$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.mft File: ocI5ZXBAF3JCnrjLsN9mU_FnjPY.mft (raw, json) Hash identifier: Mfh9cQYP2Qv80cdbmTj4vbmLcl9kVClwtR2qa1uvAW8= Subject key identifier: 7A:4F:19:CD:ED:BD:02:A3:90:C6:F6:29:D6:3D:7A:D9:38:60:E4:52 Authority key identifier: A1:C2:39:65:70:40:17:72:42:9E:B8:CB:B0:DF:66:53:F1:67:8C:F6 Certificate issuer: /CN=A91CE6EC/serialNumber=A1C2396570401772429EB8CBB0DF6653F1678CF6 Certificate serial: 25B2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.mft Manifest number: 25A6 Signing time: Sun 24 Aug 2025 15:42:10 +0000 Manifest this update: Sun 24 Aug 2025 15:42:10 +0000 Manifest next update: Sun 31 Aug 2025 15:42:10 +0000 Files and hashes: 1: ocI5ZXBAF3JCnrjLsN9mU_FnjPY.crl (hash: kuu+ilgCUxFp6XWhWvxcQfig3OpPLQul7TRm61Fz/Gs=) 2: 96F26DD8E4A511EF8259C769C4F9AE02.roa (hash: 106BmLtTyVCv8aiEyQESyMsMUTUgBCG4YPN0EmuEMYs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.crl rsync://rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 31 Aug 2025 15:42:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9650 (0x25b2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE6EC, serialNumber=A1C2396570401772429EB8CBB0DF6653F1678CF6 Validity Not Before: Aug 24 15:42:10 2025 GMT Not After : Aug 31 15:42:10 2025 GMT Subject: CN=68ab32d2-f4cb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:75:7f:5f:8d:d9:df:5c:1c:11:1c:d3:7b:b5: 61:72:c1:a7:c7:d2:3b:0c:10:d7:4e:53:0d:e5:e4: 69:64:c4:27:0a:1e:ac:dd:64:76:77:86:1b:4e:1b: b1:f8:2a:55:1a:49:a6:23:9a:68:32:a4:18:a9:f5: 6c:9c:ed:e6:80:74:fd:88:47:a0:85:5b:c4:6c:73: 57:08:40:b7:6c:d9:bd:df:43:87:5d:06:db:b3:9e: 7a:62:93:c1:7b:5c:7a:7a:c7:33:18:9d:8b:08:6f: 15:15:e1:ce:f2:8c:65:5b:41:f1:8a:67:52:d7:2b: af:39:47:84:dd:2f:a0:70:d7:3d:fb:b7:04:53:76: 16:ff:f5:03:66:44:6c:cf:4c:1d:db:46:a7:dd:bb: 38:ea:85:53:90:b4:b3:29:39:1e:88:0d:a8:87:e1: 71:2e:09:8a:a5:5c:87:06:b6:b6:e1:f5:d0:b5:5e: c4:ae:e5:57:c5:fa:76:4e:d8:4b:0b:13:37:c2:19: 9c:af:45:78:6b:ee:ee:27:97:67:e8:13:d3:76:3c: 43:e5:e7:40:51:a8:13:78:d4:42:55:18:9e:47:13: fe:22:bd:bb:52:e2:ab:80:86:86:12:39:b9:ea:95: cc:e2:0d:58:77:4e:d1:83:0e:09:22:90:79:9b:90: fa:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:4F:19:CD:ED:BD:02:A3:90:C6:F6:29:D6:3D:7A:D9:38:60:E4:52 X509v3 Authority Key Identifier: keyid:A1:C2:39:65:70:40:17:72:42:9E:B8:CB:B0:DF:66:53:F1:67:8C:F6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 