$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1DB8/0D9931BAA11E11E89E636710C4F9AE02/oRHoHEs-J72m4nEkl_bbugz7CCY.mft File: oRHoHEs-J72m4nEkl_bbugz7CCY.mft (raw, json) Hash identifier: kie5kumDTk3mHWCLJPakqq357mJegoe7tcvyOU459qc= Subject key identifier: 42:91:4A:F6:49:AC:6C:5C:2D:7B:79:29:73:E2:2E:85:95:59:58:15 Authority key identifier: A1:11:E8:1C:4B:3E:27:BD:A6:E2:71:24:97:F6:DB:BA:0C:FB:08:26 Certificate issuer: /CN=A91C1DB8/serialNumber=A111E81C4B3E27BDA6E2712497F6DBBA0CFB0826 Certificate serial: 1398 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oRHoHEs-J72m4nEkl_bbugz7CCY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C1DB8/0D9931BAA11E11E89E636710C4F9AE02/oRHoHEs-J72m4nEkl_bbugz7CCY.mft Manifest number: 138C Signing time: Thu 04 Sep 2025 17:06:33 +0000 Manifest this update: Thu 04 Sep 2025 17:06:32 +0000 Manifest next update: Thu 11 Sep 2025 17:06:32 +0000 Files and hashes: 1: oRHoHEs-J72m4nEkl_bbugz7CCY.crl (hash: 1La1ynNM+w14tC2/ZlRdZnHqtzyEdT7qrelxj/h/y4Q=) 2: 6D6692CAAA0211EEAADA3D32C4F9AE02.roa (hash: Lfw4Pf1U5kN1CyHW4zjiGH94Ozpr6hL2Iw69vgHFnZ4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C1DB8/0D9931BAA11E11E89E636710C4F9AE02/oRHoHEs-J72m4nEkl_bbugz7CCY.crl rsync://rpki.apnic.net/member_repository/A91C1DB8/0D9931BAA11E11E89E636710C4F9AE02/oRHoHEs-J72m4nEkl_bbugz7CCY.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oRHoHEs-J72m4nEkl_bbugz7CCY.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Sep 2025 17:06:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5016 (0x1398) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C1DB8, serialNumber=A111E81C4B3E27BDA6E2712497F6DBBA0CFB0826 Validity Not Before: Sep 4 17:06:32 2025 GMT Not After : Sep 11 17:06:32 2025 GMT Subject: CN=68b9c718-32ee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:b5:79:ae:ed:ef:14:f7:ae:59:7d:c5:34:a6: 6f:6f:49:90:a5:b6:15:ff:7b:d1:39:2d:60:9c:2f: 2f:db:10:1f:93:bb:b1:87:92:01:40:21:87:6f:28: 01:4b:91:19:a3:9f:c7:71:02:33:ff:e0:4a:b5:e7: 16:03:cb:95:07:95:fb:86:f5:f6:20:f1:3e:5e:10: ba:cb:72:f1:5b:b9:81:ec:34:23:ac:17:7a:d2:b3: 49:41:ca:ed:69:d1:69:d6:57:7e:e8:6a:33:bd:02: b9:3a:eb:83:63:11:d7:a7:dc:c2:ca:da:c8:ce:f9: 41:34:56:00:ee:7c:21:1c:91:6c:92:86:a2:cd:6e: 02:a2:74:91:20:91:dc:3c:1e:3b:d5:39:d0:59:15: 77:c1:7f:c3:ad:48:84:2c:40:c7:bf:0d:ff:2f:71: 7a:6e:64:3b:0f:82:8b:5c:42:3e:be:c1:ba:48:a3: c3:fb:8f:b1:07:a9:36:81:da:5c:b0:cf:45:cd:73: 9a:44:cb:b0:e2:23:7d:16:a6:6f:16:51:e6:e5:d1: 01:be:e7:40:f2:b8:6d:88:97:40:72:8d:2c:0c:7d: f9:5b:96:00:f5:1e:ce:32:ee:24:f6:ea:cd:5b:19: 89:12:89:24:e9:41:65:93:9c:59:6f:fb:05:8d:a8: 5e:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:91:4A:F6:49:AC:6C:5C:2D:7B:79:29:73:E2:2E:85:95:59:58:15 X509v3 Authority Key Identifier: