$ rpki-client -vvf rpki.apnic.net/member_repository/A91CF9B0/14C9496E9F3F11EE801B1D62C4F9AE02/oqIX1KQS-1OPXJGjSzbOcYed22U.mft File: oqIX1KQS-1OPXJGjSzbOcYed22U.mft (raw, json) Hash identifier: cXNapd+ttoejMKjzexube7WAMZtj5nqhkGy4HVQodKM= Subject key identifier: D1:14:E2:70:B6:08:F3:BC:F5:97:01:F9:5C:46:31:AE:5D:12:DA:6D Authority key identifier: A2:A2:17:D4:A4:12:FB:53:8F:5C:91:A3:4B:36:CE:71:87:9D:DB:65 Certificate issuer: /CN=A91CF9B0/serialNumber=A2A217D4A412FB538F5C91A34B36CE71879DDB65 Certificate serial: 0159 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oqIX1KQS-1OPXJGjSzbOcYed22U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CF9B0/14C9496E9F3F11EE801B1D62C4F9AE02/oqIX1KQS-1OPXJGjSzbOcYed22U.mft Manifest number: 014A Signing time: Sat 23 Aug 2025 04:36:08 +0000 Manifest this update: Sat 23 Aug 2025 04:36:07 +0000 Manifest next update: Sat 30 Aug 2025 04:36:07 +0000 Files and hashes: 1: oqIX1KQS-1OPXJGjSzbOcYed22U.crl (hash: dagRGLIJSeiAFgcMYpU0+ZrhglzEkh9qSnoTc16ZaZI=) 2: 84D917FC9F4911EEA0C5C856C4F9AE02.roa (hash: NmyQHlBil47JzTSCPQYz/6ZBa9AnAtiDqsHIcZPO3dA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CF9B0/14C9496E9F3F11EE801B1D62C4F9AE02/oqIX1KQS-1OPXJGjSzbOcYed22U.crl rsync://rpki.apnic.net/member_repository/A91CF9B0/14C9496E9F3F11EE801B1D62C4F9AE02/oqIX1KQS-1OPXJGjSzbOcYed22U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oqIX1KQS-1OPXJGjSzbOcYed22U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 04:36:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 345 (0x159) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CF9B0, serialNumber=A2A217D4A412FB538F5C91A34B36CE71879DDB65 Validity Not Before: Aug 23 04:36:07 2025 GMT Not After : Aug 30 04:36:07 2025 GMT Subject: CN=68a94538-05f9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:e5:1d:38:e9:53:54:8e:6c:b0:a5:1d:9f:22: f7:45:38:7e:e9:1b:5e:78:66:56:6c:73:a3:e9:22: 7a:4f:d1:66:ec:8e:e5:31:96:ef:3e:12:bb:68:27: ed:9c:17:3f:4e:a3:a2:fd:60:4f:67:d2:8e:86:96: 68:7c:6e:33:05:37:a5:fa:73:18:e5:83:f1:52:eb: d2:7b:37:10:d4:af:b0:38:46:2c:7d:12:90:0e:78: d1:c0:ee:e0:c2:62:34:c4:47:1f:6d:ab:c3:aa:e3: fc:20:ae:1b:5b:0b:bf:4d:75:1a:ad:b6:95:81:62: 8b:c5:88:ec:45:58:4b:2d:6c:62:a8:4a:59:10:89: 91:6e:6c:0b:07:86:78:0d:20:89:46:9b:24:6e:5c: 2a:83:01:e6:c6:06:57:10:cb:87:ca:63:d7:50:84: fc:d8:04:b4:5c:e2:fa:d1:be:77:04:42:46:de:75: 32:a9:eb:fa:a9:62:a7:2a:46:00:2b:5e:85:c7:e3: 87:08:ee:1d:9f:38:45:e5:39:73:82:f0:97:92:34: 7d:f0:4b:88:1f:6e:c9:db:a8:ec:6e:39:2b:42:a7: 20:06:85:27:57:f5:2f:79:48:32:2f:5e:87:a3:f5: 0a:f7:27:76:d6:f1:2a:6a:12:5d:16:2c:7f:ae:70: 88:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:14:E2:70:B6:08:F3:BC:F5:97:01:F9:5C:46:31:AE:5D:12:DA:6D X509v3 Authority Key Identifier: keyid:A2:A2:17:D4:A4:12:FB:53:8F:5C:91:A3:4B:36:CE:71:87:9D:DB:65 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CF9B0/14C9496E9F3F11EE801B1D62C4F9AE02/oqIX1KQS-1OPXJGjSzbOcYed22U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oqIX1KQS-1OPXJGjSzbOcYed22U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CF9B0/14C9496E9F3F11EE801B1D62C4F9AE02/oqIX1KQS-1OPXJGjSzbOcYed22U.