$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAD80/D223C5AE94C911EF92CD7258C4F9AE02/oRR-hHvP7urdnompeo2fM2ecp-I.mft File: oRR-hHvP7urdnompeo2fM2ecp-I.mft (raw, json) Hash identifier: tZrij27nRkcmfXUXSYhH9kTR1LkP/4IoBA7BKyKwwuA= Subject key identifier: 4D:48:72:23:62:18:CE:07:93:40:65:08:5D:C3:5B:A4:B8:50:4F:0F Authority key identifier: A1:14:7E:84:7B:CF:EE:EA:DD:9E:89:A9:7A:8D:9F:33:67:9C:A7:E2 Certificate issuer: /CN=A91EAD80/serialNumber=A1147E847BCFEEEADD9E89A97A8D9F33679CA7E2 Certificate serial: 7B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oRR-hHvP7urdnompeo2fM2ecp-I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EAD80/D223C5AE94C911EF92CD7258C4F9AE02/oRR-hHvP7urdnompeo2fM2ecp-I.mft Manifest number: 79 Signing time: Fri 13 Jun 2025 05:42:42 +0000 Manifest this update: Fri 13 Jun 2025 05:42:42 +0000 Manifest next update: Fri 20 Jun 2025 05:42:42 +0000 Files and hashes: 1: oRR-hHvP7urdnompeo2fM2ecp-I.crl (hash: qJRqOgrdiVEMzzIZIP5DnI2BcbtPdySx+LFfWICsQJw=) 2: 52DF0E62B2FA11EFA36E0387C4F9AE02.roa (hash: zOW380YmpQpMtSyWb7ghqrZ9YCinfgNDwAX0rgUwhPY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EAD80/D223C5AE94C911EF92CD7258C4F9AE02/oRR-hHvP7urdnompeo2fM2ecp-I.crl rsync://rpki.apnic.net/member_repository/A91EAD80/D223C5AE94C911EF92CD7258C4F9AE02/oRR-hHvP7urdnompeo2fM2ecp-I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oRR-hHvP7urdnompeo2fM2ecp-I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 20 Jun 2025 05:42:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 123 (0x7b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EAD80, serialNumber=A1147E847BCFEEEADD9E89A97A8D9F33679CA7E2 Validity Not Before: Jun 13 05:42:42 2025 GMT Not After : Jun 20 05:42:42 2025 GMT Subject: CN=684bba52-28ab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:7c:67:27:59:a5:fb:e9:3c:3c:9a:4d:d7:2a: 16:c0:21:a2:49:75:01:99:a1:fe:36:49:46:1b:87: 54:b9:c0:2a:c5:5e:63:7d:78:2c:f6:fc:38:59:f8: ae:b4:a1:f5:b7:65:61:70:29:32:5f:f4:ed:5d:0c: c6:05:cb:73:64:88:f9:8d:95:52:7b:8c:d1:b2:07: 0f:3e:92:8a:e6:17:ee:ec:da:aa:39:72:d9:7b:19: 21:49:9d:68:a6:b6:64:ee:aa:f3:1e:bb:c0:83:47: a3:a9:33:e5:94:86:1a:7a:1a:8a:06:58:cd:dd:2f: 25:01:f2:33:fc:61:21:7a:70:23:8e:b1:ff:2b:9a: 4a:fd:cf:6f:b9:7b:97:2f:cc:a0:c7:37:d7:cc:a0: 50:31:04:af:ec:1d:ce:de:8e:64:67:a7:54:c6:c1: 1e:02:98:42:d0:d7:8f:d9:61:e8:83:b3:21:51:11: 03:8b:0e:8f:88:29:4b:c7:76:db:e5:b2:f2:d2:81: c6:f1:da:48:04:76:e8:e7:db:1b:6e:c6:45:3a:70: a0:fb:a2:22:cf:a5:5f:2a:fd:14:8d:a5:ec:c7:ad: 24:00:0f:bb:9a:80:4c:86:40:fe:6a:99:77:74:54: be:19:53:95:b1:48:b2:5a:4a:44:66:6c:bf:f4:f1: ea:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:48:72:23:62:18:CE:07:93:40:65:08:5D:C3:5B:A4:B8:50:4F:0F X509v3 Authority Key Identifier: keyid:A1:14:7E:84:7B:CF:EE:EA:DD:9E:89:A9:7A:8D:9F:33:67:9C:A7:E2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EAD80/D223C5AE94C911EF92CD7258C4F9AE02/oRR-hHvP7urdnompeo2fM2ecp-I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oRR-hHvP7urdnompeo2fM2ecp-I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAD80/D223C5AE94C911EF92CD7258C4F9AE02/oRR-hHvP7urdnompeo2fM2ecp-I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 21:dc:13:5d:06:7f:36:90:b3:7d:80:3d:99:d8:48:49:d3:35: 1a:7c:f3:4d:fc:eb:e1:e0:a6:94:ed:dd:33:63:dc:81:2b:68: de:e2:ec:45:1b:e9:ee:90:54:42:4a:84:cb:be:72:c0:66:7f: 36:00:71:bb:4a:5f:e2:32:56:55:c0:43:44:70:91:89:43:8f: 80:63:a6:d4:d5:49:ff:24:20:9a:38:65:ef:aa:2b:38:59:ae: cc:be:0c:f1:1b:fa:87:82:d1:33:bb:c6:78:ea:65:ed:d4:48: 70:20:7a:11:f1:af:58:7a:a0:86:f1:f3:8d:4a:b7:4a:85:53: 28:e9:44:c1:35:5a:43:91:cf:ff:2d:da:77:df:c6:0d:05:d5: e9:d5:d9:68:0c:ea:d9:b2:eb:ef:db:bf:c9:0f:8f:cd:a4:3a: 35:c6:d8:0d:46:d4:09:7a:e8:c5:b4:31:cf:6d:a0:8f:99:15: 45:9d:ad:58:16:69:d9:5d:d4:43:8a:51:9b:ae:f1:2c:ce:42: 6f:2a:1a:91:be:c0:7f:86:be:f2:3f:9c:6d:38:9d:7e:28:24: d1:dd:72:18:51:a9:22:df:bf:54:9b:74:f2:84:54:de:e4:d6: e9:38:0a:d4:f8:80:17:75:62:e1:a0:5f:c6:08:8a:99:76:d5: b7:99:96:23 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBezANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF QUQ4MDExMC8GA1UEBRMoQTExNDdFODQ3QkNGRUVFQUREOUU4OUE5N0E4RDlGMzM2 NzlDQTdFMjAeFw0yNTA2MTMwNTQyNDJaFw0yNTA2MjAwNTQyNDJaMBgxFjAUBgNV BAMTDTY4NGJiYTUyLTI4YWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDEfGcnWaX76Tw8mk3XKhbAIaJJdQGZof42SUYbh1S5wCrFXmN9eCz2/DhZ+K60 ofW3ZWFwKTJf9O1dDMYFy3NkiPmNlVJ7jNGyBw8+kormF+7s2qo5ctl7GSFJnWim tmTuqvMeu8CDR6OpM+WUhhp6GooGWM3dLyUB8jP8YSF6cCOOsf8rmkr9z2+5e5cv zKDHN9fMoFAxBK/sHc7ejmRnp1TGwR4CmELQ14/ZYeiDsyFREQOLDo+IKUvHdtvl svLSgcbx2kgEdujn2xtuxkU6cKD7oiLPpV8q/RSNpezHrSQAD7uagEyGQP5qmXd0 VL4ZU5WxSLJaSkRmbL/08erbAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUTUhyI2IY zgeTQGUIXcNbpLhQTw8wHwYDVR0jBBgwFoAUoRR+hHvP7urdnompeo2fM2ecp+Iw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVBRDgwL0QyMjNDNUFFOTRD OTExRUY5MkNENzI1OEM0RjlBRTAyL29SUi1oSHZQN3VyZG5vbXBlbzJmTTJlY3At SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvb1JSLWhIdlA3dXJkbm9tcGVvMmZNMmVjcC1JLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVB RDgwL0QyMjNDNUFFOTRDOTExRUY5MkNENzI1OEM0RjlBRTAyL29SUi1oSHZQN3Vy ZG5vbXBlbzJmTTJlY3AtSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBACHcE10GfzaQs32APZnYSEnTNRp880386+HgppTt3TNj3IEraN7i7EUb 6e6QVEJKhMu+csBmfzYAcbtKX+IyVlXAQ0RwkYlDj4BjptTVSf8kIJo4Ze+qKzhZ rsy+DPEb+oeC0TO7xnjqZe3USHAgehHxr1h6oIbx841Kt0qFUyjpRME1WkORz/8t 2nffxg0F1enV2WgM6tmy6+/bv8kPj82kOjXG2A1G1Al66MW0Mc9toI+ZFUWdrVgW adld1EOKUZuu8SzOQm8qGpG+wH+GvvI/nG04nX4oJNHdchhRqSLfv1SbdPKEVN7k 1uk4CtT4gBd1YuGgX8YIipl21beZliM= -----END CERTIFICATE-----Generated at Sat Jun 14 17:12:51 2025 by rpki-client