$ rpki-client -vvf rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.mft File: Ok9ILhJcCNuDBRbVGkot8eCqiso.mft (raw, json) Hash identifier: R7FNy6qb1eDRyiWY+0s7tbnSPHg047ATGKvPAWiiGI4= Subject key identifier: 06:91:06:33:AD:B6:3A:84:CD:AB:49:34:97:60:2D:11:DB:1D:8D:6E Authority key identifier: 3A:4F:48:2E:12:5C:08:DB:83:05:16:D5:1A:4A:2D:F1:E0:AA:8A:CA Certificate issuer: /CN=A918C158/serialNumber=3A4F482E125C08DB830516D51A4A2DF1E0AA8ACA Certificate serial: 0A7C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ok9ILhJcCNuDBRbVGkot8eCqiso.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.mft Manifest number: 0A77 Signing time: Sun 24 Aug 2025 19:37:08 +0000 Manifest this update: Sun 24 Aug 2025 19:37:07 +0000 Manifest next update: Sun 31 Aug 2025 19:37:07 +0000 Files and hashes: 1: Ok9ILhJcCNuDBRbVGkot8eCqiso.crl (hash: MUk9WWXQSttxlJPk4eO0MH7RmTNlTv56de5kmZOl5yM=) 2: F25A6266796A11EB82E0EE24C4F9AE02.roa (hash: aNxxH/k6H9pUK4+Yh6tMJ5W3Dxa/fkGC+OopIVqyBEI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.crl rsync://rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ok9ILhJcCNuDBRbVGkot8eCqiso.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 31 Aug 2025 19:03:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2684 (0xa7c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918C158, serialNumber=3A4F482E125C08DB830516D51A4A2DF1E0AA8ACA Validity Not Before: Aug 24 19:37:07 2025 GMT Not After : Aug 31 19:37:07 2025 GMT Subject: CN=68ab69e4-a405 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:4d:07:b2:b8:64:23:39:ae:2d:f1:2c:06:0d: 5e:89:e3:59:56:4d:fc:cb:e7:2b:49:a1:26:bb:31: b3:5e:21:aa:24:80:b7:6e:d6:9a:bb:72:00:b3:ce: d7:0f:f0:c6:1a:ec:89:95:c8:e2:ec:0a:5c:71:bc: 2e:62:1e:7a:60:e9:72:45:de:01:b8:c2:07:e4:aa: 52:d3:e3:cc:f6:c8:93:6e:5d:af:2f:82:31:05:39: 9c:e8:0f:e5:26:c4:88:d5:9d:6f:20:05:62:5b:25: fd:0c:f3:4d:c9:fd:70:92:dd:de:53:f3:0b:96:87: b5:25:8c:51:e8:c2:7b:0e:3e:b0:64:b8:1f:25:8a: 70:d6:dc:0e:69:fc:bf:f8:1d:8b:1b:12:1d:a1:38: b4:5c:b3:9b:7d:18:85:b4:c7:91:d4:18:40:d7:7e: 15:9b:54:e9:ab:6d:b9:d4:85:a3:7e:cf:de:86:02: ec:22:24:a2:86:5f:7f:a5:ed:e3:73:c9:8e:7f:be: 58:11:fe:00:03:54:80:48:32:db:49:96:1d:41:64: 04:64:c5:cf:f9:de:ff:fe:49:16:23:0a:39:45:c3: 31:2d:95:78:f3:4e:3a:90:0a:c6:76:92:a6:e0:9e: 40:6a:66:29:5a:d5:97:57:66:7d:16:77:cb:74:31: 75:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:91:06:33:AD:B6:3A:84:CD:AB:49:34:97:60:2D:11:DB:1D:8D:6E X509v3 Authority Key Identifier: keyid:3A:4F:48:2E:12:5C:08:DB:83:05:16:D5:1A:4A:2D:F1:E0:AA:8A:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ok9ILhJcCNuDBRbVGkot8eCqiso.