$ rpki-client -vvf rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft File: O-7kvaWgSxBLHXLmAcMJONuktkQ.mft (raw, json) Hash identifier: 8d2DywpoqX2rOKYPgv8e6ua972p7O1E97rOwfd610fE= Subject key identifier: 8C:2C:91:14:0F:6C:FB:D8:F2:BC:86:E8:9D:CB:9A:BC:D5:60:4E:FA Authority key identifier: 3B:EE:E4:BD:A5:A0:4B:10:4B:1D:72:E6:01:C3:09:38:DB:A4:B6:44 Certificate issuer: /CN=A911D2A3/serialNumber=3BEEE4BDA5A04B104B1D72E601C30938DBA4B644 Certificate serial: 152D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O-7kvaWgSxBLHXLmAcMJONuktkQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft Manifest number: 1522 Signing time: Sun 10 Aug 2025 16:47:59 +0000 Manifest this update: Sun 10 Aug 2025 16:47:58 +0000 Manifest next update: Sun 17 Aug 2025 16:47:58 +0000 Files and hashes: 1: O-7kvaWgSxBLHXLmAcMJONuktkQ.crl (hash: arS1cIftIiC5h9bnRFYzK9pRmbzB14x0SXS3kEhYeQ8=) 2: D9EDB272C44C11ECA07C2D77C4F9AE02.roa (hash: +ky1f68JVI+WJMPyIx0Bvw2IHS7jWAofaiHUOQbQU/4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.crl rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O-7kvaWgSxBLHXLmAcMJONuktkQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5421 (0x152d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911D2A3, serialNumber=3BEEE4BDA5A04B104B1D72E601C30938DBA4B644 Validity Not Before: Aug 10 16:47:58 2025 GMT Not After : Aug 17 16:47:58 2025 GMT Subject: CN=6898cd3f-e832 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:8a:8c:c1:cc:cf:a2:96:6a:8d:04:11:5c:56: a7:ab:84:e4:fa:b0:68:73:a5:87:86:d5:79:d8:14: a0:4a:c3:cb:dd:2c:e0:da:22:38:ca:e4:5d:63:78: 04:ba:9b:a9:8d:61:e3:03:a3:e1:e7:51:c2:5e:9f: 27:ac:bb:27:ed:92:39:93:ac:c7:ce:14:5f:0a:c1: 63:a6:24:fe:e9:e0:a7:ba:be:2b:de:ea:d5:76:39: c6:a2:f5:46:60:b5:dd:47:35:3b:ab:c4:85:cf:ae: af:3a:4d:90:ba:e4:79:32:99:41:ae:82:12:5b:77: 38:b7:fb:83:9e:cc:5e:22:f9:1e:32:0e:bb:f4:0f: d5:af:29:86:3e:c7:b0:4e:fc:12:ee:51:b9:62:41: 09:1a:3c:80:bd:f8:f7:01:d0:68:8b:70:02:61:0a: e2:ea:d2:32:72:19:13:5d:9e:00:d4:dc:27:36:3a: e5:59:06:2b:1f:99:96:a0:09:c1:c0:16:0c:82:ae: 9a:ab:a3:bf:db:e0:49:c5:6d:0d:92:ec:1b:e4:a4: 97:ed:e1:97:20:03:fd:8b:86:ff:0b:cf:ed:70:04: 8e:97:ed:f9:af:49:70:f4:99:0b:f0:d6:36:20:4f: e5:b3:9e:a1:2f:1c:51:9b:7d:3d:5a:44:a1:e4:70: 2e:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:2C:91:14:0F:6C:FB:D8:F2:BC:86:E8:9D:CB:9A:BC:D5:60:4E:FA X509v3 Authority Key Identifier: keyid:3B:EE:E4:BD:A5:A0:4B:10:4B:1D:72:E6:01:C3:09:38:DB:A4:B6:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O-7kvaWgSxBLHXLmAcMJONuktkQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1d:e2:65:8c:13:d7:7b:3c:5b:31:9b:72:f7:14:a0:0c:26:b8: 03:29:73:92:16:2a:78:91:30:c8:7a:55:d0:08:21:b0:fc:26: da:46:61:11:e9:ac:b8:b3:73:56:5c:c5:60:0e:73:fb:51:5f: 8d:a6:ad:5f:b0:97:7b:03:68:37:da:26:ef:05:2e:d9:51:64: 93:d0:b3:6b:d7:dd:e0:7c:87:1b:3e:db:c7:ab:09:50:16:1a: 25:30:8f:4d:e0:25:1f:9b:16:fd:12:b1:bb:45:21:2d:bd:04: 9e:b8:e1:21:62:f1:7f:a7:36:47:09:80:ab:e4:f5:2e:20:75: 3c:30:67:44:75:79:76:0a:8a:20:31:10:b5:79:6f:39:dd:2f: 5f:ca:b2:2f:e6:e8:46:40:6d:df:29:2c:0e:3f:64:ac:fc:38: be:80:28:91:ef:db:77:6b:b8:d3:d0:d2:e4:b9:83:d8:b2:80: ec:22:79:22:be:86:1e:40:f4:0c:c4:a5:2a:ce:37:56:86:48: dc:91:25:16:72:73:f2:16:87:7f:36:a1:56:ba:8e:f6:ec:e0: 03:5d:af:2f:f8:cc:fc:f2:a3:b9:73:6e:06:89:bc:83:21:67: 9a:9f:75:3d:63:96:39:b3:d4:f8:04:67:35:9a:5c:1d:fc:7d: 13:31:6a:cb -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFS0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUQyQTMxMTAvBgNVBAUTKDNCRUVFNEJEQTVBMDRCMTA0QjFENzJFNjAxQzMwOTM4 REJBNEI2NDQwHhcNMjUwODEwMTY0NzU4WhcNMjUwODE3MTY0NzU4WjAYMRYwFAYD VQQDEw02ODk4Y2QzZi1lODMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4oqMwczPopZqjQQRXFanq4Tk+rBoc6WHhtV52BSgSsPL3Szg2iI4yuRdY3gE upupjWHjA6Ph51HCXp8nrLsn7ZI5k6zHzhRfCsFjpiT+6eCnur4r3urVdjnGovVG YLXdRzU7q8SFz66vOk2QuuR5MplBroISW3c4t/uDnsxeIvkeMg679A/VrymGPsew TvwS7lG5YkEJGjyAvfj3AdBoi3ACYQri6tIychkTXZ4A1NwnNjrlWQYrH5mWoAnB wBYMgq6aq6O/2+BJxW0Nkuwb5KSX7eGXIAP9i4b/C8/tcASOl+35r0lw9JkL8NY2 IE/ls56hLxxRm309WkSh5HAu/wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIwskRQP bPvY8ryG6J3LmrzVYE76MB8GA1UdIwQYMBaAFDvu5L2loEsQSx1y5gHDCTjbpLZE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDJBMy9GNkFDNjM4NjRF RkQxMUU4ODkyQjg2ODNDNEY5QUUwMi9PLTdrdmFXZ1N4QkxIWExtQWNNSk9OdWt0 a1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL08tN2t2YVdnU3hCTEhYTG1BY01KT051a3RrUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx RDJBMy9GNkFDNjM4NjRFRkQxMUU4ODkyQjg2ODNDNEY5QUUwMi9PLTdrdmFXZ1N4 QkxIWExtQWNNSk9OdWt0a1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAd4mWME9d7PFsxm3L3FKAMJrgDKXOSFip4kTDIelXQCCGw/CbaRmER 6ay4s3NWXMVgDnP7UV+Npq1fsJd7A2g32ibvBS7ZUWST0LNr193gfIcbPtvHqwlQ FholMI9N4CUfmxb9ErG7RSEtvQSeuOEhYvF/pzZHCYCr5PUuIHU8MGdEdXl2Coog MRC1eW853S9fyrIv5uhGQG3fKSwOP2Ss/Di+gCiR79t3a7jT0NLkuYPYsoDsInki voYeQPQMxKUqzjdWhkjckSUWcnPyFod/NqFWuo727OADXa8v+Mz88qO5c24GibyD IWean3U9Y5Y5s9T4BGc1mlwd/H0TMWrL -----END CERTIFICATE-----Generated at Mon Aug 11 07:53:29 2025 by rpki-client