$ rpki-client -vvf rpki.apnic.net/member_repository/A91847C2/B92BFAD405EB11EF956BD643C4F9AE02/OIX50v0IYCg7VTgfHE9KWjoe7z8.mft File: OIX50v0IYCg7VTgfHE9KWjoe7z8.mft (raw, json) Hash identifier: R/kIfAm2zo6KQWI+O/bZh1qt8NPsWKw8/decUbdgCJU= Subject key identifier: 21:0E:19:71:17:F2:9B:8D:91:1B:E7:7B:AE:FE:DA:11:F6:25:0B:4C Authority key identifier: 38:85:F9:D2:FD:08:60:28:3B:55:38:1F:1C:4F:4A:5A:3A:1E:EF:3F Certificate issuer: /CN=A91847C2/serialNumber=3885F9D2FD0860283B55381F1C4F4A5A3A1EEF3F Certificate serial: D4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OIX50v0IYCg7VTgfHE9KWjoe7z8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91847C2/B92BFAD405EB11EF956BD643C4F9AE02/OIX50v0IYCg7VTgfHE9KWjoe7z8.mft Manifest number: D2 Signing time: Fri 13 Jun 2025 04:35:41 +0000 Manifest this update: Fri 13 Jun 2025 04:35:40 +0000 Manifest next update: Fri 20 Jun 2025 04:35:40 +0000 Files and hashes: 1: OIX50v0IYCg7VTgfHE9KWjoe7z8.crl (hash: LPpMLi4m0n2D3RmsxgNcbyn4ogp/Gf5xX+inr/C/WWA=) 2: 744D8A1005EE11EF851FA42FC4F9AE02.roa (hash: g7/I1107TKCwjJnWd7arEQMGj8EBr7MRJOF1ZUaFXNI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91847C2/B92BFAD405EB11EF956BD643C4F9AE02/OIX50v0IYCg7VTgfHE9KWjoe7z8.crl rsync://rpki.apnic.net/member_repository/A91847C2/B92BFAD405EB11EF956BD643C4F9AE02/OIX50v0IYCg7VTgfHE9KWjoe7z8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OIX50v0IYCg7VTgfHE9KWjoe7z8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 20 Jun 2025 04:35:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 212 (0xd4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91847C2, serialNumber=3885F9D2FD0860283B55381F1C4F4A5A3A1EEF3F Validity Not Before: Jun 13 04:35:40 2025 GMT Not After : Jun 20 04:35:40 2025 GMT Subject: CN=684baa9d-9c6a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:f1:ef:8f:b2:32:4d:3c:5d:a2:13:23:ef:db: 48:a4:a7:4d:ae:48:ba:9d:97:35:59:07:55:c7:a0: 49:d4:65:7d:cc:93:a3:cf:70:2a:3f:9c:4b:7c:f6: e1:51:3b:1b:e2:f0:d1:96:e4:91:5e:73:cc:e6:dd: f0:2d:4f:00:8a:0a:69:22:c8:51:7f:20:9a:ee:5f: 6a:e4:63:86:cf:d9:e9:20:5c:3a:35:0d:3a:68:04: a8:52:10:66:31:e0:20:33:30:ae:a2:cf:bb:95:cc: 3d:8d:84:a6:23:5c:68:60:58:b6:82:41:45:87:6a: 78:3f:e8:a7:b1:9d:c2:48:47:13:9d:45:8d:f6:36: 54:50:e4:41:f7:42:1e:72:d6:47:7d:13:88:6a:11: b6:e4:52:37:ef:bb:d3:9a:5a:f4:8e:6c:c5:cd:1e: 47:d8:1d:7d:0a:56:64:f7:3c:32:62:c8:0c:9d:56: ce:82:aa:eb:b0:4e:b0:55:22:42:4d:af:6a:74:72: d9:69:b8:07:bc:00:b2:07:a3:d6:e1:2e:ad:d3:d4: 9a:ba:61:4a:2b:14:21:ea:96:1d:3d:ab:fe:d4:40: fa:5b:46:aa:45:3c:d7:df:e4:48:b8:91:c7:6c:d7: d3:0e:eb:de:be:ff:ec:5d:51:5a:1b:f0:ab:02:32: 4c:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:0E:19:71:17:F2:9B:8D:91:1B:E7:7B:AE:FE:DA:11:F6:25:0B:4C X509v3 Authority Key Identifier: keyid:38:85:F9:D2:FD:08:60:28:3B:55:38:1F:1C:4F:4A:5A:3A:1E:EF:3F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91847C2/B92BFAD405EB11EF956BD643C4F9AE02/OIX50v0IYCg7VTgfHE9KWjoe7z8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OIX50v0IYCg7VTgfHE9KWjoe7z8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91847C2/B92BFAD405EB11EF956BD643C4F9AE02/OIX50v0IYCg7VTgfHE9KWjoe7z8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 38:03:61:79:86:7a:31:b1:af:7a:c8:4b:ac:35:78:af:b0:cf: 1d:b2:1f:7e:65:f1:7a:7a:6d:a8:28:43:38:4c:2b:0a:d3:56: 51:01:3e:5e:68:8b:42:60:7e:54:67:6d:45:f7:6c:d9:fd:84: 32:36:ff:7a:9e:1c:2d:6f:bb:53:52:c7:ba:f3:d7:9c:d1:f1: bc:5f:9b:c9:7f:c9:86:80:7f:e2:8f:1e:6e:91:1f:3c:41:67: a6:96:10:02:8f:28:f7:5f:d7:c5:30:b1:cd:96:84:30:4b:f7: 2b:e0:84:48:3d:e5:79:f4:24:f9:48:18:d8:8b:2d:30:2b:c8: 05:26:fa:de:98:1c:5b:68:96:ab:91:44:ab:3f:f2:54:14:15: 1e:7c:ba:df:0b:a5:14:60:1b:a0:03:33:08:62:25:60:ec:4b: ca:e5:74:af:3c:3f:3a:4d:75:72:54:a8:99:8c:1b:b6:3f:a9: e2:96:11:ed:0a:25:e2:ec:59:df:1d:1f:0c:b9:35:38:62:59: 0f:30:50:ef:94:9a:29:c9:a1:6a:55:9c:c5:39:ba:0c:7a:16: 10:2c:5f:11:38:0e:31:f5:d7:d8:2f:be:49:4d:1e:d6:16:e6: 85:91:be:c3:45:7f:fe:42:9a:12:7a:79:46:d1:ad:ac:3d:b0: 65:79:df:a4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODQ3QzIxMTAvBgNVBAUTKDM4ODVGOUQyRkQwODYwMjgzQjU1MzgxRjFDNEY0QTVB M0ExRUVGM0YwHhcNMjUwNjEzMDQzNTQwWhcNMjUwNjIwMDQzNTQwWjAYMRYwFAYD VQQDEw02ODRiYWE5ZC05YzZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArPHvj7IyTTxdohMj79tIpKdNrki6nZc1WQdVx6BJ1GV9zJOjz3AqP5xLfPbh UTsb4vDRluSRXnPM5t3wLU8AigppIshRfyCa7l9q5GOGz9npIFw6NQ06aASoUhBm MeAgMzCuos+7lcw9jYSmI1xoYFi2gkFFh2p4P+insZ3CSEcTnUWN9jZUUORB90Ie ctZHfROIahG25FI377vTmlr0jmzFzR5H2B19ClZk9zwyYsgMnVbOgqrrsE6wVSJC Ta9qdHLZabgHvACyB6PW4S6t09SaumFKKxQh6pYdPav+1ED6W0aqRTzX3+RIuJHH bNfTDuvevv/sXVFaG/CrAjJMDwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCEOGXEX 8puNkRvne67+2hH2JQtMMB8GA1UdIwQYMBaAFDiF+dL9CGAoO1U4HxxPSlo6Hu8/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NDdDMi9COTJCRkFENDA1 RUIxMUVGOTU2QkQ2NDNDNEY5QUUwMi9PSVg1MHYwSVlDZzdWVGdmSEU5S1dqb2U3 ejguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09JWDUwdjBJWUNnN1ZUZ2ZIRTlLV2pvZTd6OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 NDdDMi9COTJCRkFENDA1RUIxMUVGOTU2QkQ2NDNDNEY5QUUwMi9PSVg1MHYwSVlD ZzdWVGdmSEU5S1dqb2U3ejgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA4A2F5hnoxsa96yEusNXivsM8dsh9+ZfF6em2oKEM4TCsK01ZRAT5e aItCYH5UZ21F92zZ/YQyNv96nhwtb7tTUse689ec0fG8X5vJf8mGgH/ijx5ukR88 QWemlhACjyj3X9fFMLHNloQwS/cr4IRIPeV59CT5SBjYiy0wK8gFJvremBxbaJar kUSrP/JUFBUefLrfC6UUYBugAzMIYiVg7EvK5XSvPD86TXVyVKiZjBu2P6nilhHt CiXi7FnfHR8MuTU4YlkPMFDvlJopyaFqVZzFOboMehYQLF8ROA4x9dfYL75JTR7W FuaFkb7DRX/+QpoSenlG0a2sPbBled+k -----END CERTIFICATE-----Generated at Sat Jun 14 17:43:27 2025 by rpki-client