$ rpki-client -vvf rpki.apnic.net/member_repository/A91FB68C/17D103A8EAB211EF846F1337C4F9AE02/oiiPiWTWFpqHlfL07wXg1ebhOwk.mft File: oiiPiWTWFpqHlfL07wXg1ebhOwk.mft (raw, json) Hash identifier: +whfeVFrggPeKkfJ48j6youqUYlEJ7m7BH4Z+b8/0Fk= Subject key identifier: E6:82:7C:17:40:67:90:F0:4F:A1:D6:1A:8F:70:9C:9E:B7:49:9F:AC Authority key identifier: A2:28:8F:89:64:D6:16:9A:87:95:F2:F4:EF:05:E0:D5:E6:E1:3B:09 Certificate issuer: /CN=A91FB68C/serialNumber=A2288F8964D6169A8795F2F4EF05E0D5E6E13B09 Certificate serial: 78 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oiiPiWTWFpqHlfL07wXg1ebhOwk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FB68C/17D103A8EAB211EF846F1337C4F9AE02/oiiPiWTWFpqHlfL07wXg1ebhOwk.mft Manifest number: 6F Signing time: Sat 23 Aug 2025 07:17:58 +0000 Manifest this update: Sat 23 Aug 2025 07:17:57 +0000 Manifest next update: Sat 30 Aug 2025 07:17:57 +0000 Files and hashes: 1: oiiPiWTWFpqHlfL07wXg1ebhOwk.crl (hash: b8H6UmhNSvz3ItvZxygjFIClpkahxdMEDVOrt93VjhY=) 2: 7F9864BC278511F08A309E80C4F9AE02.roa (hash: Qmy+i9C5Rc4mKmMkW3mFXP5ni+MgnYfnd/vlrjppwOw=) 3: 965254F8278811F09217002CC4F9AE02.roa (hash: 43x78k+dzhsv7ZCDVrgKApUESFB1ajmPRMXQlcEBmxQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FB68C/17D103A8EAB211EF846F1337C4F9AE02/oiiPiWTWFpqHlfL07wXg1ebhOwk.crl rsync://rpki.apnic.net/member_repository/A91FB68C/17D103A8EAB211EF846F1337C4F9AE02/oiiPiWTWFpqHlfL07wXg1ebhOwk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oiiPiWTWFpqHlfL07wXg1ebhOwk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 07:17:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 120 (0x78) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FB68C, serialNumber=A2288F8964D6169A8795F2F4EF05E0D5E6E13B09 Validity Not Before: Aug 23 07:17:57 2025 GMT Not After : Aug 30 07:17:57 2025 GMT Subject: CN=68a96b25-a437 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:d6:f5:f3:09:06:b2:f7:8f:78:93:ce:48:f1: e8:d3:93:15:fd:26:02:95:c9:09:c2:53:f0:65:b4: 8e:91:f3:a4:ff:25:3f:5d:6f:74:c2:2d:aa:ec:de: 4a:ee:5b:ab:c7:8b:3d:52:26:f2:74:dd:c1:eb:ba: da:ff:24:f6:fe:af:85:b5:47:3a:08:56:2a:0d:83: 78:1f:59:e3:ac:2e:a1:ca:31:bf:32:8a:80:7a:7d: de:7e:32:c6:f6:67:3d:fc:dc:5d:d7:b3:f5:ec:d8: 25:00:1d:00:d5:35:b9:fb:34:7c:02:e0:15:eb:cd: 94:67:cd:61:a3:f3:93:93:46:2f:4e:1e:25:be:84: 9a:b1:04:ad:2e:84:4b:b7:2e:d1:a3:b3:14:c4:38: 8f:5d:3d:89:e8:16:09:75:a5:6b:5b:c8:47:2c:f0: cd:1f:e0:83:89:65:c8:1c:9c:ff:67:82:7a:e5:4b: f9:c1:57:84:d0:ce:1e:9a:ae:ea:dd:63:90:80:1a: 71:86:0e:29:5d:ed:70:7e:cc:fc:5a:24:6c:35:82: 19:1d:f2:5d:a8:25:f1:9d:0f:21:02:7e:95:7d:62: 79:3a:b7:46:21:3e:24:4a:48:d1:0e:f8:af:05:5d: 30:cb:37:51:58:12:f4:e3:43:75:62:2b:87:27:d0: d8:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:82:7C:17:40:67:90:F0:4F:A1:D6:1A:8F:70:9C:9E:B7:49:9F:AC X509v3 Authority Key Identifier: