$ rpki-client -vvf rpki.apnic.net/member_repository/A91B2D29/F71E7166552111E5ADB2092AC4F9AE02/uOlsag2VSKKgQMvnGZdFun2x7Sg.mft File: uOlsag2VSKKgQMvnGZdFun2x7Sg.mft (raw, json) Hash identifier: XlS774GxcbnNxfSpFFrQqY/eQyEZ97iIQQcaYMvPmM0= Subject key identifier: AA:92:27:2C:C4:A6:2C:9C:5E:D3:A0:B8:02:43:2A:03:0E:9C:9D:A9 Authority key identifier: B8:E9:6C:6A:0D:95:48:A2:A0:40:CB:E7:19:97:45:BA:7D:B1:ED:28 Certificate issuer: /CN=A91B2D29/serialNumber=B8E96C6A0D9548A2A040CBE7199745BA7DB1ED28 Certificate serial: 09EA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uOlsag2VSKKgQMvnGZdFun2x7Sg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B2D29/F71E7166552111E5ADB2092AC4F9AE02/uOlsag2VSKKgQMvnGZdFun2x7Sg.mft Manifest number: 4721 Signing time: Tue 16 Sep 2025 15:51:41 +0000 Manifest this update: Tue 16 Sep 2025 15:51:41 +0000 Manifest next update: Tue 23 Sep 2025 15:51:41 +0000 Files and hashes: 1: uOlsag2VSKKgQMvnGZdFun2x7Sg.crl (hash: 8ZmMiiuvXl+IfTH9EbikArgYACSf15aGM/vSQDoYZ44=) 2: 7CEC1452E17E11ECAB421316C4F9AE02.roa (hash: HQMuxFH+p0cd5TxCsDJ5OnEAYnLT5yZN5O7uVIpfgdA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B2D29/F71E7166552111E5ADB2092AC4F9AE02/uOlsag2VSKKgQMvnGZdFun2x7Sg.crl rsync://rpki.apnic.net/member_repository/A91B2D29/F71E7166552111E5ADB2092AC4F9AE02/uOlsag2VSKKgQMvnGZdFun2x7Sg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uOlsag2VSKKgQMvnGZdFun2x7Sg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 23 Sep 2025 15:51:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2538 (0x9ea) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B2D29, serialNumber=B8E96C6A0D9548A2A040CBE7199745BA7DB1ED28 Validity Not Before: Sep 16 15:51:41 2025 GMT Not After : Sep 23 15:51:41 2025 GMT Subject: CN=68c9878d-5238 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:a6:02:f3:39:b5:5b:ba:82:a3:4d:dc:24:12: 18:59:43:97:e1:1d:a9:27:58:5d:48:d8:1a:b0:36: 00:ba:6c:c5:11:66:c1:5d:3f:42:35:9d:2a:77:52: 4f:4a:11:fa:d4:d1:4c:d6:d9:c1:f1:88:2f:71:21: 7e:0c:01:d0:ee:df:d4:19:9e:9a:fc:95:3a:3d:d7: 48:f8:95:72:57:84:85:d8:88:87:df:55:c4:0b:95: d0:b5:e0:7b:26:f0:46:c5:09:e9:c2:ae:2b:23:47: 04:6f:e9:b8:a7:3b:22:5b:f6:49:fe:9b:fa:d0:3c: a3:a3:7e:bf:bd:84:1b:d0:ea:d7:7c:4a:b4:09:c1: cd:3b:c1:05:cf:60:50:4f:fc:2a:6b:bf:42:51:01: dc:9c:c4:aa:7c:19:c7:6a:12:5d:6c:b4:fb:85:ec: a9:74:fa:c5:b8:3e:11:14:52:7e:0a:95:a3:d4:f2: 0a:3b:db:a5:50:69:5c:72:f6:32:cb:77:17:e7:5d: 26:65:fc:8f:04:c2:c2:62:a8:41:73:24:30:7f:9c: 0a:a1:ca:6c:62:08:83:78:19:c4:cc:8b:f3:3e:42: 06:27:59:1a:8e:2d:05:6c:26:13:b6:80:df:e1:86: ba:e9:61:0c:a5:b4:2e:e7:de:ee:df:2a:55:71:db: b8:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:92:27:2C:C4:A6:2C:9C:5E:D3:A0:B8:02:43:2A:03:0E:9C:9D:A9 X509v3 Authority Key Identifier: keyid:B8:E9:6C:6A:0D:95:48:A2:A0:40:CB:E7:19:97:45:BA:7D:B1:ED:28 