$ rpki-client -vvf rpki.apnic.net/member_repository/A91EDF00/3AE0034A4E7E11EC9E298429C4F9AE02/ozzKgbVeBGVdG1p-LOaIw-RvxTA.mft File: ozzKgbVeBGVdG1p-LOaIw-RvxTA.mft (raw, json) Hash identifier: SLYTO9697aX+Dw7+/2POsC6DIRskKezgXiG5oK8z5K8= Subject key identifier: B4:52:CE:90:5E:83:9B:B3:83:61:F2:1B:C7:2B:B3:11:43:30:AE:C8 Authority key identifier: A3:3C:CA:81:B5:5E:04:65:5D:1B:5A:7E:2C:E6:88:C3:E4:6F:C5:30 Certificate issuer: /CN=A91EDF00/serialNumber=A33CCA81B55E04655D1B5A7E2CE688C3E46FC530 Certificate serial: 0474 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ozzKgbVeBGVdG1p-LOaIw-RvxTA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EDF00/3AE0034A4E7E11EC9E298429C4F9AE02/ozzKgbVeBGVdG1p-LOaIw-RvxTA.mft Manifest number: 0470 Signing time: Tue 01 Jul 2025 00:37:57 +0000 Manifest this update: Tue 01 Jul 2025 00:37:57 +0000 Manifest next update: Tue 08 Jul 2025 00:37:57 +0000 Files and hashes: 1: ozzKgbVeBGVdG1p-LOaIw-RvxTA.crl (hash: Sm1Jdq319RGrf1l19kFswOtiN/a9DhfxarJO5YtGgWQ=) 2: 1B97FEB84E8111ECA3589560C4F9AE02.roa (hash: xAvVS/7W7xtAjphmjIYm8eiwHHWi2VdeCNpBEO7D7og=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EDF00/3AE0034A4E7E11EC9E298429C4F9AE02/ozzKgbVeBGVdG1p-LOaIw-RvxTA.crl rsync://rpki.apnic.net/member_repository/A91EDF00/3AE0034A4E7E11EC9E298429C4F9AE02/ozzKgbVeBGVdG1p-LOaIw-RvxTA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ozzKgbVeBGVdG1p-LOaIw-RvxTA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 00:37:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1140 (0x474) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EDF00, serialNumber=A33CCA81B55E04655D1B5A7E2CE688C3E46FC530 Validity Not Before: Jul 1 00:37:57 2025 GMT Not After : Jul 8 00:37:57 2025 GMT Subject: CN=68632de5-f5ce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:66:26:6c:9b:6f:38:0c:45:66:fa:58:74:d6: 25:b0:9b:c1:51:d0:49:d3:6e:0e:f6:7b:41:22:c8: b7:f4:39:b8:bd:7b:d4:87:63:c7:df:ca:9c:50:66: 69:c9:0e:df:20:07:0d:14:44:bb:3e:75:de:85:1c: 41:36:e1:5b:21:21:3b:12:49:f8:e8:1a:8d:b0:8e: 07:65:07:5d:7a:c6:39:43:12:2c:2d:a6:ea:8f:22: 2a:93:4f:cd:61:98:a6:6b:8d:61:6b:87:87:a5:62: dc:1a:97:96:e3:f5:73:51:55:55:44:0f:d3:51:8d: 11:74:d1:54:77:e4:d6:17:30:4f:49:d3:68:b2:67: 2d:3d:9c:7c:ce:cf:fb:9e:de:df:53:57:6d:e2:a7: 84:76:fd:bc:6e:c2:ee:98:8a:4c:a3:3e:7a:ca:34: 05:c6:a8:bb:8e:f0:7e:55:d5:70:c1:63:3c:21:5e: c4:43:2c:72:48:0a:43:f3:4d:0d:d8:93:a6:6c:3c: b6:46:fe:c0:f9:6a:5f:20:b9:92:ea:6f:d3:ae:1c: 13:29:ec:be:71:37:73:b9:a6:de:a7:e3:7f:b8:a7: e2:d3:9f:ac:c6:85:fa:fb:a0:78:a6:b8:5d:b4:c6: a1:81:3a:b0:62:0b:63:96:74:11:57:15:e3:cb:3a: 94:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:52:CE:90:5E:83:9B:B3:83:61:F2:1B:C7:2B:B3:11:43:30:AE:C8 X509v3 Authority Key Identifier: