$ rpki-client -vvf rpki.apnic.net/member_repository/A91CF9B0/14C9496E9F3F11EE801B1D62C4F9AE02/oqIX1KQS-1OPXJGjSzbOcYed22U.mft File: oqIX1KQS-1OPXJGjSzbOcYed22U.mft (raw, json) Hash identifier: w3WjUSKz6+LFgq8ilsD0OBX4OJoyAt22FnqELZNP5X8= Subject key identifier: 72:15:4C:D3:F7:A5:8E:BC:A0:42:32:5A:65:F5:B0:BE:96:56:39:15 Authority key identifier: A2:A2:17:D4:A4:12:FB:53:8F:5C:91:A3:4B:36:CE:71:87:9D:DB:65 Certificate issuer: /CN=A91CF9B0/serialNumber=A2A217D4A412FB538F5C91A34B36CE71879DDB65 Certificate serial: 0147 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oqIX1KQS-1OPXJGjSzbOcYed22U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CF9B0/14C9496E9F3F11EE801B1D62C4F9AE02/oqIX1KQS-1OPXJGjSzbOcYed22U.mft Manifest number: 0138 Signing time: Sat 19 Jul 2025 04:52:20 +0000 Manifest this update: Sat 19 Jul 2025 04:52:20 +0000 Manifest next update: Sat 26 Jul 2025 04:52:20 +0000 Files and hashes: 1: oqIX1KQS-1OPXJGjSzbOcYed22U.crl (hash: Yw4dmmof4sISASj59OuQ3NwFV7kfSipYWGM4RjJQeCQ=) 2: 84D917FC9F4911EEA0C5C856C4F9AE02.roa (hash: NmyQHlBil47JzTSCPQYz/6ZBa9AnAtiDqsHIcZPO3dA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CF9B0/14C9496E9F3F11EE801B1D62C4F9AE02/oqIX1KQS-1OPXJGjSzbOcYed22U.crl rsync://rpki.apnic.net/member_repository/A91CF9B0/14C9496E9F3F11EE801B1D62C4F9AE02/oqIX1KQS-1OPXJGjSzbOcYed22U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oqIX1KQS-1OPXJGjSzbOcYed22U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 04:52:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 327 (0x147) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CF9B0, serialNumber=A2A217D4A412FB538F5C91A34B36CE71879DDB65 Validity Not Before: Jul 19 04:52:20 2025 GMT Not After : Jul 26 04:52:20 2025 GMT Subject: CN=687b2484-36ca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:22:7e:8f:2b:10:89:31:c1:c6:29:b9:32:77: 96:58:24:e5:c9:e0:28:5f:9f:c4:e8:d3:24:4f:46: 14:91:80:bb:f8:c1:72:f3:67:2e:bb:ae:1e:ad:57: 19:27:9d:dd:67:44:7b:68:31:26:93:81:b2:a4:17: 41:62:83:b6:fd:9a:b7:ce:16:9b:e4:1a:80:2e:54: 8a:38:67:e6:07:6a:2d:27:62:a7:c5:19:73:68:72: 29:5a:71:73:4d:a4:a2:46:1f:6c:12:cf:cc:3a:24: f2:a3:0d:e2:64:51:ec:fe:2b:50:84:50:58:cd:5d: 09:a6:96:98:64:f7:0a:54:0b:ea:eb:f2:50:99:23: 9b:6f:e9:50:96:80:f2:ff:a2:23:8d:11:1a:d6:4d: ba:71:f6:41:96:4e:cb:44:53:6d:f8:b7:89:c7:45: 7b:7b:3a:6d:ef:8b:5c:98:0e:61:0a:f5:a1:fa:79: da:48:43:b8:d3:d2:ff:ea:d6:70:26:c1:d6:5f:ee: 3f:47:74:75:03:91:11:8b:0b:d5:89:52:ec:5e:e6: fa:23:30:01:e2:f3:af:f2:14:61:6e:82:bf:88:a3: ca:77:d7:07:67:69:03:d3:a8:3e:b9:6a:eb:1b:7b: cd:20:41:f0:ec:3f:06:48:5c:91:85:b6:52:c9:95: 19:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:15:4C:D3:F7:A5:8E:BC:A0:42:32:5A:65:F5:B0:BE:96:56:39:15 X509v3 Authority Key Identifier: keyid:A2:A2:17:D4:A4:12:FB:53:8F:5C:91:A3:4B:36:CE:71:87:9D:DB:65 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CF9B0/14C9496E9F3F11EE801B1D62C4F9AE02/oqIX1KQS-1OPXJGjSzbOcYed22U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oqIX1KQS-1OPXJGjSzbOcYed22U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CF9B0/14C9496E9F3F11EE801B1D62C4F9AE02/oqIX1KQS-1OPXJGjSzbOcYed22U.