$ rpki-client -vvf rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.mft File: OAHjYU99QEcCrkIssnnlHcnRTKI.mft (raw, json) Hash identifier: Sb5cH0f9CpKzpTBz3hWgBKra4OrStDK6etPLIBINTp0= Subject key identifier: EC:C2:1D:8D:9D:A4:EC:59:3A:94:E0:0D:33:C8:D3:9A:48:AD:04:67 Authority key identifier: 38:01:E3:61:4F:7D:40:47:02:AE:42:2C:B2:79:E5:1D:C9:D1:4C:A2 Certificate issuer: /CN=A912383B/serialNumber=3801E3614F7D404702AE422CB279E51DC9D14CA2 Certificate serial: 082B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OAHjYU99QEcCrkIssnnlHcnRTKI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.mft Manifest number: 0824 Signing time: Thu 24 Jul 2025 21:01:00 +0000 Manifest this update: Thu 24 Jul 2025 21:00:59 +0000 Manifest next update: Thu 31 Jul 2025 21:00:59 +0000 Files and hashes: 1: OAHjYU99QEcCrkIssnnlHcnRTKI.crl (hash: Gw96LQYy6FGYYQjnMNQFAdyaGCOp9PPUS9eN8MPzvCM=) 2: 4E4AF4A2C2B111EBABFFA212C4F9AE02.roa (hash: OwVRnVKX5TIRRxRa7tYPZCkquxRI/+jnc5rYmXmYkKM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.crl rsync://rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OAHjYU99QEcCrkIssnnlHcnRTKI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 31 Jul 2025 21:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2091 (0x82b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912383B, serialNumber=3801E3614F7D404702AE422CB279E51DC9D14CA2 Validity Not Before: Jul 24 21:00:59 2025 GMT Not After : Jul 31 21:00:59 2025 GMT Subject: CN=68829f0b-b7fb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:0d:6c:05:f4:f5:c7:84:c4:7d:54:1e:49:ac: 99:71:99:f6:f2:c4:92:c7:36:a0:6f:e4:51:5d:03: 7d:6f:bd:c1:6b:0a:71:74:24:ba:cb:41:15:ba:c3: ff:95:34:a9:21:3c:99:4a:6f:a6:d6:8b:a8:98:17: 14:0f:78:d3:26:4d:ca:5f:bd:ef:d4:f2:22:02:e9: 4e:af:46:4b:16:32:fb:15:7b:b2:11:79:30:9a:6d: 08:eb:b4:86:bf:1b:1f:ec:76:8e:6d:55:d0:28:60: e6:35:5c:c1:d9:ed:6c:9a:dd:c4:87:42:a3:72:50: 01:99:74:e2:fd:a3:be:f2:42:1e:45:05:7a:a4:52: 17:29:15:0d:79:6b:d5:29:e8:65:7c:f6:51:f8:81: bb:26:69:21:10:2e:83:a6:54:7a:98:ea:eb:de:ed: 31:36:60:5a:c1:17:33:f7:04:6b:2c:c2:f0:98:19: 6c:86:01:ee:2a:cd:f0:d9:e3:c1:82:b2:db:9c:86: 13:59:df:f6:b7:11:e0:d2:6c:76:b4:30:e1:5c:30: 2e:5d:cd:e5:ed:aa:e5:84:17:5d:a3:39:df:c8:8a: 9a:36:a0:4c:31:8e:66:f7:95:1e:ec:59:8d:09:40: 63:f3:64:ad:f4:87:ac:ae:d6:84:70:40:2e:f3:17: ea:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:C2:1D:8D:9D:A4:EC:59:3A:94:E0:0D:33:C8:D3:9A:48:AD:04:67 X509v3 Authority Key Identifier: keyid:38:01:E3:61:4F:7D:40:47:02:AE:42:2C:B2:79:E5:1D:C9:D1:4C:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OAHjYU99QEcCrkIssnnlHcnRTKI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 79:52:0e:6d:22:b5:10:b9:e2:e0:10:3e:00:74:c9:8d:4d:85: 71:52:35:94:c6:2c:f1:28:6d:75:be:c8:6c:5f:75:be:fa:18: 9d:06:d4:e6:42:1c:03:92:64:fa:73:e0:d0:f2:c0:4a:d3:33: f8:41:2d:f0:5d:7a:70:8e:3f:ba:49:fa:1a:d3:79:a6:99:8e: 3d:d4:42:c8:92:40:4a:2c:6e:7e:bf:3a:ab:5f:40:5c:28:cc: bc:6b:f0:42:d5:1e:79:6d:6b:33:a1:b3:89:d1:0d:49:bd:26: 93:96:ac:d2:cb:71:c7:91:ce:b8:a4:d2:da:8f:1a:c0:0c:e6: 40:9e:3a:a2:8b:fc:34:3e:7c:04:a1:de:c3:c9:ff:bb:9a:65: b4:9f:66:84:33:a4:da:ba:ed:38:47:b5:25:48:43:3a:48:7d: 08:5f:fd:e7:61:d6:a0:72:7c:76:ba:85:e8:b4:15:c5:56:a2: 43:33:b0:fd:b5:83:f7:c0:a8:2c:41:0e:d6:b3:56:3f:4c:93: 34:db:98:0c:5e:7c:7e:8c:59:4c:8c:96:b8:75:bb:ad:0a:ad: d0:7f:c2:5c:fd:2e:8a:41:0a:d9:ce:e4:1f:8c:b6:54:21:3f: f2:92:58:f5:ce:35:ae:a4:04:72:29:03:ca:fc:f7:c1:b4:a0: 31:e3:8e:aa -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCCswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjM4M0IxMTAvBgNVBAUTKDM4MDFFMzYxNEY3RDQwNDcwMkFFNDIyQ0IyNzlFNTFE QzlEMTRDQTIwHhcNMjUwNzI0MjEwMDU5WhcNMjUwNzMxMjEwMDU5WjAYMRYwFAYD VQQDEw02ODgyOWYwYi1iN2ZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnA1sBfT1x4TEfVQeSayZcZn28sSSxzagb+RRXQN9b73BawpxdCS6y0EVusP/ lTSpITyZSm+m1ouomBcUD3jTJk3KX73v1PIiAulOr0ZLFjL7FXuyEXkwmm0I67SG vxsf7HaObVXQKGDmNVzB2e1smt3Eh0KjclABmXTi/aO+8kIeRQV6pFIXKRUNeWvV KehlfPZR+IG7JmkhEC6DplR6mOrr3u0xNmBawRcz9wRrLMLwmBlshgHuKs3w2ePB grLbnIYTWd/2txHg0mx2tDDhXDAuXc3l7arlhBddoznfyIqaNqBMMY5m95Ue7FmN CUBj82St9IesrtaEcEAu8xfqlQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOzCHY2d pOxZOpTgDTPI05pIrQRnMB8GA1UdIwQYMBaAFDgB42FPfUBHAq5CLLJ55R3J0Uyi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMzgzQi9GQkJBOUU5Q0Uw MjMxMUVBOTkyMkRFNDJDNEY5QUUwMi9PQUhqWVU5OVFFY0Nya0lzc25ubEhjblJU S0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09BSGpZVTk5UUVjQ3JrSXNzbm5sSGNuUlRLSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MzgzQi9GQkJBOUU5Q0UwMjMxMUVBOTkyMkRFNDJDNEY5QUUwMi9PQUhqWVU5OVFF Y0Nya0lzc25ubEhjblJUS0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB5Ug5tIrUQueLgED4AdMmNTYVxUjWUxizxKG11vshsX3W++hidBtTm QhwDkmT6c+DQ8sBK0zP4QS3wXXpwjj+6Sfoa03mmmY491ELIkkBKLG5+vzqrX0Bc KMy8a/BC1R55bWszobOJ0Q1JvSaTlqzSy3HHkc64pNLajxrADOZAnjqii/w0PnwE od7Dyf+7mmW0n2aEM6Tauu04R7UlSEM6SH0IX/3nYdagcnx2uoXotBXFVqJDM7D9 tYP3wKgsQQ7Ws1Y/TJM025gMXnx+jFlMjJa4dbutCq3Qf8Jc/S6KQQrZzuQfjLZU IT/yklj1zjWupARyKQPK/PfBtKAx446q -----END CERTIFICATE-----Generated at Sat Jul 26 02:03:13 2025 by rpki-client