keyid:A3:3C:CA:81:B5:5E:04:65:5D:1B:5A:7E:2C:E6:88:C3:E4:6F:C5:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EDF00/3AE0034A4E7E11EC9E298429C4F9AE02/ozzKgbVeBGVdG1p-LOaIw-RvxTA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ozzKgbVeBGVdG1p-LOaIw-RvxTA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EDF00/3AE0034A4E7E11EC9E298429C4F9AE02/ozzKgbVeBGVdG1p-LOaIw-RvxTA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a7:c0:16:c3:57:71:da:dc:45:d9:eb:a1:fe:10:a3:f3:0a:92: c5:8c:94:55:09:e3:95:a9:10:24:2d:f8:d6:48:4b:87:5e:b8: d2:0c:89:35:90:32:de:e7:d4:38:e4:36:a1:a8:9e:8b:b7:87: ab:b3:83:bc:04:03:ac:27:e2:95:d1:1d:bc:1f:4c:32:65:c9: 11:f2:f1:9a:1c:28:c5:bc:b1:ac:eb:2c:09:4b:7d:89:25:e5: 6f:71:a6:4e:13:78:ba:dc:5e:00:f4:cc:72:47:c6:0c:d2:e1: 11:6f:a6:03:47:38:c8:9e:32:62:e7:17:13:ed:dd:45:23:42: 47:86:e2:13:55:e7:d8:ca:a5:6d:73:65:ad:76:48:7b:85:da: 5f:38:01:d0:43:a2:18:07:5e:38:7b:69:61:36:e2:d5:66:08: 5c:11:48:a3:24:c1:6c:90:c1:77:b0:be:f9:9b:af:c3:b8:a5: b6:c1:a8:bb:13:69:4a:d7:0a:b2:f2:a2:e6:1a:de:2b:60:83: 5b:01:f3:39:0b:df:e1:4b:e8:b1:c2:6b:d8:96:81:e3:da:f5: fa:d0:18:c1:c4:75:3c:c3:ea:4d:70:cc:93:73:8f:37:9a:1d: f8:43:33:dd:7b:ba:02:5b:9a:d4:0e:ae:e8:28:62:ab:2f:69: 19:8a:f5:9b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBHQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RURGMDAxMTAvBgNVBAUTKEEzM0NDQTgxQjU1RTA0NjU1RDFCNUE3RTJDRTY4OEMz RTQ2RkM1MzAwHhcNMjUwNzAxMDAzNzU3WhcNMjUwNzA4MDAzNzU3WjAYMRYwFAYD VQQDEw02ODYzMmRlNS1mNWNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsmYmbJtvOAxFZvpYdNYlsJvBUdBJ024O9ntBIsi39Dm4vXvUh2PH38qcUGZp yQ7fIAcNFES7PnXehRxBNuFbISE7Ekn46BqNsI4HZQddesY5QxIsLabqjyIqk0/N YZima41ha4eHpWLcGpeW4/VzUVVVRA/TUY0RdNFUd+TWFzBPSdNosmctPZx8zs/7 nt7fU1dt4qeEdv28bsLumIpMoz56yjQFxqi7jvB+VdVwwWM8IV7EQyxySApD800N 2JOmbDy2Rv7A+WpfILmS6m/TrhwTKey+cTdzuabep+N/uKfi05+sxoX6+6B4prhd tMahgTqwYgtjlnQRVxXjyzqUFwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLRSzpBe g5uzg2HyG8crsxFDMK7IMB8GA1UdIwQYMBaAFKM8yoG1XgRlXRtafizmiMPkb8Uw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFREYwMC8zQUUwMDM0QTRF N0UxMUVDOUUyOTg0MjlDNEY5QUUwMi9venpLZ2JWZUJHVmRHMXAtTE9hSXctUnZ4 VEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL296ektnYlZlQkdWZEcxcC1MT2FJdy1SdnhUQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF REYwMC8zQUUwMDM0QTRFN0UxMUVDOUUyOTg0MjlDNEY5QUUwMi9venpLZ2JWZUJH VmRHMXAtTE9hSXctUnZ4VEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCnwBbDV3Ha3EXZ66H+EKPzCpLFjJRVCeOVqRAkLfjWSEuHXrjSDIk1 kDLe59Q45DahqJ6Lt4ers4O8BAOsJ+KV0R28H0wyZckR8vGaHCjFvLGs6ywJS32J JeVvcaZOE3i63F4A9MxyR8YM0uERb6YDRzjInjJi5xcT7d1FI0JHhuITVefYyqVt c2Wtdkh7hdpfOAHQQ6IYB144e2lhNuLVZghcEUijJMFskMF3sL75m6/DuKW2wai7 E2lK1wqy8qLmGt4rYINbAfM5C9/hS+ixwmvYloHj2vX60BjBxHU8w+pNcMyTc483 mh34QzPde7oCW5rUDq7oKGKrL2kZivWb -----END CERTIFICATE-----Generated at Wed Jul 2 15:35:26 2025 by rpki-client