$ rpki-client -vvf rpki.apnic.net/member_repository/A9198267/02C86EAA78CB11EA820D7274C4F9AE02/OPsGr2SfQA9ROZSTW-335JJwyKo.mft File: OPsGr2SfQA9ROZSTW-335JJwyKo.mft (raw, json) Hash identifier: OJEr6OUMeiQcbMDs2HAEWE5AMvGgLUMEYqurnEAK7iA= Subject key identifier: A3:BF:5A:D8:91:5B:88:90:B5:C0:A6:CD:63:A4:96:EE:88:47:9F:97 Authority key identifier: 38:FB:06:AF:64:9F:40:0F:51:39:94:93:5B:ED:F7:E4:92:70:C8:AA Certificate issuer: /CN=A9198267/serialNumber=38FB06AF649F400F513994935BEDF7E49270C8AA Certificate serial: 0A3C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OPsGr2SfQA9ROZSTW-335JJwyKo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9198267/02C86EAA78CB11EA820D7274C4F9AE02/OPsGr2SfQA9ROZSTW-335JJwyKo.mft Manifest number: 0A2D Signing time: Mon 08 Sep 2025 19:47:38 +0000 Manifest this update: Mon 08 Sep 2025 19:47:37 +0000 Manifest next update: Mon 15 Sep 2025 19:47:37 +0000 Files and hashes: 1: OPsGr2SfQA9ROZSTW-335JJwyKo.crl (hash: YmqHLxf0bHefLEA+B947WhfDc/CsFOqwHZ9tSGuXyIs=) 2: 2F43EE7278CC11EAB69DAC75C4F9AE02.roa (hash: vryPQgJZ9HPQvb4c/vnzkdnAafqVRFouOd+j23S6sMU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9198267/02C86EAA78CB11EA820D7274C4F9AE02/OPsGr2SfQA9ROZSTW-335JJwyKo.crl rsync://rpki.apnic.net/member_repository/A9198267/02C86EAA78CB11EA820D7274C4F9AE02/OPsGr2SfQA9ROZSTW-335JJwyKo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OPsGr2SfQA9ROZSTW-335JJwyKo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 15 Sep 2025 19:47:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2620 (0xa3c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9198267, serialNumber=38FB06AF649F400F513994935BEDF7E49270C8AA Validity Not Before: Sep 8 19:47:37 2025 GMT Not After : Sep 15 19:47:37 2025 GMT Subject: CN=68bf32da-6a21 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:11:03:2a:6f:59:c5:17:55:2d:3c:ab:10:f5: 26:05:56:54:3e:6a:f7:47:78:69:f7:81:d9:53:00: 1f:5d:7b:d8:40:1e:0f:84:e7:44:c8:f7:7f:f5:3b: 43:5b:d9:00:68:82:0a:22:12:48:37:5a:cf:33:58: e5:c6:64:f1:3d:9e:60:ef:f2:30:dc:8a:69:97:9d: 52:70:4e:d7:0a:7e:3e:0c:d8:31:23:ac:a0:0e:e2: 02:58:74:54:5d:f3:a9:73:51:56:76:9a:be:3e:21: f3:2d:80:f9:61:59:1f:a5:12:08:4c:78:0b:0f:3b: a3:76:0e:7b:d9:60:d3:df:52:86:f3:56:09:1e:66: 74:13:ac:e9:b6:60:1f:3c:9b:d3:02:92:16:13:ca: 7c:42:cb:5e:2c:a3:9e:10:81:16:d4:f4:9b:6b:0d: 49:8c:58:34:fc:ba:89:15:ae:b2:9c:3e:51:00:e3: c9:5f:ba:f1:7d:ab:d3:2a:67:84:b3:28:c2:00:cf: c4:c8:03:c0:f7:94:67:ef:4d:34:d8:b9:45:6a:03: b3:62:7c:a9:c3:6c:35:18:ca:04:1d:e7:c0:e9:a1: f6:b7:5c:a3:71:4d:37:14:fc:05:de:e5:46:a8:84: 75:78:b7:04:7e:bb:fa:ac:90:55:19:ed:2b:6e:09: af:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:BF:5A:D8:91:5B:88:90:B5:C0:A6:CD:63:A4:96:EE:88:47:9F:97 X509v3 Authority Key Identifier: