$ rpki-client -vvf rpki.apnic.net/member_repository/A91F6D55/2BA7395E16A411EDA838110BC4F9AE02/oYzT_oKtIYA8HwsTLa2D0cNUk0s.mft File: oYzT_oKtIYA8HwsTLa2D0cNUk0s.mft (raw, json) Hash identifier: VYbpUZQRb5557SYPblMSOlsZLIHrAgtcSJkESVdt9T0= Subject key identifier: 85:B0:39:A0:FC:38:80:58:73:51:3B:17:7B:8A:51:D7:15:7B:C4:D6 Authority key identifier: A1:8C:D3:FE:82:AD:21:80:3C:1F:0B:13:2D:AD:83:D1:C3:54:93:4B Certificate issuer: /CN=A91F6D55/serialNumber=A18CD3FE82AD21803C1F0B132DAD83D1C354934B Certificate serial: 028F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oYzT_oKtIYA8HwsTLa2D0cNUk0s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F6D55/2BA7395E16A411EDA838110BC4F9AE02/oYzT_oKtIYA8HwsTLa2D0cNUk0s.mft Manifest number: 028B Signing time: Sat 23 Aug 2025 01:53:08 +0000 Manifest this update: Sat 23 Aug 2025 01:53:08 +0000 Manifest next update: Sat 30 Aug 2025 01:53:08 +0000 Files and hashes: 1: oYzT_oKtIYA8HwsTLa2D0cNUk0s.crl (hash: nGurkYxeWmJo9kYS8Mlq5/6JaAc2IgxvD4CBdEQV2Lc=) 2: 929D0EB616A611ED86A3EF0CC4F9AE02.roa (hash: 00Bb5TLyF/J2CWzHDjxZA81Dz6rMiVp4bUBC6ncoYxk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F6D55/2BA7395E16A411EDA838110BC4F9AE02/oYzT_oKtIYA8HwsTLa2D0cNUk0s.crl rsync://rpki.apnic.net/member_repository/A91F6D55/2BA7395E16A411EDA838110BC4F9AE02/oYzT_oKtIYA8HwsTLa2D0cNUk0s.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oYzT_oKtIYA8HwsTLa2D0cNUk0s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 01:53:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 655 (0x28f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F6D55, serialNumber=A18CD3FE82AD21803C1F0B132DAD83D1C354934B Validity Not Before: Aug 23 01:53:08 2025 GMT Not After : Aug 30 01:53:08 2025 GMT Subject: CN=68a91f04-0196 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:08:28:d0:d3:cb:25:35:cf:41:34:6e:bd:bb: 81:51:f9:76:81:dc:77:08:f1:45:d6:5f:db:10:7b: 5d:c9:f0:6a:bd:ba:8a:d0:0e:ed:5a:d1:89:3c:5d: 24:38:3b:43:7c:98:19:22:7d:8a:81:b6:2c:93:6a: 60:97:bf:8c:48:2f:ee:15:87:66:fc:ea:b9:08:96: e9:32:92:d0:b9:40:a0:23:18:06:c4:65:20:4c:de: 6a:bd:6d:b1:dc:80:6d:d6:dd:b5:02:13:05:0d:f3: 3e:71:0a:d3:25:1f:3f:d3:a3:6c:a1:b4:ef:b7:44: b1:2b:81:30:47:0a:23:3c:a6:fa:ec:93:77:82:c0: 67:fb:25:6c:13:ee:eb:87:1a:e1:a1:aa:d7:e8:93: 18:be:20:f7:a2:33:6c:ac:6c:e2:cb:77:f3:b5:a9: f8:d5:0e:26:83:28:0a:da:cc:d3:7e:91:b3:77:ab: b9:33:a0:f9:d5:d1:e4:52:e8:b8:54:48:60:2d:dd: 99:c0:75:12:c7:0f:b5:e2:a2:38:4a:8a:d9:d9:fb: 41:9a:76:6a:85:cf:cb:15:91:f0:30:45:51:38:90: 71:63:67:8c:bf:20:b8:89:0c:f8:22:8f:76:f1:bc: 74:de:d7:cf:5c:a7:25:88:92:9b:1a:95:57:98:a7: 35:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:B0:39:A0:FC:38:80:58:73:51:3B:17:7B:8A:51:D7:15:7B:C4:D6 X509v3 Authority Key Identifier: keyid:A1:8C:D3:FE:82:AD:21:80:3C:1F:0B:13:2D:AD:83:D1:C3:54:93:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F6D55/2BA7395E16A411EDA838110BC4F9AE02/oYzT_oKtIYA8HwsTLa2D0cNUk0s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oYzT_oKtIYA8HwsTLa2D0cNUk0s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F6D55/2BA7395E16A411EDA838110BC4F9AE02/oYzT_oKtIYA8HwsTLa2D0cNUk0s.