$ rpki-client -vvf rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.mft File: oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.mft (raw, json) Hash identifier: cJuPiYbgPL/9uziZNWACv6D4DcPaPvpIu31g4E04DmQ= Subject key identifier: 8A:90:29:74:F5:C5:AE:AC:9B:0F:A9:2F:C0:0F:81:17:0D:99:91:C4 Authority key identifier: A1:0F:57:83:C8:F9:A6:D9:4D:29:B4:AA:90:C5:6E:01:6B:B5:14:56 Certificate issuer: /CN=A91B65AC/serialNumber=A10F5783C8F9A6D94D29B4AA90C56E016BB51456 Certificate serial: 0106 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.mft Manifest number: 0102 Signing time: Mon 21 Jul 2025 05:16:36 +0000 Manifest this update: Mon 21 Jul 2025 05:16:35 +0000 Manifest next update: Mon 28 Jul 2025 05:16:35 +0000 Files and hashes: 1: oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.crl (hash: 4akPUX6/1LFTIQH84xtQj0dEIbH/cxT4SRJrWcPS+TA=) 2: 48005D9EE5AE11EE9ECE4023C4F9AE02.roa (hash: MrPqjHlMCM5b67h4IqKRm22f4PuZXIPWzDsfWbxNY08=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.crl rsync://rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 05:16:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 262 (0x106) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B65AC, serialNumber=A10F5783C8F9A6D94D29B4AA90C56E016BB51456 Validity Not Before: Jul 21 05:16:35 2025 GMT Not After : Jul 28 05:16:35 2025 GMT Subject: CN=687dcd34-c92c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:e7:3c:16:73:5c:97:a7:3f:cf:20:02:a6:4d: 37:8c:77:89:e7:e8:6e:06:a0:e9:f6:a6:08:45:f2: 0f:e1:ce:e8:de:73:f1:7d:d3:69:1a:73:d0:4e:3b: cd:43:05:41:b7:d6:a7:52:70:aa:7b:b0:11:16:c2: 9e:04:45:ff:2f:3a:00:a6:67:da:9a:4e:2c:67:96: 7a:1c:ec:c1:af:6a:6f:a4:1e:e1:3c:14:5f:fb:62: 60:4c:bd:e2:4e:bd:c8:25:b0:34:14:2e:54:23:4e: 65:bc:a5:e0:04:22:f4:ee:8b:3e:30:ab:bb:06:4f: 90:34:91:02:62:94:b7:be:33:8d:a0:7d:f7:8d:91: 19:23:fb:6a:2b:68:3f:42:6a:7d:f9:4e:65:d8:c5: f6:74:f7:09:66:87:15:02:98:2d:31:ed:41:d6:d6: f9:e0:e3:b9:07:33:32:93:83:d4:d1:1a:99:e2:72: d6:cc:52:a2:78:f9:17:4b:a0:de:7f:d5:da:3f:bf: 51:8b:16:96:66:47:25:d9:a3:ba:20:bf:10:99:ae: dc:3a:0b:2d:1b:cb:32:dd:f2:0a:7c:20:bf:4b:81: 41:84:ff:40:e1:81:f8:0d:9e:5c:85:b4:5b:55:be: f2:12:c1:e6:d0:7d:84:e6:39:21:19:23:6e:3f:15: 9c:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:90:29:74:F5:C5:AE:AC:9B:0F:A9:2F:C0:0F:81:17:0D:99:91:C4 X509v3 Authority Key Identifier: keyid:A1:0F:57:83:C8:F9:A6:D9:4D:29:B4:AA:90:C5:6E:01:6B:B5:14:56 