$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAD80/D223C5AE94C911EF92CD7258C4F9AE02/oRR-hHvP7urdnompeo2fM2ecp-I.mft File: oRR-hHvP7urdnompeo2fM2ecp-I.mft (raw, json) Hash identifier: NInrQcgBmSX87C4y7+tB23EkOY1tphDqbYI+mtQ31U8= Subject key identifier: 4B:CB:99:BE:CB:AF:70:2D:0F:1C:72:18:38:0C:10:2C:B4:0F:BE:5E Authority key identifier: A1:14:7E:84:7B:CF:EE:EA:DD:9E:89:A9:7A:8D:9F:33:67:9C:A7:E2 Certificate issuer: /CN=A91EAD80/serialNumber=A1147E847BCFEEEADD9E89A97A8D9F33679CA7E2 Certificate serial: 9F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oRR-hHvP7urdnompeo2fM2ecp-I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EAD80/D223C5AE94C911EF92CD7258C4F9AE02/oRR-hHvP7urdnompeo2fM2ecp-I.mft Manifest number: 9D Signing time: Sat 23 Aug 2025 06:35:10 +0000 Manifest this update: Sat 23 Aug 2025 06:35:10 +0000 Manifest next update: Sat 30 Aug 2025 06:35:10 +0000 Files and hashes: 1: oRR-hHvP7urdnompeo2fM2ecp-I.crl (hash: wctbQZDxMYKkBVyuX4zGuhfbwaTp8rWjSORLllNpaCM=) 2: 52DF0E62B2FA11EFA36E0387C4F9AE02.roa (hash: zOW380YmpQpMtSyWb7ghqrZ9YCinfgNDwAX0rgUwhPY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EAD80/D223C5AE94C911EF92CD7258C4F9AE02/oRR-hHvP7urdnompeo2fM2ecp-I.crl rsync://rpki.apnic.net/member_repository/A91EAD80/D223C5AE94C911EF92CD7258C4F9AE02/oRR-hHvP7urdnompeo2fM2ecp-I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oRR-hHvP7urdnompeo2fM2ecp-I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 06:35:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 159 (0x9f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EAD80, serialNumber=A1147E847BCFEEEADD9E89A97A8D9F33679CA7E2 Validity Not Before: Aug 23 06:35:10 2025 GMT Not After : Aug 30 06:35:10 2025 GMT Subject: CN=68a9611e-1f8b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:6a:f8:c9:a4:2b:d6:a3:60:bf:3e:6e:7e:9c: 3b:9f:cf:5f:8b:0c:84:64:c1:76:3e:b1:30:fe:5e: 80:55:5f:8c:59:c0:45:1f:7d:d2:c4:f1:65:02:fb: cb:06:38:17:2b:5d:4d:5f:a7:73:99:04:44:0c:0c: 7a:0f:42:93:df:78:0d:01:23:49:1b:26:f4:8a:81: ce:81:64:dd:c3:89:f5:8d:8f:c7:bf:e8:20:7c:61: bb:30:31:7e:b4:91:5d:f2:8f:3c:28:9e:56:d9:6b: 77:3a:b0:e4:cb:b7:75:35:8e:06:b0:82:f6:3f:77: 7c:b7:ff:d6:cb:b6:db:06:f7:68:5d:88:4c:82:7f: a1:14:bd:86:1b:71:7a:63:41:0f:dd:10:ff:ce:f4: 35:5d:d6:15:2d:8c:7d:fd:26:9a:0e:df:68:6f:28: ec:2c:fe:de:ee:54:87:f5:c6:c8:60:fd:1e:d1:7c: 7b:7b:df:ff:95:d0:d9:40:7f:2d:23:40:7e:be:ce: 70:f4:bc:fd:2b:cd:b2:a7:53:4d:ff:c2:e9:a9:db: bc:3d:ae:8a:1b:56:b4:b2:16:48:8a:18:9d:91:1b: 23:06:a7:6f:98:31:0c:1e:f5:97:fb:31:3f:97:7a: f8:77:4b:5d:ef:81:45:57:32:ab:22:5b:aa:d8:b7: 9f:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:CB:99:BE:CB:AF:70:2D:0F:1C:72:18:38:0C:10:2C:B4:0F:BE:5E X509v3 Authority Key Identifier: keyid:A1:14:7E:84:7B:CF:EE:EA:DD:9E:89:A9:7A:8D:9F:33:67:9C:A7:E2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EAD80/D223C5AE94C911EF92CD7258C4F9AE02/oRR-hHvP7urdnompeo2fM2ecp-I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oRR-hHvP7urdnompeo2fM2ecp-I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAD80/D223C5AE94C911EF92CD7258C4F9AE02/oRR-hHvP7urdnompeo2fM2ecp-I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 21:0e:51:81:00:40:29:01:6a:1f:ff:35:5b:a9:7a:bf:7e:12: 0a:bc:75:d0:50:af:23:5a:de:92:06:fb:45:57:eb:e4:bf:b0: 4f:3c:2b:cc:69:3a:5e:13:0a:83:b9:de:e8:71:40:50:82:1e: f3:eb:57:c2:18:1c:e9:c5:7a:b6:0a:7f:e6:37:72:42:c2:78: fa:57:2d:57:84:ff:24:bc:59:c1:7d:83:5d:f3:a6:d6:dc:dd: b4:28:d9:1f:0b:0e:1b:c7:52:10:f9:63:55:c5:4f:75:12:d2: 6a:b6:35:c8:74:58:4d:e9:cc:89:51:a7:ea:1d:15:0d:63:ec: 35:07:4e:94:40:2f:64:8c:93:a8:68:89:2e:ba:75:56:e6:c2: 13:c3:bd:1a:19:09:40:76:d2:8a:16:7c:7b:32:fe:e5:c7:60: 4d:6f:23:fe:48:8c:e0:5c:64:c4:50:04:21:4c:8f:c5:15:f9: 2c:12:3f:6e:92:13:b5:65:f8:40:31:b0:db:a5:0b:5b:0c:99: 9b:8a:be:4e:77:30:cf:a7:09:72:b5:dd:c0:8f:aa:8b:de:b0: 66:22:51:b5:6a:2a:09:78:7e:27:b8:72:77:ff:44:3c:89:76: 9d:a1:ba:10:f4:58:82:3a:40:df:c4:e2:ef:02:ff:6b:7d:17: 97:d7:5f:0f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUFEODAxMTAvBgNVBAUTKEExMTQ3RTg0N0JDRkVFRUFERDlFODlBOTdBOEQ5RjMz Njc5Q0E3RTIwHhcNMjUwODIzMDYzNTEwWhcNMjUwODMwMDYzNTEwWjAYMRYwFAYD VQQDEw02OGE5NjExZS0xZjhiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqGr4yaQr1qNgvz5ufpw7n89fiwyEZMF2PrEw/l6AVV+MWcBFH33SxPFlAvvL BjgXK11NX6dzmQREDAx6D0KT33gNASNJGyb0ioHOgWTdw4n1jY/Hv+ggfGG7MDF+ tJFd8o88KJ5W2Wt3OrDky7d1NY4GsIL2P3d8t//Wy7bbBvdoXYhMgn+hFL2GG3F6 Y0EP3RD/zvQ1XdYVLYx9/SaaDt9obyjsLP7e7lSH9cbIYP0e0Xx7e9//ldDZQH8t I0B+vs5w9Lz9K82yp1NN/8Lpqdu8Pa6KG1a0shZIihidkRsjBqdvmDEMHvWX+zE/ l3r4d0td74FFVzKrIluq2LefIQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEvLmb7L r3AtDxxyGDgMECy0D75eMB8GA1UdIwQYMBaAFKEUfoR7z+7q3Z6JqXqNnzNnnKfi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUQ4MC9EMjIzQzVBRTk0 QzkxMUVGOTJDRDcyNThDNEY5QUUwMi9vUlItaEh2UDd1cmRub21wZW8yZk0yZWNw LUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29SUi1oSHZQN3VyZG5vbXBlbzJmTTJlY3AtSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QUQ4MC9EMjIzQzVBRTk0QzkxMUVGOTJDRDcyNThDNEY5QUUwMi9vUlItaEh2UDd1 cmRub21wZW8yZk0yZWNwLUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAhDlGBAEApAWof/zVbqXq/fhIKvHXQUK8jWt6SBvtFV+vkv7BPPCvM aTpeEwqDud7ocUBQgh7z61fCGBzpxXq2Cn/mN3JCwnj6Vy1XhP8kvFnBfYNd86bW 3N20KNkfCw4bx1IQ+WNVxU91EtJqtjXIdFhN6cyJUafqHRUNY+w1B06UQC9kjJOo aIkuunVW5sITw70aGQlAdtKKFnx7Mv7lx2BNbyP+SIzgXGTEUAQhTI/FFfksEj9u khO1ZfhAMbDbpQtbDJmbir5OdzDPpwlytd3Aj6qL3rBmIlG1aioJeH4nuHJ3/0Q8 iXadoboQ9FiCOkDfxOLvAv9rfReX118P -----END CERTIFICATE-----Generated at Sat Aug 23 19:46:08 2025 by rpki-client