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 97:bb:2d:da:c7:30:65:1f:5b:2b:60:88:42:47:0b:f3:bb:95: a2:5e:e5:f5:81:b4:23:a1:e5:4e:04:29:56:08:83:d7:6f:3f: e6:c3:4e:20:3f:bb:91:69:d5:b4:64:95:0b:69:33:b6:75:4f: 61:57:2c:f3:f0:88:4c:8d:06:93:64:3b:c3:2d:d0:dd:b7:f1: 36:0d:e6:9f:05:0a:df:83:b7:98:e0:3b:f5:88:d5:4f:0a:1e: cd:a8:f3:a3:55:c0:41:7a:00:5f:99:e4:ef:17:f4:0d:98:71: e2:80:f6:37:38:b3:64:4b:52:ac:d5:29:cb:a0:1e:21:8f:4e: 95:48:ce:ce:60:62:6f:35:75:da:4d:1d:80:b3:cb:ba:10:d0: 6f:25:0e:68:8c:16:24:06:ce:fe:94:ee:de:3c:09:6f:7a:98: 5b:3f:e9:cd:30:85:71:14:8e:e7:04:11:58:4f:28:ec:5b:76: eb:a3:ba:af:35:5a:ef:73:b7:1b:72:4f:3b:9c:c5:df:17:67: d9:8a:8a:43:49:58:3b:be:56:db:dd:36:6f:09:42:37:b8:9e: 99:7e:b0:f9:c9:78:c7:f6:f1:7e:bc:7d:2a:7c:25:e6:08:60: 26:fc:09:b7:c2:e5:b1:ee:87:fc:99:51:01:15:e4:53:f1:f2: 4c:db:80:1b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAo8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjZENTUxMTAvBgNVBAUTKEExOENEM0ZFODJBRDIxODAzQzFGMEIxMzJEQUQ4M0Qx QzM1NDkzNEIwHhcNMjUwODIzMDE1MzA4WhcNMjUwODMwMDE1MzA4WjAYMRYwFAYD VQQDEw02OGE5MWYwNC0wMTk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3ggo0NPLJTXPQTRuvbuBUfl2gdx3CPFF1l/bEHtdyfBqvbqK0A7tWtGJPF0k ODtDfJgZIn2KgbYsk2pgl7+MSC/uFYdm/Oq5CJbpMpLQuUCgIxgGxGUgTN5qvW2x 3IBt1t21AhMFDfM+cQrTJR8/06NsobTvt0SxK4EwRwojPKb67JN3gsBn+yVsE+7r hxrhoarX6JMYviD3ojNsrGziy3fztan41Q4mgygK2szTfpGzd6u5M6D51dHkUui4 VEhgLd2ZwHUSxw+14qI4SorZ2ftBmnZqhc/LFZHwMEVROJBxY2eMvyC4iQz4Io92 8bx03tfPXKcliJKbGpVXmKc1vwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIWwOaD8 OIBYc1E7F3uKUdcVe8TWMB8GA1UdIwQYMBaAFKGM0/6CrSGAPB8LEy2tg9HDVJNL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNkQ1NS8yQkE3Mzk1RTE2 QTQxMUVEQTgzODExMEJDNEY5QUUwMi9vWXpUX29LdElZQThId3NUTGEyRDBjTlVr MHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29ZelRfb0t0SVlBOEh3c1RMYTJEMGNOVWswcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NkQ1NS8yQkE3Mzk1RTE2QTQxMUVEQTgzODExMEJDNEY5QUUwMi9vWXpUX29LdElZ QThId3NUTGEyRDBjTlVrMHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCXuy3axzBlH1srYIhCRwvzu5WiXuX1gbQjoeVOBClWCIPXbz/mw04g P7uRadW0ZJULaTO2dU9hVyzz8IhMjQaTZDvDLdDdt/E2DeafBQrfg7eY4Dv1iNVP Ch7NqPOjVcBBegBfmeTvF/QNmHHigPY3OLNkS1Ks1SnLoB4hj06VSM7OYGJvNXXa TR2As8u6ENBvJQ5ojBYkBs7+lO7ePAlvephbP+nNMIVxFI7nBBFYTyjsW3bro7qv NVrvc7cbck87nMXfF2fZiopDSVg7vlbb3TZvCUI3uJ6ZfrD5yXjH9vF+vH0qfCXm CGAm/Am3wuWx7of8mVEBFeRT8fJM24Ab -----END CERTIFICATE-----Generated at Sat Aug 23 13:41:43 2025 by rpki-client