZyX16aCafrd+Pq8r+OLBpr/Kyr bi7Ri6nxc3DPmWbHMtE8p/lI2J4eUVzRo4hNjxrPazwVlIgneIMZekRq5zS6015n QnWw6xDN7ftnJGfvhg6qKr35LkAdFkq/IWOEe94AY26vBBojNazNQCjtoH1YW7KL 02/LVB916ufv2CNUQ6R6/U6yWPYqa/fUtKyr1kPz3MuVEMaoVtiMB2t49arUKWaq cYePCl9XUq3B6yd2cAiDKKQ4ruOaHrPn -----END CERTIFICATE-----Generated at Thu Jul 3 08:04:38 2025 by rpki-client