$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.mft File: ovb2YTEslb8FoLUjCxNx1GIv1ic.mft (raw, json) Hash identifier: Gp/G/iT9p+GpDbiB6tBeAoIt3uN2X08M5X0iOniRaWg= Subject key identifier: 1F:E7:3F:7D:A7:59:EF:A7:07:6B:00:F5:4A:89:9D:5A:C5:BA:45:73 Authority key identifier: A2:F6:F6:61:31:2C:95:BF:05:A0:B5:23:0B:13:71:D4:62:2F:D6:27 Certificate issuer: /CN=A91E7BC4/serialNumber=A2F6F661312C95BF05A0B5230B1371D4622FD627 Certificate serial: 0D5B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ovb2YTEslb8FoLUjCxNx1GIv1ic.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.mft Manifest number: 0D53 Signing time: Sun 20 Jul 2025 18:01:36 +0000 Manifest this update: Sun 20 Jul 2025 18:01:35 +0000 Manifest next update: Sun 27 Jul 2025 18:01:35 +0000 Files and hashes: 1: ovb2YTEslb8FoLUjCxNx1GIv1ic.crl (hash: HXQrB+h2mvWX5pXwGurqLoQVW2oIpGjyScXxpKEjFfk=) 2: 05054224D8E411E9BEB7986DC4F9AE02.roa (hash: C8YUnzVpdG1ic9MCuW7celmXkhXkYeCvagfWnZShYbQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.crl rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ovb2YTEslb8FoLUjCxNx1GIv1ic.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 18:01:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3419 (0xd5b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E7BC4, serialNumber=A2F6F661312C95BF05A0B5230B1371D4622FD627 Validity Not Before: Jul 20 18:01:35 2025 GMT Not After : Jul 27 18:01:35 2025 GMT Subject: CN=687d2eff-f94b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:64:83:d7:22:de:7d:5f:8e:62:f5:13:a8:db: 71:d5:4b:9b:1a:bd:52:77:3b:44:37:78:38:2c:c6: 79:c0:e1:98:08:25:c2:ef:53:5d:f0:59:93:9b:e5: 44:93:ed:3b:99:9c:0e:02:f9:90:01:d3:21:5b:0b: 0d:b1:5e:c3:fd:c7:a3:80:da:93:ae:c4:1f:50:7c: 66:0b:59:55:13:20:28:05:94:26:4f:44:24:a9:c3: 0f:6f:6c:1b:99:84:0d:f2:a3:12:f1:dd:58:36:1e: 99:38:37:dd:8d:ab:33:7d:28:c4:21:c2:11:05:a4: f8:e5:8d:4d:11:bf:58:24:23:6c:6b:74:ca:98:c1: 36:a4:58:39:80:80:17:1c:65:08:06:3c:d3:7b:21: f4:a9:2d:d7:fd:68:84:da:ba:ae:6c:51:e6:ef:1f: 91:b8:dd:d0:17:6d:b8:7b:a6:84:75:e4:49:75:55: 75:ad:4c:fe:91:8e:2f:33:f6:1f:4e:8c:de:2d:b6: f0:a9:52:94:62:eb:4a:4f:a0:d6:df:a9:1f:7f:d0: b3:35:3a:37:ef:b1:35:7b:35:c0:73:4a:14:80:fe: a2:4a:b7:87:80:2a:a7:cd:8f:86:44:b5:ae:10:e2: 20:e7:86:e9:74:69:15:41:0e:4d:43:ff:13:41:42: 90:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:E7:3F:7D:A7:59:EF:A7:07:6B:00:F5:4A:89:9D:5A:C5:BA:45:73 X509v3 Authority Key Identifier: keyid:A2:F6:F6:61:31:2C:95:BF:05:A0:B5:23:0B:13:71:D4:62:2F:D6:27 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ovb2YTEslb8FoLUjCxNx1GIv1ic.