$ rpki-client -vvf rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.mft File: Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.mft (raw, json) Hash identifier: YYjKSIvznOgaESoYmrpjd2V1HBrKV3TbGu3u5C/7MQk= Subject key identifier: B4:3A:57:E1:1B:E8:F7:F4:E9:F8:D1:2D:25:B1:3D:F4:6A:0A:7A:D8 Authority key identifier: 3A:CC:B6:95:39:AC:9F:42:88:BC:D0:F0:A5:42:50:D5:92:F5:40:D4 Certificate issuer: /CN=A91F0EBF/serialNumber=3ACCB69539AC9F4288BCD0F0A54250D592F540D4 Certificate serial: 220C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.mft Manifest number: 21CA Signing time: Mon 08 Sep 2025 15:53:11 +0000 Manifest this update: Mon 08 Sep 2025 15:53:11 +0000 Manifest next update: Mon 15 Sep 2025 15:53:11 +0000 Files and hashes: 1: Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.crl (hash: iwmdlYWPmJXkRV+VSnEo8boVO8js2uyeUrJOEtpBD/8=) 2: 5F649D88F27E11EE8704D12FC4F9AE02.roa (hash: 1ES+epsnD/DNY/mamto14c9DZbko73ok/bvGYlpnZRA=) 3: 5EDC2B56F27E11EE8704D12FC4F9AE02.roa (hash: RV1/DDfUdeMeAI1f60SGG8y1uSkd4aEtHJsKEOkYdXA=) 4: 586B33AEF44611EBA78C117AC4F9AE02.roa (hash: xubGUlPUlNCBLJe5+NADMrf4YV/wbfCmoqj7rhjCN20=) 5: 5480D316764D11EA8CB5C039C4F9AE02.roa (hash: ftobPRBcc8wlVTCOH3GxCPMFHQM9ebuoV2KFpLluNR4=) 6: 11DE1CDA467611EC988CDC09C4F9AE02.roa (hash: RArCcLO/kSE5acBXMMlQcl8HS4RV4DSQfZAIgouxT+4=) 7: A73C0BF6D93511E6B2617F7BC4F9AE02.roa (hash: 8McChURwVN9JYUVHRVTAHRcHa/Hxc6L3gNtxVyOyx0g=) 8: 63BFE4C0292811EEAF894530C4F9AE02.roa (hash: 4gXXPKgdGkdsiTu4Fh+U84K4r4ojzbdg0Z4yEj+nXpA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.crl rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 15 Sep 2025 15:47:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8716 (0x220c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F0EBF, serialNumber=3ACCB69539AC9F4288BCD0F0A54250D592F540D4 Validity Not Before: Sep 8 15:53:11 2025 GMT Not After : Sep 15 15:53:11 2025 GMT Subject: CN=68befbe7-df20 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:a8:03:d6:98:9f:58:35:16:89:70:e6:d2:b1: 82:15:0f:32:d3:41:79:f0:50:2c:4a:1a:2d:a0:61: 6d:9f:a1:48:40:d6:04:4b:9c:27:0f:92:4d:d7:c4: ed:25:8e:07:63:7c:aa:22:a7:ff:94:1b:30:43:b1: a4:18:cb:4b:04:e5:73:a0:93:93:91:a9:85:1f:2e: c1:9d:62:4f:8c:f3:81:6b:29:46:2c:61:28:fb:96: 25:51:d7:1e:13:79:24:19:f3:b3:bb:1d:82:64:66: d4:f1:76:cc:d3:1c:1a:f8:e4:c3:23:8e:0c:12:79: 48:a5:bc:f9:23:0e:59:8c:6d:56:00:1b:51:26:51: 71:a9:67:16:36:a2:75:2d:d5:92:34:90:4c:0b:b4: 41:db:a4:af:24:e2:69:cb:72:ec:8a:55:3b:fd:97: 94:39:9d:8c:2e:df:98:91:02:4c:b4:60:ad:f1:c4: 47:82:59:4b:39:e4:a5:d3:95:35:ae:5c:4c:f7:66: db:5b:d1:ac:dc:cb:9c:48:48:d3:a9:2d:d4:bd:97: 47:99:d3:6d:9e:a1:69:6d:78:22:a9:1f:5e:e0:b0: 45:34:20:30:8d:b8:fe:b6:d8:87:1d:75:3a:2c:78: 