$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft File: OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft (raw, json) Hash identifier: uT0c6shOsPZlAADI7pRYNg627J3QJVOVLkc+QCqiEUM= Subject key identifier: 5D:10:2E:B3:BF:37:E3:38:BC:38:08:07:8E:3E:5E:7F:75:C0:38:A2 Authority key identifier: 3A:68:23:A1:0F:03:BF:AC:A4:06:8D:33:98:44:4F:36:41:08:54:85 Certificate issuer: /CN=A91E6856/serialNumber=3A6823A10F03BFACA4068D3398444F3641085485 Certificate serial: 0183 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft Manifest number: 017F Signing time: Sat 06 Sep 2025 17:49:50 +0000 Manifest this update: Sat 06 Sep 2025 17:49:50 +0000 Manifest next update: Sat 13 Sep 2025 17:49:50 +0000 Files and hashes: 1: OmgjoQ8Dv6ykBo0zmERPNkEIVIU.crl (hash: rIzjwUCnBwb31WY5FqgMojUtKvdNJrCOMcQum965TpU=) 2: B2C9B10A881311EE8CFB5C43C4F9AE02.roa (hash: a5Y/yZKxW3IrKI0721MYV+ivPl5QgwwgGyen+XzCmBY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.crl rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Sep 2025 17:49:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 387 (0x183) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E6856, serialNumber=3A6823A10F03BFACA4068D3398444F3641085485 Validity Not Before: Sep 6 17:49:50 2025 GMT Not After : Sep 13 17:49:50 2025 GMT Subject: CN=68bc743e-b0be Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:ee:2d:71:88:45:b6:d8:50:6d:ac:bc:7d:23: 4a:c4:bc:4f:93:18:9e:7f:bb:ef:16:34:e4:3c:28: f9:90:c6:b5:6a:58:28:3a:df:14:bf:c5:f2:7b:72: 5d:13:87:df:cf:81:c6:aa:b1:9c:59:85:8f:ea:e1: d9:81:18:66:f8:ee:b1:c2:7f:cd:5b:6b:81:94:05: 32:32:64:4e:d8:25:00:89:bd:74:90:10:53:68:87: a5:af:fc:80:58:ca:77:4e:76:11:a1:d6:f8:bb:a4: 27:10:17:68:15:47:74:d2:06:c1:f8:dd:28:78:66: 05:51:70:e7:76:51:b3:a6:c4:95:78:9f:7f:49:3f: a6:a2:e7:07:45:55:26:b2:a4:3b:d0:98:92:84:35: 84:33:16:c6:3c:d4:0f:d0:21:81:a1:8f:ef:6a:9b: 83:e3:12:0e:1b:87:37:da:29:da:eb:90:44:d6:53: f2:d0:c0:b1:83:3d:66:f2:16:b7:fe:61:18:9f:44: 23:6d:8a:80:93:d3:c4:15:3f:7b:fe:2f:e4:cc:70: 71:d9:6a:2a:22:98:e4:11:62:4b:c2:e9:a3:0d:a3: f6:97:c4:15:8f:bc:48:94:5d:05:96:45:12:44:ee: a0:42:8c:e8:c3:b6:c7:db:42:b0:60:8f:4a:2f:e3: 10:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:10:2E:B3:BF:37:E3:38:BC:38:08:07:8E:3E:5E:7F:75:C0:38:A2 X509v3 Authority Key Identifier: keyid:3A:68:23:A1:0F:03:BF:AC:A4:06:8D:33:98:44:4F:36:41:08:54:85 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 