$ rpki-client -vvf rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.mft File: oKMiStDIKz-aYvNHrKP5RdsI8rA.mft (raw, json) Hash identifier: eEXvbWwxkNgLFRfodL6x22D/bQmliaJzDjiZr+lTJFg= Subject key identifier: 1A:86:1B:24:C9:9B:6B:B4:0E:94:A3:B3:F7:52:F4:10:FD:84:9A:B3 Authority key identifier: A0:A3:22:4A:D0:C8:2B:3F:9A:62:F3:47:AC:A3:F9:45:DB:08:F2:B0 Certificate issuer: /CN=A91B80BD/serialNumber=A0A3224AD0C82B3F9A62F347ACA3F945DB08F2B0 Certificate serial: 306E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oKMiStDIKz-aYvNHrKP5RdsI8rA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.mft Manifest number: 3040 Signing time: Fri 18 Jul 2025 15:31:32 +0000 Manifest this update: Fri 18 Jul 2025 15:31:32 +0000 Manifest next update: Fri 25 Jul 2025 15:31:32 +0000 Files and hashes: 1: oKMiStDIKz-aYvNHrKP5RdsI8rA.crl (hash: zXJFo2qjpVlS2eeDF4aPtsRVVQqc/8oNHb5dHC7Iwu0=) 2: 583C1F6854F611E79DF7E643C4F9AE02.roa (hash: J9SJ4DIJ/7Jqarub1sf8j6PHgZAGlGGdRbRsMiv9apI=) 3: 915E51B8F3BE11ED8B9B1450C4F9AE02.roa (hash: 9deMiuArgkPyt65CV7Ht+L/9JKrWYVcP+qJb8LKGzOI=) 4: 4C72E61CB0EC11E5A6934B42C4F9AE02.roa (hash: 2+WTGnYcaeWw8w6rtvBrYx7uq+JHkK1rDrCVxpG+T+Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.crl rsync://rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oKMiStDIKz-aYvNHrKP5RdsI8rA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 15:31:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12398 (0x306e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B80BD, serialNumber=A0A3224AD0C82B3F9A62F347ACA3F945DB08F2B0 Validity Not Before: Jul 18 15:31:32 2025 GMT Not After : Jul 25 15:31:32 2025 GMT Subject: CN=687a68d4-ced7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:75:a6:21:8d:b2:83:06:3e:83:9b:c7:bc:00: 27:14:8b:37:f1:53:1a:63:91:c5:54:00:eb:41:01: a6:4e:b2:5b:0c:2a:d6:02:22:f8:af:34:88:5a:4c: a4:bf:09:00:86:d7:6a:c2:f6:c7:3b:40:ba:aa:d5: 2b:bb:fa:19:ab:0e:13:9f:8c:26:7e:74:d7:32:ce: f4:23:21:32:7d:f7:61:96:5d:ec:6d:2e:e9:5c:3b: ff:2d:1f:93:fb:78:36:f5:0c:5b:f4:31:09:f3:81: ff:3e:59:ad:d3:6e:8e:13:d2:b3:45:92:25:2a:71: 0a:e5:d4:43:9e:ac:2a:25:de:ad:31:22:07:7e:82: f0:de:2e:bd:9c:30:07:d2:b9:a7:01:c9:3b:b0:c2: 14:f5:b3:cd:cf:11:3a:63:3e:85:70:0e:db:b4:15: 77:44:7a:53:a6:05:a6:2c:b2:cf:de:58:60:d8:a5: 17:46:e0:5f:24:21:ea:37:32:6c:be:b1:c6:58:c9: d6:f8:0a:f9:20:84:48:47:d8:ee:63:45:61:27:2a: 29:6b:61:16:91:ee:8e:c0:2a:68:da:61:16:30:f9: 20:32:69:74:63:52:41:8a:6c:b4:bb:33:2f:8e:0c: 98:57:f5:11:6e:45:27:72:45:c8:f9:04:56:5c:9f: 07:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:86:1B:24:C9:9B:6B:B4:0E:94:A3:B3:F7:52:F4:10:FD:84:9A:B3 X509v3 Authority Key