$ rpki-client -vvf rpki.apnic.net/member_repository/A91FA024/D33A4794F18811EA9E80F71EC4F9AE02/oKxCfpV7N00CZ_p2SN0_-FcC2rE.mft File: oKxCfpV7N00CZ_p2SN0_-FcC2rE.mft (raw, json) Hash identifier: xnTuHHKMJx300TK0CEtJWl5P+T07RpJz5is1m4qU04M= Subject key identifier: 61:AF:2C:46:7B:35:2B:C8:46:2A:FF:CD:8C:51:A6:93:A0:5D:3C:46 Authority key identifier: A0:AC:42:7E:95:7B:37:4D:02:67:FA:76:48:DD:3F:F8:57:02:DA:B1 Certificate issuer: /CN=A91FA024/serialNumber=A0AC427E957B374D0267FA7648DD3FF85702DAB1 Certificate serial: 07E7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oKxCfpV7N00CZ_p2SN0_-FcC2rE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FA024/D33A4794F18811EA9E80F71EC4F9AE02/oKxCfpV7N00CZ_p2SN0_-FcC2rE.mft Manifest number: 07DF Signing time: Sat 14 Jun 2025 20:48:17 +0000 Manifest this update: Sat 14 Jun 2025 20:48:16 +0000 Manifest next update: Sat 21 Jun 2025 20:48:16 +0000 Files and hashes: 1: oKxCfpV7N00CZ_p2SN0_-FcC2rE.crl (hash: uXghgAjRQd02eTtPFkCi3lcg96C6dPHhVnqTTQL7kcA=) 2: FE1FDB12BCD011EC8283681EC4F9AE02.roa (hash: 2wuY0yDKdmJN9ZQKTlSwz2efwa28k+u+9dd3owV3hlg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FA024/D33A4794F18811EA9E80F71EC4F9AE02/oKxCfpV7N00CZ_p2SN0_-FcC2rE.crl rsync://rpki.apnic.net/member_repository/A91FA024/D33A4794F18811EA9E80F71EC4F9AE02/oKxCfpV7N00CZ_p2SN0_-FcC2rE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oKxCfpV7N00CZ_p2SN0_-FcC2rE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 20:48:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2023 (0x7e7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA024, serialNumber=A0AC427E957B374D0267FA7648DD3FF85702DAB1 Validity Not Before: Jun 14 20:48:16 2025 GMT Not After : Jun 21 20:48:16 2025 GMT Subject: CN=684de011-16fe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:d4:8d:1d:60:12:54:68:91:9a:4c:89:84:55: fc:32:c8:1c:a2:90:eb:48:ca:e9:b8:dd:cd:1d:71: 7d:06:66:73:da:58:fe:34:1b:77:6a:9d:f9:2c:9b: 51:ea:f3:cc:e7:58:5a:19:94:96:71:56:b9:92:3b: c3:e6:0f:7e:7e:26:8c:d6:90:2f:4b:87:e8:2f:10: 7f:09:53:18:4f:f7:93:e1:e2:b0:8e:d3:8d:03:54: 1d:04:87:64:ba:ae:4b:14:92:29:61:db:f1:50:30: 68:e2:18:e4:ab:b5:3f:2b:32:59:b5:de:82:4b:c8: fb:56:46:a6:43:a9:30:22:fc:53:56:a4:9d:40:66: 97:29:5a:84:0b:c9:8a:20:0e:cd:2c:76:63:42:00: 87:5e:69:e2:6a:22:07:00:30:ab:3e:82:71:44:4e: 26:e4:71:5c:35:5b:65:8f:78:c0:b4:75:91:a7:ae: e4:a1:0e:da:d7:fa:32:0e:c6:37:34:ea:d3:83:a7: 60:33:42:08:be:c3:49:68:df:ad:51:9d:c9:c0:35: 2d:88:dc:17:f0:51:2a:ac:3b:de:68:7b:6f:48:58: 8b:9d:26:63:7b:90:29:b9:42:1b:2d:72:e4:fa:d1: 61:6f:88:a2:06:a6:c8:9b:9a:73:6f:a1:49:18:1b: 40:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:AF:2C:46:7B:35:2B:C8:46:2A:FF:CD:8C:51:A6:93:A0:5D:3C:46 X509v3 Authority Key Identifier: keyid:A0:AC:42:7E:95:7B:37:4D:02:67:FA:76:48:DD:3F:F8:57:02:DA:B1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FA024/D33A4794F18811EA9E80F71EC4F9AE02/oKxCfpV7N00CZ_p2SN0_-FcC2rE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oKxCfpV7N00CZ_p2SN0_-FcC2rE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FA024/D33A4794F18811EA9E80F71EC4F9AE02/oKxCfpV7N00CZ_p2SN0_-FcC2rE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 15:8d:01:17:4d:4c:4b:e2:ea:c9:45:00:2a:05:2e:20:ed:bd: 0b:8b:2b:08:71:d3:e9:71:45:53:97:e1:c7:45:04:73:23:14: 77:f0:a5:17:00:88:d1:42:36:2b:28:76:e4:d9:ed:98:54:49: b8:41:52:5a:10:01:6f:bf:44:04:bd:34:cd:7f:d2:e6:51:87: 0e:e5:6d:6a:dc:dc:45:fe:a6:5b:ab:4b:38:9d:d6:d4:9d:6d: a7:3d:80:c9:b2:8c:57:47:b0:47:79:be:c0:bd:72:ac:13:d4: bf:eb:84:25:c9:45:33:f6:8e:f9:e8:73:27:38:32:76:8e:98: df:5c:b1:d1:9e:96:15:8c:5a:f0:47:ee:ae:85:1c:15:5c:0e: 14:b3:0d:21:75:4e:68:86:39:f7:c3:e4:82:0c:25:6c:24:be: 18:04:96:3c:e2:c2:27:18:69:93:19:18:68:20:d9:56:13:14: cd:f4:69:97:1b:57:95:3d:ad:2b:02:56:bb:fe:7d:c1:48:88: 75:34:bb:c5:cf:a0:8d:15:75:a7:3b:b8:dc:4f:cf:da:13:ce: d4:39:5d:bc:c4:fa:fe:26:65:56:77:e9:75:25:8b:0e:82:bb: f0:24:7a:15:a8:4e:b7:66:87:62:39:d7:af:30:41:38:17:7a: d5:49:e1:50 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB+cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkEwMjQxMTAvBgNVBAUTKEEwQUM0MjdFOTU3QjM3NEQwMjY3RkE3NjQ4REQzRkY4 NTcwMkRBQjEwHhcNMjUwNjE0MjA0ODE2WhcNMjUwNjIxMjA0ODE2WjAYMRYwFAYD VQQDEw02ODRkZTAxMS0xNmZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0tSNHWASVGiRmkyJhFX8MsgcopDrSMrpuN3NHXF9BmZz2lj+NBt3ap35LJtR 6vPM51haGZSWcVa5kjvD5g9+fiaM1pAvS4foLxB/CVMYT/eT4eKwjtONA1QdBIdk uq5LFJIpYdvxUDBo4hjkq7U/KzJZtd6CS8j7VkamQ6kwIvxTVqSdQGaXKVqEC8mK IA7NLHZjQgCHXmniaiIHADCrPoJxRE4m5HFcNVtlj3jAtHWRp67koQ7a1/oyDsY3 NOrTg6dgM0IIvsNJaN+tUZ3JwDUtiNwX8FEqrDveaHtvSFiLnSZje5ApuUIbLXLk +tFhb4iiBqbIm5pzb6FJGBtAZQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGGvLEZ7 NSvIRir/zYxRppOgXTxGMB8GA1UdIwQYMBaAFKCsQn6VezdNAmf6dkjdP/hXAtqx MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQTAyNC9EMzNBNDc5NEYx ODgxMUVBOUU4MEY3MUVDNEY5QUUwMi9vS3hDZnBWN04wMENaX3AyU04wXy1GY0My ckUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29LeENmcFY3TjAwQ1pfcDJTTjBfLUZjQzJyRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QTAyNC9EMzNBNDc5NEYxODgxMUVBOUU4MEY3MUVDNEY5QUUwMi9vS3hDZnBWN04w MENaX3AyU04wXy1GY0MyckUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAVjQEXTUxL4urJRQAqBS4g7b0LiysIcdPpcUVTl+HHRQRzIxR38KUX AIjRQjYrKHbk2e2YVEm4QVJaEAFvv0QEvTTNf9LmUYcO5W1q3NxF/qZbq0s4ndbU nW2nPYDJsoxXR7BHeb7AvXKsE9S/64QlyUUz9o756HMnODJ2jpjfXLHRnpYVjFrw R+6uhRwVXA4Usw0hdU5ohjn3w+SCDCVsJL4YBJY84sInGGmTGRhoINlWExTN9GmX G1eVPa0rAla7/n3BSIh1NLvFz6CNFXWnO7jcT8/aE87UOV28xPr+JmVWd+l1JYsO grvwJHoVqE63ZodiOdevMEE4F3rVSeFQ -----END CERTIFICATE-----Generated at Sun Jun 15 08:34:54 2025 by rpki-client