82:7f:c4:eb:76:e6:44:0f:df:b2:38:b0:59:74:d1:4a:46:45: fd:32:16:b8:7c:1b:e7:ab:23:aa:a9:ed:c3:51:9a:d4:fc:6f: cd:01:05:e2:5a:91:b9:82:03:94:60:3a:02:d9:b4:a6:28:d6: 20:db:98:dc:55:c3:43:0f:95:a3:6c:fd:f8:3e:78:c6:ff:6e: 10:f2:32:2f:77:98:12:81:37:ac:7a:05:49:2d:5b:d7:dc:c9: 84:77:56:d0:bb:91:e5:d7:2b:4b:4c:bd:f9:3e:fa:8f:92:40: 26:4f:2d:26:75:e7:5a:a5:a7:83:67:ab:4e:c6:56:a2:9a:32: 4f:ce:21:bf:02:b0:4c:7b:7b:06:89:13:d8:5b:7d:bb:c5:eb: b8:a9:11:72:9a:a1:0f:98:13:f3:61:27:d4:0a:be:39:cf:91: 2f:19:a5:d1:55:5c:d1:1f:37:cc:34:82:9d:9b:27:29:04:07: bf:a4:11:0b:6f:29:72:3d:c5:43:99:7e:b8:d3:4c:5e:57:4b: 2b:bf:7f:21:47:17:95:27:ed:ad:54:d8:7c:7b:16:dc:19:57: 41:81:b3:6a:fb:30:ff:03:06:8c:ae:cb:97:26:65:b3:59:9b: e8:d5:c6:ac:32:c6:5a:55:48:f8:4e:4c:fa:3d:f4:76:e5:2c: 0b:cb:8f:18 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAYMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTY4NTYxMTAvBgNVBAUTKDNBNjgyM0ExMEYwM0JGQUNBNDA2OEQzMzk4NDQ0RjM2 NDEwODU0ODUwHhcNMjUwOTA2MTc0OTUwWhcNMjUwOTEzMTc0OTUwWjAYMRYwFAYD VQQDEw02OGJjNzQzZS1iMGJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAk+4tcYhFtthQbay8fSNKxLxPkxief7vvFjTkPCj5kMa1algoOt8Uv8Xye3Jd E4ffz4HGqrGcWYWP6uHZgRhm+O6xwn/NW2uBlAUyMmRO2CUAib10kBBTaIelr/yA WMp3TnYRodb4u6QnEBdoFUd00gbB+N0oeGYFUXDndlGzpsSVeJ9/ST+moucHRVUm sqQ70JiShDWEMxbGPNQP0CGBoY/vapuD4xIOG4c32ina65BE1lPy0MCxgz1m8ha3 /mEYn0QjbYqAk9PEFT97/i/kzHBx2WoqIpjkEWJLwumjDaP2l8QVj7xIlF0FlkUS RO6gQozow7bH20KwYI9KL+MQKQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF0QLrO/ N+M4vDgIB44+Xn91wDiiMB8GA1UdIwQYMBaAFDpoI6EPA7+spAaNM5hETzZBCFSF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjg1Ni8yRERCNDI2RTQ4 NjMxMUVFQkMwQkQyMTNDNEY5QUUwMi9PbWdqb1E4RHY2eWtCbzB6bUVSUE5rRUlW SVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL09tZ2pvUThEdjZ5a0JvMHptRVJQTmtFSVZJVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF Njg1Ni8yRERCNDI2RTQ4NjMxMUVFQkMwQkQyMTNDNEY5QUUwMi9PbWdqb1E4RHY2 eWtCbzB6bUVSUE5rRUlWSVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCCf8TrduZED9+yOLBZdNFKRkX9Mha4fBvnqyOqqe3DUZrU/G/NAQXi WpG5ggOUYDoC2bSmKNYg25jcVcNDD5WjbP34PnjG/24Q8jIvd5gSgTesegVJLVvX 3MmEd1bQu5Hl1ytLTL35PvqPkkAmTy0mdedapaeDZ6tOxlaimjJPziG/ArBMe3sG iRPYW327xeu4qRFymqEPmBPzYSfUCr45z5EvGaXRVVzRHzfMNIKdmycpBAe/pBEL bylyPcVDmX6400xeV0srv38hRxeVJ+2tVNh8exbcGVdBgbNq+zD/AwaMrsuXJmWz WZvo1casMsZaVUj4Tkz6PfR25SwLy48Y -----END CERTIFICATE-----Generated at Sat Sep 6 21:31:28 2025 by rpki-client