$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft File: OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft (raw, json) Hash identifier: LQ0v89K/cyloZlD6CurVNzSSsA5PfzuYrBgZU0tQ6Mw= Subject key identifier: 6F:17:4B:D2:E6:9E:92:C8:BC:F7:FB:7F:A3:42:C4:08:88:A8:64:0C Authority key identifier: 3A:68:23:A1:0F:03:BF:AC:A4:06:8D:33:98:44:4F:36:41:08:54:85 Certificate issuer: /CN=A91E6856/serialNumber=3A6823A10F03BFACA4068D3398444F3641085485 Certificate serial: 0167 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft Manifest number: 0164 Signing time: Sun 20 Jul 2025 17:45:37 +0000 Manifest this update: Sun 20 Jul 2025 17:45:36 +0000 Manifest next update: Sun 27 Jul 2025 17:45:36 +0000 Files and hashes: 1: OmgjoQ8Dv6ykBo0zmERPNkEIVIU.crl (hash: vhTifM2/7ZicM9UK3W72v77hdyrTBNYNe2kHxG7RkCs=) 2: B2C9B10A881311EE8CFB5C43C4F9AE02.roa (hash: 6Te+3VLS/O5qxRt8jv/bM33nUlqEem+47I9pmRS4Z7o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.crl rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 17:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 359 (0x167) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E6856, serialNumber=3A6823A10F03BFACA4068D3398444F3641085485 Validity Not Before: Jul 20 17:45:36 2025 GMT Not After : Jul 27 17:45:36 2025 GMT Subject: CN=687d2b40-c58d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:8d:38:79:d1:32:b9:b3:7d:d1:a4:f7:2d:04: 9c:b9:eb:c6:da:5a:a2:71:10:7f:67:b3:06:91:26: 73:9e:52:fe:91:ee:8e:42:0b:5d:12:ff:d1:e4:4c: 8f:66:ee:54:15:fc:52:62:7a:5b:a1:10:59:6a:6a: 05:a1:76:71:ab:92:db:af:da:cd:5e:7d:67:8d:42: 30:4b:51:31:03:64:1b:53:a8:09:74:84:ae:6a:76: f4:ee:9e:1a:6d:ea:b3:eb:3b:55:74:fc:77:f7:7c: 29:12:d9:04:14:a0:a1:d4:e2:10:f6:5e:2a:f5:e4: dc:ba:65:7e:bf:9a:c9:c3:00:9e:ef:a7:4c:b9:59: 94:35:61:10:9b:b9:99:29:95:33:f9:88:d6:95:b8: b8:16:c6:14:9b:a3:f5:80:73:e9:e4:90:c7:1d:f2: a1:f4:66:7c:52:02:c2:b4:80:8f:00:83:46:75:bb: 9b:6f:90:ef:b3:2d:07:0e:3b:35:cb:48:35:74:ba: c1:0d:6a:ef:01:de:ab:91:37:d2:90:e5:61:ef:72: 80:67:8a:b9:1a:08:5f:68:01:c8:d7:01:0c:4d:00: 92:52:3d:45:bb:02:df:04:5c:96:fc:34:0f:93:d5: eb:36:08:74:2d:30:53:fe:7a:1b:ad:4d:00:e8:3d: cc:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:17:4B:D2:E6:9E:92:C8:BC:F7:FB:7F:A3:42:C4:08:88:A8:64:0C X509v3 Authority Key Identifier: keyid:3A:68:23:A1:0F:03:BF:AC:A4:06:8D:33:98:44:4F:36:41:08:54:85 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption