$ rpki-client -vvf rpki.apnic.net/member_repository/A9197CED/83F56DAC1D8411E2910689DA08B02CD2/Op4IQWhX5XRXw49Tbg1usjbf-2E.mft File: Op4IQWhX5XRXw49Tbg1usjbf-2E.mft (raw, json) Hash identifier: zjSRoIkkRGpGtKd62FL7KvKCUVAbLciImgQSdbvtpAY= Subject key identifier: 60:69:0A:9E:1B:27:1C:BC:FA:F2:A6:1F:10:06:C6:5C:E5:D1:73:F3 Authority key identifier: 3A:9E:08:41:68:57:E5:74:57:C3:8F:53:6E:0D:6E:B2:36:DF:FB:61 Certificate issuer: /CN=A9197CED/serialNumber=3A9E08416857E57457C38F536E0D6EB236DFFB61 Certificate serial: 3622 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Op4IQWhX5XRXw49Tbg1usjbf-2E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9197CED/83F56DAC1D8411E2910689DA08B02CD2/Op4IQWhX5XRXw49Tbg1usjbf-2E.mft Manifest number: 3577 Signing time: Fri 08 Aug 2025 14:24:23 +0000 Manifest this update: Fri 08 Aug 2025 14:24:22 +0000 Manifest next update: Fri 15 Aug 2025 14:24:22 +0000 Files and hashes: 1: Op4IQWhX5XRXw49Tbg1usjbf-2E.crl (hash: LVUBJbGREqu24HjeF3woDvl060Nq5l9A+DsoqOy+zO8=) 2: 608B0526308511F0AD5E7760C4F9AE02.roa (hash: CQeNYUtRoWGL07qlyUYr7AGRe8oxytRML4fm2YcMhK8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9197CED/83F56DAC1D8411E2910689DA08B02CD2/Op4IQWhX5XRXw49Tbg1usjbf-2E.crl rsync://rpki.apnic.net/member_repository/A9197CED/83F56DAC1D8411E2910689DA08B02CD2/Op4IQWhX5XRXw49Tbg1usjbf-2E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Op4IQWhX5XRXw49Tbg1usjbf-2E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13858 (0x3622) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9197CED, serialNumber=3A9E08416857E57457C38F536E0D6EB236DFFB61 Validity Not Before: Aug 8 14:24:22 2025 GMT Not After : Aug 15 14:24:22 2025 GMT Subject: CN=68960896-3aa6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:08:79:bb:a8:ff:f1:39:c8:b4:0a:d7:d2:18: c3:fc:58:c4:e8:c4:b5:58:49:89:aa:9f:6b:09:ee: 09:d0:39:a9:30:99:ed:ad:df:df:84:bc:61:87:5a: 91:0b:9a:ff:eb:b4:ef:da:e7:4e:ce:a0:57:5e:3d: cc:e9:48:61:e5:6e:77:2f:50:20:07:5a:8e:88:af: 6d:d3:6e:b4:2d:36:41:9d:03:2a:8d:c2:31:39:bc: 42:9a:29:49:76:d4:76:51:81:e6:76:25:fa:d3:65: c6:bd:61:4d:8d:4e:d6:6b:ae:38:6f:f4:be:ee:dc: 7d:b5:fb:bb:73:44:de:9c:8b:c4:59:4e:4a:ca:89: 02:65:0a:88:5d:4c:c7:9d:1a:31:ef:38:76:04:1d: c3:bc:6b:5e:94:de:52:5c:ab:c6:c0:3c:ea:ad:fd: 00:6b:7a:77:81:4f:8a:76:20:b7:fc:50:8a:3b:e0: 80:ce:73:03:04:b1:1f:9f:44:a3:ce:f9:15:e8:d4: 42:bf:72:1c:b7:d8:5b:91:ff:89:d4:56:3d:96:bd: dd:3b:0e:f6:b7:58:95:05:e0:b1:b0:15:3c:0f:8d: e0:8d:c9:72:d8:b5:99:2f:af:66:14:f0:bd:9c:2b: 39:e7:26:be:98:86:27:25:a9:c1:e4:c3:2e:98:ae: a5:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:69:0A:9E:1B:27:1C:BC:FA:F2:A6:1F:10:06:C6:5C:E5:D1:73:F3 X509v3 Authority Key Identifier: keyid:3A:9E:08:41:68:57:E5:74:57:C3:8F:53:6E:0D:6E:B2:36:DF:FB:61 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9197CED/83F56DAC1D8411E2910689DA08B02CD2/Op4IQWhX5XRXw49Tbg1usjbf-2E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Op4IQWhX5XRXw49Tbg1usjbf-2E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9197CED/83F56DAC1D8411E2910689DA08B02CD2/Op4IQWhX5XRXw49Tbg1usjbf-2E.