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0c:e5:0f:b7:2a:34:64:07:cb:2b:4d:d6:5f:69:86:ee:a9:cd: 91:4d:9a:74:0e:c1:0f:05:e0:00:fb:20:b2:7f:98:33:cb:4b: aa:91:ef:c7:d7:7c:0c:98:89:2e:38:0d:cd:70:be:34:f1:f4: 8b:fd:23:98:a2:03:e6:cd:6f:ef:a7:55:45:8c:bc:2a:22:cc: d2:6c:ff:96:5e:cf:b6:d6:74:0f:ca:7b:35:e3:d7:3c:23:dd: ea:a4:44:c9:fe:aa:ec:4f:bb:a2:db:f8:98:bc:c9:51:3c:5b: ab:93:49:c7:ce:8d:65:ee:34:a0:57:55:57:14:0f:7b:3c:47: 7b:d5:d0:75:c8:75:fb:20:4d:9a:9f:4d:1d:d8:d3:30:8a:3c: a0:f0:14:c9:15:ba:e4:cb:c0:91:c5:2f:eb:81:f1:6a:48:f9: af:59:a2:6e:29:bd:77:da:eb:b7:9a:ce:79:58:e1:c4:f4:27: a5:a2:3c:6b:71:f0:c2:9a:0e:00:31:71:a4:ca:94:c1:ef:cb: cb:8d:a0:5f:35:a0:9f:2c:d6:bb:0b:27:e5:fd:78:41:c1:f4: a2:b2:16:b6:bd:56:43:6b:6f:88:72:b4:b9:91:4c:2e:12:9f: 1c:7f:54:26:a7:36:a0:2f:8e:8d:eb:5c:ec:10:fa:29:86:b4: 34:72:f3:66 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCnwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEMxNTgxMTAvBgNVBAUTKDNBNEY0ODJFMTI1QzA4REI4MzA1MTZENTFBNEEyREYx RTBBQThBQ0EwHhcNMjUwODI0MTkzNzA3WhcNMjUwODMxMTkzNzA3WjAYMRYwFAYD VQQDEw02OGFiNjllNC1hNDA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAq00HsrhkIzmuLfEsBg1eieNZVk38y+crSaEmuzGzXiGqJIC3btaau3IAs87X D/DGGuyJlcji7ApccbwuYh56YOlyRd4BuMIH5KpS0+PM9siTbl2vL4IxBTmc6A/l JsSI1Z1vIAViWyX9DPNNyf1wkt3eU/MLloe1JYxR6MJ7Dj6wZLgfJYpw1twOafy/ +B2LGxIdoTi0XLObfRiFtMeR1BhA134Vm1Tpq2251IWjfs/ehgLsIiSihl9/pe3j c8mOf75YEf4AA1SASDLbSZYdQWQEZMXP+d7//kkWIwo5RcMxLZV48046kArGdpKm 4J5AamYpWtWXV2Z9FnfLdDF1dQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAaRBjOt tjqEzatJNJdgLRHbHY1uMB8GA1UdIwQYMBaAFDpPSC4SXAjbgwUW1RpKLfHgqorK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QzE1OC9BRTUxRDgwMjY3 M0IxMUVBOTlCMkU1NTZDNEY5QUUwMi9PazlJTGhKY0NOdURCUmJWR2tvdDhlQ3Fp c28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09rOUlMaEpjQ051REJSYlZHa290OGVDcWlzby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 QzE1OC9BRTUxRDgwMjY3M0IxMUVBOTlCMkU1NTZDNEY5QUUwMi9PazlJTGhKY0NO dURCUmJWR2tvdDhlQ3Fpc28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAM5Q+3KjRkB8srTdZfaYbuqc2RTZp0DsEPBeAA+yCyf5gzy0uqke/H 13wMmIkuOA3NcL408fSL/SOYogPmzW/vp1VFjLwqIszSbP+WXs+21nQPyns149c8 I93qpETJ/qrsT7ui2/iYvMlRPFurk0nHzo1l7jSgV1VXFA97PEd71dB1yHX7IE2a n00d2NMwijyg8BTJFbrky8CRxS/rgfFqSPmvWaJuKb132uu3ms55WOHE9Celojxr cfDCmg4AMXGkypTB78vLjaBfNaCfLNa7Cyfl/XhBwfSisha2vVZDa2+IcrS5kUwu Ep8cf1QmpzagL46N61zsEPophrQ0cvNm -----END CERTIFICATE-----Generated at Sun Aug 24 22:20:54 2025 by rpki-client