$ rpki-client -vvf rpki.apnic.net/member_repository/A91EDF00/3AE0034A4E7E11EC9E298429C4F9AE02/ozzKgbVeBGVdG1p-LOaIw-RvxTA.mft File: ozzKgbVeBGVdG1p-LOaIw-RvxTA.mft (raw, json) Hash identifier: Xm8qE+ApV2KRv9stMWMiCF2+l2ykg54oOej7aonG/d8= Subject key identifier: C9:2C:B2:D5:D7:63:85:34:10:80:51:B9:D7:CD:78:A0:3D:8D:72:D2 Authority key identifier: A3:3C:CA:81:B5:5E:04:65:5D:1B:5A:7E:2C:E6:88:C3:E4:6F:C5:30 Certificate issuer: /CN=A91EDF00/serialNumber=A33CCA81B55E04655D1B5A7E2CE688C3E46FC530 Certificate serial: 0487 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ozzKgbVeBGVdG1p-LOaIw-RvxTA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EDF00/3AE0034A4E7E11EC9E298429C4F9AE02/ozzKgbVeBGVdG1p-LOaIw-RvxTA.mft Manifest number: 0483 Signing time: Thu 07 Aug 2025 00:34:50 +0000 Manifest this update: Thu 07 Aug 2025 00:34:50 +0000 Manifest next update: Thu 14 Aug 2025 00:34:50 +0000 Files and hashes: 1: ozzKgbVeBGVdG1p-LOaIw-RvxTA.crl (hash: oA7/eU3aSwCjshKbeVAiMIqDUctyt7RKDhWvQYTxfyQ=) 2: 1B97FEB84E8111ECA3589560C4F9AE02.roa (hash: xAvVS/7W7xtAjphmjIYm8eiwHHWi2VdeCNpBEO7D7og=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EDF00/3AE0034A4E7E11EC9E298429C4F9AE02/ozzKgbVeBGVdG1p-LOaIw-RvxTA.crl rsync://rpki.apnic.net/member_repository/A91EDF00/3AE0034A4E7E11EC9E298429C4F9AE02/ozzKgbVeBGVdG1p-LOaIw-RvxTA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ozzKgbVeBGVdG1p-LOaIw-RvxTA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 00:34:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1159 (0x487) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EDF00, serialNumber=A33CCA81B55E04655D1B5A7E2CE688C3E46FC530 Validity Not Before: Aug 7 00:34:50 2025 GMT Not After : Aug 14 00:34:50 2025 GMT Subject: CN=6893f4aa-5c27 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:da:6a:fb:ff:a0:b4:72:1c:d7:42:d3:cf:4e: cf:dd:f1:22:6f:b9:d9:05:72:dc:a7:90:68:63:d9: e2:3a:94:da:ad:1e:88:9b:1b:b7:50:61:fd:bc:3c: 46:46:d7:de:3f:e7:3b:d3:0b:b1:3c:dd:96:ad:1b: 76:7f:d6:62:94:cc:39:c8:70:ac:0e:49:7e:97:22: 35:5b:58:ff:c3:95:d4:d1:1a:84:84:d7:18:9b:63: 40:fb:7f:ac:23:15:c6:31:05:c7:99:16:1b:f4:4f: a9:83:ba:84:40:64:8d:22:f6:fd:f9:0c:01:16:13: 58:3c:d1:c2:9d:8c:e6:5c:bf:a7:b8:cd:95:8e:bd: 1f:54:0a:c0:c6:fc:16:ff:44:11:a1:78:5f:88:bc: d5:e9:eb:09:48:f7:8e:e3:ce:1b:85:ac:27:54:ff: 49:8f:e5:49:5f:3e:21:33:13:18:e8:d0:7f:4b:a2: 07:ca:92:b0:da:ac:bd:fe:99:32:6f:93:98:dd:21: 1e:8d:b0:d6:70:86:ff:ce:a2:66:d1:ba:b6:1c:6a: 9a:77:31:ab:be:68:52:2b:40:55:72:b3:76:5c:81: a5:dc:05:af:97:0f:0e:95:87:fe:30:df:6c:23:a1: 45:d3:69:d8:4f:29:d3:af:2b:21:5d:e2:3e:15:3f: 8a:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:2C:B2:D5:D7:63:85:34:10:80:51:B9:D7:CD:78:A0:3D:8D:72:D2 X509v3 Authority Key Identifier: