$ rpki-client -vvf rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/OtjA2kteE0OjhFRLZEARiFJg_wc.mft File: OtjA2kteE0OjhFRLZEARiFJg_wc.mft (raw, json) Hash identifier: /7enrorKiyrZ9m8Hk6Mf22vgRDgWY22FYTBN7J4SU+Q= Subject key identifier: A2:49:7B:FF:A6:41:DC:6F:8D:57:8B:50:0F:18:5D:A1:A6:21:94:08 Authority key identifier: 3A:D8:C0:DA:4B:5E:13:43:A3:84:54:4B:64:40:11:88:52:60:FF:07 Certificate issuer: /CN=A916022F/serialNumber=3AD8C0DA4B5E1343A384544B644011885260FF07 Certificate serial: 1349 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OtjA2kteE0OjhFRLZEARiFJg_wc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/OtjA2kteE0OjhFRLZEARiFJg_wc.mft Manifest number: 2429 Signing time: Wed 20 Aug 2025 17:05:22 +0000 Manifest this update: Wed 20 Aug 2025 17:05:21 +0000 Manifest next update: Wed 27 Aug 2025 17:05:21 +0000 Files and hashes: 1: OtjA2kteE0OjhFRLZEARiFJg_wc.crl (hash: P6RmxVdYO/Rr9xzlaylu4wbg1HE7zlqD9CD+rDGRcbk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/OtjA2kteE0OjhFRLZEARiFJg_wc.crl rsync://rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/OtjA2kteE0OjhFRLZEARiFJg_wc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OtjA2kteE0OjhFRLZEARiFJg_wc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 17:05:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4937 (0x1349) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916022F, serialNumber=3AD8C0DA4B5E1343A384544B644011885260FF07 Validity Not Before: Aug 20 17:05:21 2025 GMT Not After : Aug 27 17:05:21 2025 GMT Subject: CN=68a60052-fe8e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:c9:dc:d6:cd:61:5b:a3:92:67:5a:ef:fb:15: b5:0a:ec:aa:05:da:b6:22:bf:5a:d8:b0:cf:a0:61: 38:0e:55:69:b7:b5:3b:28:4a:a8:56:b2:52:fd:ff: bd:d6:5e:95:63:b1:66:ad:6a:0f:20:09:c0:c4:37: 96:20:2c:9b:42:8a:79:60:46:46:8d:86:0d:6d:3a: a1:4b:3d:e4:ba:21:d7:9d:31:9a:c9:e5:ca:f1:c7: d8:98:c2:40:45:50:ff:05:17:e3:93:b1:a0:bc:83: fa:4c:04:ae:77:6e:ec:14:87:a4:22:42:ec:da:bb: 83:80:ab:1a:60:9e:59:38:e1:9f:10:76:05:1b:83: 56:46:7f:58:6d:14:35:c2:e3:08:ce:f8:d0:bd:fc: 56:16:a1:de:74:2b:43:31:d8:88:2f:1d:ca:c3:28: b0:14:ab:5a:ba:3e:ad:b6:69:b3:fd:b3:ee:1d:46: 59:58:c1:b2:aa:0d:1e:a8:87:91:2e:c9:79:4a:2b: 68:5b:d3:5e:31:19:ab:d6:ad:a0:5d:dd:86:24:42: 67:02:cd:4b:15:5b:6d:57:a6:09:c0:c8:c8:24:c1: 1a:65:1d:bf:0f:a6:84:fd:b8:f6:d8:09:7d:45:b2: 0f:b2:aa:4a:d6:e4:ce:ca:cd:7b:b0:e8:df:fd:ab: b6:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:49:7B:FF:A6:41:DC:6F:8D:57:8B:50:0F:18:5D:A1:A6:21:94:08 X509v3 Authority Key Identifier: keyid:3A:D8:C0:DA:4B:5E:13:43:A3:84:54:4B:64:40:11:88:52:60:FF:07 