$ rpki-client -vvf rpki.apnic.net/member_repository/A91435F3/9B5DB5EA50A811EEB6DE093FC4F9AE02/khO1BHpA8jx8YASA5tqnoc9_oug.mft File: khO1BHpA8jx8YASA5tqnoc9_oug.mft (raw, json) Hash identifier: sWq+IL4+rP5VFw9uil4/eJ8sBRfsE0ABPPTkdI6BzVE= Subject key identifier: 1A:2E:5D:25:F2:5B:3D:AD:F1:9C:7D:B7:4C:38:7D:37:88:B4:61:4B Authority key identifier: 92:13:B5:04:7A:40:F2:3C:7C:60:04:80:E6:DA:A7:A1:CF:7F:A2:E8 Certificate issuer: /CN=A91435F3/serialNumber=9213B5047A40F23C7C600480E6DAA7A1CF7FA2E8 Certificate serial: 0165 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/khO1BHpA8jx8YASA5tqnoc9_oug.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91435F3/9B5DB5EA50A811EEB6DE093FC4F9AE02/khO1BHpA8jx8YASA5tqnoc9_oug.mft Manifest number: 0163 Signing time: Thu 07 Aug 2025 04:24:01 +0000 Manifest this update: Thu 07 Aug 2025 04:24:00 +0000 Manifest next update: Thu 14 Aug 2025 04:24:00 +0000 Files and hashes: 1: khO1BHpA8jx8YASA5tqnoc9_oug.crl (hash: kZ5UhgvHsi9o0+jQBc3dJoBlnLsHSsK0sIhoWGN5NYo=) 2: 4E18682450A911EEA39AAE41C4F9AE02.roa (hash: z3jylC3bOFS/QeMNqO6FEMdonfOGPmCY4+yy8XOk4xo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91435F3/9B5DB5EA50A811EEB6DE093FC4F9AE02/khO1BHpA8jx8YASA5tqnoc9_oug.crl rsync://rpki.apnic.net/member_repository/A91435F3/9B5DB5EA50A811EEB6DE093FC4F9AE02/khO1BHpA8jx8YASA5tqnoc9_oug.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/khO1BHpA8jx8YASA5tqnoc9_oug.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 04:23:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 357 (0x165) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91435F3, serialNumber=9213B5047A40F23C7C600480E6DAA7A1CF7FA2E8 Validity Not Before: Aug 7 04:24:00 2025 GMT Not After : Aug 14 04:24:00 2025 GMT Subject: CN=68942a60-4ebc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:8b:4b:21:e0:4d:69:c2:d3:76:b3:bf:9b:eb: 10:b3:cb:0b:2d:fc:38:98:23:b2:25:e0:40:5a:31: f7:91:11:eb:82:1c:a8:f8:9b:1f:b5:2d:7e:7b:ed: 32:65:91:93:8c:85:54:37:e5:67:b1:d5:c3:c5:85: d5:2f:48:ca:9e:ca:e6:df:15:7a:11:26:83:23:63: 82:c5:fd:fe:ba:15:bd:3b:57:39:9f:b2:38:29:5b: 95:28:99:0b:89:a9:b8:af:da:9b:2a:f0:86:c7:42: b9:91:9d:69:b3:eb:bc:a1:21:02:3d:b7:65:ed:df: 03:33:4a:37:fe:75:c1:c5:33:2e:fe:2d:51:2b:34: 6d:1a:bd:60:f9:27:6a:85:8a:1f:07:0e:2f:5d:9a: de:f9:32:86:96:79:31:6e:6e:66:1c:1f:68:ff:b3: 54:63:62:fe:20:c6:a5:b4:5d:61:d5:e8:5c:5d:21: 76:1c:9f:72:97:a3:cc:6a:ab:e0:cf:5d:63:28:28: 66:a8:4e:42:8f:21:81:f2:e0:0f:74:5a:82:d1:14: 53:3f:f8:4d:0a:d5:55:28:b7:6f:8c:4c:f0:e7:c7: 87:72:ef:1c:32:d6:06:38:dd:59:60:18:6e:c9:3b: da:cc:39:be:e2:36:33:8b:4e:b7:12:b7:2f:89:76: e3:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:2E:5D:25:F2:5B:3D:AD:F1:9C:7D:B7:4C:38:7D:37:88:B4:61:4B X509v3 Authority Key Identifier: keyid:92:13:B5:04:7A:40:F2:3C:7C:60:04:80:E6:DA:A7:A1:CF:7F:A2:E8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91435F3/9B5DB5EA50A811EEB6DE093FC4F9AE02/khO1BHpA8jx8YASA5tqnoc9_oug.