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1b:e6:7b:15:23:77:67:8a:25:d8:3c:b1:8c:fd:94:c9:27:5a: a0:80:d9:4a:a5:c6:17:d1:48:dd:0f:a0:5f:77:22:36:e0:4f: c7:22:88:ed:89:a4:de:82:3b:53:38:b3:58:9e:da:32:24:63: 32:55:fe:f1:04:a1:24:19:5c:11:31:ec:37:c2:ff:91:18:2a: 2f:45:3c:03:48:ca:dd:2f:29:00:fd:53:90:72:71:ba:02:ed: 6b:e2:45:f8:bb:20:1d:29:03:64:2c:ca:4c:c1:a7:89:d4:2e: 7c:08:9a:55:36:f7:9a:0e:02:66:2e:a0:37:cd:b5:e3:3f:17: a0:4d:4a:02:d2:cd:a1:d8:3d:ef:3b:e5:b9:bc:44:a4:5a:d4: 84:04:10:28:64:31:d8:e9:a5:8f:6e:77:17:81:da:c4:9f:b8: 0d:92:6e:71:97:e3:ce:bf:37:3d:98:76:2a:5a:18:ad:2d:86: e5:7c:03:9d:3e:fa:6c:ef:b4:d5:9e:10:be:61:f8:54:fe:35: 80:b4:67:0a:ba:26:d5:36:b7:ca:46:47:54:6e:f2:e4:c6:df: 9c:64:1d:d7:f5:19:fe:02:62:00:9b:bf:d4:86:19:9a:a6:61: 2d:e1:49:64:0d:bc:5f:0d:4d:68:a7:79:d8:a4:60:c8:08:06: 96:8a:e2:5f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAVkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0Y5QjAxMTAvBgNVBAUTKEEyQTIxN0Q0QTQxMkZCNTM4RjVDOTFBMzRCMzZDRTcx ODc5RERCNjUwHhcNMjUwODIzMDQzNjA3WhcNMjUwODMwMDQzNjA3WjAYMRYwFAYD VQQDEw02OGE5NDUzOC0wNWY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzOUdOOlTVI5ssKUdnyL3RTh+6RteeGZWbHOj6SJ6T9Fm7I7lMZbvPhK7aCft nBc/TqOi/WBPZ9KOhpZofG4zBTel+nMY5YPxUuvSezcQ1K+wOEYsfRKQDnjRwO7g wmI0xEcfbavDquP8IK4bWwu/TXUarbaVgWKLxYjsRVhLLWxiqEpZEImRbmwLB4Z4 DSCJRpskblwqgwHmxgZXEMuHymPXUIT82AS0XOL60b53BEJG3nUyqev6qWKnKkYA K16Fx+OHCO4dnzhF5TlzgvCXkjR98EuIH27J26jsbjkrQqcgBoUnV/UveUgyL16H o/UK9yd21vEqahJdFix/rnCIuQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNEU4nC2 CPO89ZcB+VxGMa5dEtptMB8GA1UdIwQYMBaAFKKiF9SkEvtTj1yRo0s2znGHndtl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRjlCMC8xNEM5NDk2RTlG M0YxMUVFODAxQjFENjJDNEY5QUUwMi9vcUlYMUtRUy0xT1BYSkdqU3piT2NZZWQy MlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29xSVgxS1FTLTFPUFhKR2pTemJPY1llZDIyVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RjlCMC8xNEM5NDk2RTlGM0YxMUVFODAxQjFENjJDNEY5QUUwMi9vcUlYMUtRUy0x T1BYSkdqU3piT2NZZWQyMlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAb5nsVI3dniiXYPLGM/ZTJJ1qggNlKpcYX0UjdD6BfdyI24E/HIojt iaTegjtTOLNYntoyJGMyVf7xBKEkGVwRMew3wv+RGCovRTwDSMrdLykA/VOQcnG6 Au1r4kX4uyAdKQNkLMpMwaeJ1C58CJpVNveaDgJmLqA3zbXjPxegTUoC0s2h2D3v O+W5vESkWtSEBBAoZDHY6aWPbncXgdrEn7gNkm5xl+POvzc9mHYqWhitLYblfAOd Pvps77TVnhC+YfhU/jWAtGcKuibVNrfKRkdUbvLkxt+cZB3X9Rn+AmIAm7/Uhhma pmEt4UlkDbxfDU1op3nYpGDICAaWiuJf -----END CERTIFICATE-----Generated at Sun Aug 24 00:42:02 2025 by rpki-client