$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAD80/D223C5AE94C911EF92CD7258C4F9AE02/oRR-hHvP7urdnompeo2fM2ecp-I.mft File: oRR-hHvP7urdnompeo2fM2ecp-I.mft (raw, json) Hash identifier: U35vr7LVAxpvPBrPO00ZnkP0o3SuiJpWaLANj+aP5TE= Subject key identifier: 99:81:19:9D:92:6C:20:DF:30:5E:CF:FB:22:C6:5C:C6:52:A9:22:80 Authority key identifier: A1:14:7E:84:7B:CF:EE:EA:DD:9E:89:A9:7A:8D:9F:33:67:9C:A7:E2 Certificate issuer: /CN=A91EAD80/serialNumber=A1147E847BCFEEEADD9E89A97A8D9F33679CA7E2 Certificate serial: A7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oRR-hHvP7urdnompeo2fM2ecp-I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EAD80/D223C5AE94C911EF92CD7258C4F9AE02/oRR-hHvP7urdnompeo2fM2ecp-I.mft Manifest number: A5 Signing time: Sun 07 Sep 2025 06:44:16 +0000 Manifest this update: Sun 07 Sep 2025 06:44:16 +0000 Manifest next update: Sun 14 Sep 2025 06:44:16 +0000 Files and hashes: 1: oRR-hHvP7urdnompeo2fM2ecp-I.crl (hash: o070N9EsCIAVAg/lB6rG35Vwnu3Ih8WO33wHL9D9njA=) 2: 52DF0E62B2FA11EFA36E0387C4F9AE02.roa (hash: zOW380YmpQpMtSyWb7ghqrZ9YCinfgNDwAX0rgUwhPY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EAD80/D223C5AE94C911EF92CD7258C4F9AE02/oRR-hHvP7urdnompeo2fM2ecp-I.crl rsync://rpki.apnic.net/member_repository/A91EAD80/D223C5AE94C911EF92CD7258C4F9AE02/oRR-hHvP7urdnompeo2fM2ecp-I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oRR-hHvP7urdnompeo2fM2ecp-I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 14 Sep 2025 06:44:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 167 (0xa7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EAD80, serialNumber=A1147E847BCFEEEADD9E89A97A8D9F33679CA7E2 Validity Not Before: Sep 7 06:44:16 2025 GMT Not After : Sep 14 06:44:16 2025 GMT Subject: CN=68bd29c0-2296 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:6d:ce:b8:88:e9:45:c4:f6:20:e0:2a:e9:e8: 24:87:e6:b2:d8:82:69:93:19:c7:08:b8:c2:c6:3c: 70:53:00:07:e1:bd:d3:ff:27:3c:83:cd:c7:37:4e: d6:ce:ed:94:61:ec:7c:d4:21:18:d0:75:8d:aa:8b: 83:05:f1:2d:b7:26:32:52:b7:90:fb:53:40:f1:95: e9:2b:58:b7:82:99:d9:f9:5c:8f:89:0e:30:ee:de: 5c:6c:87:24:6a:68:4e:ef:4f:80:e9:53:b4:a9:5b: b0:a5:a1:c3:66:e5:e5:f9:b1:cd:9b:82:f0:cb:52: 19:ab:41:4e:75:62:aa:eb:86:39:34:75:73:25:42: de:22:30:fb:ac:55:02:4e:19:90:f6:61:11:93:71: 44:13:a9:43:d4:91:27:26:22:be:7c:05:a2:6d:ca: 46:75:cf:75:03:d5:16:f1:74:d6:08:78:5b:9f:64: 4f:e6:1f:9b:78:0f:1b:51:45:09:00:e0:c2:5f:de: be:19:3d:37:99:7f:0a:e4:fa:d3:d8:62:12:4b:81: 98:bf:eb:63:13:30:01:a6:ee:9f:d2:42:8a:eb:84: 82:52:61:a7:0b:0e:c9:bc:64:aa:bb:9a:49:25:45: 16:d5:0b:5d:67:a3:62:77:31:3b:57:b2:46:69:fa: f0:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:81:19:9D:92:6C:20:DF:30:5E:CF:FB:22:C6:5C:C6:52:A9:22:80 X509v3 Authority Key Identifier: keyid:A1:14:7E:84:7B:CF:EE:EA:DD:9E:89:A9:7A:8D:9F:33:67:9C:A7:E2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EAD80/D223C5AE94C911EF92CD7258C4F9AE02/oRR-hHvP7urdnompeo2fM2ecp-I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oRR-hHvP7urdnompeo2fM2ecp-I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAD80/D223C5AE94C911EF92CD7258C4F9AE02/oRR-hHvP7urdnompeo2fM2ecp-I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5e:1f:19:5b:01:a7:bb:a2:77:ac:39:70:26:0a:c4:02:40:07: b5:d5:86:e6:47:45:36:33:72:c5:e6:b5:2b:fc:64:23:1f:0e: 9c:17:ad:b6:14:28:75:a6:5e:7b:a4:61:76:9b:5f:42:05:ac: b3:bb:f1:6d:66:44:54:e0:c6:e6:0b:af:b1:79:8e:c2:8d:bc: f1:29:c2:25:24:33:d2:3d:a5:10:0b:f4:6b:e4:da:d7:d6:26: 30:f7:d4:e7:d0:c6:8b:42:cd:c7:9b:4b:ba:21:b3:39:22:34: 7a:d3:17:0c:78:7b:53:3c:6e:46:83:75:89:83:1f:19:f1:06: 8d:7f:2b:14:1e:ac:c7:17:d4:a1:51:3e:e7:d3:0b:a0:17:28: f0:b0:3a:6f:58:08:e8:fe:e5:8c:cb:99:4f:93:c1:2f:93:2d: ca:97:82:55:51:e6:5e:d6:2c:ce:51:27:ca:9f:ff:aa:35:6e: 0b:5e:45:d4:73:7b:ed:16:fd:14:dd:3b:fd:04:15:9b:61:2c: b3:d4:c9:81:5a:3d:b7:52:de:a7:32:e4:32:5f:7b:cc:f7:66: e3:8a:9a:c3:08:03:07:5f:37:a5:99:22:6a:c6:2d:df:4e:95: b9:b4:1c:05:9a:6d:d9:56:66:57:a0:79:00:9a:44:30:87:2e: f5:a1:09:ef -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUFEODAxMTAvBgNVBAUTKEExMTQ3RTg0N0JDRkVFRUFERDlFODlBOTdBOEQ5RjMz Njc5Q0E3RTIwHhcNMjUwOTA3MDY0NDE2WhcNMjUwOTE0MDY0NDE2WjAYMRYwFAYD VQQDEw02OGJkMjljMC0yMjk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxW3OuIjpRcT2IOAq6egkh+ay2IJpkxnHCLjCxjxwUwAH4b3T/yc8g83HN07W zu2UYex81CEY0HWNqouDBfEttyYyUreQ+1NA8ZXpK1i3gpnZ+VyPiQ4w7t5cbIck amhO70+A6VO0qVuwpaHDZuXl+bHNm4Lwy1IZq0FOdWKq64Y5NHVzJULeIjD7rFUC ThmQ9mERk3FEE6lD1JEnJiK+fAWibcpGdc91A9UW8XTWCHhbn2RP5h+beA8bUUUJ AODCX96+GT03mX8K5PrT2GISS4GYv+tjEzABpu6f0kKK64SCUmGnCw7JvGSqu5pJ JUUW1QtdZ6NidzE7V7JGafrw1QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJmBGZ2S bCDfMF7P+yLGXMZSqSKAMB8GA1UdIwQYMBaAFKEUfoR7z+7q3Z6JqXqNnzNnnKfi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUQ4MC9EMjIzQzVBRTk0 QzkxMUVGOTJDRDcyNThDNEY5QUUwMi9vUlItaEh2UDd1cmRub21wZW8yZk0yZWNw LUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29SUi1oSHZQN3VyZG5vbXBlbzJmTTJlY3AtSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QUQ4MC9EMjIzQzVBRTk0QzkxMUVGOTJDRDcyNThDNEY5QUUwMi9vUlItaEh2UDd1 cmRub21wZW8yZk0yZWNwLUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBeHxlbAae7onesOXAmCsQCQAe11YbmR0U2M3LF5rUr/GQjHw6cF622 FCh1pl57pGF2m19CBayzu/FtZkRU4MbmC6+xeY7CjbzxKcIlJDPSPaUQC/Rr5NrX 1iYw99Tn0MaLQs3Hm0u6IbM5IjR60xcMeHtTPG5Gg3WJgx8Z8QaNfysUHqzHF9Sh UT7n0wugFyjwsDpvWAjo/uWMy5lPk8Evky3Kl4JVUeZe1izOUSfKn/+qNW4LXkXU c3vtFv0U3Tv9BBWbYSyz1MmBWj23Ut6nMuQyX3vM92bjiprDCAMHXzelmSJqxi3f TpW5tBwFmm3ZVmZXoHkAmkQwhy71oQnv -----END CERTIFICATE-----Generated at Sun Sep 7 14:17:22 2025 by rpki-client