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/OtjA2kteE0OjhFRLZEARiFJg_wc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OtjA2kteE0OjhFRLZEARiFJg_wc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/OtjA2kteE0OjhFRLZEARiFJg_wc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6a:46:8e:b9:2a:f4:9d:14:b2:57:7c:95:35:65:40:c0:bb:9a: c8:f0:91:90:38:58:14:71:9a:d3:d8:7b:e0:52:09:ee:13:66: 28:34:6a:42:e4:da:26:64:fd:f1:9f:b0:41:d7:2d:7f:29:0b: 92:e4:36:8e:52:1b:0e:b8:12:06:be:85:7c:6f:cc:f9:5f:1d: 5b:c1:13:2a:ff:01:91:3d:44:46:65:72:eb:70:03:1e:04:e1: 91:2b:ec:7a:bc:cd:67:14:e9:29:c8:1c:11:13:db:0c:d4:9d: 73:6d:87:ca:a3:51:6d:09:2f:96:55:51:4e:02:fb:01:eb:52: 18:aa:76:f3:81:ba:31:73:4e:57:ad:db:74:f3:4c:dd:ad:70: 72:a3:b4:5a:50:01:31:18:a3:4c:e3:ee:0d:b5:17:bb:b8:c0: 5c:38:76:61:53:a2:c1:05:54:ff:ba:c8:14:25:45:b9:f2:39: 35:12:73:af:df:15:5f:19:f8:05:1c:78:e1:f8:1b:93:ef:c6: c1:8d:c4:24:e7:75:7c:6e:ee:10:7b:74:da:d2:57:95:01:48: 56:d6:1f:fc:ad:83:4b:a9:ce:6e:81:34:4e:34:b9:c3:b4:cf: a8:22:31:f8:12:bb:3d:41:d1:d8:85:25:35:88:b3:ea:2f:b2: e5:72:37:ab -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICE0kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjAyMkYxMTAvBgNVBAUTKDNBRDhDMERBNEI1RTEzNDNBMzg0NTQ0QjY0NDAxMTg4 NTI2MEZGMDcwHhcNMjUwODIwMTcwNTIxWhcNMjUwODI3MTcwNTIxWjAYMRYwFAYD VQQDEw02OGE2MDA1Mi1mZThlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAo8nc1s1hW6OSZ1rv+xW1CuyqBdq2Ir9a2LDPoGE4DlVpt7U7KEqoVrJS/f+9 1l6VY7FmrWoPIAnAxDeWICybQop5YEZGjYYNbTqhSz3kuiHXnTGayeXK8cfYmMJA RVD/BRfjk7GgvIP6TASud27sFIekIkLs2ruDgKsaYJ5ZOOGfEHYFG4NWRn9YbRQ1 wuMIzvjQvfxWFqHedCtDMdiILx3KwyiwFKtauj6ttmmz/bPuHUZZWMGyqg0eqIeR Lsl5SitoW9NeMRmr1q2gXd2GJEJnAs1LFVttV6YJwMjIJMEaZR2/D6aE/bj22Al9 RbIPsqpK1uTOys17sOjf/au2tQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKJJe/+m QdxvjVeLUA8YXaGmIZQIMB8GA1UdIwQYMBaAFDrYwNpLXhNDo4RUS2RAEYhSYP8H MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MDIyRi85RUM3QUZCNEFB N0QxMUU4ODYxNDQ1MjRDNEY5QUUwMi9PdGpBMmt0ZUUwT2poRlJMWkVBUmlGSmdf d2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL090akEya3RlRTBPamhGUkxaRUFSaUZKZ193Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 MDIyRi85RUM3QUZCNEFBN0QxMUU4ODYxNDQ1MjRDNEY5QUUwMi9PdGpBMmt0ZUUw T2poRlJMWkVBUmlGSmdfd2MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBqRo65KvSdFLJXfJU1ZUDAu5rI8JGQOFgUcZrT2HvgUgnuE2YoNGpC 5NomZP3xn7BB1y1/KQuS5DaOUhsOuBIGvoV8b8z5Xx1bwRMq/wGRPURGZXLrcAMe BOGRK+x6vM1nFOkpyBwRE9sM1J1zbYfKo1FtCS+WVVFOAvsB61IYqnbzgboxc05X rdt080zdrXByo7RaUAExGKNM4+4NtRe7uMBcOHZhU6LBBVT/usgUJUW58jk1EnOv 3xVfGfgFHHjh+BuT78bBjcQk53V8bu4Qe3Ta0leVAUhW1h/8rYNLqc5ugTRONLnD tM+oIjH4Ers9QdHYhSU1iLPqL7Llcjer -----END CERTIFICATE-----Generated at Fri Aug 22 16:29:52 2025 by rpki-client