$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9C03/37D18A1639A311F0BAD72C3CC4F9AE02/ok2WODNZy0lmoVuakGkT61RWZXs.mft File: ok2WODNZy0lmoVuakGkT61RWZXs.mft (raw, json) Hash identifier: GT1tL65NkZpO+lO2/0D80bU8lVBrYij5q1GWUqHHUIU= Subject key identifier: 02:92:54:AE:92:D9:22:30:3E:AF:64:32:A2:C6:C9:F8:B5:9B:3A:D7 Authority key identifier: A2:4D:96:38:33:59:CB:49:66:A1:5B:9A:90:69:13:EB:54:56:65:7B Certificate issuer: /CN=A91C9C03/serialNumber=A24D96383359CB4966A15B9A906913EB5456657B Certificate serial: 1B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ok2WODNZy0lmoVuakGkT61RWZXs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C9C03/37D18A1639A311F0BAD72C3CC4F9AE02/ok2WODNZy0lmoVuakGkT61RWZXs.mft Manifest number: 18 Signing time: Tue 01 Jul 2025 08:49:07 +0000 Manifest this update: Tue 01 Jul 2025 08:49:07 +0000 Manifest next update: Tue 08 Jul 2025 08:49:07 +0000 Files and hashes: 1: ok2WODNZy0lmoVuakGkT61RWZXs.crl (hash: FKcFIkCTuzpsyn7452RAjaa/koPpFH9oKnKFA8WjvbQ=) 2: F96F23EC52BA11F0B49FC731C4F9AE02.roa (hash: 8pwbMbVaYDWfvQ48djVsqsw/ezsJfqrq/GtXIDJp75c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C9C03/37D18A1639A311F0BAD72C3CC4F9AE02/ok2WODNZy0lmoVuakGkT61RWZXs.crl rsync://rpki.apnic.net/member_repository/A91C9C03/37D18A1639A311F0BAD72C3CC4F9AE02/ok2WODNZy0lmoVuakGkT61RWZXs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ok2WODNZy0lmoVuakGkT61RWZXs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 08:49:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27 (0x1b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C9C03, serialNumber=A24D96383359CB4966A15B9A906913EB5456657B Validity Not Before: Jul 1 08:49:07 2025 GMT Not After : Jul 8 08:49:07 2025 GMT Subject: CN=6863a103-4382 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:98:dc:cf:76:e4:31:19:6a:94:c9:53:fb:95: ad:6c:4d:f2:90:66:30:4f:e1:23:d3:20:2a:2c:9d: a2:c7:6f:a4:b5:70:ff:e3:9c:30:97:69:14:e7:84: 91:7b:25:59:69:d3:37:ea:57:98:0f:56:cc:af:a9: 37:9a:98:f7:6b:8f:4f:e1:e7:32:c2:cd:e9:eb:53: e0:82:22:75:70:b3:99:cb:76:79:27:72:ba:76:3c: 3f:de:3b:14:2e:f1:e1:ed:f5:2f:2c:84:d9:4a:16: 1f:79:bf:0a:8b:b7:74:ca:cd:57:99:76:24:70:c3: dc:ad:8c:ed:b2:c0:fd:db:e0:84:e5:f6:a7:b6:e6: 0d:41:b6:7a:79:d6:2c:96:9a:ee:ec:0c:17:42:5d: 9d:83:c3:c1:ff:e6:0d:d4:e2:bd:24:f8:56:b1:50: 20:2a:a8:01:a5:6b:dd:26:4c:53:4e:83:1e:06:94: 85:86:84:c9:86:10:91:f6:b2:89:73:fb:2e:ac:f0: e7:ff:bf:a5:ca:5a:cd:6a:63:1b:b4:e7:7c:d8:81: d1:f7:ac:9b:9b:16:bb:fc:89:a6:5b:08:22:60:91: 74:dd:92:5b:a9:cf:14:e6:8d:73:21:d6:c1:08:05: c5:aa:32:15:a7:ac:f1:c4:6e:b1:11:fe:13:32:5d: 6d:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:92:54:AE:92:D9:22:30:3E:AF:64:32:A2:C6:C9:F8:B5:9B:3A:D7 X509v3 Authority Key Identifier: keyid:A2:4D:96:38:33:59:CB:49:66:A1:5B:9A:90:69:13:EB:54:56:65:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C9C03/37D18A1639A311F0BAD72C3CC4F9AE02/ok2WODNZy0lmoVuakGkT61RWZXs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ok2WODNZy0lmoVuakGkT61RWZXs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9C03/37D18A1639A311F0BAD72C3CC4F9AE02/ok2WODNZy0lmoVuakGkT61RWZXs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2d:2f:a5:a5:e5:ae:b7:e8:f7:78:ce:c8:a8:04:c8:7b:b1:ae: 44:96:b5:45:f0:01:19:89:0f:6f:a5:9d:ec:d9:02:1d:e9:a4: 94:ec:fa:b7:2f:65:f8:71:96:ce:40:a6:7b:d6:44:ce:41:f1: d2:3d:b4:2c:7e:7b:0c:a2:24:da:17:99:2f:f5:c7:cb:a1:32: 5e:2c:ba:32:13:3f:6f:cc:72:c3:4c:66:ed:71:ef:62:23:05: c7:7e:8b:8c:52:45:f0:24:5a:fd:44:56:3d:fe:4b:24:b4:aa: 78:0f:a9:7b:97:4d:d3:80:bf:18:45:ac:5d:76:36:de:34:e6: ea:df:bc:8f:e0:da:d0:e4:53:de:76:19:e4:0e:7d:77:88:35: dd:7c:1e:06:2a:c7:54:7d:59:b5:aa:4c:da:c9:4a:fe:61:ab: 87:3c:62:54:a7:48:67:ca:8b:13:b3:58:29:fa:3c:02:f3:af: 69:77:3d:0f:e0:a8:7b:50:a8:e1:1e:4d:74:b9:5d:20:12:a9: fa:e6:af:09:c1:2b:7a:46:59:9d:a3:01:c7:16:6f:b2:43:42: 6f:a6:33:8c:5f:c3:12:d5:4d:e1:a6:9d:f5:53:46:cb:87:7b: 27:c2:81:7e:a0:05:fa:e7:10:cf:84:c8:1f:b3:3a:cb:fe:84: 94:ca:c5:ab -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBGzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD OUMwMzExMC8GA1UEBRMoQTI0RDk2MzgzMzU5Q0I0OTY2QTE1QjlBOTA2OTEzRUI1 NDU2NjU3QjAeFw0yNTA3MDEwODQ5MDdaFw0yNTA3MDgwODQ5MDdaMBgxFjAUBgNV BAMTDTY4NjNhMTAzLTQzODIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDAmNzPduQxGWqUyVP7la1sTfKQZjBP4SPTICosnaLHb6S1cP/jnDCXaRTnhJF7 JVlp0zfqV5gPVsyvqTeamPdrj0/h5zLCzenrU+CCInVws5nLdnkncrp2PD/eOxQu 8eHt9S8shNlKFh95vwqLt3TKzVeZdiRww9ytjO2ywP3b4ITl9qe25g1Btnp51iyW mu7sDBdCXZ2Dw8H/5g3U4r0k+FaxUCAqqAGla90mTFNOgx4GlIWGhMmGEJH2solz +y6s8Of/v6XKWs1qYxu053zYgdH3rJubFrv8iaZbCCJgkXTdklupzxTmjXMh1sEI BcWqMhWnrPHEbrER/hMyXW1BAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUApJUrpLZ IjA+r2QyosbJ+LWbOtcwHwYDVR0jBBgwFoAUok2WODNZy0lmoVuakGkT61RWZXsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM5QzAzLzM3RDE4QTE2MzlB MzExRjBCQUQ3MkMzQ0M0RjlBRTAyL29rMldPRE5aeTBsbW9WdWFrR2tUNjFSV1pY cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvb2syV09ETlp5MGxtb1Z1YWtHa1Q2MVJXWlhzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM5 QzAzLzM3RDE4QTE2MzlBMzExRjBCQUQ3MkMzQ0M0RjlBRTAyL29rMldPRE5aeTBs bW9WdWFrR2tUNjFSV1pYcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAC0vpaXlrrfo93jOyKgEyHuxrkSWtUXwARmJD2+lnezZAh3ppJTs+rcv Zfhxls5ApnvWRM5B8dI9tCx+ewyiJNoXmS/1x8uhMl4sujITP2/McsNMZu1x72Ij Bcd+i4xSRfAkWv1EVj3+SyS0qngPqXuXTdOAvxhFrF12Nt405urfvI/g2tDkU952 GeQOfXeINd18HgYqx1R9WbWqTNrJSv5hq4c8YlSnSGfKixOzWCn6PALzr2l3PQ/g qHtQqOEeTXS5XSASqfrmrwnBK3pGWZ2jAccWb7JDQm+mM4xfwxLVTeGmnfVTRsuH eyfCgX6gBfrnEM+EyB+zOsv+hJTKxas= -----END CERTIFICATE-----Generated at Tue Jul 1 17:08:16 2025 by rpki-client