$ rpki-client -vvf rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft File: OxaIpfe3JKr754IKLGPZey6o5SI.mft (raw, json) Hash identifier: j1L6XSB2BO8p7e2aBQAVr26t/jOemSJd91cAcwJQJIw= Subject key identifier: 04:A6:3C:18:0B:99:7F:3A:D4:37:62:91:31:5C:16:88:18:3F:55:F7 Authority key identifier: 3B:16:88:A5:F7:B7:24:AA:FB:E7:82:0A:2C:63:D9:7B:2E:A8:E5:22 Certificate issuer: /CN=A91772FA/serialNumber=3B1688A5F7B724AAFBE7820A2C63D97B2EA8E522 Certificate serial: 034C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OxaIpfe3JKr754IKLGPZey6o5SI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft Manifest number: 0344 Signing time: Tue 19 Aug 2025 01:27:14 +0000 Manifest this update: Tue 19 Aug 2025 01:27:14 +0000 Manifest next update: Tue 26 Aug 2025 01:27:14 +0000 Files and hashes: 1: OxaIpfe3JKr754IKLGPZey6o5SI.crl (hash: ZzUa6A66zmNCNhqz+hocsBW6SMY62DgZB+eC4mggoKI=) 2: 2D613294CD7611EC83259862C4F9AE02.roa (hash: HUqC6JNil8MpabByxXZUWUh1z061818LFUdkHBUaghY=) 3: EF8CB49CD78F11EC91680D49C4F9AE02.roa (hash: m1T9GaVF/kOA3y3lDclBiCBdGMqPbCm1SzZbjGctr8o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.crl rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OxaIpfe3JKr754IKLGPZey6o5SI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Aug 2025 01:27:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 844 (0x34c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91772FA, serialNumber=3B1688A5F7B724AAFBE7820A2C63D97B2EA8E522 Validity Not Before: Aug 19 01:27:14 2025 GMT Not After : Aug 26 01:27:14 2025 GMT Subject: CN=68a3d2f2-a4f0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:3d:3c:5b:07:d2:e3:ef:c9:50:43:ed:79:b5: 69:37:84:f1:46:06:1c:84:6d:92:56:2c:a1:37:01: 3b:bc:c7:71:20:b2:01:0d:bb:4f:30:38:f5:be:65: d7:bd:34:55:42:cf:c0:0e:0b:f6:f6:23:43:bd:a1: 4d:17:1f:51:b3:1d:29:eb:c6:d9:05:46:5d:14:26: b0:9c:26:14:8f:b9:22:3e:8c:f2:15:ea:38:09:bd: eb:76:31:03:fa:01:f3:a5:d9:33:2a:78:16:9d:c6: 87:d8:58:cb:d1:d9:d1:3e:35:ea:f5:95:7d:14:98: 22:fb:76:8e:fd:67:20:79:da:a9:3f:27:33:ba:02: 5d:a6:9c:1a:f1:af:59:ed:6d:a8:3e:8d:d8:b3:4e: 14:da:a7:3d:4a:09:60:9f:e6:80:42:56:18:97:89: 05:75:65:df:05:01:67:ca:db:bf:76:ac:a7:9b:2f: 08:2e:cb:cb:f3:3d:f7:54:55:86:ab:82:96:7d:5f: 05:ee:18:77:5e:a3:2f:4d:ee:c7:49:c4:e9:66:93: 12:79:0d:be:86:ff:8f:22:8e:b9:e6:5c:ca:4e:ce: 1f:04:96:cb:18:33:1c:4f:af:4e:5c:c8:e7:26:5b: 23:fa:36:71:1c:9c:a2:da:1b:20:c3:f1:2e:6e:99: 2d:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:A6:3C:18:0B:99:7F:3A:D4:37:62:91:31:5C:16:88:18:3F:55:F7 X509v3 Authority Key Identifier: keyid:3B:16:88:A5:F7:B7:24:AA:FB:E7:82:0A:2C:63:D9:7B:2E:A8:E5:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OxaIpfe3JKr754IKLGPZey6o5SI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8a:38:01:40:91:ff:6f:85:2e:8c:86:d1:7c:1f:ab:35:8d:25: 6c:69:a5:c3:f7:a5:dd:65:c6:f1:6c:fc:85:bf:8d:59:57:f3: 6b:1f:a4:5f:a7:8c:8d:80:3c:9e:eb:2a:bc:94:e6:64:0c:8d: c6:72:94:1b:19:2f:95:96:e2:4e:64:f9:da:e7:1a:0e:f8:51: fd:18:3b:8c:f1:06:18:61:c6:82:f2:15:fd:ce:49:3e:a5:d0: 1a:9c:0f:65:51:c6:0b:0e:da:45:9f:8d:c6:74:c7:c3:2c:a7: b6:0c:13:cc:60:90:68:a4:f9:fa:7f:4c:6f:5d:a2:81:09:4b: c2:b9:e9:e4:3e:73:28:67:01:dd:0f:4c:8c:39:51:cd:c5:e8: 55:95:0e:9e:2c:57:0a:93:a1:75:76:71:2d:6f:aa:74:32:7d: c8:6c:cd:c6:29:b8:97:05:1e:28:5b:49:ad:b0:7b:d5:c2:6a: e7:af:9d:c3:7e:f2:21:d4:59:26:78:75:91:d5:79:f2:2c:be: 73:91:2d:b1:bb:8a:ed:8f:e5:06:54:17:52:66:2a:d5:e3:66: 58:dd:ca:fb:68:9e:c4:7a:26:43:c8:2a:cc:db:1d:96:5c:8a: 9d:6c:62:68:05:c4:d7:0a:18:ff:c4:cf:fb:68:09:9b:ab:be: 5f:54:38:84 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA0wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzcyRkExMTAvBgNVBAUTKDNCMTY4OEE1RjdCNzI0QUFGQkU3ODIwQTJDNjNEOTdC MkVBOEU1MjIwHhcNMjUwODE5MDEyNzE0WhcNMjUwODI2MDEyNzE0WjAYMRYwFAYD VQQDEw02OGEzZDJmMi1hNGYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvz08WwfS4+/JUEPtebVpN4TxRgYchG2SViyhNwE7vMdxILIBDbtPMDj1vmXX vTRVQs/ADgv29iNDvaFNFx9Rsx0p68bZBUZdFCawnCYUj7kiPozyFeo4Cb3rdjED +gHzpdkzKngWncaH2FjL0dnRPjXq9ZV9FJgi+3aO/WcgedqpPyczugJdppwa8a9Z 7W2oPo3Ys04U2qc9Sglgn+aAQlYYl4kFdWXfBQFnytu/dqynmy8ILsvL8z33VFWG q4KWfV8F7hh3XqMvTe7HScTpZpMSeQ2+hv+PIo655lzKTs4fBJbLGDMcT69OXMjn Jlsj+jZxHJyi2hsgw/EubpktFQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFASmPBgL mX861DdikTFcFogYP1X3MB8GA1UdIwQYMBaAFDsWiKX3tySq++eCCixj2XsuqOUi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NzJGQS9ENzI0NDU2MkNE NzMxMUVDQTBBQTgwNjFDNEY5QUUwMi9PeGFJcGZlM0pLcjc1NElLTEdQWmV5Nm81 U0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL094YUlwZmUzSktyNzU0SUtMR1BaZXk2bzVTSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 NzJGQS9ENzI0NDU2MkNENzMxMUVDQTBBQTgwNjFDNEY5QUUwMi9PeGFJcGZlM0pL cjc1NElLTEdQWmV5Nm81U0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCKOAFAkf9vhS6MhtF8H6s1jSVsaaXD96XdZcbxbPyFv41ZV/NrH6Rf p4yNgDye6yq8lOZkDI3GcpQbGS+VluJOZPna5xoO+FH9GDuM8QYYYcaC8hX9zkk+ pdAanA9lUcYLDtpFn43GdMfDLKe2DBPMYJBopPn6f0xvXaKBCUvCuenkPnMoZwHd D0yMOVHNxehVlQ6eLFcKk6F1dnEtb6p0Mn3IbM3GKbiXBR4oW0mtsHvVwmrnr53D fvIh1FkmeHWR1XnyLL5zkS2xu4rtj+UGVBdSZirV42ZY3cr7aJ7EeiZDyCrM2x2W XIqdbGJoBcTXChj/xM/7aAmbq75fVDiE -----END CERTIFICATE-----Generated at Wed Aug 20 15:35:59 2025 by rpki-client