$ rpki-client -vvf rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.mft File: Ok9ILhJcCNuDBRbVGkot8eCqiso.mft (raw, json) Hash identifier: A7J8CC1XZS9FmYRFPAD9ijDGApWv5d9Nod++FnJwhtM= Subject key identifier: 05:80:DC:09:16:D7:90:B3:37:25:D4:A6:4D:1C:51:B3:FF:05:F6:25 Authority key identifier: 3A:4F:48:2E:12:5C:08:DB:83:05:16:D5:1A:4A:2D:F1:E0:AA:8A:CA Certificate issuer: /CN=A918C158/serialNumber=3A4F482E125C08DB830516D51A4A2DF1E0AA8ACA Certificate serial: 0A75 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ok9ILhJcCNuDBRbVGkot8eCqiso.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.mft Manifest number: 0A70 Signing time: Sun 10 Aug 2025 19:39:07 +0000 Manifest this update: Sun 10 Aug 2025 19:39:07 +0000 Manifest next update: Sun 17 Aug 2025 19:39:07 +0000 Files and hashes: 1: Ok9ILhJcCNuDBRbVGkot8eCqiso.crl (hash: VGpHvajW2TpOn2pvyp7Yz3TUdPzfy0X8GbCWB2s3QTs=) 2: F25A6266796A11EB82E0EE24C4F9AE02.roa (hash: aNxxH/k6H9pUK4+Yh6tMJ5W3Dxa/fkGC+OopIVqyBEI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.crl rsync://rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ok9ILhJcCNuDBRbVGkot8eCqiso.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2677 (0xa75) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918C158, serialNumber=3A4F482E125C08DB830516D51A4A2DF1E0AA8ACA Validity Not Before: Aug 10 19:39:07 2025 GMT Not After : Aug 17 19:39:07 2025 GMT Subject: CN=6898f55b-63e4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:f4:64:fb:8b:df:9f:75:bf:9b:25:0f:63:02: bf:d4:a6:69:ea:1a:b0:61:61:0b:3c:53:25:31:ce: b5:50:56:d9:0a:de:d8:d6:7a:cf:14:3e:7e:c3:db: 8b:94:0f:64:d6:00:0a:a3:28:8a:57:8a:8a:7b:56: 3b:bf:66:d1:ce:bf:bd:b2:79:19:4d:d0:45:12:da: a0:aa:0d:24:0d:fd:2d:a7:02:a3:19:38:3a:2e:b4: 10:75:a9:e6:2b:6c:31:f4:b0:12:f6:7a:97:82:b0: 36:39:5a:85:5c:62:f5:e5:a5:ee:cc:8e:95:9e:59: 62:72:47:d1:9e:62:aa:f7:ba:4f:5f:54:d2:5e:e0: 16:b3:c2:f5:b4:b9:f7:60:a6:34:c4:a2:1f:ec:f5: 75:ee:96:12:9d:c7:90:e8:8b:78:46:57:de:2d:76: 6a:58:a5:0d:87:5f:cd:25:ee:19:c6:12:ed:3c:97: 2a:30:99:9a:32:14:ad:f8:c5:c7:16:49:f8:9c:30: 12:42:13:2e:48:f1:50:73:b4:a5:79:56:cb:0a:38: 78:c6:a5:c8:c5:0a:3d:ad:85:3e:99:94:11:21:7c: c7:3d:5f:fa:cf:8d:f9:35:cf:4c:17:91:89:42:32: 68:27:fe:86:b0:a2:43:fe:60:06:61:a1:ca:96:8d: ab:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:80:DC:09:16:D7:90:B3:37:25:D4:A6:4D:1C:51:B3:FF:05:F6:25 X509v3 Authority Key Identifier: keyid:3A:4F:48:2E:12:5C:08:DB:83:05:16:D5:1A:4A:2D:F1:E0:AA:8A:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ok9ILhJcCNuDBRbVGkot8eCqiso.