$ rpki-client -vvf rpki.apnic.net/member_repository/A918377D/9F7C8152B4B111EEB0ADE352C4F9AE02/ofrVQukeAX0lfVGxT_XDW4lCnvU.mft File: ofrVQukeAX0lfVGxT_XDW4lCnvU.mft (raw, json) Hash identifier: ov8QyhbkbnYtVohpseStZ/Xlu+fGf5wdfrC1qxW1n7E= Subject key identifier: 1D:D4:A5:D5:DB:5B:C3:41:C1:BF:DA:BC:8F:D5:3D:97:86:EA:D6:FD Authority key identifier: A1:FA:D5:42:E9:1E:01:7D:25:7D:51:B1:4F:F5:C3:5B:89:42:9E:F5 Certificate issuer: /CN=A918377D/serialNumber=A1FAD542E91E017D257D51B14FF5C35B89429EF5 Certificate serial: 0139 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ofrVQukeAX0lfVGxT_XDW4lCnvU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918377D/9F7C8152B4B111EEB0ADE352C4F9AE02/ofrVQukeAX0lfVGxT_XDW4lCnvU.mft Manifest number: 0139 Signing time: Fri 19 Sep 2025 05:00:39 +0000 Manifest this update: Fri 19 Sep 2025 05:00:39 +0000 Manifest next update: Fri 26 Sep 2025 05:00:39 +0000 Files and hashes: 1: ofrVQukeAX0lfVGxT_XDW4lCnvU.crl (hash: j4ZkMSzF+U2HQVvjgXzz+rU0m92e7OUSNUpxUs16RLg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918377D/9F7C8152B4B111EEB0ADE352C4F9AE02/ofrVQukeAX0lfVGxT_XDW4lCnvU.crl rsync://rpki.apnic.net/member_repository/A918377D/9F7C8152B4B111EEB0ADE352C4F9AE02/ofrVQukeAX0lfVGxT_XDW4lCnvU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ofrVQukeAX0lfVGxT_XDW4lCnvU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 26 Sep 2025 05:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 313 (0x139) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918377D, serialNumber=A1FAD542E91E017D257D51B14FF5C35B89429EF5 Validity Not Before: Sep 19 05:00:39 2025 GMT Not After : Sep 26 05:00:39 2025 GMT Subject: CN=68cce377-97ab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:c9:27:d7:e1:e4:3d:7d:e6:b7:9a:a3:44:be: bb:13:1c:ae:c2:48:f0:98:af:6a:60:4c:4c:b0:d8: 4c:40:57:ff:c9:be:ae:70:a1:68:d5:ac:0b:6d:b6: eb:a2:26:af:61:7b:bf:7d:d0:85:44:14:c3:d7:43: 2f:10:4c:bb:fa:fb:b2:ad:92:13:14:11:21:f2:9b: 71:3b:38:e2:6b:ef:da:9c:66:ae:7b:2b:dd:46:68: 8d:5d:78:cc:52:a8:51:de:0e:af:78:9a:78:09:ad: 57:7f:ed:4d:4a:4e:17:ea:94:7f:76:f3:a2:5c:32: c2:56:f1:7a:76:80:8a:de:36:c3:ed:36:36:b8:e6: a3:25:68:4f:14:cf:82:3f:f3:9f:3f:6e:83:a8:a2: ce:a5:ad:88:da:1e:a4:a9:b0:44:52:ba:d5:eb:a7: d5:8f:b2:a8:44:77:5c:a8:e8:c1:4e:c0:03:f2:8c: 0e:ce:da:20:a1:09:64:bf:25:db:18:7e:a0:42:bc: 07:53:04:5b:d5:4a:8a:59:79:cd:32:5a:b8:cd:bf: 9b:9b:f7:c6:5d:10:cc:af:80:a6:f4:07:b8:16:e7: fc:b9:2a:30:b3:fd:dc:c8:12:02:1a:3d:2f:e3:60: 9e:77:b9:7e:5e:66:c9:6f:60:bd:2b:e2:bf:04:d9: b1:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:D4:A5:D5:DB:5B:C3:41:C1:BF:DA:BC:8F:D5:3D:97:86:EA:D6:FD X509v3 Authority Key Identifier: keyid:A1:FA:D5:42:E9:1E:01:7D:25:7D:51:B1:4F:F5:C3:5B:89:42:9E:F5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918377D/9F7C8152B4B111EEB0ADE352C4F9AE02/ofrVQukeAX0lfVGxT_XDW4lCnvU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ofrVQukeAX0lfVGxT_XDW4lCnvU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918377D/9F7C8152B4B111EEB0ADE352C4F9AE02/ofrVQukeAX0lfVGxT_XDW4lCnvU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 78:af:e4:6c:ac:e2:cc:32:90:b6:6a:76:d8:3a:46:f7:00:57: d0:c9:5c:32:74:72:1f:0e:bf:11:dc:44:c3:54:1e:db:2b:e5: 8c:8f:08:01:01:23:d7:63:4d:89:5e:21:77:da:9b:ee:86:97: cb:88:0b:53:2b:5b:e3:cf:b5:78:5e:83:28:1a:97:b2:75:2e: 55:33:ff:e9:37:d8:6f:fb:bc:e9:8a:e5:04:cd:fa:4c:3f:7b: 59:4a:b1:6e:75:8c:1d:4f:5e:97:bc:fa:9d:e1:2e:5a:6a:eb: 54:e5:6c:12:38:10:8b:d0:ae:15:78:2e:06:30:ad:2e:26:a3: 96:6a:36:50:14:38:ac:b8:eb:9a:d1:6a:10:ed:ad:69:8a:be: 52:10:15:68:19:99:cb:fa:5b:32:db:9c:4a:96:02:5a:5c:41: 86:8c:43:c6:27:8c:59:30:ab:82:54:5f:b3:32:93:c5:c3:77: ef:67:0b:d7:23:10:65:5b:fe:f1:fa:4f:cc:13:a4:fa:b9:2a: fb:ce:94:33:ad:bd:2b:55:a7:f4:ee:0e:20:38:93:35:f4:b6: 22:5b:9c:72:53:12:6b:c1:27:a9:02:00:fa:5f:ce:13:f0:3c: f6:32:88:41:5e:32:76:74:d2:00:ba:67:69:c3:34:74:03:b4: d1:14:a1:32 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICATkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODM3N0QxMTAvBgNVBAUTKEExRkFENTQyRTkxRTAxN0QyNTdENTFCMTRGRjVDMzVC ODk0MjlFRjUwHhcNMjUwOTE5MDUwMDM5WhcNMjUwOTI2MDUwMDM5WjAYMRYwFAYD VQQDEw02OGNjZTM3Ny05N2FiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArskn1+HkPX3mt5qjRL67ExyuwkjwmK9qYExMsNhMQFf/yb6ucKFo1awLbbbr oiavYXu/fdCFRBTD10MvEEy7+vuyrZITFBEh8ptxOzjia+/anGaueyvdRmiNXXjM UqhR3g6veJp4Ca1Xf+1NSk4X6pR/dvOiXDLCVvF6doCK3jbD7TY2uOajJWhPFM+C P/OfP26DqKLOpa2I2h6kqbBEUrrV66fVj7KoRHdcqOjBTsAD8owOztogoQlkvyXb GH6gQrwHUwRb1UqKWXnNMlq4zb+bm/fGXRDMr4Cm9Ae4Fuf8uSows/3cyBICGj0v 42Ced7l+XmbJb2C9K+K/BNmxBwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB3UpdXb W8NBwb/avI/VPZeG6tb9MB8GA1UdIwQYMBaAFKH61ULpHgF9JX1RsU/1w1uJQp71 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4Mzc3RC85RjdDODE1MkI0 QjExMUVFQjBBREUzNTJDNEY5QUUwMi9vZnJWUXVrZUFYMGxmVkd4VF9YRFc0bENu dlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29mclZRdWtlQVgwbGZWR3hUX1hEVzRsQ252VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 Mzc3RC85RjdDODE1MkI0QjExMUVFQjBBREUzNTJDNEY5QUUwMi9vZnJWUXVrZUFY MGxmVkd4VF9YRFc0bENudlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB4r+RsrOLMMpC2anbYOkb3AFfQyVwydHIfDr8R3ETDVB7bK+WMjwgB ASPXY02JXiF32pvuhpfLiAtTK1vjz7V4XoMoGpeydS5VM//pN9hv+7zpiuUEzfpM P3tZSrFudYwdT16XvPqd4S5aautU5WwSOBCL0K4VeC4GMK0uJqOWajZQFDisuOua 0WoQ7a1pir5SEBVoGZnL+lsy25xKlgJaXEGGjEPGJ4xZMKuCVF+zMpPFw3fvZwvX IxBlW/7x+k/ME6T6uSr7zpQzrb0rVaf07g4gOJM19LYiW5xyUxJrwSepAgD6X84T 8Dz2MohBXjJ2dNIAumdpwzR0A7TRFKEy -----END CERTIFICATE-----Generated at Fri Sep 19 14:04:03 2025 by rpki-client