$ rpki-client -vvf rpki.apnic.net/member_repository/A91498A4/ECF30A9E905311EB9CA8721DC4F9AE02/OjOl2tw3NyZBfd1W5GeQ_4S7ztE.mft File: OjOl2tw3NyZBfd1W5GeQ_4S7ztE.mft (raw, json) Hash identifier: H+NFI45nk+/qz+Wk6q9eIfuc4RLifWpoLZ+GEvDqPWA= Subject key identifier: 31:1C:7E:D4:A7:00:61:AF:72:45:02:6B:7C:C7:6C:DB:3D:26:25:43 Authority key identifier: 3A:33:A5:DA:DC:37:37:26:41:7D:DD:56:E4:67:90:FF:84:BB:CE:D1 Certificate issuer: /CN=A91498A4/serialNumber=3A33A5DADC373726417DDD56E46790FF84BBCED1 Certificate serial: 065E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OjOl2tw3NyZBfd1W5GeQ_4S7ztE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91498A4/ECF30A9E905311EB9CA8721DC4F9AE02/OjOl2tw3NyZBfd1W5GeQ_4S7ztE.mft Manifest number: 0658 Signing time: Fri 18 Jul 2025 22:51:06 +0000 Manifest this update: Fri 18 Jul 2025 22:51:06 +0000 Manifest next update: Fri 25 Jul 2025 22:51:06 +0000 Files and hashes: 1: OjOl2tw3NyZBfd1W5GeQ_4S7ztE.crl (hash: kjxV7nQnEOv6piv2+gUiP0humRoVRNWforyXChONvPc=) 2: A7A77B96911111EBA69D2641C4F9AE02.roa (hash: VESDtzqVBQrTGjrRN3bP0bonHePhKHgrwV/FIae5l4Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91498A4/ECF30A9E905311EB9CA8721DC4F9AE02/OjOl2tw3NyZBfd1W5GeQ_4S7ztE.crl rsync://rpki.apnic.net/member_repository/A91498A4/ECF30A9E905311EB9CA8721DC4F9AE02/OjOl2tw3NyZBfd1W5GeQ_4S7ztE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OjOl2tw3NyZBfd1W5GeQ_4S7ztE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 22:51:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1630 (0x65e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91498A4, serialNumber=3A33A5DADC373726417DDD56E46790FF84BBCED1 Validity Not Before: Jul 18 22:51:06 2025 GMT Not After : Jul 25 22:51:06 2025 GMT Subject: CN=687acfda-f39b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:ea:83:4a:10:92:70:bc:cb:67:9b:92:ac:0c: ab:79:d9:c9:69:9a:95:51:8f:d1:80:a8:9a:f1:7d: 12:4b:98:4c:7f:ed:a7:2b:4b:0c:b2:8e:cf:7b:6c: 80:22:25:81:bb:a0:10:ad:c7:4d:dd:b6:27:71:72: 5a:78:66:bd:b3:d2:4f:75:e7:d3:5a:ce:7c:4a:8d: b3:23:a1:da:5e:c7:d1:e1:38:14:6f:e9:da:87:b7: c0:d5:02:2a:84:68:18:a2:e5:a9:7b:6b:9b:61:fd: ae:6e:32:3c:3d:40:4e:67:8c:f0:34:c2:fe:50:e7: 2a:d4:b2:89:a0:d2:41:be:24:af:f1:2c:01:d1:72: ca:e9:4e:75:d6:d8:ec:6c:67:3f:25:42:e1:68:f8: 68:c6:40:05:a9:f3:5d:55:64:1e:2d:dc:17:2b:b0: 80:eb:db:db:cb:03:6c:f8:14:58:fd:b8:2c:d9:d3: a7:a3:9e:2e:78:68:d6:c6:cf:d1:cd:d0:37:f1:78: 00:ad:ea:63:c1:a6:5a:94:1d:af:0a:dd:55:32:81: e2:a1:78:3e:26:e5:57:34:d3:30:ae:1b:7b:53:6d: 77:f5:6d:f4:ff:76:81:4d:01:27:4f:f7:95:68:fb: f0:9d:23:b9:3f:15:99:6d:77:1a:96:1c:a3:06:ac: d9:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:1C:7E:D4:A7:00:61:AF:72:45:02:6B:7C:C7:6C:DB:3D:26:25:43 X509v3 Authority Key Identifier: keyid:3A:33:A5:DA:DC:37:37:26:41:7D:DD:56:E4:67:90:FF:84:BB:CE:D1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91498A4/ECF30A9E905311EB9CA8721DC4F9AE02/OjOl2tw3NyZBfd1W5GeQ_4S7ztE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OjOl2tw3NyZBfd1W5GeQ_4S7ztE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91498A4/ECF30A9E905311EB9CA8721DC4F9AE02/OjOl2tw3NyZBfd1W5GeQ_4S7ztE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 94:ef:fb:9c:5c:09:04:83:da:6b:cc:19:aa:fa:6f:27:89:19: 20:f2:e8:f8:55:09:13:72:33:97:8e:cc:15:c9:ff:44:d8:bc: 3a:83:23:1b:a7:c8:31:93:7c:6b:a0:89:5b:0f:95:31:93:e2: 9e:94:72:cd:81:73:82:88:12:ba:a7:8e:ec:2b:85:62:9b:24: a5:bf:f7:3c:14:0d:4c:04:7a:1c:45:14:3c:72:7b:bb:04:2d: 5e:c6:5b:22:d8:d4:2a:fc:18:38:77:ee:b3:2b:fa:7c:2e:d4: 58:26:7f:81:37:3f:0f:6c:e5:2b:1f:15:22:54:ea:b2:85:1f: 8c:e8:48:65:c6:6a:b3:bb:2d:dc:0e:65:8b:c2:be:ed:a7:65: 87:ae:55:d3:71:38:d9:f6:07:d3:18:93:e9:65:35:6a:6c:82: d6:0a:b9:8b:49:d1:a2:0a:4d:7c:83:4c:16:78:b7:3c:e5:40: e1:cf:e6:ed:f9:14:7a:48:f1:db:b5:89:5a:96:3a:d0:7b:dc: dc:20:98:64:f6:47:b5:7f:43:ff:c5:fa:fc:61:9d:59:ec:a9: 77:63:7f:36:d9:12:cd:69:b9:c0:c5:27:a3:fb:a0:d3:d9:0a: 53:6d:2e:a9:b6:20:74:39:00:f0:d9:b3:fc:f2:01:7f:9b:ba: 04:9b:5a:69 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBl4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDk4QTQxMTAvBgNVBAUTKDNBMzNBNURBREMzNzM3MjY0MTdEREQ1NkU0Njc5MEZG ODRCQkNFRDEwHhcNMjUwNzE4MjI1MTA2WhcNMjUwNzI1MjI1MTA2WjAYMRYwFAYD VQQDEw02ODdhY2ZkYS1mMzliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqOqDShCScLzLZ5uSrAyrednJaZqVUY/RgKia8X0SS5hMf+2nK0sMso7Pe2yA IiWBu6AQrcdN3bYncXJaeGa9s9JPdefTWs58So2zI6HaXsfR4TgUb+nah7fA1QIq hGgYouWpe2ubYf2ubjI8PUBOZ4zwNML+UOcq1LKJoNJBviSv8SwB0XLK6U511tjs bGc/JULhaPhoxkAFqfNdVWQeLdwXK7CA69vbywNs+BRY/bgs2dOno54ueGjWxs/R zdA38XgArepjwaZalB2vCt1VMoHioXg+JuVXNNMwrht7U2139W30/3aBTQEnT/eV aPvwnSO5PxWZbXcalhyjBqzZhQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDEcftSn AGGvckUCa3zHbNs9JiVDMB8GA1UdIwQYMBaAFDozpdrcNzcmQX3dVuRnkP+Eu87R MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OThBNC9FQ0YzMEE5RTkw NTMxMUVCOUNBODcyMURDNEY5QUUwMi9Pak9sMnR3M055WkJmZDFXNUdlUV80Uzd6 dEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09qT2wydHczTnlaQmZkMVc1R2VRXzRTN3p0RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 OThBNC9FQ0YzMEE5RTkwNTMxMUVCOUNBODcyMURDNEY5QUUwMi9Pak9sMnR3M055 WkJmZDFXNUdlUV80Uzd6dEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCU7/ucXAkEg9przBmq+m8niRkg8uj4VQkTcjOXjswVyf9E2Lw6gyMb p8gxk3xroIlbD5Uxk+KelHLNgXOCiBK6p47sK4VimySlv/c8FA1MBHocRRQ8cnu7 BC1exlsi2NQq/Bg4d+6zK/p8LtRYJn+BNz8PbOUrHxUiVOqyhR+M6Ehlxmqzuy3c DmWLwr7tp2WHrlXTcTjZ9gfTGJPpZTVqbILWCrmLSdGiCk18g0wWeLc85UDhz+bt +RR6SPHbtYlaljrQe9zcIJhk9ke1f0P/xfr8YZ1Z7Kl3Y3822RLNabnAxSej+6DT 2QpTbS6ptiB0OQDw2bP88gF/m7oEm1pp -----END CERTIFICATE-----Generated at Sun Jul 20 15:07:11 2025 by rpki-client