26:a1:a2:d2:64:c2:33:66:2e:dd:6e:fe:3c:d0:a5: d8:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:3A:57:E1:1B:E8:F7:F4:E9:F8:D1:2D:25:B1:3D:F4:6A:0A:7A:D8 X509v3 Authority Key Identifier: keyid:3A:CC:B6:95:39:AC:9F:42:88:BC:D0:F0:A5:42:50:D5:92:F5:40:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8c:71:a1:66:13:0e:f7:8c:e4:00:74:a9:ea:17:93:af:57:95: 5c:7f:f4:d1:fc:89:5b:ec:34:53:a5:cf:e3:5f:04:51:68:4a: 6c:d4:77:01:80:e1:66:9c:cf:f9:a5:8d:0c:0c:98:9f:e6:5d: 79:62:bc:5d:74:15:b3:e4:c1:ea:82:c8:77:5e:13:a4:4b:e8: 33:1d:f9:57:a1:a1:ac:43:7d:52:49:2d:67:75:b1:a0:a7:8d: 18:45:c9:a2:70:c4:04:f0:ba:43:ef:df:c9:2f:4a:0c:93:03: b6:1a:be:b3:e5:ee:df:f5:be:20:2b:a6:72:85:33:31:1d:18: c7:5f:eb:61:8b:12:93:1d:91:a8:48:63:b4:c4:af:24:df:75: 1e:05:99:d6:86:75:7e:62:65:13:b6:40:29:3f:e3:72:7a:85: f9:88:03:d6:17:77:18:bd:7d:1a:17:d0:4f:77:3e:23:b5:3c: dd:e4:a7:12:f2:3f:b2:ee:57:fd:a7:f7:60:dd:4f:5b:bf:3a: 3e:9e:95:8d:45:69:68:80:84:cf:b2:d0:f9:82:2c:ab:da:1f: 6e:71:57:fb:eb:9a:94:7a:cc:bd:31:03:69:af:03:4b:b5:91: a3:04:b0:b5:83:7e:b9:e5:31:40:58:d6:59:89:f1:71:3c:dd: ed:ee:c4:a5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICIgwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjBFQkYxMTAvBgNVBAUTKDNBQ0NCNjk1MzlBQzlGNDI4OEJDRDBGMEE1NDI1MEQ1 OTJGNTQwRDQwHhcNMjUwOTA4MTU1MzExWhcNMjUwOTE1MTU1MzExWjAYMRYwFAYD VQQDEw02OGJlZmJlNy1kZjIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArqgD1pifWDUWiXDm0rGCFQ8y00F58FAsShotoGFtn6FIQNYES5wnD5JN18Tt JY4HY3yqIqf/lBswQ7GkGMtLBOVzoJOTkamFHy7BnWJPjPOBaylGLGEo+5YlUdce E3kkGfOzux2CZGbU8XbM0xwa+OTDI44MEnlIpbz5Iw5ZjG1WABtRJlFxqWcWNqJ1 LdWSNJBMC7RB26SvJOJpy3LsilU7/ZeUOZ2MLt+YkQJMtGCt8cRHgllLOeSl05U1 rlxM92bbW9Gs3MucSEjTqS3UvZdHmdNtnqFpbXgiqR9e4LBFNCAwjbj+ttiHHXU6 LHgmoaLSZMIzZi7dbv480KXYQQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLQ6V+Eb 6Pf06fjRLSWxPfRqCnrYMB8GA1UdIwQYMBaAFDrMtpU5rJ9CiLzQ8KVCUNWS9UDU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMEVCRi81Rjg0RDdEOERC ODAxMUU1OUFCN0VEMUVDNEY5QUUwMi9Pc3kybFRtc24wS0l2TkR3cFVKUTFaTDFR TlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09zeTJsVG1zbjBLSXZORHdwVUpRMVpMMVFOUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MEVCRi81Rjg0RDdEOERCODAxMUU1OUFCN0VEMUVDNEY5QUUwMi9Pc3kybFRtc24w S0l2TkR3cFVKUTFaTDFRTlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCMcaFmEw73jOQAdKnqF5OvV5Vcf/TR/Ilb7DRTpc/jXwRRaEps1HcB gOFmnM/5pY0MDJif5l15YrxddBWz5MHqgsh3XhOkS+gzHflXoaGsQ31SSS1ndbGg p40YRcmicMQE8LpD79/JL0oMkwO2Gr6z5e7f9b4gK6ZyhTMxHRjHX+thixKTHZGo SGO0xK8k33UeBZnWhnV+YmUTtkApP+NyeoX5iAPWF3cYvX0aF9BPdz4jtTzd5KcS 8j+y7lf9p/dg3U9bvzo+npWNRWlogITPstD5giyr2h9ucVf765qUesy9MQNprwNL tZGjBLC1g3655TFAWNZZifFxPN3t7sSl -----END CERTIFICATE-----Generated at Mon Sep 8 17:40:28 2025 by rpki-client