$ rpki-client -vvf rpki.apnic.net/member_repository/A9158547/B38668E492A511EE8CD95B1EC4F9AE02/oNZvEXVTOiOoUulRUGXIWjOec4Y.mft File: oNZvEXVTOiOoUulRUGXIWjOec4Y.mft (raw, json) Hash identifier: QnkEFg9uHcq3qHaahf1gd4gzF7eOKfhz1aAP5L7fhSk= Subject key identifier: 19:41:07:08:7D:BB:21:84:B4:7D:2B:69:72:58:AF:B0:F3:98:1D:BE Authority key identifier: A0:D6:6F:11:75:53:3A:23:A8:52:E9:51:50:65:C8:5A:33:9E:73:86 Certificate issuer: /CN=A9158547/serialNumber=A0D66F1175533A23A852E9515065C85A339E7386 Certificate serial: 0122 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oNZvEXVTOiOoUulRUGXIWjOec4Y.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9158547/B38668E492A511EE8CD95B1EC4F9AE02/oNZvEXVTOiOoUulRUGXIWjOec4Y.mft Manifest number: 0120 Signing time: Thu 19 Jun 2025 04:07:27 +0000 Manifest this update: Thu 19 Jun 2025 04:07:26 +0000 Manifest next update: Thu 26 Jun 2025 04:07:26 +0000 Files and hashes: 1: oNZvEXVTOiOoUulRUGXIWjOec4Y.crl (hash: 6mPKWyp8JVwhxOFFn8KLUlLa5FAJuv/FcDXFq0XIpBY=) 2: 6E7BFE7092A611EEBD5D8720C4F9AE02.roa (hash: nLAI2KpHv4yGG3LNJRHSRrSrOVvhwD5I70+pJLgB34A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9158547/B38668E492A511EE8CD95B1EC4F9AE02/oNZvEXVTOiOoUulRUGXIWjOec4Y.crl rsync://rpki.apnic.net/member_repository/A9158547/B38668E492A511EE8CD95B1EC4F9AE02/oNZvEXVTOiOoUulRUGXIWjOec4Y.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oNZvEXVTOiOoUulRUGXIWjOec4Y.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 26 Jun 2025 04:07:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 290 (0x122) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9158547, serialNumber=A0D66F1175533A23A852E9515065C85A339E7386 Validity Not Before: Jun 19 04:07:26 2025 GMT Not After : Jun 26 04:07:26 2025 GMT Subject: CN=68538cfe-1ab1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:f4:29:51:33:90:21:55:80:2f:b6:60:6b:50: 21:e7:bb:c9:fb:3f:30:7d:95:7e:1f:ad:ad:ba:4e: ea:9d:66:4c:61:01:d1:d6:25:2a:6e:3b:68:d6:f7: 3a:78:ee:ec:2e:b2:40:8f:fb:5e:81:d0:95:bb:9e: 8a:aa:df:51:9d:20:2b:27:bb:3c:e1:ac:c3:6f:c6: e6:4c:89:7a:d0:97:37:8a:86:04:bb:32:22:13:bb: 69:50:29:1a:d6:0b:fd:90:42:e0:71:d5:2c:61:ad: fe:83:f5:5c:eb:0d:ac:b7:4d:fa:f3:e1:9a:cc:1f: 9a:bd:5b:db:d4:8e:43:aa:38:67:5b:1f:22:57:a0: c7:58:6a:39:57:92:3b:c2:ea:f3:7a:30:c1:b7:5d: 50:b3:2f:02:a3:b0:af:42:5a:2c:24:ae:0a:e7:af: 5f:4d:93:04:7f:00:71:b4:9c:dc:d1:98:ac:0b:91: fb:f6:4b:8f:a4:5f:3f:28:26:41:b1:0d:2c:63:7e: c2:21:3c:ea:eb:48:94:33:de:1c:89:c9:4c:a6:68: 1c:c7:94:31:56:d2:f8:cb:0f:88:c6:9c:a6:7f:ac: 6f:e9:46:fe:0e:ca:c3:25:89:c4:69:92:76:82:d8: 27:aa:db:98:b2:b9:17:6c:c0:f8:77:17:21:7c:99: 20:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:41:07:08:7D:BB:21:84:B4:7D:2B:69:72:58:AF:B0:F3:98:1D:BE X509v3 Authority Key Identifier: keyid:A0:D6:6F:11:75:53:3A:23:A8:52:E9:51:50:65:C8:5A:33:9E:73:86 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9158547/B38668E492A511EE8CD95B1EC4F9AE02/oNZvEXVTOiOoUulRUGXIWjOec4Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oNZvEXVTOiOoUulRUGXIWjOec4Y.