$ rpki-client -vvf rpki.apnic.net/member_repository/A9123AB4/1FB040A0B17411E68EC88518C4F9AE02/OGxcstbg7GFBrrc_STUhsFIKPPo.mft File: OGxcstbg7GFBrrc_STUhsFIKPPo.mft (raw, json) Hash identifier: wx7oF1idRWSMUDf/to/GTWmjn1dmUsly71+3Hc83s04= Subject key identifier: 51:4D:32:70:95:8C:E7:40:46:0B:B4:C9:F9:C4:13:49:94:95:5F:AF Authority key identifier: 38:6C:5C:B2:D6:E0:EC:61:41:AE:B7:3F:49:35:21:B0:52:0A:3C:FA Certificate issuer: /CN=A9123AB4/serialNumber=386C5CB2D6E0EC6141AEB73F493521B0520A3CFA Certificate serial: 1D47 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OGxcstbg7GFBrrc_STUhsFIKPPo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9123AB4/1FB040A0B17411E68EC88518C4F9AE02/OGxcstbg7GFBrrc_STUhsFIKPPo.mft Manifest number: 1D3A Signing time: Sat 14 Jun 2025 16:06:28 +0000 Manifest this update: Sat 14 Jun 2025 16:06:27 +0000 Manifest next update: Sat 21 Jun 2025 16:06:27 +0000 Files and hashes: 1: OGxcstbg7GFBrrc_STUhsFIKPPo.crl (hash: rJrrB9gGCc4k8s3TysDP3HcO4mhXn0pwJ+qFzj5fpy4=) 2: DE5B018C8D8B11EBB959991DC4F9AE02.roa (hash: jfTk7qLtFGzciF3MjfSmzCLIXIS5E+uoDhIbl0HSies=) 3: DD9C07828D8B11EBB959991DC4F9AE02.roa (hash: gqOrlTvQP7NE8QcpWskAg9stXohxZ5iMQQauxzl2p0w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9123AB4/1FB040A0B17411E68EC88518C4F9AE02/OGxcstbg7GFBrrc_STUhsFIKPPo.crl rsync://rpki.apnic.net/member_repository/A9123AB4/1FB040A0B17411E68EC88518C4F9AE02/OGxcstbg7GFBrrc_STUhsFIKPPo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OGxcstbg7GFBrrc_STUhsFIKPPo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 16:06:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7495 (0x1d47) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9123AB4, serialNumber=386C5CB2D6E0EC6141AEB73F493521B0520A3CFA Validity Not Before: Jun 14 16:06:27 2025 GMT Not After : Jun 21 16:06:27 2025 GMT Subject: CN=684d9e04-75be Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:15:83:df:2e:8c:6c:32:f6:07:b4:e0:0f:1d: ca:07:60:bb:cf:ac:4a:33:28:8a:73:80:5c:63:65: cf:2d:87:76:c3:50:d6:04:8e:04:f6:54:85:b8:74: 17:eb:eb:5a:20:74:f9:a7:38:a5:2c:4d:11:2b:fb: 43:34:b7:5b:92:1f:41:4e:0a:f8:a9:85:31:90:61: ac:26:1c:c1:87:42:51:b8:5b:9b:90:96:eb:1d:b9: ba:a8:5d:16:da:e3:1c:5d:8c:d0:b4:a5:ad:f3:59: 77:fe:db:7a:6a:55:e9:8b:7a:c7:96:83:ac:86:78: a5:d0:54:f4:9e:40:f2:07:3e:93:66:f1:08:be:e3: 91:93:e8:06:f7:8d:f6:72:e7:2e:be:a0:e9:29:19: 90:4c:cf:c0:6b:79:cd:dd:7f:72:b1:56:27:24:12: 30:9a:f4:f6:96:e5:63:e7:40:eb:e9:c9:e4:11:5e: e0:26:41:21:d6:24:51:43:4f:d6:8d:e5:3f:1d:4b: ee:8f:aa:f4:83:74:8b:4d:bf:60:d9:aa:c9:22:a2: 3f:69:46:09:5f:48:c8:cc:1c:76:7f:3e:a4:ed:c3: 2d:25:2d:c7:b3:a7:3e:42:c3:71:c0:00:31:6f:b5: 7f:31:23:26:31:f1:f8:e5:e9:53:52:17:e8:86:fc: 9c:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:4D:32:70:95:8C:E7:40:46:0B:B4:C9:F9:C4:13:49:94:95:5F:AF X509v3 Authority Key Identifier: keyid:38:6C:5C:B2:D6:E0:EC:61:41:AE:B7:3F:49:35:21:B0:52:0A:3C:FA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9123AB4/1FB040A0B17411E68EC88518C4F9AE02/OGxcstbg7GFBrrc_STUhsFIKPPo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OGxcstbg7GFBrrc_STUhsFIKPPo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9123AB4/1FB040A0B17411E68EC88518C4F9AE02/OGxcstbg7GFBrrc_STUhsFIKPPo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7b:1d:8b:a5:e6:48:a0:95:27:bf:cc:f8:9a:02:88:bc:96:9e: 3d:2d:5c:61:15:21:bd:3a:67:15:95:50:b9:4c:42:d8:6a:a8: 6a:01:89:59:d9:26:c7:a5:2e:b4:63:9f:1e:86:8c:21:ab:86: 99:39:1e:78:47:b8:bf:1c:21:a6:97:17:8e:5f:46:56:91:19: c9:9e:5e:26:75:64:c6:74:9c:89:d9:6e:5e:ac:f8:4c:f6:76: 29:dc:c1:a2:11:ac:3f:9b:7a:7e:5c:ad:15:53:36:ea:16:c4: d9:ff:46:24:32:eb:09:40:a2:ee:a5:5f:57:19:f1:7f:d8:fd: 76:f6:20:42:85:73:85:cf:70:a8:04:1d:80:24:b1:a2:65:28: 3b:38:39:4e:c7:32:eb:b4:69:e3:ee:72:29:5f:5c:04:e3:88: 9d:75:e7:3e:d6:93:58:46:d8:5c:a4:45:17:6e:d3:14:68:b8: 76:54:ef:64:2f:ed:ae:e3:cc:d2:38:a6:17:3b:83:63:3b:3f: 09:57:a5:83:1f:ed:4f:e9:27:b5:c6:a0:22:77:00:f1:47:b7: aa:75:29:38:fe:42:72:65:3f:2c:70:63:44:24:1f:68:d6:60: 41:52:c0:b0:57:b5:5b:c4:70:b1:bd:40:71:af:bb:b5:09:f9: 7b:9a:27:d8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHUcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjNBQjQxMTAvBgNVBAUTKDM4NkM1Q0IyRDZFMEVDNjE0MUFFQjczRjQ5MzUyMUIw NTIwQTNDRkEwHhcNMjUwNjE0MTYwNjI3WhcNMjUwNjIxMTYwNjI3WjAYMRYwFAYD VQQDEw02ODRkOWUwNC03NWJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1xWD3y6MbDL2B7TgDx3KB2C7z6xKMyiKc4BcY2XPLYd2w1DWBI4E9lSFuHQX 6+taIHT5pzilLE0RK/tDNLdbkh9BTgr4qYUxkGGsJhzBh0JRuFubkJbrHbm6qF0W 2uMcXYzQtKWt81l3/tt6alXpi3rHloOshnil0FT0nkDyBz6TZvEIvuORk+gG9432 cucuvqDpKRmQTM/Aa3nN3X9ysVYnJBIwmvT2luVj50Dr6cnkEV7gJkEh1iRRQ0/W jeU/HUvuj6r0g3SLTb9g2arJIqI/aUYJX0jIzBx2fz6k7cMtJS3Hs6c+QsNxwAAx b7V/MSMmMfH45elTUhfohvycEwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFFNMnCV jOdARgu0yfnEE0mUlV+vMB8GA1UdIwQYMBaAFDhsXLLW4OxhQa63P0k1IbBSCjz6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyM0FCNC8xRkIwNDBBMEIx NzQxMUU2OEVDODg1MThDNEY5QUUwMi9PR3hjc3RiZzdHRkJycmNfU1RVaHNGSUtQ UG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09HeGNzdGJnN0dGQnJyY19TVFVoc0ZJS1BQby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy M0FCNC8xRkIwNDBBMEIxNzQxMUU2OEVDODg1MThDNEY5QUUwMi9PR3hjc3RiZzdH RkJycmNfU1RVaHNGSUtQUG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB7HYul5kiglSe/zPiaAoi8lp49LVxhFSG9OmcVlVC5TELYaqhqAYlZ 2SbHpS60Y58ehowhq4aZOR54R7i/HCGmlxeOX0ZWkRnJnl4mdWTGdJyJ2W5erPhM 9nYp3MGiEaw/m3p+XK0VUzbqFsTZ/0YkMusJQKLupV9XGfF/2P129iBChXOFz3Co BB2AJLGiZSg7ODlOxzLrtGnj7nIpX1wE44iddec+1pNYRthcpEUXbtMUaLh2VO9k L+2u48zSOKYXO4NjOz8JV6WDH+1P6Se1xqAidwDxR7eqdSk4/kJyZT8scGNEJB9o 1mBBUsCwV7VbxHCxvUBxr7u1Cfl7mifY -----END CERTIFICATE-----Generated at Sun Jun 15 09:42:33 2025 by rpki-client