$ rpki-client -vvf rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.mft File: oZOMkSrC9KlYuT2vj0snIBWw2Ng.mft (raw, json) Hash identifier: gNQ2LxxWjqLmV9HYUAJGjGU7k5lPXXbyyqKT0tc2Ap8= Subject key identifier: 05:2B:26:9D:90:0B:CB:50:06:CF:26:34:84:0D:E1:3D:0B:9B:A6:67 Authority key identifier: A1:93:8C:91:2A:C2:F4:A9:58:B9:3D:AF:8F:4B:27:20:15:B0:D8:D8 Certificate issuer: /CN=A91D9D8B/serialNumber=A1938C912AC2F4A958B93DAF8F4B272015B0D8D8 Certificate serial: 01D7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oZOMkSrC9KlYuT2vj0snIBWw2Ng.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.mft Manifest number: 01D2 Signing time: Fri 13 Jun 2025 01:55:40 +0000 Manifest this update: Fri 13 Jun 2025 01:55:39 +0000 Manifest next update: Fri 20 Jun 2025 01:55:39 +0000 Files and hashes: 1: oZOMkSrC9KlYuT2vj0snIBWw2Ng.crl (hash: BQn8UpsC5wgyaxlMew+hNvQBg59ZhandIsrdNc8Sx04=) 2: 95C4C7AA7F7911ED9C1EAE19C4F9AE02.roa (hash: KfdVVRr1UwfhsTtUMM0Ph6w9qtVR9qcrLdXdVzGndCs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.crl rsync://rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oZOMkSrC9KlYuT2vj0snIBWw2Ng.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 20 Jun 2025 01:55:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 471 (0x1d7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D9D8B, serialNumber=A1938C912AC2F4A958B93DAF8F4B272015B0D8D8 Validity Not Before: Jun 13 01:55:39 2025 GMT Not After : Jun 20 01:55:39 2025 GMT Subject: CN=684b851c-0875 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:8f:e9:09:0e:e0:9e:5f:76:36:75:b2:88:06: a3:7b:b9:a8:6f:d3:16:89:9a:12:2c:55:3f:6d:fc: ef:07:f3:87:01:9f:dc:33:f1:d9:cd:6b:d0:2c:af: 97:61:e7:ab:19:b7:d5:7d:06:a7:1a:c1:75:41:02: e9:70:89:91:1b:c1:b9:7c:5b:d2:2a:eb:d7:13:cf: 92:49:ed:84:9a:ae:fe:32:13:8f:c8:c6:16:21:4d: 56:f9:06:d4:dc:15:17:22:06:a1:1b:e2:83:59:1a: 8b:91:21:2c:b8:19:11:29:58:55:da:d4:f4:ab:cc: 35:ef:94:0d:0a:85:4c:3f:df:f0:52:cd:27:58:1a: 7a:ac:27:2d:93:09:4f:39:fd:ef:6b:7b:c1:65:75: 1f:a1:ba:c4:e8:d2:26:d9:61:63:44:68:93:d5:a3: d1:8d:24:1f:df:8f:ab:4d:1b:64:d6:8a:77:19:a6: 45:17:55:bb:78:6a:e9:0c:42:f5:05:21:91:9b:99: f8:38:30:05:3b:b9:0b:55:88:c6:46:06:8e:ae:b0: df:40:63:45:49:12:d0:17:35:e0:16:c1:e4:c2:7f: bf:a8:ef:9a:b4:3e:bc:46:76:cc:31:8b:af:b7:d1: a0:f6:00:f9:98:cc:34:48:ff:2f:ae:fc:c6:09:e8: f6:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:2B:26:9D:90:0B:CB:50:06:CF:26:34:84:0D:E1:3D:0B:9B:A6:67 X509v3 Authority Key Identifier: keyid:A1:93:8C:91:2A:C2:F4:A9:58:B9:3D:AF:8F:4B:27:20:15:B0:D8:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oZOMkSrC9KlYuT2vj0snIBWw2Ng.