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158547/B38668E492A511EE8CD95B1EC4F9AE02/oNZvEXVTOiOoUulRUGXIWjOec4Y.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 17:23:03:b8:8e:f0:de:91:07:53:20:d1:eb:7c:f1:b7:d0:0e: 87:35:bd:a8:4b:c6:38:90:a8:0c:52:7e:e1:0d:2d:31:af:ef: 6f:17:8b:89:b6:ed:63:bf:8c:58:89:e1:d6:1b:20:b9:40:d2: cf:17:19:51:3b:a9:96:0e:85:68:be:23:fd:2f:a5:8c:bf:93: e5:93:aa:6b:7d:1c:5b:95:c7:cb:84:ef:cc:a9:b2:e2:a9:c0: 74:c4:df:11:f0:3c:b2:b9:f8:6d:15:a1:7f:eb:4d:9e:8b:12: 6c:e8:e7:8a:25:e1:2b:3a:00:b9:ed:84:96:25:ba:18:c5:a7: 05:b0:9a:16:8e:94:6a:dd:e9:74:7c:07:b8:1c:e4:bc:59:8c: 51:d0:28:b7:7d:84:01:f9:69:3d:a9:8d:1d:57:73:11:6a:ab: 26:cc:9e:58:89:1d:6c:0c:3a:ef:72:8d:dd:45:66:a5:f4:e2: bc:4d:14:d3:0d:a7:5d:6f:f5:50:3c:fd:da:74:1d:1c:ec:bb: 68:8f:74:4c:fc:60:18:5f:a3:a9:9c:9f:d9:73:bd:a5:cd:68: 08:a8:60:f6:43:44:e7:2b:e6:2c:e2:7f:89:c7:82:5f:a9:f4: bd:eb:89:5f:18:2a:58:5a:9f:1e:79:b9:ea:db:1b:8a:45:5e: dd:6d:6c:dd -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTg1NDcxMTAvBgNVBAUTKEEwRDY2RjExNzU1MzNBMjNBODUyRTk1MTUwNjVDODVB MzM5RTczODYwHhcNMjUwNjE5MDQwNzI2WhcNMjUwNjI2MDQwNzI2WjAYMRYwFAYD VQQDEw02ODUzOGNmZS0xYWIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsvQpUTOQIVWAL7Zga1Ah57vJ+z8wfZV+H62tuk7qnWZMYQHR1iUqbjto1vc6 eO7sLrJAj/tegdCVu56Kqt9RnSArJ7s84azDb8bmTIl60Jc3ioYEuzIiE7tpUCka 1gv9kELgcdUsYa3+g/Vc6w2st0368+GazB+avVvb1I5DqjhnWx8iV6DHWGo5V5I7 wurzejDBt11Qsy8Co7CvQlosJK4K569fTZMEfwBxtJzc0ZisC5H79kuPpF8/KCZB sQ0sY37CITzq60iUM94ciclMpmgcx5QxVtL4yw+Ixpymf6xv6Ub+DsrDJYnEaZJ2 gtgnqtuYsrkXbMD4dxchfJkgbwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBlBBwh9 uyGEtH0raXJYr7DzmB2+MB8GA1UdIwQYMBaAFKDWbxF1UzojqFLpUVBlyFoznnOG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODU0Ny9CMzg2NjhFNDky QTUxMUVFOENEOTVCMUVDNEY5QUUwMi9vTlp2RVhWVE9pT29VdWxSVUdYSVdqT2Vj NFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29OWnZFWFZUT2lPb1V1bFJVR1hJV2pPZWM0WS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 ODU0Ny9CMzg2NjhFNDkyQTUxMUVFOENEOTVCMUVDNEY5QUUwMi9vTlp2RVhWVE9p T29VdWxSVUdYSVdqT2VjNFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAXIwO4jvDekQdTINHrfPG30A6HNb2oS8Y4kKgMUn7hDS0xr+9vF4uJ tu1jv4xYieHWGyC5QNLPFxlRO6mWDoVoviP9L6WMv5Plk6prfRxblcfLhO/MqbLi qcB0xN8R8DyyufhtFaF/602eixJs6OeKJeErOgC57YSWJboYxacFsJoWjpRq3el0 fAe4HOS8WYxR0Ci3fYQB+Wk9qY0dV3MRaqsmzJ5YiR1sDDrvco3dRWal9OK8TRTT Daddb/VQPP3adB0c7Ltoj3RM/GAYX6OpnJ/Zc72lzWgIqGD2Q0TnK+Ys4n+Jx4Jf qfS964lfGCpYWp8eebnq2xuKRV7dbWzd -----END CERTIFICATE-----Generated at Fri Jun 20 09:36:46 2025 by rpki-client