$ rpki-client -vvf rpki.apnic.net/member_repository/A91C2AAE/57537D5E704511EA8A941D1AC4F9AE02/o7CyBZyzB2t17aMkt2UH08KVUoM.mft File: o7CyBZyzB2t17aMkt2UH08KVUoM.mft (raw, json) Hash identifier: ptuBCz9dLfuI5whaQ2rNKxBPl3Z74L5WdVCeociPTPs= Subject key identifier: 98:0D:66:F3:9D:A3:3B:10:0D:5C:C4:79:2B:C9:9F:AA:B9:C1:0A:6B Authority key identifier: A3:B0:B2:05:9C:B3:07:6B:75:ED:A3:24:B7:65:07:D3:C2:95:52:83 Certificate issuer: /CN=A91C2AAE/serialNumber=A3B0B2059CB3076B75EDA324B76507D3C2955283 Certificate serial: 0A36 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o7CyBZyzB2t17aMkt2UH08KVUoM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C2AAE/57537D5E704511EA8A941D1AC4F9AE02/o7CyBZyzB2t17aMkt2UH08KVUoM.mft Manifest number: 0A2F Signing time: Wed 02 Jul 2025 19:59:09 +0000 Manifest this update: Wed 02 Jul 2025 19:59:08 +0000 Manifest next update: Wed 09 Jul 2025 19:59:08 +0000 Files and hashes: 1: o7CyBZyzB2t17aMkt2UH08KVUoM.crl (hash: EGbw0zzgXVlDB2LrncYRuRY4McjerhT/mRq9S46ydLM=) 2: 11502BAC719111EAAC505266C4F9AE02.roa (hash: 88XJabgqaxcByEwqNaBfgRLdg8FbkNPUbRQuluXcClA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C2AAE/57537D5E704511EA8A941D1AC4F9AE02/o7CyBZyzB2t17aMkt2UH08KVUoM.crl rsync://rpki.apnic.net/member_repository/A91C2AAE/57537D5E704511EA8A941D1AC4F9AE02/o7CyBZyzB2t17aMkt2UH08KVUoM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o7CyBZyzB2t17aMkt2UH08KVUoM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 19:59:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2614 (0xa36) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C2AAE, serialNumber=A3B0B2059CB3076B75EDA324B76507D3C2955283 Validity Not Before: Jul 2 19:59:08 2025 GMT Not After : Jul 9 19:59:08 2025 GMT Subject: CN=68658f8d-95dc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:dd:2b:6d:be:a4:0c:8e:74:c9:51:2d:7d:47: 24:42:96:b9:bb:51:cb:6f:66:6d:2d:e1:b9:f0:52: 15:9a:3c:2d:a6:9f:d5:7e:79:e9:98:3c:10:23:25: e8:7b:58:b5:4e:ec:d4:cd:6e:64:0f:a3:17:58:37: c5:83:9b:fb:1b:a4:c7:a1:bb:37:45:7e:f6:f1:78: b3:df:a2:80:1d:0b:dd:1f:9c:1c:11:b6:cd:45:84: ab:07:f0:5d:b0:7b:09:bf:b9:04:9d:11:78:44:aa: b4:65:ea:d5:cd:27:52:cc:c7:b4:24:b0:d9:ac:bd: 21:b1:5c:79:d8:6c:04:f1:0f:3a:3c:84:2d:aa:74: e7:a2:fd:9e:d0:36:26:f5:2b:2c:91:ec:61:a8:73: ee:49:86:7d:58:b9:37:61:00:45:ab:f2:e3:38:ba: d4:18:65:a7:af:b3:9d:bf:87:9f:0e:40:e4:ff:50: fe:95:4e:b2:88:93:d0:8f:b7:09:5d:66:4d:f7:ab: 9d:e0:e0:5f:cc:5c:10:1b:b0:51:0c:c4:15:c1:9f: 8b:a1:73:75:fb:5a:ea:a9:5a:e8:63:8e:b3:ec:a8: 2b:1e:99:8c:c6:8a:35:61:d6:18:b4:05:02:cc:fb: 16:17:d2:ca:03:e2:06:f0:c7:be:75:10:db:b8:69: b1:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:0D:66:F3:9D:A3:3B:10:0D:5C:C4:79:2B:C9:9F:AA:B9:C1:0A:6B X509v3 Authority Key Identifier: keyid:A3:B0:B2:05:9C:B3:07:6B:75:ED:A3:24:B7:65:07:D3:C2:95:52:83 