$ rpki-client -vvf rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.mft File: oZOMkSrC9KlYuT2vj0snIBWw2Ng.mft (raw, json) Hash identifier: Zm15GhimGknstUhWhKSk/XJ+JrhbVGCLRqNEDGkXtzE= Subject key identifier: 36:ED:3E:25:30:13:CC:CC:68:6B:7D:9A:D7:E8:DB:0D:85:69:FB:13 Authority key identifier: A1:93:8C:91:2A:C2:F4:A9:58:B9:3D:AF:8F:4B:27:20:15:B0:D8:D8 Certificate issuer: /CN=A91D9D8B/serialNumber=A1938C912AC2F4A958B93DAF8F4B272015B0D8D8 Certificate serial: 01D6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oZOMkSrC9KlYuT2vj0snIBWw2Ng.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.mft Manifest number: 01D1 Signing time: Wed 11 Jun 2025 02:20:17 +0000 Manifest this update: Wed 11 Jun 2025 02:20:16 +0000 Manifest next update: Wed 18 Jun 2025 02:20:16 +0000 Files and hashes: 1: oZOMkSrC9KlYuT2vj0snIBWw2Ng.crl (hash: 8uoV41oOukvM2zaTQclWHn5reYfk4wJMk3+76+GZsUk=) 2: 95C4C7AA7F7911ED9C1EAE19C4F9AE02.roa (hash: KfdVVRr1UwfhsTtUMM0Ph6w9qtVR9qcrLdXdVzGndCs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.crl rsync://rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oZOMkSrC9KlYuT2vj0snIBWw2Ng.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 02:20:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 470 (0x1d6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D9D8B, serialNumber=A1938C912AC2F4A958B93DAF8F4B272015B0D8D8 Validity Not Before: Jun 11 02:20:16 2025 GMT Not After : Jun 18 02:20:16 2025 GMT Subject: CN=6848e7e1-e771 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:03:6e:ad:29:89:ee:d0:18:36:b5:00:e5:fa: 04:f2:65:e2:1d:e9:7a:d1:b4:43:d4:05:a3:56:db: a9:6a:a3:89:04:95:45:f4:f4:7c:f7:b6:90:41:a7: e0:53:63:c7:d1:71:a8:d5:5f:db:a0:43:d9:38:c7: ed:03:20:f1:fb:aa:3e:55:e8:59:e2:14:e0:f1:5d: 25:95:9e:75:d4:cd:0f:31:a1:e3:06:8b:06:6c:58: 50:a2:d2:29:81:54:31:72:a5:68:67:f8:a2:fb:b7: cd:fd:70:2a:91:85:0b:c8:76:51:ef:cf:de:c8:3f: 60:ce:54:46:b2:07:d7:fc:de:cf:2c:38:9c:0c:98: 95:fc:f1:43:fc:d0:4e:2e:f5:94:fb:9e:43:b2:5e: d5:b1:81:8d:24:cf:ff:21:c2:9c:03:5c:51:87:1d: 8e:bb:99:80:81:92:32:0e:05:98:d7:f8:c2:92:35: c3:40:b5:ec:5c:fb:e2:9b:38:8b:5d:b8:05:58:49: 39:6e:18:1a:c7:fb:71:8d:6c:f3:b2:2e:13:5f:f1: 84:66:b3:7f:26:da:71:28:5a:10:ab:42:3b:e1:b2: 27:ab:23:05:9a:8a:cf:36:d2:b9:e6:f7:8f:9b:eb: b8:92:2b:9a:03:9d:71:6c:68:75:3f:93:9a:8f:61: 54:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:ED:3E:25:30:13:CC:CC:68:6B:7D:9A:D7:E8:DB:0D:85:69:FB:13 X509v3 Authority Key Identifier: keyid:A1:93:8C:91:2A:C2:F4:A9:58:B9:3D:AF:8F:4B:27:20:15:B0:D8:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oZOMkSrC9KlYuT2vj0snIBWw2Ng.