$ rpki-client -vvf rpki.apnic.net/member_repository/A918AAA1/8114C79C486E11EEA960942CC4F9AE02/oto2N9MlP4mX2I0L2NqVmPeD-ZE.mft File: oto2N9MlP4mX2I0L2NqVmPeD-ZE.mft (raw, json) Hash identifier: UuBX8S3g0WgQR6N8IJ8eCefA7TanVb4X1HEuyZAPBk8= Subject key identifier: 48:C8:D3:CC:C6:D7:B8:9E:F5:C1:EB:E0:12:E7:56:75:88:F1:B8:B5 Authority key identifier: A2:DA:36:37:D3:25:3F:89:97:D8:8D:0B:D8:DA:95:98:F7:83:F9:91 Certificate issuer: /CN=A918AAA1/serialNumber=A2DA3637D3253F8997D88D0BD8DA9598F783F991 Certificate serial: 0161 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oto2N9MlP4mX2I0L2NqVmPeD-ZE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918AAA1/8114C79C486E11EEA960942CC4F9AE02/oto2N9MlP4mX2I0L2NqVmPeD-ZE.mft Manifest number: 015F Signing time: Mon 21 Jul 2025 04:02:30 +0000 Manifest this update: Mon 21 Jul 2025 04:02:29 +0000 Manifest next update: Mon 28 Jul 2025 04:02:29 +0000 Files and hashes: 1: oto2N9MlP4mX2I0L2NqVmPeD-ZE.crl (hash: 9EkwO9ugh/nysZe03MIWiaXXsi0nP57XRDXt4syfHZg=) 2: E6EB2B10486E11EEB4D5FF2DC4F9AE02.roa (hash: P1qwhAicU6zPENCwTGFasnrb3+NFivcUL5Wq4dABBCM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918AAA1/8114C79C486E11EEA960942CC4F9AE02/oto2N9MlP4mX2I0L2NqVmPeD-ZE.crl rsync://rpki.apnic.net/member_repository/A918AAA1/8114C79C486E11EEA960942CC4F9AE02/oto2N9MlP4mX2I0L2NqVmPeD-ZE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oto2N9MlP4mX2I0L2NqVmPeD-ZE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 04:02:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 353 (0x161) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918AAA1, serialNumber=A2DA3637D3253F8997D88D0BD8DA9598F783F991 Validity Not Before: Jul 21 04:02:29 2025 GMT Not After : Jul 28 04:02:29 2025 GMT Subject: CN=687dbbd6-8c83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:65:e4:da:d5:d2:b0:d7:b7:35:b7:f4:19:27: 72:bc:23:a8:c4:44:43:7e:32:2f:77:fe:74:0a:2d: ff:47:0b:d6:08:68:28:0a:3a:c8:bf:fa:65:57:d8: 06:b6:7b:9a:16:f1:e5:64:fe:da:bd:6b:db:dc:b8: 2a:c3:36:e9:9a:28:3e:82:ca:db:76:e6:3f:e5:68: 63:41:c4:4c:65:a8:d6:79:33:6f:2d:a8:b2:42:d7: c7:a6:cf:0a:bf:35:63:d2:8e:0d:c8:9a:37:89:f4: 9d:5c:5f:2b:9b:3b:d7:d7:85:47:5d:eb:5b:da:d0: 4e:d6:3b:0e:eb:fe:f3:87:26:88:c3:ed:63:be:2d: 23:4b:27:f4:a1:7e:45:04:cc:5e:0c:81:49:96:16: c5:f0:88:6d:30:30:b7:a0:af:dc:ff:4e:bd:f3:33: a4:31:11:dd:d3:0b:46:bb:4d:9c:ab:b7:4a:a2:90: c5:b3:6c:82:1c:4d:a4:3a:7e:18:1e:70:a4:d5:a6: a3:a8:2f:10:c1:3c:0b:24:d0:05:95:e4:fd:45:cd: 64:a6:23:80:18:37:03:38:d1:77:74:31:6a:62:3f: ab:15:2b:3a:a9:98:14:cc:6b:9c:1a:20:08:41:80: 84:cc:4e:fd:e5:7a:c3:67:94:9b:df:b9:76:9d:e1: 91:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:C8:D3:CC:C6:D7:B8:9E:F5:C1:EB:E0:12:E7:56:75:88:F1:B8:B5 X509v3 Authority Key Identifier: keyid:A2:DA:36:37:D3:25:3F:89:97:D8:8D:0B:D8:DA:95:98:F7:83:F9:91 