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0e:f8:e8:ec:c9:e2:e0:19:78:ed:d7:b6:72:5e:ae:d4:af:a2: 0b:3c:c7:2c:48:cb:ea:8a:3d:70:fc:1a:fd:21:a5:13:a6:98: b1:54:f0:13:e6:c6:b2:f1:69:d7:f1:0d:85:cf:96:61:39:fe: 20:1a:3f:f8:bb:89:d1:f7:70:f6:16:40:bf:f2:34:cc:fd:11: bf:c6:b0:ce:67:38:0d:02:9d:0e:f0:03:dd:2b:0d:e5:13:62: 05:7f:3b:d1:8d:8e:c5:ea:a0:81:1c:6d:7e:50:fd:80:73:a9: 32:e3:27:9b:9f:f8:54:61:87:99:c6:cd:5d:71:74:e1:76:1a: 2e:30:70:90:4e:4f:07:23:76:54:09:6c:a3:7d:05:9b:10:f1: 52:9a:10:94:09:52:f9:b1:2d:27:94:51:64:85:bf:71:31:bc: d5:24:aa:25:c1:5a:d0:76:e0:e3:3b:2f:f9:76:5b:75:ca:f3: 6e:e1:ae:7b:ea:ce:13:62:ef:e0:e0:26:4d:2d:e5:aa:72:a9: b9:80:a8:cd:77:e2:08:ce:a8:c8:f0:eb:0a:d2:52:03:ab:25: 55:d8:9c:a6:66:2d:27:7c:05:a3:3d:c3:a4:6b:f7:e5:d7:80: 1e:31:aa:68:c7:d4:16:ef:13:16:a7:5c:2f:4e:22:5b:fb:0b: 44:7e:93:df -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNiIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTdDRUQxMTAvBgNVBAUTKDNBOUUwODQxNjg1N0U1NzQ1N0MzOEY1MzZFMEQ2RUIy MzZERkZCNjEwHhcNMjUwODA4MTQyNDIyWhcNMjUwODE1MTQyNDIyWjAYMRYwFAYD VQQDEw02ODk2MDg5Ni0zYWE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmgh5u6j/8TnItArX0hjD/FjE6MS1WEmJqp9rCe4J0DmpMJntrd/fhLxhh1qR C5r/67Tv2udOzqBXXj3M6Uhh5W53L1AgB1qOiK9t0260LTZBnQMqjcIxObxCmilJ dtR2UYHmdiX602XGvWFNjU7Wa644b/S+7tx9tfu7c0TenIvEWU5KyokCZQqIXUzH nRox7zh2BB3DvGtelN5SXKvGwDzqrf0Aa3p3gU+KdiC3/FCKO+CAznMDBLEfn0Sj zvkV6NRCv3Ict9hbkf+J1FY9lr3dOw72t1iVBeCxsBU8D43gjcly2LWZL69mFPC9 nCs55ya+mIYnJanB5MMumK6luQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGBpCp4b Jxy8+vKmHxAGxlzl0XPzMB8GA1UdIwQYMBaAFDqeCEFoV+V0V8OPU24NbrI23/th MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5N0NFRC84M0Y1NkRBQzFE ODQxMUUyOTEwNjg5REEwOEIwMkNEMi9PcDRJUVdoWDVYUlh3NDlUYmcxdXNqYmYt MkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09wNElRV2hYNVhSWHc0OVRiZzF1c2piZi0yRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 N0NFRC84M0Y1NkRBQzFEODQxMUUyOTEwNjg5REEwOEIwMkNEMi9PcDRJUVdoWDVY Ulh3NDlUYmcxdXNqYmYtMkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAO+OjsyeLgGXjt17ZyXq7Ur6ILPMcsSMvqij1w/Br9IaUTppixVPAT 5say8WnX8Q2Fz5ZhOf4gGj/4u4nR93D2FkC/8jTM/RG/xrDOZzgNAp0O8APdKw3l E2IFfzvRjY7F6qCBHG1+UP2Ac6ky4yebn/hUYYeZxs1dcXThdhouMHCQTk8HI3ZU CWyjfQWbEPFSmhCUCVL5sS0nlFFkhb9xMbzVJKolwVrQduDjOy/5dlt1yvNu4a57 6s4TYu/g4CZNLeWqcqm5gKjNd+IIzqjI8OsK0lIDqyVV2JymZi0nfAWjPcOka/fl 14AeMapox9QW7xMWp1wvTiJb+wtEfpPf -----END CERTIFICATE-----Generated at Sat Aug 9 22:49:49 2025 by rpki-client