$ rpki-client -vvf rpki.apnic.net/member_repository/A91F61DA/17C81FD0F41E11E9A8343A74C4F9AE02/oVZKa9a5Cg-he_V9i-rJ4pJZves.mft File: oVZKa9a5Cg-he_V9i-rJ4pJZves.mft (raw, json) Hash identifier: qqHbFOgCnM4/Iy46MNpa+HwP4Xkc7jF3uJfdlqnK+yw= Subject key identifier: 5F:81:3C:60:9C:DE:6A:57:07:4E:8B:AB:98:E1:C3:57:D2:7F:63:63 Authority key identifier: A1:56:4A:6B:D6:B9:0A:0F:A1:7B:F5:7D:8B:EA:C9:E2:92:59:BD:EB Certificate issuer: /CN=A91F61DA/serialNumber=A1564A6BD6B90A0FA17BF57D8BEAC9E29259BDEB Certificate serial: 0CCA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oVZKa9a5Cg-he_V9i-rJ4pJZves.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F61DA/17C81FD0F41E11E9A8343A74C4F9AE02/oVZKa9a5Cg-he_V9i-rJ4pJZves.mft Manifest number: 0CC1 Signing time: Fri 08 Aug 2025 18:21:23 +0000 Manifest this update: Fri 08 Aug 2025 18:21:22 +0000 Manifest next update: Fri 15 Aug 2025 18:21:22 +0000 Files and hashes: 1: oVZKa9a5Cg-he_V9i-rJ4pJZves.crl (hash: d8iIw02kA2G2v+53EBF0F46BUEbja+xkSPubpq4pJLk=) 2: EA18D5547D8F11EC8E894A1DC4F9AE02.roa (hash: Anh2GximFPk7REReNBXULcTH3P6lLG5IbasX9kKM4Fs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F61DA/17C81FD0F41E11E9A8343A74C4F9AE02/oVZKa9a5Cg-he_V9i-rJ4pJZves.crl rsync://rpki.apnic.net/member_repository/A91F61DA/17C81FD0F41E11E9A8343A74C4F9AE02/oVZKa9a5Cg-he_V9i-rJ4pJZves.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oVZKa9a5Cg-he_V9i-rJ4pJZves.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3274 (0xcca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F61DA, serialNumber=A1564A6BD6B90A0FA17BF57D8BEAC9E29259BDEB Validity Not Before: Aug 8 18:21:22 2025 GMT Not After : Aug 15 18:21:22 2025 GMT Subject: CN=68964023-c25d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:a2:31:75:46:1d:e8:e3:25:b9:79:dc:c5:1a: df:90:91:9d:e8:e7:62:08:4a:e7:7d:37:47:4a:63: ff:14:a9:c8:f1:a8:33:a5:86:63:e7:fa:92:80:55: a4:96:83:82:6d:ae:d1:ab:73:48:96:09:89:cc:be: 75:7e:2c:ad:6d:19:0c:92:9a:ff:89:39:44:05:e4: 9a:e1:24:f8:6b:e1:3e:48:b5:61:44:5c:82:b6:70: d8:84:87:eb:9c:ef:04:fc:1f:20:bc:bf:c2:81:65: 81:c7:7a:d5:84:e0:47:54:d8:7f:f6:69:8d:ff:71: d0:3d:b9:0c:1c:d8:9e:18:e8:23:17:3b:77:04:1f: a7:4d:72:de:9f:af:a4:28:14:aa:5c:48:49:8c:ca: f1:b5:8c:8e:b5:cd:b1:1b:a6:42:45:7d:4f:16:d5: 61:16:1c:78:8c:f6:7c:9a:c0:07:a8:a5:ba:60:e8: b5:a3:9c:02:75:e0:2e:28:08:dd:0a:71:e4:1d:9b: 5e:b7:50:73:cf:1c:ac:81:10:62:ec:a9:05:4d:2b: 94:83:14:00:50:da:85:f0:3b:58:0b:3b:93:20:63: c4:ae:4b:42:fc:c2:ac:79:64:c4:08:11:21:ee:45: 48:2a:78:80:50:80:6c:8f:8a:0f:47:19:df:72:07: 9e:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:81:3C:60:9C:DE:6A:57:07:4E:8B:AB:98:E1:C3:57:D2:7F:63:63 X509v3 Authority Key Identifier: keyid:A1:56:4A:6B:D6:B9:0A:0F:A1:7B:F5:7D:8B:EA:C9:E2:92:59:BD:EB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F61DA/17C81FD0F41E11E9A8343A74C4F9AE02/oVZKa9a5Cg-he_V9i-rJ4pJZves.