$ rpki-client -vvf rpki.apnic.net/member_repository/A9198267/02C86EAA78CB11EA820D7274C4F9AE02/OPsGr2SfQA9ROZSTW-335JJwyKo.mft File: OPsGr2SfQA9ROZSTW-335JJwyKo.mft (raw, json) Hash identifier: RmD4zjZrLsn5PSW/2Jd3EFzeFDugPo/uYLzCTUVqnuw= Subject key identifier: FF:F0:F6:AA:71:14:9A:C6:BF:D8:E7:B5:90:42:84:B0:5C:14:67:60 Authority key identifier: 38:FB:06:AF:64:9F:40:0F:51:39:94:93:5B:ED:F7:E4:92:70:C8:AA Certificate issuer: /CN=A9198267/serialNumber=38FB06AF649F400F513994935BEDF7E49270C8AA Certificate serial: 0A21 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OPsGr2SfQA9ROZSTW-335JJwyKo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9198267/02C86EAA78CB11EA820D7274C4F9AE02/OPsGr2SfQA9ROZSTW-335JJwyKo.mft Manifest number: 0A12 Signing time: Fri 18 Jul 2025 20:03:15 +0000 Manifest this update: Fri 18 Jul 2025 20:03:15 +0000 Manifest next update: Fri 25 Jul 2025 20:03:15 +0000 Files and hashes: 1: OPsGr2SfQA9ROZSTW-335JJwyKo.crl (hash: e23QmP9hlr2VISRM3o1QXJvsT/jSGrmcvXFWEL4CZQ4=) 2: 2F43EE7278CC11EAB69DAC75C4F9AE02.roa (hash: vryPQgJZ9HPQvb4c/vnzkdnAafqVRFouOd+j23S6sMU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9198267/02C86EAA78CB11EA820D7274C4F9AE02/OPsGr2SfQA9ROZSTW-335JJwyKo.crl rsync://rpki.apnic.net/member_repository/A9198267/02C86EAA78CB11EA820D7274C4F9AE02/OPsGr2SfQA9ROZSTW-335JJwyKo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OPsGr2SfQA9ROZSTW-335JJwyKo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 20:03:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2593 (0xa21) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9198267, serialNumber=38FB06AF649F400F513994935BEDF7E49270C8AA Validity Not Before: Jul 18 20:03:15 2025 GMT Not After : Jul 25 20:03:15 2025 GMT Subject: CN=687aa883-5d67 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:09:6a:46:06:54:e7:fd:32:37:d9:e1:a7:01: 22:1f:cc:8d:17:86:2c:01:96:1b:7d:e8:e4:c3:4c: 16:7c:77:08:82:6a:23:5d:40:bd:52:56:b1:5f:63: f5:b1:10:ee:f0:8f:3b:19:48:78:b1:68:11:ea:cc: 98:ae:0c:82:b8:2e:9e:d9:a7:45:c2:93:80:a3:6f: 6e:31:29:6b:b6:20:4a:6d:e8:0f:5f:c1:16:d7:97: b1:28:9b:93:6e:8b:60:7a:e8:c4:79:08:9b:77:8c: 00:6f:a6:de:1b:1b:83:44:e8:9e:13:0c:e5:59:14: b7:44:2f:61:36:b0:9d:3f:43:d1:3c:1e:ad:dc:cc: 69:3c:5f:c4:d0:60:78:d9:6f:bc:31:2b:6e:7c:cf: 42:e4:e1:01:38:53:c4:c7:d6:ea:d1:a8:38:cd:66: ce:87:d4:e8:36:46:e4:d5:e4:fb:29:71:29:d0:66: 44:42:e0:4a:e1:24:88:61:7b:b4:1e:c3:ec:48:f5: d1:ab:90:1e:38:16:b8:0d:8d:ea:73:04:19:52:e3: cb:11:0a:4d:70:26:36:72:c8:c8:1b:1b:34:3d:31: 87:19:e5:a8:99:61:24:61:1a:d0:b0:9b:55:4e:09: 1e:98:bc:1d:53:8d:8e:c3:b2:23:3f:b0:a3:29:24: 24:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:F0:F6:AA:71:14:9A:C6:BF:D8:E7:B5:90:42:84:B0:5C:14:67:60 X509v3 Authority Key Identifier: keyid:38:FB:06:AF:64:9F:40:0F:51:39:94:93:5B:ED:F7:E4:92:70:C8:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9198267/02C86EAA78CB11EA820D7274C4F9AE02/OPsGr2SfQA9ROZSTW-335JJwyKo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OPsGr2SfQA9ROZSTW-335JJwyKo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9198267/02C86EAA78CB11EA820D7274C4F9AE02/OPsGr2SfQA9ROZSTW-335JJwyKo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 70:05:86:be:3a:f4:a6:cd:c5:0f:26:71:39:b5:24:f2:88:f3: 0c:64:61:5f:67:ae:ac:f0:9a:b1:92:ff:7e:b3:ac:00:e5:85: c3:b3:ce:b8:c8:99:0a:57:40:e4:00:d9:24:1e:2f:7f:cd:e3: 55:35:5c:f8:83:56:2a:5f:30:de:37:54:63:a6:c4:e5:e1:dc: da:e2:14:50:93:0e:2e:7f:b1:16:cf:18:f5:cb:d7:6f:13:7a: 0d:0d:50:6f:fb:e4:7f:9c:c5:bb:49:c1:21:b0:a5:08:50:50: a4:d2:c1:60:74:7d:a3:b8:c3:80:ad:12:86:30:b9:96:a8:75: 5f:d5:26:08:8f:78:6e:1d:2b:19:c5:c4:61:9f:a7:31:df:60: 04:17:46:8a:e0:2e:dc:17:6a:e5:6d:88:75:dd:dd:60:ad:3f: 65:85:70:36:e0:22:39:59:73:47:00:8b:4c:a5:7c:b0:5c:57: 67:d8:43:66:7f:1a:ce:b5:7a:96:f7:d6:42:1c:cc:83:09:23: 74:06:ef:cc:76:c3:60:5d:f3:f9:8f:f6:36:d2:69:92:15:58: 5f:b0:0e:6c:7e:ed:43:39:00:6b:bc:22:24:aa:8e:05:84:df: a4:76:ec:c2:4c:08:c8:27:42:ea:a2:59:5b:e4:e6:00:8e:db: de:9e:c5:ad -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCiEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTgyNjcxMTAvBgNVBAUTKDM4RkIwNkFGNjQ5RjQwMEY1MTM5OTQ5MzVCRURGN0U0 OTI3MEM4QUEwHhcNMjUwNzE4MjAwMzE1WhcNMjUwNzI1MjAwMzE1WjAYMRYwFAYD VQQDEw02ODdhYTg4My01ZDY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0AlqRgZU5/0yN9nhpwEiH8yNF4YsAZYbfejkw0wWfHcIgmojXUC9UlaxX2P1 sRDu8I87GUh4sWgR6syYrgyCuC6e2adFwpOAo29uMSlrtiBKbegPX8EW15exKJuT botgeujEeQibd4wAb6beGxuDROieEwzlWRS3RC9hNrCdP0PRPB6t3MxpPF/E0GB4 2W+8MStufM9C5OEBOFPEx9bq0ag4zWbOh9ToNkbk1eT7KXEp0GZEQuBK4SSIYXu0 HsPsSPXRq5AeOBa4DY3qcwQZUuPLEQpNcCY2csjIGxs0PTGHGeWomWEkYRrQsJtV TgkemLwdU42Ow7IjP7CjKSQk3QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP/w9qpx FJrGv9jntZBChLBcFGdgMB8GA1UdIwQYMBaAFDj7Bq9kn0APUTmUk1vt9+SScMiq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5ODI2Ny8wMkM4NkVBQTc4 Q0IxMUVBODIwRDcyNzRDNEY5QUUwMi9PUHNHcjJTZlFBOVJPWlNUVy0zMzVKSnd5 S28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09Qc0dyMlNmUUE5Uk9aU1RXLTMzNUpKd3lLby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 ODI2Ny8wMkM4NkVBQTc4Q0IxMUVBODIwRDcyNzRDNEY5QUUwMi9PUHNHcjJTZlFB OVJPWlNUVy0zMzVKSnd5S28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBwBYa+OvSmzcUPJnE5tSTyiPMMZGFfZ66s8Jqxkv9+s6wA5YXDs864 yJkKV0DkANkkHi9/zeNVNVz4g1YqXzDeN1RjpsTl4dza4hRQkw4uf7EWzxj1y9dv E3oNDVBv++R/nMW7ScEhsKUIUFCk0sFgdH2juMOArRKGMLmWqHVf1SYIj3huHSsZ xcRhn6cx32AEF0aK4C7cF2rlbYh13d1grT9lhXA24CI5WXNHAItMpXywXFdn2ENm fxrOtXqW99ZCHMyDCSN0Bu/MdsNgXfP5j/Y20mmSFVhfsA5sfu1DOQBrvCIkqo4F hN+kduzCTAjIJ0Lqollb5OYAjtvensWt -----END CERTIFICATE-----Generated at Sun Jul 20 16:37:00 2025 by rpki-client