aa:96:bc:25:d0:b3:df:59:f0:eb:21:93:b8:5a:f0:91:39:11: 86:90:c0:a9:78:db:b1:b4:c9:f7:76:b4:42:11:e5:3e:a7:69: d0:6f:b4:fb:c4:5d:a2:24:5e:d8:84:0a:13:a8:1e:00:3f:f5: 00:57:da:e7:04:32:4d:6c:a0:b6:65:8d:e1:e1:25:49:e7:3a: a4:ac:44:e2:21:86:fc:fe:5d:98:bf:41:cc:4b:4c:b0:f5:ab: fd:62:41:14:21:ae:0e:8b:d9:c9:a5:8c:0e:76:aa:21:ee:cf: 05:02:a5:b9:19:09:a3:24:21:d1:28:21:04:03:65:73:69:9c: 01:e8:e1:59:f2:ef:7e:e3:08:9c:77:63:83:64:a4:d8:2f:e9: a4:bc:99:94:58:41:e4:5c:11:08:32:8b:f3:13:c4:a6:b3:b6: eb:40:4b:bf:7e:3e:13:ee:0b:c4:1c:61:7a:8c:9b:1d:17:cd: 07:1b:d7:88:9d:02:d4:55:01:8c:ef:9b:17:5c:49:e5:27:4b: fc:a8:e0:0e:84:be:1c:87:26:98:94:68:c8:10:c7:88:6a:a2: 5f:9a:a0:3f:fb:62:5e:cb:44:1b:cc:06:86:c1:d6:58:fa:83: 07:40:bc:6f:ae:c0:ca:4b:30:79:fc:44:7d:a5:1e:b8:dc:27: 56:2a:ce:6a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAWcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTY4NTYxMTAvBgNVBAUTKDNBNjgyM0ExMEYwM0JGQUNBNDA2OEQzMzk4NDQ0RjM2 NDEwODU0ODUwHhcNMjUwNzIwMTc0NTM2WhcNMjUwNzI3MTc0NTM2WjAYMRYwFAYD VQQDEw02ODdkMmI0MC1jNThkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuY04edEyubN90aT3LQScuevG2lqicRB/Z7MGkSZznlL+ke6OQgtdEv/R5EyP Zu5UFfxSYnpboRBZamoFoXZxq5Lbr9rNXn1njUIwS1ExA2QbU6gJdISuanb07p4a beqz6ztVdPx393wpEtkEFKCh1OIQ9l4q9eTcumV+v5rJwwCe76dMuVmUNWEQm7mZ KZUz+YjWlbi4FsYUm6P1gHPp5JDHHfKh9GZ8UgLCtICPAINGdbubb5Dvsy0HDjs1 y0g1dLrBDWrvAd6rkTfSkOVh73KAZ4q5GghfaAHI1wEMTQCSUj1FuwLfBFyW/DQP k9XrNgh0LTBT/nobrU0A6D3MZQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFG8XS9Lm npLIvPf7f6NCxAiIqGQMMB8GA1UdIwQYMBaAFDpoI6EPA7+spAaNM5hETzZBCFSF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjg1Ni8yRERCNDI2RTQ4 NjMxMUVFQkMwQkQyMTNDNEY5QUUwMi9PbWdqb1E4RHY2eWtCbzB6bUVSUE5rRUlW SVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL09tZ2pvUThEdjZ5a0JvMHptRVJQTmtFSVZJVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF Njg1Ni8yRERCNDI2RTQ4NjMxMUVFQkMwQkQyMTNDNEY5QUUwMi9PbWdqb1E4RHY2 eWtCbzB6bUVSUE5rRUlWSVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCqlrwl0LPfWfDrIZO4WvCRORGGkMCpeNuxtMn3drRCEeU+p2nQb7T7 xF2iJF7YhAoTqB4AP/UAV9rnBDJNbKC2ZY3h4SVJ5zqkrETiIYb8/l2Yv0HMS0yw 9av9YkEUIa4Oi9nJpYwOdqoh7s8FAqW5GQmjJCHRKCEEA2VzaZwB6OFZ8u9+4wic d2ODZKTYL+mkvJmUWEHkXBEIMovzE8Sms7brQEu/fj4T7gvEHGF6jJsdF80HG9eI nQLUVQGM75sXXEnlJ0v8qOAOhL4chyaYlGjIEMeIaqJfmqA/+2Jey0QbzAaGwdZY +oMHQLxvrsDKSzB5/ER9pR643CdWKs5q -----END CERTIFICATE-----Generated at Mon Jul 21 12:56:21 2025 by rpki-client