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 92:f0:df:37:e8:51:26:df:2b:3c:71:4f:d4:61:1f:ee:4e:a9: 37:31:05:ec:c2:c8:ac:78:c0:56:88:45:51:29:2c:4f:fc:2c: 10:86:37:61:ce:da:f6:0f:b9:27:f1:e5:bb:ed:5c:4e:22:61: a4:9e:b8:ed:1d:3a:28:6b:87:dd:02:7f:48:8c:f5:bc:0f:30: 24:4f:d7:aa:74:f1:36:98:c4:77:61:7d:77:3e:46:e2:a3:c1: a3:b0:ab:a8:47:37:10:c7:14:2f:ab:86:54:8e:f3:72:8f:44: d5:e0:0e:4c:92:f2:f9:2c:5a:25:1c:5e:2b:a3:64:87:3b:9b: 7d:3c:f0:9b:d5:af:ea:43:45:f2:70:06:50:b1:7c:38:b3:8d: c6:a4:6c:73:0b:f8:5b:d2:50:54:30:78:e7:3a:07:9f:2d:58: 11:0d:14:11:43:9f:61:0e:e8:c1:f2:f3:e8:89:cd:62:08:4a: e4:2c:01:5b:fd:2a:3c:d4:bb:3d:0a:d4:04:8a:22:ac:5a:ff: 4e:42:64:4f:b5:10:f3:7e:4e:c4:51:66:2a:e3:12:29:12:1f: 07:cf:08:c0:46:9f:80:2a:ea:46:a8:b7:6c:11:2e:34:d0:1d: 78:9b:ac:29:aa:b7:45:69:8c:46:7a:ef:4d:74:59:31:49:35: b0:37:e6:56 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCnUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEMxNTgxMTAvBgNVBAUTKDNBNEY0ODJFMTI1QzA4REI4MzA1MTZENTFBNEEyREYx RTBBQThBQ0EwHhcNMjUwODEwMTkzOTA3WhcNMjUwODE3MTkzOTA3WjAYMRYwFAYD VQQDEw02ODk4ZjU1Yi02M2U0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArvRk+4vfn3W/myUPYwK/1KZp6hqwYWELPFMlMc61UFbZCt7Y1nrPFD5+w9uL lA9k1gAKoyiKV4qKe1Y7v2bRzr+9snkZTdBFEtqgqg0kDf0tpwKjGTg6LrQQdanm K2wx9LAS9nqXgrA2OVqFXGL15aXuzI6VnllickfRnmKq97pPX1TSXuAWs8L1tLn3 YKY0xKIf7PV17pYSnceQ6It4RlfeLXZqWKUNh1/NJe4ZxhLtPJcqMJmaMhSt+MXH Fkn4nDASQhMuSPFQc7SleVbLCjh4xqXIxQo9rYU+mZQRIXzHPV/6z435Nc9MF5GJ QjJoJ/6GsKJD/mAGYaHKlo2rGQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAWA3AkW 15CzNyXUpk0cUbP/BfYlMB8GA1UdIwQYMBaAFDpPSC4SXAjbgwUW1RpKLfHgqorK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QzE1OC9BRTUxRDgwMjY3 M0IxMUVBOTlCMkU1NTZDNEY5QUUwMi9PazlJTGhKY0NOdURCUmJWR2tvdDhlQ3Fp c28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09rOUlMaEpjQ051REJSYlZHa290OGVDcWlzby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 QzE1OC9BRTUxRDgwMjY3M0IxMUVBOTlCMkU1NTZDNEY5QUUwMi9PazlJTGhKY0NO dURCUmJWR2tvdDhlQ3Fpc28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCS8N836FEm3ys8cU/UYR/uTqk3MQXswsiseMBWiEVRKSxP/CwQhjdh ztr2D7kn8eW77VxOImGknrjtHTooa4fdAn9IjPW8DzAkT9eqdPE2mMR3YX13Pkbi o8GjsKuoRzcQxxQvq4ZUjvNyj0TV4A5MkvL5LFolHF4ro2SHO5t9PPCb1a/qQ0Xy cAZQsXw4s43GpGxzC/hb0lBUMHjnOgefLVgRDRQRQ59hDujB8vPoic1iCErkLAFb /So81Ls9CtQEiiKsWv9OQmRPtRDzfk7EUWYq4xIpEh8HzwjARp+AKupGqLdsES40 0B14m6wpqrdFaYxGeu9NdFkxSTWwN+ZW -----END CERTIFICATE-----Generated at Sun Aug 10 21:16:25 2025 by rpki-client