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B2D29/F71E7166552111E5ADB2092AC4F9AE02/uOlsag2VSKKgQMvnGZdFun2x7Sg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uOlsag2VSKKgQMvnGZdFun2x7Sg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B2D29/F71E7166552111E5ADB2092AC4F9AE02/uOlsag2VSKKgQMvnGZdFun2x7Sg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7d:25:65:f2:36:d1:5e:55:6e:92:cd:46:f9:fb:b8:d5:dc:b2: f2:92:dd:2b:4b:77:d4:02:07:e4:36:e9:2b:59:66:fe:13:63: 06:83:25:cb:86:e1:3d:35:3a:b0:5c:52:de:bd:aa:6d:74:92: 01:74:55:b6:b2:25:ea:6b:50:e1:aa:1c:92:62:b9:62:0f:5e: 48:2e:d3:90:c2:07:5b:64:b3:ef:2a:ea:f4:f4:2b:b7:ff:e9: 80:b2:9c:37:19:44:03:63:14:11:ce:5c:53:38:fe:f9:5b:14: 6d:ea:fb:9e:ef:4d:0a:25:58:9b:9d:38:42:b5:47:b6:51:94: a8:79:ab:be:bf:06:41:ae:f5:c5:72:38:60:7a:a4:4e:4b:63: 4e:54:41:cb:06:57:e3:db:07:09:c9:ee:45:cd:9d:a6:aa:a1: d1:8f:7f:0b:2a:2b:75:a7:c6:0c:be:91:1a:dd:ea:54:9f:ac: a6:a8:b2:17:8f:19:42:ad:16:8c:97:5c:ba:23:df:50:17:14: 48:7b:d0:b9:4f:79:b8:84:d7:58:fa:66:23:b6:04:70:ad:5c: 0a:a1:88:2a:47:9b:bf:34:ff:04:b3:fd:2a:f3:d4:37:19:0b: d9:27:87:a0:df:14:30:a2:38:c9:18:f4:6e:44:75:ed:f1:f5: 63:9d:ba:99 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCeowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjJEMjkxMTAvBgNVBAUTKEI4RTk2QzZBMEQ5NTQ4QTJBMDQwQ0JFNzE5OTc0NUJB N0RCMUVEMjgwHhcNMjUwOTE2MTU1MTQxWhcNMjUwOTIzMTU1MTQxWjAYMRYwFAYD VQQDEw02OGM5ODc4ZC01MjM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwqYC8zm1W7qCo03cJBIYWUOX4R2pJ1hdSNgasDYAumzFEWbBXT9CNZ0qd1JP ShH61NFM1tnB8YgvcSF+DAHQ7t/UGZ6a/JU6PddI+JVyV4SF2IiH31XEC5XQteB7 JvBGxQnpwq4rI0cEb+m4pzsiW/ZJ/pv60Dyjo36/vYQb0OrXfEq0CcHNO8EFz2BQ T/wqa79CUQHcnMSqfBnHahJdbLT7heypdPrFuD4RFFJ+CpWj1PIKO9ulUGlccvYy y3cX510mZfyPBMLCYqhBcyQwf5wKocpsYgiDeBnEzIvzPkIGJ1kaji0FbCYTtoDf 4Ya66WEMpbQu597u3ypVcdu4twIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKqSJyzE piycXtOguAJDKgMOnJ2pMB8GA1UdIwQYMBaAFLjpbGoNlUiioEDL5xmXRbp9se0o MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMkQyOS9GNzFFNzE2NjU1 MjExMUU1QURCMjA5MkFDNEY5QUUwMi91T2xzYWcyVlNLS2dRTXZuR1pkRnVuMng3 U2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3VPbHNhZzJWU0tLZ1FNdm5HWmRGdW4yeDdTZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MkQyOS9GNzFFNzE2NjU1MjExMUU1QURCMjA5MkFDNEY5QUUwMi91T2xzYWcyVlNL S2dRTXZuR1pkRnVuMng3U2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB9JWXyNtFeVW6SzUb5+7jV3LLykt0rS3fUAgfkNukrWWb+E2MGgyXL huE9NTqwXFLevaptdJIBdFW2siXqa1DhqhySYrliD15ILtOQwgdbZLPvKur09Cu3 /+mAspw3GUQDYxQRzlxTOP75WxRt6vue700KJVibnThCtUe2UZSoeau+vwZBrvXF cjhgeqROS2NOVEHLBlfj2wcJye5FzZ2mqqHRj38LKit1p8YMvpEa3epUn6ymqLIX jxlCrRaMl1y6I99QFxRIe9C5T3m4hNdY+mYjtgRwrVwKoYgqR5u/NP8Es/0q89Q3 GQvZJ4eg3xQwojjJGPRuRHXt8fVjnbqZ -----END CERTIFICATE-----Generated at Thu Sep 18 12:06:01 2025 by rpki-client