$ rpki-client -vvf rpki.apnic.net/member_repository/A91EC225/499FDF908E5511E980D09A42C4F9AE02/2OL6sVCi_VePZ-GbApZTmzdSyak.mft File: 2OL6sVCi_VePZ-GbApZTmzdSyak.mft (raw, json) Hash identifier: zqLoKGew3x0Qjco2dCbM1ax+Awf9bSyEwq/MtGovNDo= Subject key identifier: 77:EE:11:D3:B1:EA:95:0D:93:CC:C4:1F:9B:2B:2B:81:F3:D7:6C:E6 Authority key identifier: D8:E2:FA:B1:50:A2:FD:57:8F:67:E1:9B:02:96:53:9B:37:52:C9:A9 Certificate issuer: /CN=A91EC225/serialNumber=D8E2FAB150A2FD578F67E19B0296539B3752C9A9 Certificate serial: 0ED9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2OL6sVCi_VePZ-GbApZTmzdSyak.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EC225/499FDF908E5511E980D09A42C4F9AE02/2OL6sVCi_VePZ-GbApZTmzdSyak.mft Manifest number: 0ECF Signing time: Sun 24 Aug 2025 17:37:16 +0000 Manifest this update: Sun 24 Aug 2025 17:37:15 +0000 Manifest next update: Sun 31 Aug 2025 17:37:15 +0000 Files and hashes: 1: 2OL6sVCi_VePZ-GbApZTmzdSyak.crl (hash: ryGIIbhViAjcHxqzVsmvEG9c9aktHjQpZlXAVvgnE8I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EC225/499FDF908E5511E980D09A42C4F9AE02/2OL6sVCi_VePZ-GbApZTmzdSyak.crl rsync://rpki.apnic.net/member_repository/A91EC225/499FDF908E5511E980D09A42C4F9AE02/2OL6sVCi_VePZ-GbApZTmzdSyak.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2OL6sVCi_VePZ-GbApZTmzdSyak.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 31 Aug 2025 17:37:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3801 (0xed9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EC225, serialNumber=D8E2FAB150A2FD578F67E19B0296539B3752C9A9 Validity Not Before: Aug 24 17:37:15 2025 GMT Not After : Aug 31 17:37:15 2025 GMT Subject: CN=68ab4dcb-bc10 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:e9:ec:10:1d:d4:02:04:9f:53:62:a5:dd:43: 52:ab:4d:4f:9f:2d:fc:59:89:ef:01:dd:80:9c:80: 11:89:12:bf:f0:e0:ed:7f:54:54:70:73:d3:3c:02: b4:e4:56:aa:eb:62:c3:fb:19:20:ec:2b:4d:20:9a: 5c:b9:fd:9d:fc:bf:76:61:80:a9:a7:42:27:3b:f3: da:a8:77:db:81:3a:11:57:ed:68:94:f4:3a:ad:28: c4:77:8c:c0:fb:47:a5:20:3a:c7:12:ac:c2:23:26: a8:0e:ec:08:eb:95:6d:3e:07:38:fe:3d:22:1b:96: 6f:89:05:27:cd:65:34:53:4a:e9:3f:f4:37:ef:25: 36:78:19:c8:b5:10:1e:7a:02:d3:d3:59:00:8a:99: 86:c4:0e:0f:7e:4a:7d:34:4d:d5:f8:8a:c5:25:a0: c7:42:2b:93:f7:60:71:c0:84:f2:6d:2d:0a:7f:a8: dc:0f:89:0a:0d:a6:f1:d6:5a:42:9f:57:41:39:bb: 1c:b0:88:60:1a:d5:fc:ab:5e:2e:de:b9:07:05:b6: 92:e5:2a:1d:49:11:8a:d6:8e:88:81:2e:2f:29:83: ed:ac:89:19:26:49:54:72:82:58:cb:53:66:8a:aa: f1:a9:95:6a:e9:9b:b0:a1:68:dd:93:ec:b3:18:54: 20:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:EE:11:D3:B1:EA:95:0D:93:CC:C4:1F:9B:2B:2B:81:F3:D7:6C:E6 X509v3 Authority Key Identifier: keyid:D8:E2:FA:B1:50:A2:FD:57:8F:67:E1:9B:02:96:53:9B:37:52:C9:A9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EC225/499FDF908E5511E980D09A42C4F9AE02/2OL6sVCi_VePZ-GbApZTmzdSyak.