Identifier: keyid:A0:A3:22:4A:D0:C8:2B:3F:9A:62:F3:47:AC:A3:F9:45:DB:08:F2:B0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oKMiStDIKz-aYvNHrKP5RdsI8rA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 44:bd:fd:0c:2b:98:e8:73:29:66:e5:30:a6:aa:21:40:86:c5: fc:1f:04:44:9c:64:e5:c0:f1:1c:01:0c:fc:2e:dc:fe:e2:8f: 76:80:05:cb:7a:dc:33:80:8c:ea:c9:f3:ef:34:c6:7a:5c:58: f0:27:db:58:cb:51:e2:3b:c1:54:e9:da:ca:b7:2f:e6:89:52: b2:d5:4d:d5:12:7e:65:83:a2:1f:4d:dc:18:66:79:ea:e9:d2: d2:e2:76:e4:82:f6:aa:be:c4:2d:17:69:cd:eb:87:e6:64:6d: 8a:9f:c7:e0:f3:3d:94:ea:5a:af:93:0b:c0:26:5b:64:c1:24: f0:38:67:19:66:f2:71:55:cf:72:7c:5a:1c:86:02:6d:70:4f: b7:99:0b:15:a9:a5:99:77:25:ff:cf:ea:53:56:82:de:56:43: a6:74:78:e0:e0:76:50:ae:72:4f:19:0d:18:74:02:23:12:8f: ca:80:6b:fe:b6:c2:49:9f:a7:57:b6:b4:14:79:7d:88:5d:b3: b4:bb:60:e9:45:17:bc:6c:a5:27:2a:b7:6f:3a:78:30:43:ca: 6b:a5:16:97:18:02:35:46:54:7d:ad:e7:23:e2:be:14:b3:5b: ca:f0:a8:7f:8c:84:a4:0a:f3:8a:61:e6:c5:aa:d3:05:1d:d2: eb:0b:93:37 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICMG4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjgwQkQxMTAvBgNVBAUTKEEwQTMyMjRBRDBDODJCM0Y5QTYyRjM0N0FDQTNGOTQ1 REIwOEYyQjAwHhcNMjUwNzE4MTUzMTMyWhcNMjUwNzI1MTUzMTMyWjAYMRYwFAYD VQQDEw02ODdhNjhkNC1jZWQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4HWmIY2ygwY+g5vHvAAnFIs38VMaY5HFVADrQQGmTrJbDCrWAiL4rzSIWkyk vwkAhtdqwvbHO0C6qtUru/oZqw4Tn4wmfnTXMs70IyEyffdhll3sbS7pXDv/LR+T +3g29Qxb9DEJ84H/Plmt026OE9KzRZIlKnEK5dRDnqwqJd6tMSIHfoLw3i69nDAH 0rmnAck7sMIU9bPNzxE6Yz6FcA7btBV3RHpTpgWmLLLP3lhg2KUXRuBfJCHqNzJs vrHGWMnW+Ar5IIRIR9juY0VhJyopa2EWke6OwCpo2mEWMPkgMml0Y1JBimy0uzMv jgyYV/URbkUnckXI+QRWXJ8HXwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBqGGyTJ m2u0DpSjs/dS9BD9hJqzMB8GA1UdIwQYMBaAFKCjIkrQyCs/mmLzR6yj+UXbCPKw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCODBCRC9CNUE2MzZEOEZF NUMxMUUyQUVDMDQyNTA1OTExRUEzMi9vS01pU3RESUt6LWFZdk5IcktQNVJkc0k4 ckEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29LTWlTdERJS3otYVl2TkhyS1A1UmRzSThyQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC ODBCRC9CNUE2MzZEOEZFNUMxMUUyQUVDMDQyNTA1OTExRUEzMi9vS01pU3RESUt6 LWFZdk5IcktQNVJkc0k4ckEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBEvf0MK5jocylm5TCmqiFAhsX8HwREnGTlwPEcAQz8Ltz+4o92gAXL etwzgIzqyfPvNMZ6XFjwJ9tYy1HiO8FU6drKty/miVKy1U3VEn5lg6IfTdwYZnnq 6dLS4nbkgvaqvsQtF2nN64fmZG2Kn8fg8z2U6lqvkwvAJltkwSTwOGcZZvJxVc9y fFochgJtcE+3mQsVqaWZdyX/z+pTVoLeVkOmdHjg4HZQrnJPGQ0YdAIjEo/KgGv+ tsJJn6dXtrQUeX2IXbO0u2DpRRe8bKUnKrdvOngwQ8prpRaXGAI1RlR9recj4r4U s1vK8Kh/jISkCvOKYebFqtMFHdLrC5M3 -----END CERTIFICATE-----Generated at Sun Jul 20 07:48:20 2025 by rpki-client