$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft File: OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft (raw, json) Hash identifier: EOZmR8V3+6ug0LQ+RUJ8B6Ar6euyvG2dIRsYVSYloGI= Subject key identifier: D7:1E:52:76:5A:D0:E7:9E:A9:0E:0D:D1:1E:5C:0F:5E:E8:75:2D:67 Authority key identifier: 3A:68:23:A1:0F:03:BF:AC:A4:06:8D:33:98:44:4F:36:41:08:54:85 Certificate issuer: /CN=A91E6856/serialNumber=3A6823A10F03BFACA4068D3398444F3641085485 Certificate serial: 0171 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft Manifest number: 016E Signing time: Fri 08 Aug 2025 17:55:36 +0000 Manifest this update: Fri 08 Aug 2025 17:55:36 +0000 Manifest next update: Fri 15 Aug 2025 17:55:36 +0000 Files and hashes: 1: OmgjoQ8Dv6ykBo0zmERPNkEIVIU.crl (hash: kwXruH50JTPy7qwwnGCEvuPMHWk2zEWUpU15/OQuObY=) 2: B2C9B10A881311EE8CFB5C43C4F9AE02.roa (hash: 6Te+3VLS/O5qxRt8jv/bM33nUlqEem+47I9pmRS4Z7o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.crl rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 369 (0x171) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E6856, serialNumber=3A6823A10F03BFACA4068D3398444F3641085485 Validity Not Before: Aug 8 17:55:36 2025 GMT Not After : Aug 15 17:55:36 2025 GMT Subject: CN=68963a18-67f8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:da:13:9c:89:d9:6a:e5:6c:11:25:24:36:98: cb:34:b9:9d:cf:1d:08:8c:ae:0b:70:3e:a6:1c:fb: bc:6c:5c:2e:a1:f4:d1:b1:1c:d7:66:57:81:e7:94: 64:a1:f3:34:ed:39:57:db:91:76:bf:e4:9e:a4:49: d3:96:40:0e:94:24:28:24:72:95:e1:93:cb:44:08: 38:34:fa:60:85:90:da:85:2c:0c:0e:c0:52:76:08: 44:ec:e1:81:92:c3:24:e4:70:07:5b:cf:9a:99:a1: d0:37:65:11:e4:8f:f4:79:c0:55:98:b9:8c:b5:52: a4:a3:2d:98:bd:2d:91:c5:2d:ec:94:5c:8a:8c:7c: b8:c8:f2:a6:66:d8:a4:2d:f5:9c:b0:c6:17:99:de: 90:60:78:24:13:cf:d6:a8:ff:46:20:85:f0:8d:08: 32:02:f2:b0:06:80:ab:06:91:7f:9e:97:c1:71:aa: 5e:4e:bb:3b:2c:13:77:66:42:95:5d:05:8a:66:13: 68:be:27:73:98:95:12:0b:17:a1:03:01:67:72:81: 44:c7:fb:7b:96:5b:71:29:7b:fb:d6:2f:12:e6:24: 15:20:51:8a:32:5e:9f:48:2d:7a:17:1a:c2:31:52: 05:0a:71:79:09:10:d4:64:e3:45:d0:c8:b0:81:84: 69:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:1E:52:76:5A:D0:E7:9E:A9:0E:0D:D1:1E:5C:0F:5E:E8:75:2D:67 X509v3 Authority Key Identifier: keyid:3A:68:23:A1:0F:03:BF:AC:A4:06:8D:33:98:44:4F:36:41:08:54:85 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 56:80:ae:f1:89:ef:54:48:e7:0b:62:04:11:5f:2c:95:3c:3a: c8:c3:2c:9f:b5:4b:1b:14:b9:86:96:6e:01:ee:3b:b8:15:8c: a3:ad:9e:b0:07:31:1c:f7:97:a7:b3:4c:44:1a:4d:52:50:10: 01:d3:92:1a:22:10:ac:b0:e5:86:17:b2:3b:ff:b6:56:c8:52: 2b:88:57:53:db:c5:0a:4b:f8:e4:f8:13:bb:68:56:98:53:bb: 21:f4:45:9a:4b:06:b2:a0:9d:9f:3a:26:9e:80:f5:5f:c2:bf: 09:ec:39:9d:2c:a0:8f:ef:40:cb:39:0f:7d:18:aa:35:8a:06: e9:31:f6:a1:44:8a:62:1f:91:17:1a:9e:ab:1b:c9:b1:82:8d: 96:cf:ae:7f:71:4c:46:ef:9b:20:52:61:38:44:ca:b0:2f:d4: b3:df:94:52:38:d9:04:5a:ec:8f:f8:0b:9a:46:d7:14:a9:5e: a0:23:43:b3:46:00:bd:a6:12:ef:1e:9c:ab:f4:db:76:67:23: 2e:63:be:88:98:4a:92:1c:4f:7a:c0:03:b9:bf:04:62:cf:24: 7e:23:b8:e7:36:13:35:e0:43:e0:77:c6:f8:09:5c:53:26:df: 60:fc:89:5e:6f:3c:8c:8b:70:ad:db:c6:0c:ab:76:ab:66:ef: af:5b:f6:07 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAXEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTY4NTYxMTAvBgNVBAUTKDNBNjgyM0ExMEYwM0JGQUNBNDA2OEQzMzk4NDQ0RjM2 NDEwODU0ODUwHhcNMjUwODA4MTc1NTM2WhcNMjUwODE1MTc1NTM2WjAYMRYwFAYD VQQDEw02ODk2M2ExOC02N2Y4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5NoTnInZauVsESUkNpjLNLmdzx0IjK4LcD6mHPu8bFwuofTRsRzXZleB55Rk ofM07TlX25F2v+SepEnTlkAOlCQoJHKV4ZPLRAg4NPpghZDahSwMDsBSdghE7OGB ksMk5HAHW8+amaHQN2UR5I/0ecBVmLmMtVKkoy2YvS2RxS3slFyKjHy4yPKmZtik LfWcsMYXmd6QYHgkE8/WqP9GIIXwjQgyAvKwBoCrBpF/npfBcapeTrs7LBN3ZkKV XQWKZhNovidzmJUSCxehAwFncoFEx/t7lltxKXv71i8S5iQVIFGKMl6fSC16FxrC MVIFCnF5CRDUZONF0MiwgYRpMwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNceUnZa 0OeeqQ4N0R5cD17odS1nMB8GA1UdIwQYMBaAFDpoI6EPA7+spAaNM5hETzZBCFSF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjg1Ni8yRERCNDI2RTQ4 NjMxMUVFQkMwQkQyMTNDNEY5QUUwMi9PbWdqb1E4RHY2eWtCbzB6bUVSUE5rRUlW SVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL09tZ2pvUThEdjZ5a0JvMHptRVJQTmtFSVZJVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF Njg1Ni8yRERCNDI2RTQ4NjMxMUVFQkMwQkQyMTNDNEY5QUUwMi9PbWdqb1E4RHY2 eWtCbzB6bUVSUE5rRUlWSVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBWgK7xie9USOcLYgQRXyyVPDrIwyyftUsbFLmGlm4B7ju4FYyjrZ6w BzEc95ens0xEGk1SUBAB05IaIhCssOWGF7I7/7ZWyFIriFdT28UKS/jk+BO7aFaY U7sh9EWaSwayoJ2fOiaegPVfwr8J7DmdLKCP70DLOQ99GKo1igbpMfahRIpiH5EX Gp6rG8mxgo2Wz65/cUxG75sgUmE4RMqwL9Sz35RSONkEWuyP+AuaRtcUqV6gI0Oz RgC9phLvHpyr9Nt2ZyMuY76ImEqSHE96wAO5vwRizyR+I7jnNhM14EPgd8b4CVxT Jt9g/IlebzyMi3Ct28YMq3arZu+vW/YH -----END CERTIFICATE-----Generated at Sun Aug 10 16:03:26 2025 by rpki-client