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 78:df:11:e1:59:b1:1d:cf:ff:b0:64:25:cf:66:00:be:07:fa: 0a:ad:ff:88:70:9f:e5:80:9e:1d:0b:99:d9:de:13:dc:d8:2b: 2e:85:74:a1:d5:bc:2d:8b:28:f9:0c:ff:64:f3:9f:92:62:09: 01:6e:5e:90:07:24:e5:44:5b:e9:25:23:f0:74:98:62:67:44: e7:ae:1a:3a:f6:01:b6:f1:51:12:56:2a:7f:2e:31:fe:ab:17: b3:c6:54:12:da:64:f4:4b:c6:de:21:69:4a:23:b6:22:92:c2: 9b:ba:f6:a2:c0:68:37:22:10:91:f9:07:72:70:aa:c1:80:80: 1e:b0:b2:3d:55:b6:a6:9a:d4:9e:c0:9d:dc:cd:c9:2c:ff:23: b7:6f:ac:6c:d8:06:98:a7:c2:93:48:0a:55:ed:32:d0:5c:24: 60:d1:ee:52:14:a4:37:c4:43:93:bf:97:1b:7b:06:77:a5:59: 86:77:20:69:1d:ee:e5:97:02:87:d3:c0:50:48:81:e9:1d:27: 50:d2:8a:2a:c8:fd:de:db:3a:4f:85:41:d4:94:b3:07:dd:67: de:c7:56:17:63:f3:6d:8e:5e:a9:6f:ae:88:82:02:42:10:7d: be:49:28:25:19:76:66:a1:59:07:32:0c:63:fa:2c:8d:b5:91: 7a:64:c2:74 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDVswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTdCQzQxMTAvBgNVBAUTKEEyRjZGNjYxMzEyQzk1QkYwNUEwQjUyMzBCMTM3MUQ0 NjIyRkQ2MjcwHhcNMjUwNzIwMTgwMTM1WhcNMjUwNzI3MTgwMTM1WjAYMRYwFAYD VQQDEw02ODdkMmVmZi1mOTRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAymSD1yLefV+OYvUTqNtx1UubGr1SdztEN3g4LMZ5wOGYCCXC71Nd8FmTm+VE k+07mZwOAvmQAdMhWwsNsV7D/cejgNqTrsQfUHxmC1lVEyAoBZQmT0QkqcMPb2wb mYQN8qMS8d1YNh6ZODfdjaszfSjEIcIRBaT45Y1NEb9YJCNsa3TKmME2pFg5gIAX HGUIBjzTeyH0qS3X/WiE2rqubFHm7x+RuN3QF224e6aEdeRJdVV1rUz+kY4vM/Yf TozeLbbwqVKUYutKT6DW36kff9CzNTo377E1ezXAc0oUgP6iSreHgCqnzY+GRLWu EOIg54bpdGkVQQ5NQ/8TQUKQOQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB/nP32n We+nB2sA9UqJnVrFukVzMB8GA1UdIwQYMBaAFKL29mExLJW/BaC1IwsTcdRiL9Yn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFN0JDNC8yNjFEMjgzMEQ1 MEQxMUU5QkFENkMyMjZDNEY5QUUwMi9vdmIyWVRFc2xiOEZvTFVqQ3hOeDFHSXYx aWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL292YjJZVEVzbGI4Rm9MVWpDeE54MUdJdjFpYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF N0JDNC8yNjFEMjgzMEQ1MEQxMUU5QkFENkMyMjZDNEY5QUUwMi9vdmIyWVRFc2xi OEZvTFVqQ3hOeDFHSXYxaWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB43xHhWbEdz/+wZCXPZgC+B/oKrf+IcJ/lgJ4dC5nZ3hPc2CsuhXSh 1bwtiyj5DP9k85+SYgkBbl6QByTlRFvpJSPwdJhiZ0Tnrho69gG28VESVip/LjH+ qxezxlQS2mT0S8beIWlKI7YiksKbuvaiwGg3IhCR+QdycKrBgIAesLI9VbammtSe wJ3czcks/yO3b6xs2AaYp8KTSApV7TLQXCRg0e5SFKQ3xEOTv5cbewZ3pVmGdyBp He7llwKH08BQSIHpHSdQ0ooqyP3e2zpPhUHUlLMH3Wfex1YXY/Ntjl6pb66IggJC EH2+SSglGXZmoVkHMgxj+iyNtZF6ZMJ0 -----END CERTIFICATE-----Generated at Tue Jul 22 04:59:22 2025 by rpki-client