$ rpki-client -vvf rpki.apnic.net/member_repository/A91187C1/2631C8B4570A11F0B538CF65C4F9AE02/orn_7UcMW3HFLztks7btpBm-E7M.mft File: orn_7UcMW3HFLztks7btpBm-E7M.mft (raw, json) Hash identifier: wdHC3MP5EQ7LnzpVrL9MjtOd6rd62YUgl/My5WaVSlQ= Subject key identifier: C2:CC:2A:71:FE:34:A9:77:6A:17:9B:A0:CE:3C:77:9E:67:29:EF:36 Authority key identifier: A2:B9:FF:ED:47:0C:5B:71:C5:2F:3B:64:B3:B6:ED:A4:19:BE:13:B3 Certificate issuer: /CN=A91187C1/serialNumber=A2B9FFED470C5B71C52F3B64B3B6EDA419BE13B3 Certificate serial: 21 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/orn_7UcMW3HFLztks7btpBm-E7M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91187C1/2631C8B4570A11F0B538CF65C4F9AE02/orn_7UcMW3HFLztks7btpBm-E7M.mft Manifest number: 20 Signing time: Mon 25 Aug 2025 08:26:18 +0000 Manifest this update: Mon 25 Aug 2025 08:26:18 +0000 Manifest next update: Mon 01 Sep 2025 08:26:18 +0000 Files and hashes: 1: orn_7UcMW3HFLztks7btpBm-E7M.crl (hash: faaIAsmLlvB3BgYeTDUEVMdjjJJkndOcRge1ZtitxNE=) 2: C265A63A571211F092B99F2AC4F9AE02.roa (hash: mdIvnywtfDJvKSbbhgc4qSg7/SJGPr319lK/wnjqr9k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91187C1/2631C8B4570A11F0B538CF65C4F9AE02/orn_7UcMW3HFLztks7btpBm-E7M.crl rsync://rpki.apnic.net/member_repository/A91187C1/2631C8B4570A11F0B538CF65C4F9AE02/orn_7UcMW3HFLztks7btpBm-E7M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/orn_7UcMW3HFLztks7btpBm-E7M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 01 Sep 2025 08:26:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33 (0x21) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91187C1, serialNumber=A2B9FFED470C5B71C52F3B64B3B6EDA419BE13B3 Validity Not Before: Aug 25 08:26:18 2025 GMT Not After : Sep 1 08:26:18 2025 GMT Subject: CN=68ac1e2a-8ed6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:05:d7:95:e8:c9:1f:cc:5b:8a:f1:13:ac:98: f4:6e:a4:9e:af:c4:ce:bd:b0:ee:9c:d4:7a:86:db: 96:04:2b:3d:40:f7:62:6a:f4:f2:89:b2:81:8a:ec: f4:be:51:6c:7e:8e:5e:ef:7b:ea:79:8c:d2:47:b2: cb:3f:e4:af:ff:b3:90:61:ed:5d:5e:97:0c:5c:ec: d4:ee:c5:53:30:fe:3b:b0:67:90:1f:51:8c:3b:7a: 1a:a7:21:44:e3:61:16:cb:e9:48:e4:f8:96:ea:d0: 71:26:99:e2:ea:f7:08:5c:ed:76:00:c3:d1:13:8e: 55:af:25:0c:1b:e4:85:82:8c:30:7b:f4:d8:9c:44: 91:84:2b:d8:22:8f:94:78:1a:43:24:2d:c2:3a:e3: 26:90:35:2d:62:68:b8:3c:d5:16:6c:23:7d:f9:a7: 35:70:35:c1:7b:39:9c:74:b3:e4:e6:24:cc:f3:29: 66:70:95:7b:c0:f4:bf:00:a7:7e:c2:ef:7e:d3:86: c8:a0:c5:6f:1c:fc:ce:07:07:c7:97:87:22:93:bf: 76:7e:a8:0d:4e:59:79:ae:4d:98:1b:71:39:5e:fe: 16:f7:aa:b6:e8:7d:d0:b6:cd:5e:75:66:b7:32:b2: 3d:80:bd:7d:21:2f:cb:b9:df:6a:1c:92:12:d9:28: 3e:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:CC:2A:71:FE:34:A9:77:6A:17:9B:A0:CE:3C:77:9E:67:29:EF:36 X509v3 Authority Key Identifier: keyid:A2:B9:FF:ED:47:0C:5B:71:C5:2F:3B:64:B3:B6:ED:A4:19:BE:13:B3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91187C1/2631C8B4570A11F0B538CF65C4F9AE02/orn_7UcMW3HFLztks7btpBm-E7M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/orn_7UcMW3HFLztks7btpBm-E7M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91187C1/2631C8B4570A11F0B538CF65C4F9AE02/orn_7UcMW3HFLztks7btpBm-E7M.