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918AAA1/8114C79C486E11EEA960942CC4F9AE02/oto2N9MlP4mX2I0L2NqVmPeD-ZE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oto2N9MlP4mX2I0L2NqVmPeD-ZE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918AAA1/8114C79C486E11EEA960942CC4F9AE02/oto2N9MlP4mX2I0L2NqVmPeD-ZE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4b:ce:15:6a:14:53:07:a1:f0:5d:ea:4d:fd:0f:79:ce:65:fb: 55:6c:2b:10:c0:67:bc:86:6c:15:3a:01:55:22:47:c8:be:db: c5:3c:45:f8:31:1d:79:e9:20:be:6b:9f:4e:2d:c7:fa:a7:28: 8a:7e:27:a9:c4:b8:b3:8e:24:04:d5:ba:4e:da:1f:c5:f5:70: 4a:ab:67:8d:22:c9:ec:7d:af:9b:d7:2a:f5:e0:7e:e4:38:13: 51:e9:f1:65:43:4f:73:26:33:4d:14:98:9a:6d:09:35:75:66: 83:f2:cf:0c:c3:74:39:be:81:6b:a0:d0:56:9a:a7:9c:4c:97: 62:5d:05:9e:b3:4a:ea:df:3a:93:d5:c8:10:4e:f7:c1:f3:66: 68:6d:63:b3:7a:04:91:46:25:f6:b8:58:b5:99:14:f4:9a:64: 82:d5:ac:b4:55:08:46:c0:94:45:5a:44:e2:e6:8b:48:ba:c2: 18:64:87:ee:ab:d6:99:57:25:50:c8:ad:18:cb:e0:cd:eb:84: 69:9b:63:67:72:87:fa:f9:17:92:bf:59:e1:4e:da:d2:1d:25: c7:3c:4e:67:1e:09:d3:cd:4a:b4:ac:d1:4b:55:f1:55:90:da: c2:a5:2a:a1:61:45:90:a0:11:76:0f:75:4a:ce:d9:d8:7d:5e: ed:fe:9d:a9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAWEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEFBQTExMTAvBgNVBAUTKEEyREEzNjM3RDMyNTNGODk5N0Q4OEQwQkQ4REE5NTk4 Rjc4M0Y5OTEwHhcNMjUwNzIxMDQwMjI5WhcNMjUwNzI4MDQwMjI5WjAYMRYwFAYD VQQDEw02ODdkYmJkNi04YzgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2GXk2tXSsNe3Nbf0GSdyvCOoxERDfjIvd/50Ci3/RwvWCGgoCjrIv/plV9gG tnuaFvHlZP7avWvb3Lgqwzbpmig+gsrbduY/5WhjQcRMZajWeTNvLaiyQtfHps8K vzVj0o4NyJo3ifSdXF8rmzvX14VHXetb2tBO1jsO6/7zhyaIw+1jvi0jSyf0oX5F BMxeDIFJlhbF8IhtMDC3oK/c/0698zOkMRHd0wtGu02cq7dKopDFs2yCHE2kOn4Y HnCk1aajqC8QwTwLJNAFleT9Rc1kpiOAGDcDONF3dDFqYj+rFSs6qZgUzGucGiAI QYCEzE795XrDZ5Sb37l2neGRaQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEjI08zG 17ie9cHr4BLnVnWI8bi1MB8GA1UdIwQYMBaAFKLaNjfTJT+Jl9iNC9jalZj3g/mR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QUFBMS84MTE0Qzc5QzQ4 NkUxMUVFQTk2MDk0MkNDNEY5QUUwMi9vdG8yTjlNbFA0bVgySTBMMk5xVm1QZUQt WkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL290bzJOOU1sUDRtWDJJMEwyTnFWbVBlRC1aRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 QUFBMS84MTE0Qzc5QzQ4NkUxMUVFQTk2MDk0MkNDNEY5QUUwMi9vdG8yTjlNbFA0 bVgySTBMMk5xVm1QZUQtWkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBLzhVqFFMHofBd6k39D3nOZftVbCsQwGe8hmwVOgFVIkfIvtvFPEX4 MR156SC+a59OLcf6pyiKfiepxLizjiQE1bpO2h/F9XBKq2eNIsnsfa+b1yr14H7k OBNR6fFlQ09zJjNNFJiabQk1dWaD8s8Mw3Q5voFroNBWmqecTJdiXQWes0rq3zqT 1cgQTvfB82ZobWOzegSRRiX2uFi1mRT0mmSC1ay0VQhGwJRFWkTi5otIusIYZIfu q9aZVyVQyK0Yy+DN64Rpm2Nncof6+ReSv1nhTtrSHSXHPE5nHgnTzUq0rNFLVfFV kNrCpSqhYUWQoBF2D3VKztnYfV7t/p2p -----END CERTIFICATE-----Generated at Tue Jul 22 12:26:25 2025 by rpki-client