47:33:58:00:35:bb:a7:30:75:8d:6c:b7:d7:bd:fc:4f:cd:24: 14:9e:26:6f:76:b4:64:33:2a:04:2f:e5:af:c2:9a:00:c6:f7: de:55:d1:7e:9f:80:b1:9f:39:dc:de:fd:03:be:3b:db:cf:47: 3a:b6:72:de:c9:78:7a:80:bf:3f:38:98:b7:12:18:d4:41:7c: eb:11:04:1b:8d:92:59:1a:e6:06:e0:fa:a0:79:64:0e:56:ac: 67:89:a9:99:f2:54:c2:ac:50:c4:c9:c0:84:8e:6a:cf:ed:00: e2:d5:20:37:ca:b3:35:b8:a0:2b:ab:c4:37:69:22:24:f7:ec: 33:b3:dd:d6:70:e4:e0:a9:50:20:b4:ac:cc:3b:43:12:09:51: bb:6e:b2:a1:00:f4:e5:7a:10:8c:b0:9a:dc:bc:5b:c3:e6:e5: c2:3e:d5:8a:82:55:b1:9c:1a:81:fc:83:92:84:f1:a8:26:72: 05:cc:ef:5f:7e:b4:f9:24:72:8d:42:0f:d9:c7:46:aa:15:00: 4e:fb:fd:d6:a1:4e:26:45:7e:99:04:a8:d1:9d:8b:9e:03:69: 5f:96:56:ae:e2:b9:ae:10:80:9e:18:e4:1f:ef:d4:cb:5c:c6: b7:6c:8f:3b:6a:df:85:7c:de:42:a6:92:e9:42:86:75:d9:9a: 6c:27:47:14 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICJbIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0U2RUMxMTAvBgNVBAUTKEExQzIzOTY1NzA0MDE3NzI0MjlFQjhDQkIwREY2NjUz RjE2NzhDRjYwHhcNMjUwODI0MTU0MjEwWhcNMjUwODMxMTU0MjEwWjAYMRYwFAYD VQQDEw02OGFiMzJkMi1mNGNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5XV/X43Z31wcERzTe7VhcsGnx9I7DBDXTlMN5eRpZMQnCh6s3WR2d4YbThux +CpVGkmmI5poMqQYqfVsnO3mgHT9iEeghVvEbHNXCEC3bNm930OHXQbbs556YpPB e1x6esczGJ2LCG8VFeHO8oxlW0HximdS1yuvOUeE3S+gcNc9+7cEU3YW//UDZkRs z0wd20an3bs46oVTkLSzKTkeiA2oh+FxLgmKpVyHBra24fXQtV7EruVXxfp2TthL CxM3whmcr0V4a+7uJ5dn6BPTdjxD5edAUagTeNRCVRieRxP+Ir27UuKrgIaGEjm5 6pXM4g1Yd07Rgw4JIpB5m5D6+wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHpPGc3t vQKjkMb2KdY9etk4YORSMB8GA1UdIwQYMBaAFKHCOWVwQBdyQp64y7DfZlPxZ4z2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTZFQy9EM0FCNjAxNjE0 QzgxMUU1QTJGQ0VGMTVDNEY5QUUwMi9vY0k1WlhCQUYzSkNucmpMc045bVVfRm5q UFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29jSTVaWEJBRjNKQ25yakxzTjltVV9GbmpQWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RTZFQy9EM0FCNjAxNjE0QzgxMUU1QTJGQ0VGMTVDNEY5QUUwMi9vY0k1WlhCQUYz SkNucmpMc045bVVfRm5qUFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBHM1gANbunMHWNbLfXvfxPzSQUniZvdrRkMyoEL+WvwpoAxvfeVdF+ n4Cxnznc3v0Dvjvbz0c6tnLeyXh6gL8/OJi3EhjUQXzrEQQbjZJZGuYG4PqgeWQO VqxniamZ8lTCrFDEycCEjmrP7QDi1SA3yrM1uKArq8Q3aSIk9+wzs93WcOTgqVAg tKzMO0MSCVG7brKhAPTlehCMsJrcvFvD5uXCPtWKglWxnBqB/IOShPGoJnIFzO9f frT5JHKNQg/Zx0aqFQBO+/3WoU4mRX6ZBKjRnYueA2lfllau4rmuEICeGOQf79TL XMa3bI87at+FfN5CppLpQoZ12ZpsJ0cU -----END CERTIFICATE-----Generated at Sun Aug 24 21:31:15 2025 by rpki-client