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/khO1BHpA8jx8YASA5tqnoc9_oug.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91435F3/9B5DB5EA50A811EEB6DE093FC4F9AE02/khO1BHpA8jx8YASA5tqnoc9_oug.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a9:67:37:00:c6:3e:91:ec:cd:56:da:04:99:89:fc:2a:98:2f: 7a:3e:bd:18:53:d2:4b:5a:82:d6:c9:a7:1a:4a:e2:2d:41:49: da:bd:e6:6f:80:c4:d3:7d:0e:0a:dd:34:9e:bd:02:7c:51:95: 48:50:b5:e9:cf:6f:5e:36:e1:21:49:2b:6d:1e:c5:31:3c:3c: e8:26:81:20:6d:90:7d:43:98:93:64:f3:26:be:c5:97:82:e5: 10:81:54:05:78:45:49:2a:db:bd:cb:0d:b0:d1:b1:39:f2:41: 3c:d5:b8:fd:f1:eb:58:92:37:95:1a:ce:f9:2f:a8:82:22:b5: da:89:75:2d:85:7c:d3:cd:e9:78:84:92:4f:30:eb:15:20:13: 47:4e:7d:a1:21:57:cb:c9:bb:f4:86:f0:ab:ca:96:28:b3:bb: ce:38:56:5c:4a:a5:24:72:b5:cd:f9:3c:57:d7:da:bb:28:00: 2e:62:84:13:ab:6d:06:48:c1:63:7f:59:8d:15:de:48:22:c4: 25:b0:3c:53:39:44:b8:3b:37:9e:af:5d:39:6e:87:af:86:f0: 61:20:a3:f6:6e:bc:f2:81:25:78:94:8b:3c:44:52:40:95:3d: cd:8f:e6:e3:f3:a9:72:b9:44:d5:2e:47:6b:76:1d:a8:23:a9: 67:17:ec:92 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAWUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDM1RjMxMTAvBgNVBAUTKDkyMTNCNTA0N0E0MEYyM0M3QzYwMDQ4MEU2REFBN0Ex Q0Y3RkEyRTgwHhcNMjUwODA3MDQyNDAwWhcNMjUwODE0MDQyNDAwWjAYMRYwFAYD VQQDEw02ODk0MmE2MC00ZWJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArItLIeBNacLTdrO/m+sQs8sLLfw4mCOyJeBAWjH3kRHrghyo+JsftS1+e+0y ZZGTjIVUN+VnsdXDxYXVL0jKnsrm3xV6ESaDI2OCxf3+uhW9O1c5n7I4KVuVKJkL iam4r9qbKvCGx0K5kZ1ps+u8oSECPbdl7d8DM0o3/nXBxTMu/i1RKzRtGr1g+Sdq hYofBw4vXZre+TKGlnkxbm5mHB9o/7NUY2L+IMaltF1h1ehcXSF2HJ9yl6PMaqvg z11jKChmqE5CjyGB8uAPdFqC0RRTP/hNCtVVKLdvjEzw58eHcu8cMtYGON1ZYBhu yTvazDm+4jYzi063ErcviXbj4QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBouXSXy Wz2t8Zx9t0w4fTeItGFLMB8GA1UdIwQYMBaAFJITtQR6QPI8fGAEgObap6HPf6Lo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MzVGMy85QjVEQjVFQTUw QTgxMUVFQjZERTA5M0ZDNEY5QUUwMi9raE8xQkhwQThqeDhZQVNBNXRxbm9jOV9v dWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2toTzFCSHBBOGp4OFlBU0E1dHFub2M5X291Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 MzVGMy85QjVEQjVFQTUwQTgxMUVFQjZERTA5M0ZDNEY5QUUwMi9raE8xQkhwQThq eDhZQVNBNXRxbm9jOV9vdWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCpZzcAxj6R7M1W2gSZifwqmC96Pr0YU9JLWoLWyacaSuItQUnaveZv gMTTfQ4K3TSevQJ8UZVIULXpz29eNuEhSSttHsUxPDzoJoEgbZB9Q5iTZPMmvsWX guUQgVQFeEVJKtu9yw2w0bE58kE81bj98etYkjeVGs75L6iCIrXaiXUthXzTzel4 hJJPMOsVIBNHTn2hIVfLybv0hvCrypYos7vOOFZcSqUkcrXN+TxX19q7KAAuYoQT q20GSMFjf1mNFd5IIsQlsDxTOUS4Ozeer105boevhvBhIKP2brzygSV4lIs8RFJA lT3Nj+bj86lyuUTVLkdrdh2oI6lnF+yS -----END CERTIFICATE-----Generated at Fri Aug 8 20:45:31 2025 by rpki-client