$ rpki-client -vvf rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft File: O-7kvaWgSxBLHXLmAcMJONuktkQ.mft (raw, json) Hash identifier: zVSY9rbYwXG6wJcQ97xW9SZxM3hy9bv74B4/bmwEeG8= Subject key identifier: FE:23:A9:8C:CE:35:80:64:E9:8D:B9:6F:65:83:42:43:58:68:BD:6A Authority key identifier: 3B:EE:E4:BD:A5:A0:4B:10:4B:1D:72:E6:01:C3:09:38:DB:A4:B6:44 Certificate issuer: /CN=A911D2A3/serialNumber=3BEEE4BDA5A04B104B1D72E601C30938DBA4B644 Certificate serial: 14F3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O-7kvaWgSxBLHXLmAcMJONuktkQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft Manifest number: 14E9 Signing time: Thu 24 Apr 2025 16:51:01 +0000 Manifest this update: Thu 24 Apr 2025 16:51:00 +0000 Manifest next update: Thu 01 May 2025 16:51:00 +0000 Files and hashes: 1: O-7kvaWgSxBLHXLmAcMJONuktkQ.crl (hash: y4ey3N4xt/CnnaPsBe3wUGIKX932Nir7Ahz0WR13fgA=) 2: D9EDB272C44C11ECA07C2D77C4F9AE02.roa (hash: wyU9pinjd2UbUaW4sVOJH2OwbvM9u93WKqi90XHcaFI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.crl rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O-7kvaWgSxBLHXLmAcMJONuktkQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 16:51:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5363 (0x14f3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911D2A3, serialNumber=3BEEE4BDA5A04B104B1D72E601C30938DBA4B644 Validity Not Before: Apr 24 16:51:00 2025 GMT Not After : May 1 16:51:00 2025 GMT Subject: CN=680a6bf4-c1aa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:39:ab:4f:78:07:1f:86:21:6b:83:ec:4b:a8: 50:df:64:8d:3d:e0:7f:c3:a4:44:54:35:a5:8f:39: ea:5b:49:de:87:cf:ea:e1:ca:92:12:b4:c8:be:59: 5b:74:c2:cd:8c:f3:4e:13:c4:a0:62:a8:31:ab:32: 71:d4:84:41:81:3a:20:21:42:ef:e5:59:24:9f:3e: dc:e7:11:33:2f:9b:24:a7:88:35:72:54:59:41:2b: e0:72:a3:74:6f:ae:cc:31:7a:26:10:15:f1:18:32: 2e:de:af:df:17:dd:13:a6:27:90:45:ac:ba:f4:f5: 19:15:74:07:5c:fe:cc:b7:ea:19:42:b7:69:18:7b: 34:1e:bb:19:ab:7d:08:f1:6a:56:90:d4:94:cc:ea: 8b:f2:04:87:c6:14:8e:5f:fd:f4:54:cc:e7:bf:29: ba:40:24:d3:ae:20:55:84:a3:18:4f:04:63:07:0b: 7f:09:2d:96:0a:83:16:31:d7:db:53:e6:e7:94:33: 44:de:de:9e:7d:e7:1e:18:2d:1e:ce:92:72:62:d3: 23:bb:6b:e2:75:c8:f1:77:c3:f2:d1:ef:46:42:00: 85:2f:ec:51:6f:1d:60:39:f9:d9:b6:2d:b4:3a:94: bf:a3:27:4b:a6:7d:32:9a:f2:3c:f4:ac:31:5b:cc: ec:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:23:A9:8C:CE:35:80:64:E9:8D:B9:6F:65:83:42:43:58:68:BD:6A X509v3 Authority Key Identifier: keyid:3B:EE:E4:BD:A5:A0:4B:10:4B:1D:72:E6:01:C3:09:38:DB:A4:B6:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O-7kvaWgSxBLHXLmAcMJONuktkQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5e:eb:19:36:57:b7:09:0b:b2:58:77:71:ac:6a:a4:fd:87:8c: f6:c4:b6:f2:66:9c:b6:b4:dc:78:08:b8:15:94:f8:dc:84:4a: 9c:da:ea:1b:7b:0e:30:3a:36:aa:58:d3:cd:14:67:bc:2b:e4: 54:38:19:97:45:d9:1a:b3:2d:a7:e9:84:4e:b6:88:ed:6f:97: f1:e3:2f:da:98:fa:e3:c6:a7:be:d6:d2:47:9a:29:ec:4e:fd: b0:36:4a:dd:5e:b6:17:82:df:a8:44:aa:ab:6b:6e:12:1a:6a: db:c8:48:a8:5a:30:12:0c:c6:10:d3:64:b1:79:40:67:93:c5: 4e:6a:fc:ed:46:cb:bd:0b:b7:49:ef:09:28:5a:96:c1:4d:86: 5b:73:64:1f:e9:d8:0d:53:ec:ca:a7:fc:82:1e:ea:34:e4:05: 7d:7b:0e:22:52:dd:89:33:46:b5:d1:8e:7f:ea:25:f7:16:72: 7c:9c:d0:f0:8c:fb:d9:41:16:2a:f1:64:49:da:fe:d7:9f:89: da:f5:52:27:fe:15:c5:c0:81:a0:5f:c1:0f:d6:73:31:72:fe: 7c:2d:01:de:57:08:3b:53:dd:c4:4d:c6:a0:b7:7a:86:fe:3c: ee:22:49:cc:d7:86:cb:00:da:93:de:19:6c:01:54:e2:8a:95: 0a:31:80:c9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFPMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUQyQTMxMTAvBgNVBAUTKDNCRUVFNEJEQTVBMDRCMTA0QjFENzJFNjAxQzMwOTM4 REJBNEI2NDQwHhcNMjUwNDI0MTY1MTAwWhcNMjUwNTAxMTY1MTAwWjAYMRYwFAYD VQQDEw02ODBhNmJmNC1jMWFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwDmrT3gHH4Yha4PsS6hQ32SNPeB/w6REVDWljznqW0neh8/q4cqSErTIvllb dMLNjPNOE8SgYqgxqzJx1IRBgTogIULv5Vkknz7c5xEzL5skp4g1clRZQSvgcqN0 b67MMXomEBXxGDIu3q/fF90TpieQRay69PUZFXQHXP7Mt+oZQrdpGHs0HrsZq30I 8WpWkNSUzOqL8gSHxhSOX/30VMznvym6QCTTriBVhKMYTwRjBwt/CS2WCoMWMdfb U+bnlDNE3t6efeceGC0ezpJyYtMju2vidcjxd8Py0e9GQgCFL+xRbx1gOfnZti20 OpS/oydLpn0ymvI89KwxW8zsqwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP4jqYzO NYBk6Y25b2WDQkNYaL1qMB8GA1UdIwQYMBaAFDvu5L2loEsQSx1y5gHDCTjbpLZE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDJBMy9GNkFDNjM4NjRF RkQxMUU4ODkyQjg2ODNDNEY5QUUwMi9PLTdrdmFXZ1N4QkxIWExtQWNNSk9OdWt0 a1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL08tN2t2YVdnU3hCTEhYTG1BY01KT051a3RrUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx RDJBMy9GNkFDNjM4NjRFRkQxMUU4ODkyQjg2ODNDNEY5QUUwMi9PLTdrdmFXZ1N4 QkxIWExtQWNNSk9OdWt0a1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBe6xk2V7cJC7JYd3GsaqT9h4z2xLbyZpy2tNx4CLgVlPjchEqc2uob ew4wOjaqWNPNFGe8K+RUOBmXRdkasy2n6YROtojtb5fx4y/amPrjxqe+1tJHmins Tv2wNkrdXrYXgt+oRKqra24SGmrbyEioWjASDMYQ02SxeUBnk8VOavztRsu9C7dJ 7wkoWpbBTYZbc2Qf6dgNU+zKp/yCHuo05AV9ew4iUt2JM0a10Y5/6iX3FnJ8nNDw jPvZQRYq8WRJ2v7Xn4na9VIn/hXFwIGgX8EP1nMxcv58LQHeVwg7U93ETcagt3qG /jzuIknM14bLANqT3hlsAVTiipUKMYDJ -----END CERTIFICATE-----Generated at Sat Apr 26 04:38:26 2025 by rpki-client