$ rpki-client -vvf rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft File: O-7kvaWgSxBLHXLmAcMJONuktkQ.mft (raw, json) Hash identifier: nCLdMczNjkhkCIAcJ3YwgthPgx9AtuCg/rgORckSOBA= Subject key identifier: 92:AA:F2:29:BC:D0:4B:45:07:23:5D:0D:07:BC:67:86:2E:AF:D1:8F Authority key identifier: 3B:EE:E4:BD:A5:A0:4B:10:4B:1D:72:E6:01:C3:09:38:DB:A4:B6:44 Certificate issuer: /CN=A911D2A3/serialNumber=3BEEE4BDA5A04B104B1D72E601C30938DBA4B644 Certificate serial: 1537 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O-7kvaWgSxBLHXLmAcMJONuktkQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft Manifest number: 152B Signing time: Wed 20 Aug 2025 16:53:40 +0000 Manifest this update: Wed 20 Aug 2025 16:53:39 +0000 Manifest next update: Wed 27 Aug 2025 16:53:39 +0000 Files and hashes: 1: O-7kvaWgSxBLHXLmAcMJONuktkQ.crl (hash: 4K5XQrEDxAcsr+BXeIkGHTmk6OoOZbPgvUocFXFM+3g=) 2: D9EDB272C44C11ECA07C2D77C4F9AE02.roa (hash: Iuc0hvonCQ52vF8J3PK6U6v3ddTApNkT2+JlMCbgaDs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.crl rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O-7kvaWgSxBLHXLmAcMJONuktkQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 16:53:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5431 (0x1537) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911D2A3, serialNumber=3BEEE4BDA5A04B104B1D72E601C30938DBA4B644 Validity Not Before: Aug 20 16:53:39 2025 GMT Not After : Aug 27 16:53:39 2025 GMT Subject: CN=68a5fd93-f62c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:74:34:3f:e1:5b:5c:cf:ca:53:9f:a5:f1:1b: d9:23:b2:a4:11:45:0a:65:71:69:06:a8:da:03:52: d8:9e:be:ac:3e:e4:33:73:f9:60:2e:c8:b8:37:dc: 2b:dd:ce:6f:a8:c0:34:8b:a8:9c:29:b8:de:6b:99: bc:11:33:df:11:c0:e5:d9:38:8e:7b:76:0a:7b:6a: e1:71:c4:88:2d:7b:2a:04:25:ee:96:9f:e3:b0:2a: 98:07:22:ee:90:ef:80:b1:12:ec:18:41:0d:5e:b7: 50:86:a2:9f:7b:ed:ec:62:6a:ef:94:26:44:96:52: e8:b5:4f:34:ef:f2:7c:aa:57:3d:24:fc:ca:28:c9: 2c:9a:68:1e:7c:b0:0c:57:21:e1:c6:4d:e6:df:0e: 34:0c:06:cf:6c:4e:48:4d:f2:59:79:58:84:74:54: 45:30:6a:f7:92:5e:22:fa:cd:ab:e2:b5:f2:ec:d0: c9:5a:3d:2a:9c:9b:b1:20:e5:23:3d:83:62:13:ed: 7f:2f:82:a7:60:2d:30:8c:7a:9f:33:cd:7b:82:2a: de:4a:9c:c4:13:ea:61:86:8f:5a:36:d6:ee:93:55: 38:48:fa:87:2b:d8:26:7b:9c:14:d0:2e:7d:b7:44: 69:b2:10:62:f1:98:22:3b:84:90:e4:08:b2:a3:9f: 5d:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:AA:F2:29:BC:D0:4B:45:07:23:5D:0D:07:BC:67:86:2E:AF:D1:8F X509v3 Authority Key Identifier: keyid:3B:EE:E4:BD:A5:A0:4B:10:4B:1D:72:E6:01:C3:09:38:DB:A4:B6:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O-7kvaWgSxBLHXLmAcMJONuktkQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 73:df:d6:98:da:d0:41:38:eb:27:05:55:e6:78:cc:0a:c1:32: de:04:55:dd:9b:78:4f:fc:0c:15:e6:16:4c:96:79:c2:52:c1: ef:0c:6b:02:ca:51:87:77:4b:74:66:bf:bd:bb:91:de:68:0d: 15:3a:cb:34:3e:c5:d5:69:fb:ee:3b:f2:eb:e6:96:a1:1f:fa: ea:fd:27:c1:dc:76:74:a2:af:43:ef:0e:53:09:c0:f9:9f:c7: bf:87:3e:e0:08:42:50:44:4d:d7:b8:c6:64:ba:48:1c:86:ec: 2d:6b:cd:43:97:7d:ed:7f:70:98:02:03:2d:64:d3:29:d8:f1: 09:9e:ef:ac:4b:3e:e4:c8:f7:63:3d:0a:79:60:1c:af:ab:69: fd:44:2e:7c:54:54:00:80:14:84:41:2b:9a:21:4c:27:4e:df: 4f:6b:b3:bf:a3:ef:1a:96:ba:a2:8d:0c:be:9a:a8:52:8a:e8: 7a:f8:ea:a1:ef:d9:32:23:ae:0c:3f:76:ff:04:92:6a:af:b3: c8:7a:24:23:73:59:57:00:ce:d7:61:ba:f0:c9:02:c4:b2:09: 72:8f:69:71:89:48:e3:6f:76:4e:97:79:a6:0a:21:6f:4a:7d: 07:cd:33:f7:b1:07:61:36:03:b0:91:5f:1b:da:db:0e:d0:59: 3f:30:32:0e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFTcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUQyQTMxMTAvBgNVBAUTKDNCRUVFNEJEQTVBMDRCMTA0QjFENzJFNjAxQzMwOTM4 REJBNEI2NDQwHhcNMjUwODIwMTY1MzM5WhcNMjUwODI3MTY1MzM5WjAYMRYwFAYD VQQDEw02OGE1ZmQ5My1mNjJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtHQ0P+FbXM/KU5+l8RvZI7KkEUUKZXFpBqjaA1LYnr6sPuQzc/lgLsi4N9wr 3c5vqMA0i6icKbjea5m8ETPfEcDl2TiOe3YKe2rhccSILXsqBCXulp/jsCqYByLu kO+AsRLsGEENXrdQhqKfe+3sYmrvlCZEllLotU807/J8qlc9JPzKKMksmmgefLAM VyHhxk3m3w40DAbPbE5ITfJZeViEdFRFMGr3kl4i+s2r4rXy7NDJWj0qnJuxIOUj PYNiE+1/L4KnYC0wjHqfM817gireSpzEE+phho9aNtbuk1U4SPqHK9gme5wU0C59 t0RpshBi8ZgiO4SQ5Aiyo59djwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJKq8im8 0EtFByNdDQe8Z4Yur9GPMB8GA1UdIwQYMBaAFDvu5L2loEsQSx1y5gHDCTjbpLZE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDJBMy9GNkFDNjM4NjRF RkQxMUU4ODkyQjg2ODNDNEY5QUUwMi9PLTdrdmFXZ1N4QkxIWExtQWNNSk9OdWt0 a1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL08tN2t2YVdnU3hCTEhYTG1BY01KT051a3RrUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx RDJBMy9GNkFDNjM4NjRFRkQxMUU4ODkyQjg2ODNDNEY5QUUwMi9PLTdrdmFXZ1N4 QkxIWExtQWNNSk9OdWt0a1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBz39aY2tBBOOsnBVXmeMwKwTLeBFXdm3hP/AwV5hZMlnnCUsHvDGsC ylGHd0t0Zr+9u5HeaA0VOss0PsXVafvuO/Lr5pahH/rq/SfB3HZ0oq9D7w5TCcD5 n8e/hz7gCEJQRE3XuMZkukgchuwta81Dl33tf3CYAgMtZNMp2PEJnu+sSz7kyPdj PQp5YByvq2n9RC58VFQAgBSEQSuaIUwnTt9Pa7O/o+8alrqijQy+mqhSiuh6+Oqh 79kyI64MP3b/BJJqr7PIeiQjc1lXAM7XYbrwyQLEsglyj2lxiUjjb3ZOl3mmCiFv Sn0HzTP3sQdhNgOwkV8b2tsO0Fk/MDIO -----END CERTIFICATE-----Generated at Fri Aug 22 16:38:26 2025 by rpki-client