$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft File: OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft (raw, json) Hash identifier: OPYGqnnLeAA7iH19KUWFGjB6Pl9tFKZHqp+EunbDLtg= Subject key identifier: 1E:E4:5C:B2:F5:51:2D:1A:3C:70:63:FD:9B:D2:D8:DE:3D:B6:35:6D Authority key identifier: 3A:68:23:A1:0F:03:BF:AC:A4:06:8D:33:98:44:4F:36:41:08:54:85 Certificate issuer: /CN=A91E6856/serialNumber=3A6823A10F03BFACA4068D3398444F3641085485 Certificate serial: 0157 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft Manifest number: 0154 Signing time: Wed 18 Jun 2025 17:40:51 +0000 Manifest this update: Wed 18 Jun 2025 17:40:50 +0000 Manifest next update: Wed 25 Jun 2025 17:40:50 +0000 Files and hashes: 1: OmgjoQ8Dv6ykBo0zmERPNkEIVIU.crl (hash: AmNL+SPMWM5SF5hdXaREKXtJfWMp7DH7HwYROMfVrdw=) 2: B2C9B10A881311EE8CFB5C43C4F9AE02.roa (hash: 6Te+3VLS/O5qxRt8jv/bM33nUlqEem+47I9pmRS4Z7o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.crl rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 25 Jun 2025 17:40:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 343 (0x157) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E6856, serialNumber=3A6823A10F03BFACA4068D3398444F3641085485 Validity Not Before: Jun 18 17:40:50 2025 GMT Not After : Jun 25 17:40:50 2025 GMT Subject: CN=6852fa23-2fe9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:24:f2:fa:7e:7a:ea:50:2a:6f:e5:29:36:db: 7b:40:ac:50:05:ef:81:b8:99:54:c9:2e:f8:ff:32: 3e:90:a2:9e:7c:e2:dc:11:12:93:3a:f8:75:4c:be: a2:4c:6f:33:26:24:c2:61:6a:20:f3:cf:3d:28:76: ed:c7:a0:b0:71:95:9a:4e:10:9a:5e:23:f6:a8:5e: 87:b5:21:86:af:27:02:c7:7f:66:ae:1a:a0:ed:b2: dc:fb:4d:a4:bb:05:af:8a:7b:26:9f:b2:81:5b:1b: cd:fa:f8:23:cb:bb:0b:52:69:1c:42:95:77:97:54: ae:48:58:29:40:b7:e9:87:3b:b8:0b:26:e9:54:87: 15:d7:58:3a:f1:81:c1:35:67:8a:60:5d:75:ef:59: cf:66:f6:ec:4e:2d:bd:d5:48:fa:fa:c7:3e:5f:80: 16:9f:dc:ca:63:e4:61:7a:33:1c:2f:c2:4f:be:25: 6c:f1:e5:ce:6b:c2:ef:13:8a:ba:62:4a:12:72:18: 13:06:ea:3c:04:48:02:d6:17:2f:50:90:bb:37:81: ad:26:c7:e3:b3:dc:9b:20:64:25:39:6a:09:97:82: 21:09:0b:4e:5d:b5:38:d2:23:32:85:88:6c:36:04: e0:f9:23:5d:7f:ef:8f:59:07:74:5f:93:e0:a9:17: 07:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:E4:5C:B2:F5:51:2D:1A:3C:70:63:FD:9B:D2:D8:DE:3D:B6:35:6D X509v3 Authority Key Identifier: keyid:3A:68:23:A1:0F:03:BF:AC:A4:06:8D:33:98:44:4F:36:41:08:54:85 