keyid:A3:3C:CA:81:B5:5E:04:65:5D:1B:5A:7E:2C:E6:88:C3:E4:6F:C5:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EDF00/3AE0034A4E7E11EC9E298429C4F9AE02/ozzKgbVeBGVdG1p-LOaIw-RvxTA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ozzKgbVeBGVdG1p-LOaIw-RvxTA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EDF00/3AE0034A4E7E11EC9E298429C4F9AE02/ozzKgbVeBGVdG1p-LOaIw-RvxTA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7a:6e:1b:be:8d:5a:e2:ad:b3:ee:09:20:03:ea:24:03:4c:32: d5:7b:d7:63:15:e8:64:ad:4e:b3:a0:e3:be:b7:78:7b:10:3a: 4c:be:cc:c5:d3:2b:26:f4:52:0b:26:36:ac:03:53:be:80:df: 7f:ec:2a:74:4a:04:f3:c0:21:4c:b6:e4:de:17:90:4c:de:bb: 76:60:98:a4:af:e3:95:7a:06:b3:43:59:d7:0d:f3:b6:29:1e: 20:d3:75:7e:7e:bf:c4:9d:24:70:ea:de:bd:8c:47:75:bd:62: 9b:11:7b:a7:97:e7:f4:30:4b:fb:7e:60:3b:dc:38:75:6d:10: 9c:5a:78:7a:a1:25:22:ff:8b:c9:67:4c:3a:c6:2b:47:8a:0c: 79:97:3f:2b:12:58:8d:48:39:4e:39:0f:30:a2:94:39:7d:a5: 49:bd:5d:6a:c7:80:0a:11:32:c6:ea:b9:aa:69:ec:7b:19:ad: 56:7d:e3:9a:94:29:0f:f5:28:ee:78:a3:c2:ab:dc:a7:39:1c: ee:91:8e:84:3b:76:0f:0e:95:00:20:90:5e:5c:37:30:b9:81: 52:8a:d6:42:6a:82:b4:7c:6f:45:d6:af:d1:72:60:5b:d0:4d: 40:a0:06:a4:c4:17:0d:63:94:b6:37:28:87:57:2e:1b:0c:5c: de:c7:b2:b0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBIcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RURGMDAxMTAvBgNVBAUTKEEzM0NDQTgxQjU1RTA0NjU1RDFCNUE3RTJDRTY4OEMz RTQ2RkM1MzAwHhcNMjUwODA3MDAzNDUwWhcNMjUwODE0MDAzNDUwWjAYMRYwFAYD VQQDEw02ODkzZjRhYS01YzI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4dpq+/+gtHIc10LTz07P3fEib7nZBXLcp5BoY9niOpTarR6Imxu3UGH9vDxG RtfeP+c70wuxPN2WrRt2f9ZilMw5yHCsDkl+lyI1W1j/w5XU0RqEhNcYm2NA+3+s IxXGMQXHmRYb9E+pg7qEQGSNIvb9+QwBFhNYPNHCnYzmXL+nuM2Vjr0fVArAxvwW /0QRoXhfiLzV6esJSPeO484bhawnVP9Jj+VJXz4hMxMY6NB/S6IHypKw2qy9/pky b5OY3SEejbDWcIb/zqJm0bq2HGqadzGrvmhSK0BVcrN2XIGl3AWvlw8OlYf+MN9s I6FF02nYTynTryshXeI+FT+KzwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMksstXX Y4U0EIBRudfNeKA9jXLSMB8GA1UdIwQYMBaAFKM8yoG1XgRlXRtafizmiMPkb8Uw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFREYwMC8zQUUwMDM0QTRF N0UxMUVDOUUyOTg0MjlDNEY5QUUwMi9venpLZ2JWZUJHVmRHMXAtTE9hSXctUnZ4 VEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL296ektnYlZlQkdWZEcxcC1MT2FJdy1SdnhUQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF REYwMC8zQUUwMDM0QTRFN0UxMUVDOUUyOTg0MjlDNEY5QUUwMi9venpLZ2JWZUJH VmRHMXAtTE9hSXctUnZ4VEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB6bhu+jVrirbPuCSAD6iQDTDLVe9djFehkrU6zoOO+t3h7EDpMvszF 0ysm9FILJjasA1O+gN9/7Cp0SgTzwCFMtuTeF5BM3rt2YJikr+OVegazQ1nXDfO2 KR4g03V+fr/EnSRw6t69jEd1vWKbEXunl+f0MEv7fmA73Dh1bRCcWnh6oSUi/4vJ Z0w6xitHigx5lz8rEliNSDlOOQ8wopQ5faVJvV1qx4AKETLG6rmqaex7Ga1WfeOa lCkP9SjueKPCq9ynORzukY6EO3YPDpUAIJBeXDcwuYFSitZCaoK0fG9F1q/RcmBb 0E1AoAakxBcNY5S2NyiHVy4bDFzex7Kw -----END CERTIFICATE-----Generated at Fri Aug 8 19:38:00 2025 by rpki-client