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oVZKa9a5Cg-he_V9i-rJ4pJZves.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F61DA/17C81FD0F41E11E9A8343A74C4F9AE02/oVZKa9a5Cg-he_V9i-rJ4pJZves.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7b:02:07:be:d1:0f:cc:32:38:e2:dd:29:04:75:07:a4:94:bc: 72:cf:a5:ea:36:30:d2:e5:d7:45:3e:da:2f:59:ec:a4:93:d8: fb:b3:aa:32:7a:7f:73:bb:96:2d:be:f0:b8:9b:22:88:b9:e3: 40:8e:16:52:4e:1a:c2:93:c2:ba:9b:f7:7b:a8:87:87:ef:7b: cb:e2:e8:d4:c6:80:f2:72:cc:01:fc:44:2a:c6:de:db:55:bd: dc:42:8c:5a:b6:a8:34:d8:a0:9a:e7:04:43:4e:b8:72:94:38: 29:10:db:24:35:0a:72:8f:83:e6:4c:58:51:22:f5:be:5b:87: 58:1f:b0:c5:f9:85:9e:41:b3:ed:61:5f:94:c7:7c:b5:d4:2e: e3:4c:dc:26:e1:09:19:37:db:4b:f7:f6:ad:5f:7a:0b:15:e0: a7:f0:34:68:1c:03:c3:c9:6f:47:53:0b:2e:f4:23:95:85:cb: 8f:94:e0:d4:32:70:86:b3:ef:ee:88:81:16:8a:47:26:d8:61: ab:80:e7:82:10:62:b9:95:b7:a8:75:3a:e6:1e:32:c2:6f:21: 52:c7:73:ec:fb:99:ea:98:ec:2e:a7:b6:0e:7b:7a:25:89:41: 7f:87:66:f5:b2:3f:02:1f:fd:a8:1c:3d:96:22:82:fe:57:fd: ed:a4:64:df -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDMowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjYxREExMTAvBgNVBAUTKEExNTY0QTZCRDZCOTBBMEZBMTdCRjU3RDhCRUFDOUUy OTI1OUJERUIwHhcNMjUwODA4MTgyMTIyWhcNMjUwODE1MTgyMTIyWjAYMRYwFAYD VQQDEw02ODk2NDAyMy1jMjVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxaIxdUYd6OMluXncxRrfkJGd6OdiCErnfTdHSmP/FKnI8agzpYZj5/qSgFWk loOCba7Rq3NIlgmJzL51fiytbRkMkpr/iTlEBeSa4ST4a+E+SLVhRFyCtnDYhIfr nO8E/B8gvL/CgWWBx3rVhOBHVNh/9mmN/3HQPbkMHNieGOgjFzt3BB+nTXLen6+k KBSqXEhJjMrxtYyOtc2xG6ZCRX1PFtVhFhx4jPZ8msAHqKW6YOi1o5wCdeAuKAjd CnHkHZtet1BzzxysgRBi7KkFTSuUgxQAUNqF8DtYCzuTIGPErktC/MKseWTECBEh 7kVIKniAUIBsj4oPRxnfcgeeCwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF+BPGCc 3mpXB06Lq5jhw1fSf2NjMB8GA1UdIwQYMBaAFKFWSmvWuQoPoXv1fYvqyeKSWb3r MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjFEQS8xN0M4MUZEMEY0 MUUxMUU5QTgzNDNBNzRDNEY5QUUwMi9vVlpLYTlhNUNnLWhlX1Y5aS1ySjRwSlp2 ZXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29WWkthOWE1Q2ctaGVfVjlpLXJKNHBKWnZlcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NjFEQS8xN0M4MUZEMEY0MUUxMUU5QTgzNDNBNzRDNEY5QUUwMi9vVlpLYTlhNUNn LWhlX1Y5aS1ySjRwSlp2ZXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB7Age+0Q/MMjji3SkEdQeklLxyz6XqNjDS5ddFPtovWeykk9j7s6oy en9zu5YtvvC4myKIueNAjhZSThrCk8K6m/d7qIeH73vL4ujUxoDycswB/EQqxt7b Vb3cQoxatqg02KCa5wRDTrhylDgpENskNQpyj4PmTFhRIvW+W4dYH7DF+YWeQbPt YV+Ux3y11C7jTNwm4QkZN9tL9/atX3oLFeCn8DRoHAPDyW9HUwsu9COVhcuPlODU MnCGs+/uiIEWikcm2GGrgOeCEGK5lbeodTrmHjLCbyFSx3Ps+5nqmOwup7YOe3ol iUF/h2b1sj8CH/2oHD2WIoL+V/3tpGTf -----END CERTIFICATE-----Generated at Sat Aug 9 10:39:56 2025 by rpki-client