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 62:6f:ff:af:e8:69:f3:69:c4:76:80:f4:38:1a:00:f8:6f:62: b8:bf:b2:c4:0e:e6:86:f0:3e:27:67:59:53:3c:4b:0e:50:ae: 30:2e:0f:cc:6a:b3:d7:be:c2:bb:df:d5:c1:6f:92:25:16:92: 81:42:f0:e3:05:d8:6d:11:ec:50:97:c3:35:51:fe:6e:a8:29: 80:ae:39:c1:ac:79:0c:b0:2c:10:79:c5:67:49:36:02:df:41: 43:8e:54:55:bb:45:af:e6:b0:2c:d0:a6:8c:3a:b7:29:91:ab: 75:66:1f:2b:15:07:28:fd:e2:a2:43:f8:a7:7a:7c:44:4c:50: 48:46:e4:74:9c:aa:4c:e3:f7:95:e7:64:41:08:ee:92:1b:35: e9:3e:a4:c0:af:a4:a6:b5:42:c9:99:05:28:16:9f:cd:76:5f: eb:78:05:60:c0:a3:43:48:61:89:9b:e6:25:1e:4e:44:aa:b7: 45:fe:c6:bd:02:ab:ec:bc:ca:bf:71:25:90:43:fb:6b:d9:5e: ab:b1:84:4d:90:7e:b3:6d:09:d1:dc:96:32:48:05:57:ab:46: d3:09:bf:5e:27:14:ed:21:5d:3f:bf:22:cd:00:71:9a:8b:98: 85:1a:e2:ab:85:69:01:9d:10:46:43:04:0f:0d:36:e0:53:e9: c2:4b:40:02 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAdcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDlEOEIxMTAvBgNVBAUTKEExOTM4QzkxMkFDMkY0QTk1OEI5M0RBRjhGNEIyNzIw MTVCMEQ4RDgwHhcNMjUwNjEzMDE1NTM5WhcNMjUwNjIwMDE1NTM5WjAYMRYwFAYD VQQDEw02ODRiODUxYy0wODc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuI/pCQ7gnl92NnWyiAaje7mob9MWiZoSLFU/bfzvB/OHAZ/cM/HZzWvQLK+X YeerGbfVfQanGsF1QQLpcImRG8G5fFvSKuvXE8+SSe2Emq7+MhOPyMYWIU1W+QbU 3BUXIgahG+KDWRqLkSEsuBkRKVhV2tT0q8w175QNCoVMP9/wUs0nWBp6rCctkwlP Of3va3vBZXUfobrE6NIm2WFjRGiT1aPRjSQf34+rTRtk1op3GaZFF1W7eGrpDEL1 BSGRm5n4ODAFO7kLVYjGRgaOrrDfQGNFSRLQFzXgFsHkwn+/qO+atD68RnbMMYuv t9Gg9gD5mMw0SP8vrvzGCej29wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAUrJp2Q C8tQBs8mNIQN4T0Lm6ZnMB8GA1UdIwQYMBaAFKGTjJEqwvSpWLk9r49LJyAVsNjY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOUQ4Qi81RjExRTAyQTdG NzUxMUVEOEFGQkU2NzNDNEY5QUUwMi9vWk9Na1NyQzlLbFl1VDJ2ajBzbklCV3cy TmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29aT01rU3JDOUtsWXVUMnZqMHNuSUJXdzJOZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE OUQ4Qi81RjExRTAyQTdGNzUxMUVEOEFGQkU2NzNDNEY5QUUwMi9vWk9Na1NyQzlL bFl1VDJ2ajBzbklCV3cyTmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBib/+v6GnzacR2gPQ4GgD4b2K4v7LEDuaG8D4nZ1lTPEsOUK4wLg/M arPXvsK739XBb5IlFpKBQvDjBdhtEexQl8M1Uf5uqCmArjnBrHkMsCwQecVnSTYC 30FDjlRVu0Wv5rAs0KaMOrcpkat1Zh8rFQco/eKiQ/inenxETFBIRuR0nKpM4/eV 52RBCO6SGzXpPqTAr6SmtULJmQUoFp/Ndl/reAVgwKNDSGGJm+YlHk5EqrdF/sa9 AqvsvMq/cSWQQ/tr2V6rsYRNkH6zbQnR3JYySAVXq0bTCb9eJxTtIV0/vyLNAHGa i5iFGuKrhWkBnRBGQwQPDTbgU+nCS0AC -----END CERTIFICATE-----Generated at Sat Jun 14 13:02:51 2025 by rpki-client