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2OL6sVCi_VePZ-GbApZTmzdSyak.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EC225/499FDF908E5511E980D09A42C4F9AE02/2OL6sVCi_VePZ-GbApZTmzdSyak.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption cc:d0:8c:eb:e8:89:77:1a:d6:2a:51:fc:06:42:e6:e9:0a:01: b0:0d:b3:50:af:d2:4d:ba:ce:5a:b8:96:1b:de:8b:e0:e4:b7: 1a:0a:c2:a8:d7:2d:e4:13:7c:85:39:3f:a6:1d:73:35:77:e7: cf:3c:c1:f7:1c:f4:e5:5c:c0:d0:e7:6e:f4:c8:9d:0c:8b:88: f0:ca:7e:d8:4b:2d:63:01:5c:1b:7c:11:d9:d0:71:28:e4:85: 26:6b:b0:d8:f9:77:43:f7:16:35:0a:11:54:24:ee:c4:af:ee: c9:18:8c:55:32:98:0d:4c:58:6b:f8:0f:ed:01:8d:a3:e8:22: 3f:f1:19:8a:b6:20:21:20:39:56:80:f1:7e:c9:01:14:d2:7b: ef:b5:5c:c0:00:22:29:96:e4:37:53:4d:d1:d1:91:8f:04:a2: a6:f8:55:0e:ed:f0:be:0b:82:ce:bd:b0:55:9d:5c:a5:f4:db: d8:e8:0b:98:d7:44:23:88:73:9d:c4:66:53:52:9b:b3:ef:e6: c5:95:7d:e0:9e:4c:45:83:cf:fb:44:d1:2f:4a:89:a4:ac:5d: ae:ec:0d:f7:d3:97:11:ea:9b:e4:6a:3a:a0:e9:0a:d5:0a:e6: 8e:be:87:e4:a0:b0:b2:98:ee:b5:6c:08:5c:67:60:b8:8a:22: 91:ee:92:8a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDtkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUMyMjUxMTAvBgNVBAUTKEQ4RTJGQUIxNTBBMkZENTc4RjY3RTE5QjAyOTY1MzlC Mzc1MkM5QTkwHhcNMjUwODI0MTczNzE1WhcNMjUwODMxMTczNzE1WjAYMRYwFAYD VQQDEw02OGFiNGRjYi1iYzEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwunsEB3UAgSfU2Kl3UNSq01Pny38WYnvAd2AnIARiRK/8ODtf1RUcHPTPAK0 5Faq62LD+xkg7CtNIJpcuf2d/L92YYCpp0InO/PaqHfbgToRV+1olPQ6rSjEd4zA +0elIDrHEqzCIyaoDuwI65VtPgc4/j0iG5ZviQUnzWU0U0rpP/Q37yU2eBnItRAe egLT01kAipmGxA4Pfkp9NE3V+IrFJaDHQiuT92BxwITybS0Kf6jcD4kKDabx1lpC n1dBObscsIhgGtX8q14u3rkHBbaS5SodSRGK1o6IgS4vKYPtrIkZJklUcoJYy1Nm iqrxqZVq6ZuwoWjdk+yzGFQgowIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHfuEdOx 6pUNk8zEH5srK4Hz12zmMB8GA1UdIwQYMBaAFNji+rFQov1Xj2fhmwKWU5s3Usmp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQzIyNS80OTlGREY5MDhF NTUxMUU5ODBEMDlBNDJDNEY5QUUwMi8yT0w2c1ZDaV9WZVBaLUdiQXBaVG16ZFN5 YWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJPTDZzVkNpX1ZlUFotR2JBcFpUbXpkU3lhay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QzIyNS80OTlGREY5MDhFNTUxMUU5ODBEMDlBNDJDNEY5QUUwMi8yT0w2c1ZDaV9W ZVBaLUdiQXBaVG16ZFN5YWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDM0Izr6Il3GtYqUfwGQubpCgGwDbNQr9JNus5auJYb3ovg5LcaCsKo 1y3kE3yFOT+mHXM1d+fPPMH3HPTlXMDQ5270yJ0Mi4jwyn7YSy1jAVwbfBHZ0HEo 5IUma7DY+XdD9xY1ChFUJO7Er+7JGIxVMpgNTFhr+A/tAY2j6CI/8RmKtiAhIDlW gPF+yQEU0nvvtVzAACIpluQ3U03R0ZGPBKKm+FUO7fC+C4LOvbBVnVyl9NvY6AuY 10QjiHOdxGZTUpuz7+bFlX3gnkxFg8/7RNEvSomkrF2u7A3305cR6pvkajqg6QrV CuaOvofkoLCymO61bAhcZ2C4iiKR7pKK -----END CERTIFICATE-----Generated at Sun Aug 24 21:33:08 2025 by rpki-client