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 02:fe:f0:1a:79:dc:bb:fc:1d:79:e6:e0:86:ed:16:91:b2:da: 75:15:c5:b2:b3:76:e2:42:95:de:08:b8:59:24:c9:93:45:16: c1:93:8e:e4:28:01:95:18:e9:20:d2:2e:4e:84:75:ba:c5:d3: bc:82:32:95:70:be:0c:d2:c0:74:6f:2d:2b:f9:17:e6:8c:f4: 07:b2:48:42:e2:ff:5d:f0:5a:a4:fb:37:4f:d7:9a:dd:c4:58: b3:f5:67:44:06:04:46:4d:ca:d3:cb:5a:1e:60:83:af:aa:56: 03:fe:05:56:83:b1:19:a0:f1:30:fd:1f:49:81:d4:21:fa:77: 70:f4:35:c1:d6:36:de:13:fb:e7:6d:ce:8a:1d:57:29:0e:f7: 3e:fb:53:ed:69:ca:25:d9:30:22:c6:97:d7:74:99:72:a4:df: 29:c1:4e:84:04:72:ea:9e:44:38:4c:ea:90:38:5a:14:11:6d: 21:9b:ee:bc:1f:21:ec:42:48:27:68:de:a1:51:b1:9c:a2:fd: fd:12:af:2a:a8:d0:e9:75:87:e4:13:40:9b:28:62:f6:26:b0: 57:2f:49:3a:01:b3:2f:88:1f:c8:9b:c7:c2:ea:a2:94:ac:c3: 78:f6:36:ab:63:ec:92:0d:fc:62:a3:9b:0b:f2:c1:ed:50:5f: 8d:33:13:2a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0Y5QjAxMTAvBgNVBAUTKEEyQTIxN0Q0QTQxMkZCNTM4RjVDOTFBMzRCMzZDRTcx ODc5RERCNjUwHhcNMjUwNzE5MDQ1MjIwWhcNMjUwNzI2MDQ1MjIwWjAYMRYwFAYD VQQDEw02ODdiMjQ4NC0zNmNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0yJ+jysQiTHBxim5MneWWCTlyeAoX5/E6NMkT0YUkYC7+MFy82cuu64erVcZ J53dZ0R7aDEmk4GypBdBYoO2/Zq3zhab5BqALlSKOGfmB2otJ2KnxRlzaHIpWnFz TaSiRh9sEs/MOiTyow3iZFHs/itQhFBYzV0JppaYZPcKVAvq6/JQmSObb+lQloDy /6IjjREa1k26cfZBlk7LRFNt+LeJx0V7ezpt74tcmA5hCvWh+nnaSEO409L/6tZw JsHWX+4/R3R1A5ERiwvViVLsXub6IzAB4vOv8hRhboK/iKPKd9cHZ2kD06g+uWrr G3vNIEHw7D8GSFyRhbZSyZUZIQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHIVTNP3 pY68oEIyWmX1sL6WVjkVMB8GA1UdIwQYMBaAFKKiF9SkEvtTj1yRo0s2znGHndtl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRjlCMC8xNEM5NDk2RTlG M0YxMUVFODAxQjFENjJDNEY5QUUwMi9vcUlYMUtRUy0xT1BYSkdqU3piT2NZZWQy MlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29xSVgxS1FTLTFPUFhKR2pTemJPY1llZDIyVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RjlCMC8xNEM5NDk2RTlGM0YxMUVFODAxQjFENjJDNEY5QUUwMi9vcUlYMUtRUy0x T1BYSkdqU3piT2NZZWQyMlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAC/vAaedy7/B155uCG7RaRstp1FcWys3biQpXeCLhZJMmTRRbBk47k KAGVGOkg0i5OhHW6xdO8gjKVcL4M0sB0by0r+RfmjPQHskhC4v9d8Fqk+zdP15rd xFiz9WdEBgRGTcrTy1oeYIOvqlYD/gVWg7EZoPEw/R9JgdQh+ndw9DXB1jbeE/vn bc6KHVcpDvc++1Ptacol2TAixpfXdJlypN8pwU6EBHLqnkQ4TOqQOFoUEW0hm+68 HyHsQkgnaN6hUbGcov39Eq8qqNDpdYfkE0CbKGL2JrBXL0k6AbMviB/Im8fC6qKU rMN49jarY+ySDfxio5sL8sHtUF+NMxMq -----END CERTIFICATE-----Generated at Sun Jul 20 07:55:34 2025 by rpki-client