$ rpki-client -vvf rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.mft File: OAHjYU99QEcCrkIssnnlHcnRTKI.mft (raw, json) Hash identifier: DhfpjkFCAbBg8CGNd7yNCf3ozAtJcDCRR4J1T+DZg8w= Subject key identifier: B4:BB:FC:56:43:F4:42:A8:79:63:EE:36:72:A5:CB:5F:D1:AC:35:F6 Authority key identifier: 38:01:E3:61:4F:7D:40:47:02:AE:42:2C:B2:79:E5:1D:C9:D1:4C:A2 Certificate issuer: /CN=A912383B/serialNumber=3801E3614F7D404702AE422CB279E51DC9D14CA2 Certificate serial: 082A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OAHjYU99QEcCrkIssnnlHcnRTKI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.mft Manifest number: 0823 Signing time: Tue 22 Jul 2025 21:04:39 +0000 Manifest this update: Tue 22 Jul 2025 21:04:38 +0000 Manifest next update: Tue 29 Jul 2025 21:04:38 +0000 Files and hashes: 1: OAHjYU99QEcCrkIssnnlHcnRTKI.crl (hash: 3ymTlDFCdVHo0z60XBu7sVtXbz5oRPmU7waI0vOXkaU=) 2: 4E4AF4A2C2B111EBABFFA212C4F9AE02.roa (hash: OwVRnVKX5TIRRxRa7tYPZCkquxRI/+jnc5rYmXmYkKM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.crl rsync://rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OAHjYU99QEcCrkIssnnlHcnRTKI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Jul 2025 21:04:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2090 (0x82a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912383B, serialNumber=3801E3614F7D404702AE422CB279E51DC9D14CA2 Validity Not Before: Jul 22 21:04:38 2025 GMT Not After : Jul 29 21:04:38 2025 GMT Subject: CN=687ffce6-d210 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:49:d6:f2:6f:c4:e7:16:55:89:46:0e:11:50: 99:6e:c0:c5:c4:b3:09:e0:fc:8c:b2:88:f6:4f:5d: 91:8d:71:a7:dc:20:30:e7:81:16:85:03:a3:52:b8: 9f:0a:81:29:36:0a:b2:16:72:3b:f4:db:ad:79:85: a3:48:7d:b4:f2:47:40:fa:61:ae:9c:d2:0f:b7:94: 27:b0:ec:dd:0f:f8:d6:1d:8d:23:8a:ca:cc:c5:a7: 5a:80:61:30:e1:4f:6d:92:4b:d4:1e:9a:7e:6f:db: bc:af:02:7a:e8:8e:71:a7:5e:d6:b3:06:bb:40:0c: 24:8d:2c:96:63:fa:fd:75:95:f5:99:80:3d:c5:1e: d7:15:fa:db:66:60:76:67:89:ab:9b:09:55:a7:d4: b2:26:77:5e:1e:93:b5:e4:2c:8d:bc:3c:1a:fa:70: 8d:27:b1:bc:dc:bb:01:22:5d:26:50:32:1c:cf:a7: 06:f0:e2:b1:0d:cc:c4:41:6a:27:f1:da:97:e7:1e: 98:a9:53:d7:94:c1:c9:1e:88:2a:98:0c:f9:d7:fd: fc:6f:d9:c2:fe:26:c2:de:d6:0f:cf:8f:1f:47:bd: 2e:ff:72:56:86:55:10:4c:c7:24:9d:33:68:3c:fa: e3:74:13:84:f0:6d:c2:61:28:31:40:6e:15:dd:f3: af:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:BB:FC:56:43:F4:42:A8:79:63:EE:36:72:A5:CB:5F:D1:AC:35:F6 X509v3 Authority Key Identifier: keyid:38:01:E3:61:4F:7D:40:47:02:AE:42:2C:B2:79:E5:1D:C9:D1:4C:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OAHjYU99QEcCrkIssnnlHcnRTKI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 51:d9:cb:eb:9c:9c:c2:a9:bc:b6:0b:cf:3c:92:99:07:48:30: 80:74:27:d8:58:e3:a6:37:cf:b2:91:31:44:02:83:91:96:6c: d0:24:ee:aa:84:32:6f:69:dd:1a:f4:10:49:e9:57:78:f2:ff: fe:e4:4e:ad:5c:49:87:3f:41:0f:7f:4e:d3:d2:f1:56:d2:00: cb:a3:82:7b:13:90:ca:f7:62:e0:ca:8e:f1:00:8c:8a:e2:46: 19:14:9f:93:bd:a5:ce:88:6a:7b:3e:5f:dc:88:66:4c:4f:5d: a8:cf:80:b7:7b:ac:93:f9:70:b8:35:0c:d2:e5:69:b9:41:6b: a2:6e:10:0d:a3:fa:34:bc:40:3e:4c:c8:73:20:a9:af:d9:79: 14:2b:7b:ee:b9:41:a3:59:db:02:7d:22:36:94:c1:b8:91:88: c4:5d:31:ab:a4:6b:a0:fc:99:e9:40:07:c2:db:91:d9:5d:4d: fe:ac:04:dd:bd:ae:33:ca:cd:da:7a:e0:9f:7f:c3:55:d8:5d: 90:e7:6b:cc:c6:f9:46:ae:23:f6:2a:83:8d:4e:d7:4f:39:60: 98:8a:07:c2:95:6e:aa:d1:c4:6c:3d:65:60:3b:ab:2e:f6:07: 36:d1:39:e7:6e:ab:84:00:90:9a:58:7d:fa:a1:df:12:21:5f: f6:9e:36:44 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCCowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjM4M0IxMTAvBgNVBAUTKDM4MDFFMzYxNEY3RDQwNDcwMkFFNDIyQ0IyNzlFNTFE QzlEMTRDQTIwHhcNMjUwNzIyMjEwNDM4WhcNMjUwNzI5MjEwNDM4WjAYMRYwFAYD VQQDEw02ODdmZmNlNi1kMjEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxEnW8m/E5xZViUYOEVCZbsDFxLMJ4PyMsoj2T12RjXGn3CAw54EWhQOjUrif CoEpNgqyFnI79NuteYWjSH208kdA+mGunNIPt5QnsOzdD/jWHY0jisrMxadagGEw 4U9tkkvUHpp+b9u8rwJ66I5xp17Wswa7QAwkjSyWY/r9dZX1mYA9xR7XFfrbZmB2 Z4mrmwlVp9SyJndeHpO15CyNvDwa+nCNJ7G83LsBIl0mUDIcz6cG8OKxDczEQWon 8dqX5x6YqVPXlMHJHogqmAz51/38b9nC/ibC3tYPz48fR70u/3JWhlUQTMcknTNo PPrjdBOE8G3CYSgxQG4V3fOvNQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLS7/FZD 9EKoeWPuNnKly1/RrDX2MB8GA1UdIwQYMBaAFDgB42FPfUBHAq5CLLJ55R3J0Uyi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMzgzQi9GQkJBOUU5Q0Uw MjMxMUVBOTkyMkRFNDJDNEY5QUUwMi9PQUhqWVU5OVFFY0Nya0lzc25ubEhjblJU S0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09BSGpZVTk5UUVjQ3JrSXNzbm5sSGNuUlRLSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MzgzQi9GQkJBOUU5Q0UwMjMxMUVBOTkyMkRFNDJDNEY5QUUwMi9PQUhqWVU5OVFF Y0Nya0lzc25ubEhjblJUS0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBR2cvrnJzCqby2C888kpkHSDCAdCfYWOOmN8+ykTFEAoORlmzQJO6q hDJvad0a9BBJ6Vd48v/+5E6tXEmHP0EPf07T0vFW0gDLo4J7E5DK92Lgyo7xAIyK 4kYZFJ+TvaXOiGp7Pl/ciGZMT12oz4C3e6yT+XC4NQzS5Wm5QWuibhANo/o0vEA+ TMhzIKmv2XkUK3vuuUGjWdsCfSI2lMG4kYjEXTGrpGug/JnpQAfC25HZXU3+rATd va4zys3aeuCff8NV2F2Q52vMxvlGriP2KoONTtdPOWCYigfClW6q0cRsPWVgO6su 9gc20TnnbquEAJCaWH36od8SIV/2njZE -----END CERTIFICATE-----Generated at Thu Jul 24 03:57:38 2025 by rpki-client