$ rpki-client -vvf rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.mft File: Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.mft (raw, json) Hash identifier: JGrD5th04srzgUUFj9zzaERwuWakvVYFpKZNEX3Yixg= Subject key identifier: FA:BB:1C:5C:F3:F8:63:B0:3C:17:FE:AD:D1:0D:06:63:B4:C1:05:CB Authority key identifier: 3A:CC:B6:95:39:AC:9F:42:88:BC:D0:F0:A5:42:50:D5:92:F5:40:D4 Certificate issuer: /CN=A91F0EBF/serialNumber=3ACCB69539AC9F4288BCD0F0A54250D592F540D4 Certificate serial: 21E8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.mft Manifest number: 21A6 Signing time: Mon 30 Jun 2025 15:59:04 +0000 Manifest this update: Mon 30 Jun 2025 15:59:04 +0000 Manifest next update: Mon 07 Jul 2025 15:59:04 +0000 Files and hashes: 1: Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.crl (hash: 4Aow3Qj/ak2Sr+pEv3tzgJzcdvz+flMfgNq6LBlh6/A=) 2: 5F649D88F27E11EE8704D12FC4F9AE02.roa (hash: 1ES+epsnD/DNY/mamto14c9DZbko73ok/bvGYlpnZRA=) 3: 5EDC2B56F27E11EE8704D12FC4F9AE02.roa (hash: RV1/DDfUdeMeAI1f60SGG8y1uSkd4aEtHJsKEOkYdXA=) 4: 586B33AEF44611EBA78C117AC4F9AE02.roa (hash: xubGUlPUlNCBLJe5+NADMrf4YV/wbfCmoqj7rhjCN20=) 5: 5480D316764D11EA8CB5C039C4F9AE02.roa (hash: ftobPRBcc8wlVTCOH3GxCPMFHQM9ebuoV2KFpLluNR4=) 6: 11DE1CDA467611EC988CDC09C4F9AE02.roa (hash: RArCcLO/kSE5acBXMMlQcl8HS4RV4DSQfZAIgouxT+4=) 7: A73C0BF6D93511E6B2617F7BC4F9AE02.roa (hash: 8McChURwVN9JYUVHRVTAHRcHa/Hxc6L3gNtxVyOyx0g=) 8: 63BFE4C0292811EEAF894530C4F9AE02.roa (hash: 4gXXPKgdGkdsiTu4Fh+U84K4r4ojzbdg0Z4yEj+nXpA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.crl rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 15:59:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8680 (0x21e8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F0EBF, serialNumber=3ACCB69539AC9F4288BCD0F0A54250D592F540D4 Validity Not Before: Jun 30 15:59:04 2025 GMT Not After : Jul 7 15:59:04 2025 GMT Subject: CN=6862b448-1fa8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:6a:4f:b7:56:1c:7c:d6:94:98:f3:8b:dd:8b: a0:3f:d2:59:b4:62:4c:98:44:5d:50:7d:ab:e9:90: e9:47:7a:aa:4c:4f:b5:f3:91:3b:90:e6:73:3d:c0: ba:65:d5:8d:8b:e3:95:3e:54:d5:78:2b:3a:7c:6d: c1:57:e4:30:e6:d4:aa:b1:6f:fa:7e:1f:56:15:6d: 8a:31:9c:92:e1:f1:6a:be:e8:58:a8:50:59:d8:cc: 0b:03:01:7f:14:60:4f:c0:92:b5:0b:42:ea:27:b8: 8b:df:13:02:28:37:fc:10:2a:c4:0f:8d:56:d4:8b: d6:2d:51:0a:f8:5b:3e:4f:72:1e:9a:88:f1:a0:62: 5c:af:c2:c4:e9:fd:8f:6a:1c:6c:60:95:83:17:15: ae:b8:a4:42:12:33:a2:4b:d3:1b:a4:d3:aa:a1:90: ae:42:69:c1:b4:8b:d4:37:13:35:4b:dd:6d:4e:a6: de:ce:ad:48:f8:59:5e:54:9e:bf:04:74:27:92:4e: 17:91:65:89:c8:3f:3d:b7:b1:16:3b:dc:db:94:92: 5a:fa:11:5c:13:6a:e5:1b:59:19:98:32:58:3c:dd: 1d:fb:71:4b:1b:f5:6f:3f:4d:b4:47:7d:ea:b3:9f: c0:eb:da:99:cf:b1:01:e2:55:8e:b8:c6:4a:1b:09: f7:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:BB:1C:5C:F3:F8:63:B0:3C:17:FE:AD:D1:0D:06:63:B4:C1:05:CB X509v3 Authority Key Identifier: keyid:3A:CC:B6:95:39:AC:9F:42:88:BC:D0:F0:A5:42:50:D5:92:F5:40:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4a:23:a8:b9:42:d6:b6:b5:47:f4:81:a8:7a:30:d8:03:dd:cd: 50:8a:13:4b:01:4d:69:a0:6a:25:34:a8:4b:1f:87:be:08:9f: 2a:85:18:ba:65:42:31:b0:d5:9a:85:b6:29:3d:4c:47:07:2f: 6a:10:b1:b8:70:eb:06:3b:e1:29:4c:91:90:95:5a:b7:93:c7: d4:81:18:d4:86:f6:4a:0c:d4:16:f0:38:0a:88:02:13:ae:a9: e1:0b:2a:77:d5:bd:97:43:41:31:85:af:d0:70:fe:15:0b:f3: 7d:29:c2:75:9e:1a:69:5b:64:09:19:d2:24:05:af:97:a1:72: e8:8b:33:48:1b:a1:b6:9f:f1:8f:fe:d4:c7:9b:50:83:6d:24: 75:a2:58:47:42:30:2c:56:8a:e3:7a:a7:a0:bb:c6:e1:f3:4d: a8:cb:4c:da:95:86:ce:ad:c1:80:14:90:92:e4:06:01:3f:38: e5:ea:a7:57:31:6b:9b:68:f9:1a:56:b0:9e:81:cc:b7:e9:79: 55:b0:ee:a4:d6:c3:a2:7f:b3:4f:a9:8b:f1:39:d1:0b:79:7d: 44:71:b7:8b:fd:7f:c2:c3:f2:be:b6:fa:18:6c:8d:4c:0d:10: d6:29:cf:cc:fd:bb:9c:da:f6:47:73:ff:15:09:f8:20:16:4f: 15:3f:27:30 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICIegwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjBFQkYxMTAvBgNVBAUTKDNBQ0NCNjk1MzlBQzlGNDI4OEJDRDBGMEE1NDI1MEQ1 OTJGNTQwRDQwHhcNMjUwNjMwMTU1OTA0WhcNMjUwNzA3MTU1OTA0WjAYMRYwFAYD VQQDEw02ODYyYjQ0OC0xZmE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuGpPt1YcfNaUmPOL3YugP9JZtGJMmERdUH2r6ZDpR3qqTE+185E7kOZzPcC6 ZdWNi+OVPlTVeCs6fG3BV+Qw5tSqsW/6fh9WFW2KMZyS4fFqvuhYqFBZ2MwLAwF/ FGBPwJK1C0LqJ7iL3xMCKDf8ECrED41W1IvWLVEK+Fs+T3IemojxoGJcr8LE6f2P ahxsYJWDFxWuuKRCEjOiS9MbpNOqoZCuQmnBtIvUNxM1S91tTqbezq1I+FleVJ6/ BHQnkk4XkWWJyD89t7EWO9zblJJa+hFcE2rlG1kZmDJYPN0d+3FLG/VvP020R33q s5/A69qZz7EB4lWOuMZKGwn3qQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPq7HFzz +GOwPBf+rdENBmO0wQXLMB8GA1UdIwQYMBaAFDrMtpU5rJ9CiLzQ8KVCUNWS9UDU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMEVCRi81Rjg0RDdEOERC ODAxMUU1OUFCN0VEMUVDNEY5QUUwMi9Pc3kybFRtc24wS0l2TkR3cFVKUTFaTDFR TlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09zeTJsVG1zbjBLSXZORHdwVUpRMVpMMVFOUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MEVCRi81Rjg0RDdEOERCODAxMUU1OUFCN0VEMUVDNEY5QUUwMi9Pc3kybFRtc24w S0l2TkR3cFVKUTFaTDFRTlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBKI6i5Qta2tUf0gah6MNgD3c1QihNLAU1poGolNKhLH4e+CJ8qhRi6 ZUIxsNWahbYpPUxHBy9qELG4cOsGO+EpTJGQlVq3k8fUgRjUhvZKDNQW8DgKiAIT rqnhCyp31b2XQ0Exha/QcP4VC/N9KcJ1nhppW2QJGdIkBa+XoXLoizNIG6G2n/GP /tTHm1CDbSR1olhHQjAsVorjeqegu8bh802oy0zalYbOrcGAFJCS5AYBPzjl6qdX MWubaPkaVrCegcy36XlVsO6k1sOif7NPqYvxOdELeX1EcbeL/X/Cw/K+tvoYbI1M DRDWKc/M/buc2vZHc/8VCfggFk8VPycw -----END CERTIFICATE-----Generated at Wed Jul 2 16:19:06 2025 by rpki-client