$ rpki-client -vvf rpki.apnic.net/member_repository/A91EDF00/3AE0034A4E7E11EC9E298429C4F9AE02/ozzKgbVeBGVdG1p-LOaIw-RvxTA.mft File: ozzKgbVeBGVdG1p-LOaIw-RvxTA.mft (raw, json) Hash identifier: ePUCIT04J2h/eQK+MD+I9f0ZWXUMhN+06Wwkn5/TSW4= Subject key identifier: 16:6F:C3:4F:65:7E:D8:B3:48:8D:A6:49:50:31:25:C3:52:C7:09:4F Authority key identifier: A3:3C:CA:81:B5:5E:04:65:5D:1B:5A:7E:2C:E6:88:C3:E4:6F:C5:30 Certificate issuer: /CN=A91EDF00/serialNumber=A33CCA81B55E04655D1B5A7E2CE688C3E46FC530 Certificate serial: 048F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ozzKgbVeBGVdG1p-LOaIw-RvxTA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EDF00/3AE0034A4E7E11EC9E298429C4F9AE02/ozzKgbVeBGVdG1p-LOaIw-RvxTA.mft Manifest number: 048B Signing time: Sat 23 Aug 2025 00:14:52 +0000 Manifest this update: Sat 23 Aug 2025 00:14:52 +0000 Manifest next update: Sat 30 Aug 2025 00:14:52 +0000 Files and hashes: 1: ozzKgbVeBGVdG1p-LOaIw-RvxTA.crl (hash: +Ja3pgzkxCATwHnO5AQOn7l0Ew6H2p7BtaXNOqnlaeE=) 2: 1B97FEB84E8111ECA3589560C4F9AE02.roa (hash: xAvVS/7W7xtAjphmjIYm8eiwHHWi2VdeCNpBEO7D7og=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EDF00/3AE0034A4E7E11EC9E298429C4F9AE02/ozzKgbVeBGVdG1p-LOaIw-RvxTA.crl rsync://rpki.apnic.net/member_repository/A91EDF00/3AE0034A4E7E11EC9E298429C4F9AE02/ozzKgbVeBGVdG1p-LOaIw-RvxTA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ozzKgbVeBGVdG1p-LOaIw-RvxTA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 00:14:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1167 (0x48f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EDF00, serialNumber=A33CCA81B55E04655D1B5A7E2CE688C3E46FC530 Validity Not Before: Aug 23 00:14:52 2025 GMT Not After : Aug 30 00:14:52 2025 GMT Subject: CN=68a907fc-a108 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:52:0f:31:a3:1d:aa:eb:08:ff:db:e6:a9:60: 09:a5:69:45:19:ff:1a:c1:a1:db:de:dc:64:a0:09: fc:11:29:a3:2e:06:8e:fc:76:27:9d:53:f1:5c:76: ca:ec:53:6c:cc:95:6b:8e:e7:20:5a:22:13:d8:17: c2:4e:15:9e:ac:9d:ef:a7:53:6f:c1:fa:db:bb:82: d2:79:e5:76:46:c3:56:de:58:d9:ce:8c:36:e3:45: ba:9b:ef:81:04:99:cb:9b:8d:97:8c:67:d0:6f:4e: 3b:8c:aa:24:30:da:ec:84:4f:2a:6e:11:fa:ce:a7: d7:af:fa:b3:80:7a:bf:53:08:96:8c:73:9a:17:72: 7a:36:85:e8:c8:ea:18:1f:be:75:bd:90:41:fe:4b: ed:0b:82:e4:67:04:0c:02:e7:68:1f:72:0d:ce:84: 67:57:8f:00:30:57:4d:ef:25:24:6e:51:7a:94:71: d0:d8:7b:d1:17:09:57:63:34:a2:5b:33:41:24:d0: 17:e3:b8:b2:3f:ee:2f:c8:33:7a:3f:fd:0a:a0:6f: ed:f9:70:05:42:59:3a:d0:cc:2f:c1:f5:72:d3:e5: 26:4a:3e:04:f6:c9:20:3d:07:22:4f:ad:ce:bc:da: f2:fd:2c:2b:36:36:30:f7:e1:c8:a1:0d:b0:00:a3: f6:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:6F:C3:4F:65:7E:D8:B3:48:8D:A6:49:50:31:25:C3:52:C7:09:4F X509v3 Authority Key Identifier: keyid:A3:3C:CA:81:B5:5E:04:65:5D:1B:5A:7E:2C:E6:88:C3:E4:6F:C5:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EDF00/3AE0034A4E7E11EC9E298429C4F9AE02/ozzKgbVeBGVdG1p-LOaIw-RvxTA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ozzKgbVeBGVdG1p-LOaIw-RvxTA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EDF00/3AE0034A4E7E11EC9E298429C4F9AE02/ozzKgbVeBGVdG1p-LOaIw-RvxTA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7c:51:fa:7a:85:20:3c:7e:ad:da:d8:a5:aa:a3:92:cc:f7:ed: 11:ba:b1:53:17:29:05:3d:eb:d6:5a:38:51:0b:8b:d9:0c:db: c2:87:d6:80:a8:39:b2:7b:a3:47:10:12:1f:69:51:13:1b:0e: 68:e9:21:1e:d2:0b:73:a6:ca:5f:14:03:1d:de:9f:f8:0b:67: 5e:a6:8c:d2:ab:6f:06:93:14:09:3f:74:33:6c:94:00:e8:1f: f8:49:20:58:bf:37:62:f3:00:ec:21:92:09:74:8e:a4:88:fe: 1a:66:58:fc:78:28:a2:72:44:fe:0a:e4:7c:08:21:b2:8d:33: 9c:ef:5e:f8:e1:9c:8c:31:a2:20:d6:fd:35:73:86:e3:af:d7: f6:75:c3:17:f1:92:19:d1:f2:02:b7:6b:87:76:13:67:d7:c2: 23:9a:1d:d9:a3:c9:10:e5:45:a1:3d:11:e3:5f:28:77:98:85: 8f:b7:69:43:91:f4:5a:5a:02:0a:44:d5:19:e7:0d:1f:52:44: c8:f5:88:e9:e1:d9:18:f2:81:a8:80:49:11:60:24:45:96:9a: 17:54:9e:a2:1c:72:22:25:38:d0:68:e7:07:78:55:4f:c8:e3: ed:d3:11:52:2f:a5:ae:57:a3:e2:bb:42:ac:fc:56:e7:51:4d: 08:dd:b3:e2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBI8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RURGMDAxMTAvBgNVBAUTKEEzM0NDQTgxQjU1RTA0NjU1RDFCNUE3RTJDRTY4OEMz RTQ2RkM1MzAwHhcNMjUwODIzMDAxNDUyWhcNMjUwODMwMDAxNDUyWjAYMRYwFAYD VQQDEw02OGE5MDdmYy1hMTA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApFIPMaMdqusI/9vmqWAJpWlFGf8awaHb3txkoAn8ESmjLgaO/HYnnVPxXHbK 7FNszJVrjucgWiIT2BfCThWerJ3vp1Nvwfrbu4LSeeV2RsNW3ljZzow240W6m++B BJnLm42XjGfQb047jKokMNrshE8qbhH6zqfXr/qzgHq/UwiWjHOaF3J6NoXoyOoY H751vZBB/kvtC4LkZwQMAudoH3INzoRnV48AMFdN7yUkblF6lHHQ2HvRFwlXYzSi WzNBJNAX47iyP+4vyDN6P/0KoG/t+XAFQlk60MwvwfVy0+UmSj4E9skgPQciT63O vNry/SwrNjYw9+HIoQ2wAKP2jwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBZvw09l ftizSI2mSVAxJcNSxwlPMB8GA1UdIwQYMBaAFKM8yoG1XgRlXRtafizmiMPkb8Uw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFREYwMC8zQUUwMDM0QTRF N0UxMUVDOUUyOTg0MjlDNEY5QUUwMi9venpLZ2JWZUJHVmRHMXAtTE9hSXctUnZ4 VEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL296ektnYlZlQkdWZEcxcC1MT2FJdy1SdnhUQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF REYwMC8zQUUwMDM0QTRFN0UxMUVDOUUyOTg0MjlDNEY5QUUwMi9venpLZ2JWZUJH VmRHMXAtTE9hSXctUnZ4VEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB8Ufp6hSA8fq3a2KWqo5LM9+0RurFTFykFPevWWjhRC4vZDNvCh9aA qDmye6NHEBIfaVETGw5o6SEe0gtzpspfFAMd3p/4C2depozSq28GkxQJP3QzbJQA 6B/4SSBYvzdi8wDsIZIJdI6kiP4aZlj8eCiickT+CuR8CCGyjTOc71744ZyMMaIg 1v01c4bjr9f2dcMX8ZIZ0fICt2uHdhNn18Ijmh3Zo8kQ5UWhPRHjXyh3mIWPt2lD kfRaWgIKRNUZ5w0fUkTI9Yjp4dkY8oGogEkRYCRFlpoXVJ6iHHIiJTjQaOcHeFVP yOPt0xFSL6WuV6Piu0Ks/FbnUU0I3bPi -----END CERTIFICATE-----Generated at Sat Aug 23 16:37:53 2025 by rpki-client