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 52:7f:85:7b:4a:40:93:a0:f0:45:b2:1d:fc:c2:6e:ec:ba:1e: 07:bf:e0:36:e7:f6:48:93:ef:b4:61:d5:63:09:26:a9:55:09: 84:c7:34:95:95:a8:42:ed:25:e0:56:69:31:bd:00:dc:5e:fe: cc:b6:a8:89:a3:75:ac:11:72:7f:ad:50:2b:fc:92:da:97:f1: 42:e2:9e:a5:ac:d2:50:6a:7e:47:02:c9:5e:14:c6:17:56:95: 38:e7:c3:b5:9a:28:1d:40:f8:39:2f:f0:9f:bf:8b:a9:3e:d4: b1:eb:24:e9:d5:ae:46:20:69:e8:73:62:d0:08:9b:6b:86:1d: 46:bc:12:89:12:23:08:8e:cf:bd:48:ce:96:99:44:76:9d:1c: 80:c4:b8:34:4a:51:aa:bb:e6:84:bf:4b:43:e0:be:03:90:6e: b3:57:77:d7:3d:d9:45:6d:27:05:11:33:88:b6:16:50:65:45: 68:a4:72:09:c6:01:c6:76:86:d1:2a:bd:b4:41:a7:a5:32:50: 31:12:0c:d2:4b:e6:27:ad:e7:7e:32:a3:16:a7:de:6a:37:3f: b7:38:43:d8:01:38:69:73:c0:a4:b0:40:27:a4:9a:46:36:fd: 3b:09:48:28:d5:07:0c:98:21:55:c3:17:96:75:1d:11:8a:8d: 12:9e:cb:97 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBITANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx ODdDMTExMC8GA1UEBRMoQTJCOUZGRUQ0NzBDNUI3MUM1MkYzQjY0QjNCNkVEQTQx OUJFMTNCMzAeFw0yNTA4MjUwODI2MThaFw0yNTA5MDEwODI2MThaMBgxFjAUBgNV BAMTDTY4YWMxZTJhLThlZDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCmBdeV6MkfzFuK8ROsmPRupJ6vxM69sO6c1HqG25YEKz1A92Jq9PKJsoGK7PS+ UWx+jl7ve+p5jNJHsss/5K//s5Bh7V1elwxc7NTuxVMw/juwZ5AfUYw7ehqnIUTj YRbL6Ujk+Jbq0HEmmeLq9whc7XYAw9ETjlWvJQwb5IWCjDB79NicRJGEK9gij5R4 GkMkLcI64yaQNS1iaLg81RZsI335pzVwNcF7OZx0s+TmJMzzKWZwlXvA9L8Ap37C 737ThsigxW8c/M4HB8eXhyKTv3Z+qA1OWXmuTZgbcTle/hb3qrbofdC2zV51Zrcy sj2AvX0hL8u532ockhLZKD4LAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUwswqcf40 qXdqF5ugzjx3nmcp7zYwHwYDVR0jBBgwFoAUorn/7UcMW3HFLztks7btpBm+E7Mw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTE4N0MxLzI2MzFDOEI0NTcw QTExRjBCNTM4Q0Y2NUM0RjlBRTAyL29ybl83VWNNVzNIRkx6dGtzN2J0cEJtLUU3 TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvb3JuXzdVY01XM0hGTHp0a3M3YnRwQm0tRTdNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTE4 N0MxLzI2MzFDOEI0NTcwQTExRjBCNTM4Q0Y2NUM0RjlBRTAyL29ybl83VWNNVzNI Rkx6dGtzN2J0cEJtLUU3TS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAFJ/hXtKQJOg8EWyHfzCbuy6Hge/4Dbn9kiT77Rh1WMJJqlVCYTHNJWV qELtJeBWaTG9ANxe/sy2qImjdawRcn+tUCv8ktqX8ULinqWs0lBqfkcCyV4UxhdW lTjnw7WaKB1A+Dkv8J+/i6k+1LHrJOnVrkYgaehzYtAIm2uGHUa8EokSIwiOz71I zpaZRHadHIDEuDRKUaq75oS/S0PgvgOQbrNXd9c92UVtJwURM4i2FlBlRWikcgnG AcZ2htEqvbRBp6UyUDESDNJL5iet534yoxan3mo3P7c4Q9gBOGlzwKSwQCekmkY2 /TsJSCjVBwyYIVXDF5Z1HRGKjRKey5c= -----END CERTIFICATE-----Generated at Mon Aug 25 23:36:18 2025 by rpki-client