keyid:38:FB:06:AF:64:9F:40:0F:51:39:94:93:5B:ED:F7:E4:92:70:C8:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9198267/02C86EAA78CB11EA820D7274C4F9AE02/OPsGr2SfQA9ROZSTW-335JJwyKo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OPsGr2SfQA9ROZSTW-335JJwyKo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9198267/02C86EAA78CB11EA820D7274C4F9AE02/OPsGr2SfQA9ROZSTW-335JJwyKo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 73:67:34:60:2f:ec:81:c5:ac:b5:20:8b:5f:87:cf:57:71:d0: 6d:9a:ea:7f:cc:54:94:39:bf:ad:d2:94:94:00:6b:5b:bf:1a: ad:8e:23:f8:9f:d7:49:76:f6:88:fe:d8:c1:98:39:2a:41:bc: e2:47:19:a3:b8:d8:b6:9f:13:23:8e:eb:c8:20:5e:39:38:e7: 57:62:22:c0:0f:b8:91:8c:f8:e3:e3:4f:ab:1d:ec:82:d0:d4: 20:c8:4d:ee:1d:b0:93:88:ff:1c:8e:69:ce:91:99:af:c4:3e: 05:fa:3f:38:83:19:17:5e:fc:02:82:45:fa:ee:a2:0b:03:e7: 9b:db:50:a0:f3:9d:dd:70:50:34:34:37:b8:6a:2f:a8:d6:52: 93:5f:d3:9b:25:5d:67:8b:dd:59:cf:79:a9:7f:d0:71:35:c9: 7f:4f:57:92:0f:72:e2:21:bb:33:da:f7:2c:7e:37:d8:e4:c1: 4f:11:54:82:9a:ff:cd:87:b9:2a:67:8c:5f:f6:9d:23:ec:b5: 1f:a7:99:27:96:46:f2:41:b1:63:d0:f8:c1:2a:8f:69:47:69: ac:84:7a:89:cf:4d:f4:d7:0f:79:46:82:37:2a:d0:3f:e4:47: 39:b1:a4:86:ec:9d:21:3d:3f:6f:0c:2a:0e:eb:61:10:33:88: 9a:9c:89:bf -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCjwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTgyNjcxMTAvBgNVBAUTKDM4RkIwNkFGNjQ5RjQwMEY1MTM5OTQ5MzVCRURGN0U0 OTI3MEM4QUEwHhcNMjUwOTA4MTk0NzM3WhcNMjUwOTE1MTk0NzM3WjAYMRYwFAYD VQQDEw02OGJmMzJkYS02YTIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4hEDKm9ZxRdVLTyrEPUmBVZUPmr3R3hp94HZUwAfXXvYQB4PhOdEyPd/9TtD W9kAaIIKIhJIN1rPM1jlxmTxPZ5g7/Iw3Ippl51ScE7XCn4+DNgxI6ygDuICWHRU XfOpc1FWdpq+PiHzLYD5YVkfpRIITHgLDzujdg572WDT31KG81YJHmZ0E6zptmAf PJvTApIWE8p8QsteLKOeEIEW1PSbaw1JjFg0/LqJFa6ynD5RAOPJX7rxfavTKmeE syjCAM/EyAPA95Rn70002LlFagOzYnypw2w1GMoEHefA6aH2t1yjcU03FPwF3uVG qIR1eLcEfrv6rJBVGe0rbgmv6wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKO/WtiR W4iQtcCmzWOklu6IR5+XMB8GA1UdIwQYMBaAFDj7Bq9kn0APUTmUk1vt9+SScMiq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5ODI2Ny8wMkM4NkVBQTc4 Q0IxMUVBODIwRDcyNzRDNEY5QUUwMi9PUHNHcjJTZlFBOVJPWlNUVy0zMzVKSnd5 S28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09Qc0dyMlNmUUE5Uk9aU1RXLTMzNUpKd3lLby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 ODI2Ny8wMkM4NkVBQTc4Q0IxMUVBODIwRDcyNzRDNEY5QUUwMi9PUHNHcjJTZlFB OVJPWlNUVy0zMzVKSnd5S28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBzZzRgL+yBxay1IItfh89XcdBtmup/zFSUOb+t0pSUAGtbvxqtjiP4 n9dJdvaI/tjBmDkqQbziRxmjuNi2nxMjjuvIIF45OOdXYiLAD7iRjPjj40+rHeyC 0NQgyE3uHbCTiP8cjmnOkZmvxD4F+j84gxkXXvwCgkX67qILA+eb21Cg853dcFA0 NDe4ai+o1lKTX9ObJV1ni91Zz3mpf9BxNcl/T1eSD3LiIbsz2vcsfjfY5MFPEVSC mv/Nh7kqZ4xf9p0j7LUfp5knlkbyQbFj0PjBKo9pR2mshHqJz0301w95RoI3KtA/ 5Ec5saSG7J0hPT9vDCoO62EQM4ianIm/ -----END CERTIFICATE-----Generated at Tue Sep 9 13:24:27 2025 by rpki-client