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9c:30:75:d1:19:b1:26:70:b0:a7:d1:29:a8:db:ec:f4:9d:1f: 04:f6:4f:10:06:21:4b:63:34:ed:59:42:93:8c:a9:14:bf:42: 3b:d6:7b:91:b7:5d:fe:56:e6:0f:71:96:22:32:45:92:d7:45: 14:8b:5d:df:77:cd:db:72:22:87:94:36:c5:1f:69:be:39:e0: e0:10:1f:98:51:39:40:48:3e:5c:b5:fe:1a:b2:24:62:3a:29: c6:48:b5:f4:aa:72:ed:70:04:43:4d:1c:0f:40:a4:55:b9:2d: b6:17:6a:61:fc:42:17:0f:6e:bd:9e:e0:65:18:94:5e:d6:05: ca:72:d0:6d:34:6c:a1:85:c4:eb:c9:cf:d5:06:6a:1a:78:2c: 42:84:5a:c2:20:25:ed:51:5c:6b:1f:66:13:e4:63:b8:ab:a2: a6:e3:b4:45:85:51:12:04:26:a1:2a:4c:bd:b7:e7:cd:24:47: 38:aa:fc:95:57:f2:56:9d:36:c5:af:19:c5:75:4d:a5:cb:6e: 6e:d7:09:f4:7e:df:eb:50:f3:8b:66:53:41:20:77:ad:78:75: c4:2a:87:2f:8a:56:de:4b:14:45:36:5b:67:d2:d4:9d:d2:8b: 53:2b:4f:68:21:dc:23:7e:51:be:82:50:a7:f9:b0:b9:52:1a: e8:fa:6b:5c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAVcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTY4NTYxMTAvBgNVBAUTKDNBNjgyM0ExMEYwM0JGQUNBNDA2OEQzMzk4NDQ0RjM2 NDEwODU0ODUwHhcNMjUwNjE4MTc0MDUwWhcNMjUwNjI1MTc0MDUwWjAYMRYwFAYD VQQDEw02ODUyZmEyMy0yZmU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsyTy+n566lAqb+UpNtt7QKxQBe+BuJlUyS74/zI+kKKefOLcERKTOvh1TL6i TG8zJiTCYWog8889KHbtx6CwcZWaThCaXiP2qF6HtSGGrycCx39mrhqg7bLc+02k uwWvinsmn7KBWxvN+vgjy7sLUmkcQpV3l1SuSFgpQLfphzu4CybpVIcV11g68YHB NWeKYF1171nPZvbsTi291Uj6+sc+X4AWn9zKY+RhejMcL8JPviVs8eXOa8LvE4q6 YkoSchgTBuo8BEgC1hcvUJC7N4GtJsfjs9ybIGQlOWoJl4IhCQtOXbU40iMyhYhs NgTg+SNdf++PWQd0X5PgqRcH3wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB7kXLL1 US0aPHBj/ZvS2N49tjVtMB8GA1UdIwQYMBaAFDpoI6EPA7+spAaNM5hETzZBCFSF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjg1Ni8yRERCNDI2RTQ4 NjMxMUVFQkMwQkQyMTNDNEY5QUUwMi9PbWdqb1E4RHY2eWtCbzB6bUVSUE5rRUlW SVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL09tZ2pvUThEdjZ5a0JvMHptRVJQTmtFSVZJVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF Njg1Ni8yRERCNDI2RTQ4NjMxMUVFQkMwQkQyMTNDNEY5QUUwMi9PbWdqb1E4RHY2 eWtCbzB6bUVSUE5rRUlWSVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCcMHXRGbEmcLCn0Smo2+z0nR8E9k8QBiFLYzTtWUKTjKkUv0I71nuR t13+VuYPcZYiMkWS10UUi13fd83bciKHlDbFH2m+OeDgEB+YUTlASD5ctf4asiRi OinGSLX0qnLtcARDTRwPQKRVuS22F2ph/EIXD269nuBlGJRe1gXKctBtNGyhhcTr yc/VBmoaeCxChFrCICXtUVxrH2YT5GO4q6Km47RFhVESBCahKky9t+fNJEc4qvyV V/JWnTbFrxnFdU2ly25u1wn0ft/rUPOLZlNBIHeteHXEKocvilbeSxRFNltn0tSd 0otTK09oIdwjflG+glCn+bC5Uhro+mtc -----END CERTIFICATE-----Generated at Thu Jun 19 14:03:01 2025 by rpki-client