$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/Okb7D0D2nV4dt10oUfBAwZ9m8iw.mft File: Okb7D0D2nV4dt10oUfBAwZ9m8iw.mft (raw, json) Hash identifier: EEY9sJ13gXoRNJgLZsXb02C3u0RpzQXhLRbzoZYLdak= Subject key identifier: 54:27:19:29:17:6C:E6:1D:7E:F5:4F:60:7C:E3:00:F8:CA:55:07:0F Authority key identifier: 3A:46:FB:0F:40:F6:9D:5E:1D:B7:5D:28:51:F0:40:C1:9F:66:F2:2C Certificate issuer: /CN=A91ACD4D/serialNumber=3A46FB0F40F69D5E1DB75D2851F040C19F66F22C Certificate serial: 164B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Okb7D0D2nV4dt10oUfBAwZ9m8iw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/Okb7D0D2nV4dt10oUfBAwZ9m8iw.mft Manifest number: 163B Signing time: Fri 18 Jul 2025 16:50:27 +0000 Manifest this update: Fri 18 Jul 2025 16:50:27 +0000 Manifest next update: Fri 25 Jul 2025 16:50:27 +0000 Files and hashes: 1: Okb7D0D2nV4dt10oUfBAwZ9m8iw.crl (hash: Lb1c2NDZB7dMz3yXnMTPVxwGPQhHAtTVyZL1PFrfy8I=) 2: 268ECB3ED5BD11E894FFC250C4F9AE02.roa (hash: w3oachy62b9vS7wqwD6D3HohJubENRLKhLvYOw/CqsQ=) 3: 3DE1DBC4D81011EC892E8A79C4F9AE02.roa (hash: P/jVLVKJm35tcLY3WNaJuQCIeip3WppGMETv/Tz90FE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/Okb7D0D2nV4dt10oUfBAwZ9m8iw.crl rsync://rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/Okb7D0D2nV4dt10oUfBAwZ9m8iw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Okb7D0D2nV4dt10oUfBAwZ9m8iw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 16:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5707 (0x164b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ACD4D, serialNumber=3A46FB0F40F69D5E1DB75D2851F040C19F66F22C Validity Not Before: Jul 18 16:50:27 2025 GMT Not After : Jul 25 16:50:27 2025 GMT Subject: CN=687a7b53-8dcd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:00:dc:55:fd:b4:a5:f9:d6:26:79:3f:8b:1d: 04:19:c6:80:4c:c3:6c:06:79:23:25:1a:26:a0:7c: b3:9a:0f:0b:56:c4:0c:48:ac:c9:a3:cf:1d:8a:5c: 7a:48:1d:1b:87:a3:dc:a6:73:9e:d1:e8:ea:ca:9f: f1:62:e2:13:25:11:f8:66:be:9b:55:55:0a:cd:6e: ac:ad:17:78:82:a5:ad:3d:3a:d8:e0:21:b4:56:cb: ce:2b:35:67:df:51:30:02:35:11:a3:ff:f1:41:9d: 1f:82:a3:8d:20:a7:50:ff:aa:af:4d:8c:fa:8c:c6: ad:ec:d7:71:c4:02:c2:e8:cb:ec:7e:13:35:22:8b: da:e0:3c:81:58:cd:9a:44:37:44:b9:60:66:5f:0c: e9:08:c2:f9:27:1d:6d:33:1f:fe:a9:12:2b:9e:5e: e7:e8:55:73:1f:bb:28:da:36:e2:3d:3a:bf:46:ff: 77:17:53:08:48:c6:de:08:27:23:0a:14:20:6a:18: 91:86:ca:a8:04:20:e3:43:ad:d4:70:59:6a:a0:67: 78:a1:88:a0:38:aa:d2:8a:36:e3:1e:6d:c2:d4:26: 63:b5:80:5c:d2:f1:e4:57:10:54:93:11:a6:40:f0: 8c:91:7f:a0:76:02:d1:01:b9:62:f3:b4:9c:d4:8f: d7:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:27:19:29:17:6C:E6:1D:7E:F5:4F:60:7C:E3:00:F8:CA:55:07:0F X509v3 Authority Key Identifier: keyid:3A:46:FB:0F:40:F6:9D:5E:1D:B7:5D:28:51:F0:40:C1:9F:66:F2:2C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/Okb7D0D2nV4dt10oUfBAwZ9m8iw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Okb7D0D2nV4dt10oUfBAwZ9m8iw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/Okb7D0D2nV4dt10oUfBAwZ9m8iw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 43:59:b4:e7:dd:92:c9:86:50:3b:33:b1:9c:04:c4:f4:73:73: 11:50:89:ef:e1:20:73:59:7f:5d:3a:6d:49:70:18:0d:29:31: 70:d5:bb:fc:09:59:24:59:49:c3:46:c1:dd:45:05:2f:8c:88: 83:04:09:53:04:3c:37:f1:c2:da:34:f5:85:91:60:ad:7d:66: 44:db:20:e4:c5:be:17:ea:c7:d3:36:92:26:00:eb:82:13:15: cc:10:99:d7:b8:6f:a1:3b:7a:59:fb:99:7b:81:70:f0:e5:ab: e5:50:27:88:35:cf:ee:cb:21:11:b7:80:a4:37:ba:93:62:11: a9:04:7e:cb:cc:b3:3e:59:5a:0f:7c:a7:90:4f:ca:f8:36:fc: d7:49:ee:77:5b:cb:66:01:95:73:9f:31:ba:54:92:8d:f2:36: d4:98:c7:35:9b:a5:89:63:ca:17:a0:fb:48:76:d8:7b:ce:74: 79:c7:7b:2e:31:e8:8a:e6:42:a5:89:2b:87:3b:a7:fa:83:e7: e8:0e:8e:2e:79:cf:3a:20:f8:23:ed:e0:3c:70:51:0d:88:64: 35:c2:43:52:39:b7:30:a3:ac:c3:3f:24:0a:17:5b:f7:ce:b3: 7b:f8:da:a0:51:4b:00:0b:fe:a3:e1:79:80:a4:22:cf:9c:b9: 70:4c:17:59 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFkswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUNENEQxMTAvBgNVBAUTKDNBNDZGQjBGNDBGNjlENUUxREI3NUQyODUxRjA0MEMx OUY2NkYyMkMwHhcNMjUwNzE4MTY1MDI3WhcNMjUwNzI1MTY1MDI3WjAYMRYwFAYD VQQDEw02ODdhN2I1My04ZGNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9wDcVf20pfnWJnk/ix0EGcaATMNsBnkjJRomoHyzmg8LVsQMSKzJo88dilx6 SB0bh6PcpnOe0ejqyp/xYuITJRH4Zr6bVVUKzW6srRd4gqWtPTrY4CG0VsvOKzVn 31EwAjURo//xQZ0fgqONIKdQ/6qvTYz6jMat7NdxxALC6MvsfhM1Iova4DyBWM2a RDdEuWBmXwzpCML5Jx1tMx/+qRIrnl7n6FVzH7so2jbiPTq/Rv93F1MISMbeCCcj ChQgahiRhsqoBCDjQ63UcFlqoGd4oYigOKrSijbjHm3C1CZjtYBc0vHkVxBUkxGm QPCMkX+gdgLRAbli87Sc1I/XIQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFQnGSkX bOYdfvVPYHzjAPjKVQcPMB8GA1UdIwQYMBaAFDpG+w9A9p1eHbddKFHwQMGfZvIs MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0Q0RC8xMzdEMDBENDE2 MEUxMUU4ODUyQzQzN0VDNEY5QUUwMi9Pa2I3RDBEMm5WNGR0MTBvVWZCQXdaOW04 aXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09rYjdEMEQyblY0ZHQxMG9VZkJBd1o5bThpdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB Q0Q0RC8xMzdEMDBENDE2MEUxMUU4ODUyQzQzN0VDNEY5QUUwMi9Pa2I3RDBEMm5W NGR0MTBvVWZCQXdaOW04aXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBDWbTn3ZLJhlA7M7GcBMT0c3MRUInv4SBzWX9dOm1JcBgNKTFw1bv8 CVkkWUnDRsHdRQUvjIiDBAlTBDw38cLaNPWFkWCtfWZE2yDkxb4X6sfTNpImAOuC ExXMEJnXuG+hO3pZ+5l7gXDw5avlUCeINc/uyyERt4CkN7qTYhGpBH7LzLM+WVoP fKeQT8r4NvzXSe53W8tmAZVznzG6VJKN8jbUmMc1m6WJY8oXoPtIdth7znR5x3su MeiK5kKliSuHO6f6g+foDo4uec86IPgj7eA8cFENiGQ1wkNSObcwo6zDPyQKF1v3 zrN7+NqgUUsAC/6j4XmApCLPnLlwTBdZ -----END CERTIFICATE-----Generated at Sun Jul 20 07:27:07 2025 by rpki-client