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C2AAE/57537D5E704511EA8A941D1AC4F9AE02/o7CyBZyzB2t17aMkt2UH08KVUoM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o7CyBZyzB2t17aMkt2UH08KVUoM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C2AAE/57537D5E704511EA8A941D1AC4F9AE02/o7CyBZyzB2t17aMkt2UH08KVUoM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 15:ca:ba:f0:24:19:bb:f9:56:bf:67:fc:48:6d:44:03:81:be: 18:7e:97:ef:96:ab:93:3a:66:77:3a:6c:5b:ee:12:a1:51:44: 99:63:34:0b:e8:84:75:3d:5c:19:23:a5:88:89:9c:fa:6c:5c: 23:52:92:1b:6c:ac:e7:c2:11:0b:87:56:db:fb:01:28:00:0f: 80:ca:ce:12:f2:16:7c:fe:44:a7:8d:b4:30:20:0f:8a:e2:02: 6c:09:5f:b1:aa:f1:5d:9f:62:7b:e2:73:21:45:a1:41:48:30: 0c:79:63:ad:17:a2:41:48:01:43:88:f8:e5:4e:80:2a:f4:a0: 48:b3:46:02:71:c6:43:11:9e:fa:38:2e:2b:34:b0:c1:43:64: af:4a:bf:94:b8:1c:bb:80:72:d0:ec:be:50:33:24:b4:e8:6f: 05:f9:63:04:a8:78:be:ab:1d:2b:41:ae:f1:40:13:45:fe:0e: 6d:7f:eb:c5:da:5d:e0:ef:da:a8:91:85:b1:c0:95:dd:41:1d: b6:c7:72:82:a1:1e:5c:3f:72:12:9b:ae:7e:b0:e2:d1:21:99: 7d:e5:41:6e:9d:ca:82:8d:69:f0:75:58:7d:5c:0b:ff:99:73: 3e:a5:5f:e1:21:92:4f:8a:0d:85:c0:cc:7c:3b:28:88:4a:5d: c9:9a:97:a1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCjYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzJBQUUxMTAvBgNVBAUTKEEzQjBCMjA1OUNCMzA3NkI3NUVEQTMyNEI3NjUwN0Qz QzI5NTUyODMwHhcNMjUwNzAyMTk1OTA4WhcNMjUwNzA5MTk1OTA4WjAYMRYwFAYD VQQDEw02ODY1OGY4ZC05NWRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzt0rbb6kDI50yVEtfUckQpa5u1HLb2ZtLeG58FIVmjwtpp/VfnnpmDwQIyXo e1i1TuzUzW5kD6MXWDfFg5v7G6THobs3RX728Xiz36KAHQvdH5wcEbbNRYSrB/Bd sHsJv7kEnRF4RKq0ZerVzSdSzMe0JLDZrL0hsVx52GwE8Q86PIQtqnTnov2e0DYm 9SsskexhqHPuSYZ9WLk3YQBFq/LjOLrUGGWnr7Odv4efDkDk/1D+lU6yiJPQj7cJ XWZN96ud4OBfzFwQG7BRDMQVwZ+LoXN1+1rqqVroY46z7KgrHpmMxoo1YdYYtAUC zPsWF9LKA+IG8Me+dRDbuGmxkQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJgNZvOd ozsQDVzEeSvJn6q5wQprMB8GA1UdIwQYMBaAFKOwsgWcswdrde2jJLdlB9PClVKD MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMkFBRS81NzUzN0Q1RTcw NDUxMUVBOEE5NDFEMUFDNEY5QUUwMi9vN0N5Qlp5ekIydDE3YU1rdDJVSDA4S1ZV b00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL283Q3lCWnl6QjJ0MTdhTWt0MlVIMDhLVlVvTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD MkFBRS81NzUzN0Q1RTcwNDUxMUVBOEE5NDFEMUFDNEY5QUUwMi9vN0N5Qlp5ekIy dDE3YU1rdDJVSDA4S1ZVb00ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAVyrrwJBm7+Va/Z/xIbUQDgb4YfpfvlquTOmZ3Omxb7hKhUUSZYzQL 6IR1PVwZI6WIiZz6bFwjUpIbbKznwhELh1bb+wEoAA+Ays4S8hZ8/kSnjbQwIA+K 4gJsCV+xqvFdn2J74nMhRaFBSDAMeWOtF6JBSAFDiPjlToAq9KBIs0YCccZDEZ76 OC4rNLDBQ2SvSr+UuBy7gHLQ7L5QMyS06G8F+WMEqHi+qx0rQa7xQBNF/g5tf+vF 2l3g79qokYWxwJXdQR22x3KCoR5cP3ISm65+sOLRIZl95UFuncqCjWnwdVh9XAv/ mXM+pV/hIZJPig2FwMx8OyiISl3Jmpeh -----END CERTIFICATE-----Generated at Fri Jul 4 18:05:30 2025 by rpki-client