keyid:A1:11:E8:1C:4B:3E:27:BD:A6:E2:71:24:97:F6:DB:BA:0C:FB:08:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C1DB8/0D9931BAA11E11E89E636710C4F9AE02/oRHoHEs-J72m4nEkl_bbugz7CCY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oRHoHEs-J72m4nEkl_bbugz7CCY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1DB8/0D9931BAA11E11E89E636710C4F9AE02/oRHoHEs-J72m4nEkl_bbugz7CCY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 30:6b:f3:fa:0d:69:5b:5a:de:cf:14:73:94:00:00:e9:af:2e: 88:86:99:53:f8:36:cc:e8:4d:e2:9b:56:54:a9:88:28:81:a1: ef:10:a3:31:88:c8:eb:b2:f8:c5:ad:81:61:59:98:58:eb:b2: 9b:e9:97:2b:e2:18:ba:f2:2a:c5:c5:4b:3c:ec:7f:c2:b0:18: 1e:99:22:3f:06:39:df:58:25:e4:76:68:f5:0e:69:4c:e0:75: 2d:ab:3a:b9:c2:c5:85:dd:e4:8a:e7:49:f7:35:ba:20:02:9a: a9:2f:89:c3:e9:7b:66:cf:d0:ad:fe:97:6d:ff:c7:46:f4:db: 83:28:fa:46:62:ec:b0:17:83:6a:b4:48:91:2c:fd:ea:5d:31: 67:8b:33:2d:b5:47:36:53:98:fd:72:df:07:8d:6a:a9:fa:88: 9b:fb:70:fb:7e:73:3f:f1:f8:d6:1a:29:38:10:63:4a:c8:84: 69:f4:bd:19:d1:66:f9:63:4f:84:fb:26:6c:a1:e3:f0:5e:8b: 25:2a:2f:17:1b:b9:5a:be:5a:da:31:4f:9c:f8:a4:ac:c0:cb: 97:42:09:a7:3f:ea:3f:00:ab:56:b8:e5:a6:8b:85:68:4b:8a: 1e:26:4e:c0:45:ea:0f:30:e7:15:97:07:a8:32:96:a8:35:a9: de:77:91:a6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICE5gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzFEQjgxMTAvBgNVBAUTKEExMTFFODFDNEIzRTI3QkRBNkUyNzEyNDk3RjZEQkJB MENGQjA4MjYwHhcNMjUwOTA0MTcwNjMyWhcNMjUwOTExMTcwNjMyWjAYMRYwFAYD VQQDEw02OGI5YzcxOC0zMmVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAkrV5ru3vFPeuWX3FNKZvb0mQpbYV/3vROS1gnC8v2xAfk7uxh5IBQCGHbygB S5EZo5/HcQIz/+BKtecWA8uVB5X7hvX2IPE+XhC6y3LxW7mB7DQjrBd60rNJQcrt adFp1ld+6GozvQK5OuuDYxHXp9zCytrIzvlBNFYA7nwhHJFskoaizW4ConSRIJHc PB471TnQWRV3wX/DrUiELEDHvw3/L3F6bmQ7D4KLXEI+vsG6SKPD+4+xB6k2gdpc sM9FzXOaRMuw4iN9FqZvFlHm5dEBvudA8rhtiJdAco0sDH35W5YA9R7OMu4k9urN WxmJEokk6UFlk5xZb/sFjahetwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEKRSvZJ rGxcLXt5KXPiLoWVWVgVMB8GA1UdIwQYMBaAFKER6BxLPie9puJxJJf227oM+wgm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMURCOC8wRDk5MzFCQUEx MUUxMUU4OUU2MzY3MTBDNEY5QUUwMi9vUkhvSEVzLUo3Mm00bkVrbF9iYnVnejdD Q1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL29SSG9IRXMtSjcybTRuRWtsX2JidWd6N0NDWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD MURCOC8wRDk5MzFCQUExMUUxMUU4OUU2MzY3MTBDNEY5QUUwMi9vUkhvSEVzLUo3 Mm00bkVrbF9iYnVnejdDQ1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAwa/P6DWlbWt7PFHOUAADpry6IhplT+DbM6E3im1ZUqYgogaHvEKMx iMjrsvjFrYFhWZhY67Kb6Zcr4hi68irFxUs87H/CsBgemSI/BjnfWCXkdmj1DmlM 4HUtqzq5wsWF3eSK50n3NbogApqpL4nD6Xtmz9Ct/pdt/8dG9NuDKPpGYuywF4Nq tEiRLP3qXTFnizMttUc2U5j9ct8HjWqp+oib+3D7fnM/8fjWGik4EGNKyIRp9L0Z 0Wb5Y0+E+yZsoePwXoslKi8XG7lavlraMU+c+KSswMuXQgmnP+o/AKtWuOWmi4Vo S4oeJk7AReoPMOcVlweoMpaoNaned5Gm -----END CERTIFICATE-----Generated at Sat Sep 6 16:06:11 2025 by rpki-client