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 22:8f:3e:3a:25:22:92:60:71:de:f6:c9:94:dd:9b:83:83:09: 56:0c:5e:e3:fc:a5:fc:3d:9c:16:f0:40:bd:a2:36:70:e5:7a: 2c:58:f6:07:ef:a3:0b:42:18:99:d9:f3:cb:9f:76:ea:2d:15: 2d:cb:9d:f9:a2:46:22:b5:de:86:04:fb:42:25:93:38:47:38: 70:80:a3:60:d4:bd:f5:cf:34:96:dc:a6:c7:ca:da:a1:22:d2: 8a:32:8e:e3:46:6d:96:a2:87:29:f2:3b:1b:61:b7:00:4e:3d: a8:f5:c7:d5:0b:d0:ed:65:2c:31:f7:e1:a9:53:14:38:79:db: a7:14:ba:b3:7c:41:5e:70:f3:51:d3:51:7e:4b:c5:9b:1a:48: 48:97:f3:67:0a:84:c0:24:2c:04:55:46:5a:92:68:b0:82:9e: d1:97:78:8b:08:46:12:af:9b:6c:bf:42:a7:35:53:07:a1:60: f7:8a:97:e6:bd:01:a9:f3:72:3e:f4:ac:34:99:d6:b9:46:ca: 76:90:85:c8:e9:c1:d2:2b:41:6a:5e:6d:22:fa:49:aa:c3:11: 5d:43:44:55:90:0c:0e:c3:1b:6d:e4:d4:b0:58:2f:d0:83:82: 6b:21:4f:92:17:6c:d4:76:c1:46:ed:78:f1:ff:81:8a:85:7d: 8d:16:cd:d5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAdYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDlEOEIxMTAvBgNVBAUTKEExOTM4QzkxMkFDMkY0QTk1OEI5M0RBRjhGNEIyNzIw MTVCMEQ4RDgwHhcNMjUwNjExMDIyMDE2WhcNMjUwNjE4MDIyMDE2WjAYMRYwFAYD VQQDEw02ODQ4ZTdlMS1lNzcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4ANurSmJ7tAYNrUA5foE8mXiHel60bRD1AWjVtupaqOJBJVF9PR897aQQafg U2PH0XGo1V/boEPZOMftAyDx+6o+VehZ4hTg8V0llZ511M0PMaHjBosGbFhQotIp gVQxcqVoZ/ii+7fN/XAqkYULyHZR78/eyD9gzlRGsgfX/N7PLDicDJiV/PFD/NBO LvWU+55Dsl7VsYGNJM//IcKcA1xRhx2Ou5mAgZIyDgWY1/jCkjXDQLXsXPvimziL XbgFWEk5bhgax/txjWzzsi4TX/GEZrN/JtpxKFoQq0I74bInqyMFmorPNtK55veP m+u4kiuaA51xbGh1P5Oaj2FUMwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDbtPiUw E8zMaGt9mtfo2w2FafsTMB8GA1UdIwQYMBaAFKGTjJEqwvSpWLk9r49LJyAVsNjY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOUQ4Qi81RjExRTAyQTdG NzUxMUVEOEFGQkU2NzNDNEY5QUUwMi9vWk9Na1NyQzlLbFl1VDJ2ajBzbklCV3cy TmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29aT01rU3JDOUtsWXVUMnZqMHNuSUJXdzJOZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE OUQ4Qi81RjExRTAyQTdGNzUxMUVEOEFGQkU2NzNDNEY5QUUwMi9vWk9Na1NyQzlL bFl1VDJ2ajBzbklCV3cyTmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAijz46JSKSYHHe9smU3ZuDgwlWDF7j/KX8PZwW8EC9ojZw5XosWPYH 76MLQhiZ2fPLn3bqLRUty535okYitd6GBPtCJZM4RzhwgKNg1L31zzSW3KbHytqh ItKKMo7jRm2Woocp8jsbYbcATj2o9cfVC9DtZSwx9+GpUxQ4edunFLqzfEFecPNR 01F+S8WbGkhIl/NnCoTAJCwEVUZakmiwgp7Rl3iLCEYSr5tsv0KnNVMHoWD3ipfm vQGp83I+9Kw0mda5Rsp2kIXI6cHSK0FqXm0i+kmqwxFdQ0RVkAwOwxtt5NSwWC/Q g4JrIU+SF2zUdsFG7Xjx/4GKhX2NFs3V -----END CERTIFICATE-----Generated at Wed Jun 11 22:32:57 2025 by rpki-client