keyid:A2:28:8F:89:64:D6:16:9A:87:95:F2:F4:EF:05:E0:D5:E6:E1:3B:09 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FB68C/17D103A8EAB211EF846F1337C4F9AE02/oiiPiWTWFpqHlfL07wXg1ebhOwk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oiiPiWTWFpqHlfL07wXg1ebhOwk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FB68C/17D103A8EAB211EF846F1337C4F9AE02/oiiPiWTWFpqHlfL07wXg1ebhOwk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 69:47:91:40:48:62:8c:93:c8:a0:68:4e:fc:7a:35:ad:d0:5f: 56:ee:b6:de:df:6a:76:2e:62:2b:51:f0:15:48:95:7a:8b:62: 01:b6:16:94:20:91:e1:05:7d:af:be:d9:f4:bc:5b:b6:ed:52: 25:a5:ff:63:ec:83:ac:5e:9a:9a:b5:ee:a3:00:d4:0e:80:f1: 1e:14:bd:89:29:41:34:8a:77:f6:08:96:2e:ee:9c:e4:ea:15: af:3c:df:30:10:ed:25:64:ed:32:7e:45:8a:e1:c3:1e:11:8a: e9:18:20:51:ee:94:37:d9:3f:3f:06:ee:fc:43:60:2e:1e:ab: 6f:b9:4c:3b:dc:c1:80:f2:95:5d:51:df:89:1d:1b:3a:87:37: 76:18:38:a4:81:96:3d:81:cf:44:21:0a:34:63:f1:2a:43:16: 10:e7:50:dc:2e:34:71:cd:28:e2:16:d9:73:71:7a:e9:90:ba: 38:25:ae:9d:50:aa:c4:24:47:f0:21:e9:3b:75:da:48:c7:0b: d8:7c:10:ea:b0:26:85:1c:09:5b:38:f9:0d:59:19:b8:d6:50: 0f:00:95:ac:92:28:f2:87:06:b8:43:a1:42:42:c8:a4:f6:2b: c7:52:79:15:ab:67:22:2e:68:03:33:fe:d0:01:b0:19:a9:89: 96:6a:32:16 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBeDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG QjY4QzExMC8GA1UEBRMoQTIyODhGODk2NEQ2MTY5QTg3OTVGMkY0RUYwNUUwRDVF NkUxM0IwOTAeFw0yNTA4MjMwNzE3NTdaFw0yNTA4MzAwNzE3NTdaMBgxFjAUBgNV BAMTDTY4YTk2YjI1LWE0MzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCf1vXzCQay9494k85I8ejTkxX9JgKVyQnCU/BltI6R86T/JT9db3TCLars3kru W6vHiz1SJvJ03cHrutr/JPb+r4W1RzoIVioNg3gfWeOsLqHKMb8yioB6fd5+Msb2 Zz383F3Xs/Xs2CUAHQDVNbn7NHwC4BXrzZRnzWGj85OTRi9OHiW+hJqxBK0uhEu3 LtGjsxTEOI9dPYnoFgl1pWtbyEcs8M0f4IOJZcgcnP9ngnrlS/nBV4TQzh6arurd Y5CAGnGGDild7XB+zPxaJGw1ghkd8l2oJfGdDyECfpV9Ynk6t0YhPiRKSNEO+K8F XTDLN1FYEvTjQ3ViK4cn0NhfAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU5oJ8F0Bn kPBPodYaj3CcnrdJn6wwHwYDVR0jBBgwFoAUoiiPiWTWFpqHlfL07wXg1ebhOwkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZCNjhDLzE3RDEwM0E4RUFC MjExRUY4NDZGMTMzN0M0RjlBRTAyL29paVBpV1RXRnBxSGxmTDA3d1hnMWViaE93 ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvb2lpUGlXVFdGcHFIbGZMMDd3WGcxZWJoT3drLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZC NjhDLzE3RDEwM0E4RUFCMjExRUY4NDZGMTMzN0M0RjlBRTAyL29paVBpV1RXRnBx SGxmTDA3d1hnMWViaE93ay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGlHkUBIYoyTyKBoTvx6Na3QX1butt7fanYuYitR8BVIlXqLYgG2FpQg keEFfa++2fS8W7btUiWl/2Psg6xempq17qMA1A6A8R4UvYkpQTSKd/YIli7unOTq Fa883zAQ7SVk7TJ+RYrhwx4RiukYIFHulDfZPz8G7vxDYC4eq2+5TDvcwYDylV1R 34kdGzqHN3YYOKSBlj2Bz0QhCjRj8SpDFhDnUNwuNHHNKOIW2XNxeumQujglrp1Q qsQkR/Ah6Tt12kjHC9h8EOqwJoUcCVs4+Q1ZGbjWUA8AlaySKPKHBrhDoUJCyKT2 K8dSeRWrZyIuaAMz/tABsBmpiZZqMhY= -----END CERTIFICATE-----Generated at Sat Aug 23 18:37:54 2025 by rpki-client