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4f:5d:e4:05:57:c8:c4:fe:d0:d6:66:a7:f6:5b:e0:e9:1d:10: d2:3c:ab:3d:49:bd:d3:59:73:b9:07:b3:09:62:f2:9d:a8:b1: 94:b9:d5:4d:87:dd:f8:de:6d:35:ef:70:10:f9:38:ec:92:07: eb:e4:8a:bc:c8:d3:26:35:c3:78:f4:34:fd:89:d8:f8:89:02: 17:9a:d2:e8:b7:98:60:cb:e7:e9:03:32:b7:b4:c5:4a:36:07: 03:3f:fc:4b:74:6a:1f:68:74:d8:57:0a:06:0c:51:fd:11:75: 53:c9:40:52:4b:02:3a:b3:a4:e9:a6:ae:09:85:9e:8a:d7:7b: a8:cf:52:78:d3:85:e2:be:cb:9c:57:d6:82:8d:06:0d:43:40: d1:5e:b3:11:db:22:ef:28:eb:32:1d:d5:8e:b3:f6:46:bf:7e: 37:27:60:df:0b:5c:eb:c8:01:37:ea:ba:76:ec:38:ca:a0:cd: 35:d2:bf:a5:c8:bd:ec:8e:32:9d:ca:17:5c:86:ee:b0:ae:7e: 4c:a6:e3:db:2e:21:de:6a:2b:39:2c:35:c0:45:65:8a:fc:84: 2d:69:da:c1:ab:ab:d9:9e:6b:56:6b:f5:6b:09:7f:6e:cb:1d: 24:85:71:01:21:ec:6a:93:4a:b8:59:a7:2f:fa:47:50:94:fe: 61:b4:b6:20 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAQYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjY1QUMxMTAvBgNVBAUTKEExMEY1NzgzQzhGOUE2RDk0RDI5QjRBQTkwQzU2RTAx NkJCNTE0NTYwHhcNMjUwNzIxMDUxNjM1WhcNMjUwNzI4MDUxNjM1WjAYMRYwFAYD VQQDEw02ODdkY2QzNC1jOTJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsec8FnNcl6c/zyACpk03jHeJ5+huBqDp9qYIRfIP4c7o3nPxfdNpGnPQTjvN QwVBt9anUnCqe7ARFsKeBEX/LzoApmfamk4sZ5Z6HOzBr2pvpB7hPBRf+2JgTL3i Tr3IJbA0FC5UI05lvKXgBCL07os+MKu7Bk+QNJECYpS3vjONoH33jZEZI/tqK2g/ Qmp9+U5l2MX2dPcJZocVApgtMe1B1tb54OO5BzMyk4PU0RqZ4nLWzFKiePkXS6De f9XaP79RixaWZkcl2aO6IL8Qma7cOgstG8sy3fIKfCC/S4FBhP9A4YH4DZ5chbRb Vb7yEsHm0H2E5jkhGSNuPxWcrQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIqQKXT1 xa6smw+pL8APgRcNmZHEMB8GA1UdIwQYMBaAFKEPV4PI+abZTSm0qpDFbgFrtRRW MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjVBQy9DQjc0RjhCRUUx RTAxMUVFQUY2RTFFNjhDNEY5QUUwMi9vUTlYZzhqNXB0bE5LYlNxa01WdUFXdTFG RlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL29ROVhnOGo1cHRsTktiU3FrTVZ1QVd1MUZGWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NjVBQy9DQjc0RjhCRUUxRTAxMUVFQUY2RTFFNjhDNEY5QUUwMi9vUTlYZzhqNXB0 bE5LYlNxa01WdUFXdTFGRlkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBPXeQFV8jE/tDWZqf2W+DpHRDSPKs9Sb3TWXO5B7MJYvKdqLGUudVN h9343m0173AQ+Tjskgfr5Iq8yNMmNcN49DT9idj4iQIXmtLot5hgy+fpAzK3tMVK NgcDP/xLdGofaHTYVwoGDFH9EXVTyUBSSwI6s6Tppq4JhZ6K13uoz1J404Xivsuc V9aCjQYNQ0DRXrMR2yLvKOsyHdWOs/ZGv343J2DfC1zryAE36rp27DjKoM010r+l yL3sjjKdyhdchu6wrn5MpuPbLiHeais5LDXARWWK/IQtadrBq6vZnmtWa/VrCX9u yx0khXEBIexqk0q4Wacv+kdQlP5htLYg -----END CERTIFICATE-----Generated at Wed Jul 23 02:23:02 2025 by rpki-client