$ rpki-client -vvf rpki.apnic.net/member_repository/A918C3B7/159A4AD0932511EEBE987F60C4F9AE02/OYN8tL7K9qYmyRaulgJBtgnmsgo.mft File: OYN8tL7K9qYmyRaulgJBtgnmsgo.mft (raw, json) Hash identifier: 2/U/fLrv25lNp11YC6EatLggjTktAoiPgmB6wU3lL20= Subject key identifier: 97:58:CE:B4:9C:27:3D:EF:89:CD:89:BA:BC:CF:AF:4B:99:EA:D9:47 Authority key identifier: 39:83:7C:B4:BE:CA:F6:A6:26:C9:16:AE:96:02:41:B6:09:E6:B2:0A Certificate issuer: /CN=A918C3B7/serialNumber=39837CB4BECAF6A626C916AE960241B609E6B20A Certificate serial: 0145 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OYN8tL7K9qYmyRaulgJBtgnmsgo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918C3B7/159A4AD0932511EEBE987F60C4F9AE02/OYN8tL7K9qYmyRaulgJBtgnmsgo.mft Manifest number: 0143 Signing time: Mon 25 Aug 2025 04:40:47 +0000 Manifest this update: Mon 25 Aug 2025 04:40:46 +0000 Manifest next update: Mon 01 Sep 2025 04:40:46 +0000 Files and hashes: 1: OYN8tL7K9qYmyRaulgJBtgnmsgo.crl (hash: klS9r13uSAhk+OYeST5dMkVDYeYFqLzbw/qYwOvDP6U=) 2: C635D41E611411EF9B00D029C4F9AE02.roa (hash: rOwD6kKfHs7j3niSOFa7ZxwcRgpXDjpa8bFCR+QwO/w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918C3B7/159A4AD0932511EEBE987F60C4F9AE02/OYN8tL7K9qYmyRaulgJBtgnmsgo.crl rsync://rpki.apnic.net/member_repository/A918C3B7/159A4AD0932511EEBE987F60C4F9AE02/OYN8tL7K9qYmyRaulgJBtgnmsgo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OYN8tL7K9qYmyRaulgJBtgnmsgo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 01 Sep 2025 04:40:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 325 (0x145) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918C3B7, serialNumber=39837CB4BECAF6A626C916AE960241B609E6B20A Validity Not Before: Aug 25 04:40:46 2025 GMT Not After : Sep 1 04:40:46 2025 GMT Subject: CN=68abe94f-e0e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:91:9b:4f:7c:3a:34:66:a1:04:0d:a3:19:d6: 52:81:72:18:82:06:3d:45:4d:cf:3c:ee:7f:95:a0: 4f:3c:79:08:67:c3:53:16:00:07:e4:f3:b6:32:01: e6:9b:4b:a8:1f:fd:2a:3a:50:f2:ec:45:15:f9:db: 40:05:1f:37:b3:b8:e1:b8:d5:ff:3d:55:ee:09:c2: 57:90:a6:ef:49:a4:65:51:7b:23:bc:ba:ca:99:3d: e2:b4:8b:b3:df:79:da:ef:27:10:71:c7:71:ad:78: ab:27:62:c5:e1:15:40:81:95:54:c6:61:94:78:8a: 47:d2:d1:8d:da:9a:a2:3c:d1:af:2a:da:ef:3c:8d: 7c:bd:63:e9:9c:42:26:97:63:0d:3d:e1:0b:c2:10: f6:cf:25:2e:4b:b5:7f:75:85:67:44:cb:b8:78:65: 99:b0:fb:4e:8b:8c:1e:10:af:03:a4:ee:cd:44:35: 45:86:36:87:49:e2:2e:30:88:63:5c:d0:a4:44:20: 1f:ff:ea:ce:49:9a:d9:49:b3:b6:ed:e1:d2:7d:7f: 3d:dd:68:8c:a8:b5:72:08:29:53:07:0c:f0:c7:0c: 3e:c3:41:c2:08:14:53:d0:f5:05:42:99:7e:c6:67: 78:96:9a:24:f5:a7:c8:a6:5f:ad:5a:01:ee:5b:2d: a6:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:58:CE:B4:9C:27:3D:EF:89:CD:89:BA:BC:CF:AF:4B:99:EA:D9:47 X509v3 Authority Key Identifier: keyid:39:83:7C:B4:BE:CA:F6:A6:26:C9:16:AE:96:02:41:B6:09:E6:B2:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918C3B7/159A4AD0932511EEBE987F60C4F9AE02/OYN8tL7K9qYmyRaulgJBtgnmsgo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OYN8tL7K9qYmyRaulgJBtgnmsgo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C3B7/159A4AD0932511EEBE987F60C4F9AE02/OYN8tL7K9qYmyRaulgJBtgnmsgo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 17:c0:74:08:66:10:4f:af:f9:ef:11:dc:2c:ab:0d:43:b2:82: fb:ea:94:8b:c5:34:ba:34:69:bb:c2:5d:b2:37:5c:d5:5a:8c: 91:77:1b:ab:dd:75:63:65:dc:2d:fe:74:e8:77:49:33:44:ec: d5:a5:13:4e:59:6f:87:fc:87:ac:d2:bf:66:42:b2:d6:c7:2c: ea:6d:7c:37:b2:27:4e:74:3a:3a:c5:85:98:fb:6f:2b:fd:ac: 5d:fa:a2:fa:0b:63:9c:05:db:40:71:1c:20:33:1f:ee:ff:a4: 46:7b:96:72:81:43:04:78:00:8d:d7:07:bb:06:ae:20:89:3a: 64:da:03:68:57:f3:eb:3a:66:cf:e9:c0:85:28:e7:bb:29:4f: ae:0a:26:29:31:8b:96:6c:aa:2a:3f:f3:10:c5:d2:8c:3f:0b: a2:83:ab:d7:50:0c:4b:5e:93:a5:7d:e3:2e:61:2e:36:a9:dc: 8e:ab:8c:b4:49:eb:77:89:6d:c1:1d:d0:70:10:1f:c7:58:5b: 76:b9:63:fd:d2:72:9a:e5:60:16:e7:c2:aa:cd:49:86:16:18: ba:f3:57:2d:62:62:dd:e2:8e:5d:32:47:6c:8b:d2:d3:99:38: b0:13:fb:e7:41:68:4f:23:b7:39:45:7a:c2:73:10:35:b4:30: e3:c4:ee:67 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEMzQjcxMTAvBgNVBAUTKDM5ODM3Q0I0QkVDQUY2QTYyNkM5MTZBRTk2MDI0MUI2 MDlFNkIyMEEwHhcNMjUwODI1MDQ0MDQ2WhcNMjUwOTAxMDQ0MDQ2WjAYMRYwFAYD VQQDEw02OGFiZTk0Zi1lMGU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr5GbT3w6NGahBA2jGdZSgXIYggY9RU3PPO5/laBPPHkIZ8NTFgAH5PO2MgHm m0uoH/0qOlDy7EUV+dtABR83s7jhuNX/PVXuCcJXkKbvSaRlUXsjvLrKmT3itIuz 33na7ycQccdxrXirJ2LF4RVAgZVUxmGUeIpH0tGN2pqiPNGvKtrvPI18vWPpnEIm l2MNPeELwhD2zyUuS7V/dYVnRMu4eGWZsPtOi4weEK8DpO7NRDVFhjaHSeIuMIhj XNCkRCAf/+rOSZrZSbO27eHSfX893WiMqLVyCClTBwzwxww+w0HCCBRT0PUFQpl+ xmd4lpok9afIpl+tWgHuWy2mkQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJdYzrSc Jz3vic2JurzPr0uZ6tlHMB8GA1UdIwQYMBaAFDmDfLS+yvamJskWrpYCQbYJ5rIK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QzNCNy8xNTlBNEFEMDkz MjUxMUVFQkU5ODdGNjBDNEY5QUUwMi9PWU44dEw3SzlxWW15UmF1bGdKQnRnbm1z Z28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL09ZTjh0TDdLOXFZbXlSYXVsZ0pCdGdubXNnby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 QzNCNy8xNTlBNEFEMDkzMjUxMUVFQkU5ODdGNjBDNEY5QUUwMi9PWU44dEw3Szlx WW15UmF1bGdKQnRnbm1zZ28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAXwHQIZhBPr/nvEdwsqw1DsoL76pSLxTS6NGm7wl2yN1zVWoyRdxur 3XVjZdwt/nTod0kzROzVpRNOWW+H/Ies0r9mQrLWxyzqbXw3sidOdDo6xYWY+28r /axd+qL6C2OcBdtAcRwgMx/u/6RGe5ZygUMEeACN1we7Bq4giTpk2gNoV/PrOmbP 6cCFKOe7KU+uCiYpMYuWbKoqP/MQxdKMPwuig6vXUAxLXpOlfeMuYS42qdyOq4y0 Set3iW3BHdBwEB/HWFt2uWP90nKa5WAW58KqzUmGFhi681ctYmLd4o5dMkdsi9LT mTiwE/vnQWhPI7c5RXrCcxA1tDDjxO5n -----END CERTIFICATE-----Generated at Mon Aug 25 23:17:04 2025 by rpki-client