$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7B23/7545F03A97D311EEA23C660BC4F9AE02/OhpAdHHRvxyhUl8h997PWmoqZNg.mft File: OhpAdHHRvxyhUl8h997PWmoqZNg.mft (raw, json) Hash identifier: AmiKTKBjLKNcPUPRdu1Dwx7kpyPHq3waP0v69uRjasY= Subject key identifier: FC:28:A9:B2:59:B3:94:39:CD:6C:B4:E2:FE:3A:7F:4E:65:B6:95:2B Authority key identifier: 3A:1A:40:74:71:D1:BF:1C:A1:52:5F:21:F7:DE:CF:5A:6A:2A:64:D8 Certificate issuer: /CN=A91B7B23/serialNumber=3A1A407471D1BF1CA1525F21F7DECF5A6A2A64D8 Certificate serial: 0149 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhpAdHHRvxyhUl8h997PWmoqZNg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B7B23/7545F03A97D311EEA23C660BC4F9AE02/OhpAdHHRvxyhUl8h997PWmoqZNg.mft Manifest number: 0143 Signing time: Sat 23 Aug 2025 04:32:59 +0000 Manifest this update: Sat 23 Aug 2025 04:32:59 +0000 Manifest next update: Sat 30 Aug 2025 04:32:59 +0000 Files and hashes: 1: OhpAdHHRvxyhUl8h997PWmoqZNg.crl (hash: zrVHwPAKGmS638/EIodR66oQk028XLysI+foTJMBPhU=) 2: C10CE08C97D311EE9299330CC4F9AE02.roa (hash: gJAOPk4iFoIW/KqNitxUF3g+S02/W0OUx3yJyNEqzJI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B7B23/7545F03A97D311EEA23C660BC4F9AE02/OhpAdHHRvxyhUl8h997PWmoqZNg.crl rsync://rpki.apnic.net/member_repository/A91B7B23/7545F03A97D311EEA23C660BC4F9AE02/OhpAdHHRvxyhUl8h997PWmoqZNg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhpAdHHRvxyhUl8h997PWmoqZNg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 04:32:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 329 (0x149) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B7B23, serialNumber=3A1A407471D1BF1CA1525F21F7DECF5A6A2A64D8 Validity Not Before: Aug 23 04:32:59 2025 GMT Not After : Aug 30 04:32:59 2025 GMT Subject: CN=68a9447b-88d8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:46:23:e8:84:d9:5d:5e:e5:20:65:3e:ef:14: c0:2b:6f:f0:83:0c:ef:70:a7:a0:7f:0b:50:57:8d: 7b:0e:5b:50:c0:c3:d2:bd:47:89:9c:20:69:1c:92: 2b:e7:cc:be:7a:8e:2f:f7:c2:ff:48:ab:cf:9b:8a: 64:83:4b:af:f8:cb:d7:2f:d5:0c:29:f9:aa:24:f6: 67:ac:35:a5:d8:55:2f:05:74:c6:ba:54:1a:15:81: f5:f6:a9:22:df:95:93:ff:cb:19:57:40:b3:e9:ec: 5d:b3:68:10:b1:c3:07:51:05:4a:be:aa:3e:2e:2e: 3d:98:76:b6:bb:71:94:18:67:79:a7:12:5f:15:11: c7:f7:87:bf:5e:c2:72:d3:2f:38:27:65:2b:35:53: 0b:0b:5d:bc:cc:f5:61:92:fe:27:67:1a:52:04:b3: d7:35:b0:a2:a8:27:03:0c:04:ef:a7:b9:f4:58:5f: 22:5b:eb:d0:c0:be:15:73:ec:05:92:30:35:5d:8e: 24:c4:16:d2:e0:d6:fb:75:32:76:4d:d4:bf:48:4f: ad:5c:1b:78:8d:cb:41:72:3b:ff:64:18:d3:8f:9d: 10:96:f5:a9:73:ff:19:54:cc:11:44:01:6b:91:92: 77:bd:71:12:b7:23:59:c6:f1:3e:f7:d1:3f:4a:a9: 5a:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:28:A9:B2:59:B3:94:39:CD:6C:B4:E2:FE:3A:7F:4E:65:B6:95:2B X509v3 Authority Key Identifier: keyid:3A:1A:40:74:71:D1:BF:1C:A1:52:5F:21:F7:DE:CF:5A:6A:2A:64:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B7B23/7545F03A97D311EEA23C660BC4F9AE02/OhpAdHHRvxyhUl8h997PWmoqZNg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhpAdHHRvxyhUl8h997PWmoqZNg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7B23/7545F03A97D311EEA23C660BC4F9AE02/OhpAdHHRvxyhUl8h997PWmoqZNg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption cd:fc:2a:98:46:b2:c8:dd:6c:e1:4d:21:ac:ac:71:da:d0:4e: 6f:d7:f3:8e:e4:f8:10:b6:f8:d7:7b:b6:d8:a5:19:3a:5a:ec: 1f:d7:af:b8:7b:e7:7d:24:f6:b8:cc:8d:77:e7:c6:bf:3e:b8: 8c:bf:c0:c0:b0:41:87:33:dd:74:d3:a0:37:35:7c:39:b4:b3: f8:0d:6e:6a:2a:6e:fc:ac:42:e4:7d:81:70:6e:8c:6b:cc:30: 20:f4:ab:e0:dd:2a:6b:aa:24:b6:bf:f2:9e:53:25:29:08:84: cf:03:3c:e0:43:61:f4:f1:cd:b8:99:54:fe:39:c8:55:55:24: a1:1b:7e:d4:10:9b:ac:06:b8:f2:b9:c7:2a:b3:34:ff:a0:c3: 6b:d7:35:49:82:48:3b:9e:a0:cb:49:4e:6f:3b:93:1d:87:a4: 80:12:3a:1a:4c:69:3d:5e:b5:53:c7:fc:7b:e6:63:a9:e7:7c: 0a:0d:dc:e8:92:ff:d3:30:56:1f:51:32:65:59:c5:73:64:0d: 05:d0:8d:b3:67:4e:14:f4:28:7f:90:09:3c:bc:cf:00:d6:ef: 2b:9c:7d:e8:c0:26:9e:ca:9f:04:80:e8:3c:82:da:69:87:b7: 58:5a:a3:bd:b7:99:ab:8a:af:70:21:85:08:db:58:08:c4:74: 19:7b:1d:11 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjdCMjMxMTAvBgNVBAUTKDNBMUE0MDc0NzFEMUJGMUNBMTUyNUYyMUY3REVDRjVB NkEyQTY0RDgwHhcNMjUwODIzMDQzMjU5WhcNMjUwODMwMDQzMjU5WjAYMRYwFAYD VQQDEw02OGE5NDQ3Yi04OGQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxUYj6ITZXV7lIGU+7xTAK2/wgwzvcKegfwtQV417DltQwMPSvUeJnCBpHJIr 58y+eo4v98L/SKvPm4pkg0uv+MvXL9UMKfmqJPZnrDWl2FUvBXTGulQaFYH19qki 35WT/8sZV0Cz6exds2gQscMHUQVKvqo+Li49mHa2u3GUGGd5pxJfFRHH94e/XsJy 0y84J2UrNVMLC128zPVhkv4nZxpSBLPXNbCiqCcDDATvp7n0WF8iW+vQwL4Vc+wF kjA1XY4kxBbS4Nb7dTJ2TdS/SE+tXBt4jctBcjv/ZBjTj50QlvWpc/8ZVMwRRAFr kZJ3vXEStyNZxvE+99E/SqlaVQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPwoqbJZ s5Q5zWy04v46f05ltpUrMB8GA1UdIwQYMBaAFDoaQHRx0b8coVJfIffez1pqKmTY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCN0IyMy83NTQ1RjAzQTk3 RDMxMUVFQTIzQzY2MEJDNEY5QUUwMi9PaHBBZEhIUnZ4eWhVbDhoOTk3UFdtb3Fa TmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09ocEFkSEhSdnh5aFVsOGg5OTdQV21vcVpOZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC N0IyMy83NTQ1RjAzQTk3RDMxMUVFQTIzQzY2MEJDNEY5QUUwMi9PaHBBZEhIUnZ4 eWhVbDhoOTk3UFdtb3FaTmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDN/CqYRrLI3WzhTSGsrHHa0E5v1/OO5PgQtvjXe7bYpRk6Wuwf16+4 e+d9JPa4zI1358a/PriMv8DAsEGHM91006A3NXw5tLP4DW5qKm78rELkfYFwboxr zDAg9Kvg3SprqiS2v/KeUyUpCITPAzzgQ2H08c24mVT+OchVVSShG37UEJusBrjy uccqszT/oMNr1zVJgkg7nqDLSU5vO5Mdh6SAEjoaTGk9XrVTx/x75mOp53wKDdzo kv/TMFYfUTJlWcVzZA0F0I2zZ04U9Ch/kAk8vM8A1u8rnH3owCaeyp8EgOg8gtpp h7dYWqO9t5mriq9wIYUI21gIxHQZex0R -----END CERTIFICATE-----Generated at Sat Aug 23 21:02:34 2025 by rpki-client