$ rpki-client -vvf rpki.apnic.net/member_repository/A9123AB4/1FB040A0B17411E68EC88518C4F9AE02/OGxcstbg7GFBrrc_STUhsFIKPPo.mft File: OGxcstbg7GFBrrc_STUhsFIKPPo.mft (raw, json) Hash identifier: qqZ8tKw7UQJgkpuNBgbOLJUQm2UeAJYg2KnxGdCfBt4= Subject key identifier: C2:04:06:D5:0C:55:CE:23:0C:32:EB:D0:40:AC:76:4C:9C:5B:A5:46 Authority key identifier: 38:6C:5C:B2:D6:E0:EC:61:41:AE:B7:3F:49:35:21:B0:52:0A:3C:FA Certificate issuer: /CN=A9123AB4/serialNumber=386C5CB2D6E0EC6141AEB73F493521B0520A3CFA Certificate serial: 1D2D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OGxcstbg7GFBrrc_STUhsFIKPPo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9123AB4/1FB040A0B17411E68EC88518C4F9AE02/OGxcstbg7GFBrrc_STUhsFIKPPo.mft Manifest number: 1D20 Signing time: Thu 24 Apr 2025 16:09:38 +0000 Manifest this update: Thu 24 Apr 2025 16:09:38 +0000 Manifest next update: Thu 01 May 2025 16:09:38 +0000 Files and hashes: 1: OGxcstbg7GFBrrc_STUhsFIKPPo.crl (hash: j7ISvN9ENWsw1T8cIA5VdYNZlztEPQGVoTU869QaqBk=) 2: DE5B018C8D8B11EBB959991DC4F9AE02.roa (hash: jfTk7qLtFGzciF3MjfSmzCLIXIS5E+uoDhIbl0HSies=) 3: DD9C07828D8B11EBB959991DC4F9AE02.roa (hash: gqOrlTvQP7NE8QcpWskAg9stXohxZ5iMQQauxzl2p0w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9123AB4/1FB040A0B17411E68EC88518C4F9AE02/OGxcstbg7GFBrrc_STUhsFIKPPo.crl rsync://rpki.apnic.net/member_repository/A9123AB4/1FB040A0B17411E68EC88518C4F9AE02/OGxcstbg7GFBrrc_STUhsFIKPPo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OGxcstbg7GFBrrc_STUhsFIKPPo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 16:09:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7469 (0x1d2d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9123AB4, serialNumber=386C5CB2D6E0EC6141AEB73F493521B0520A3CFA Validity Not Before: Apr 24 16:09:38 2025 GMT Not After : May 1 16:09:38 2025 GMT Subject: CN=680a6242-bce5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:4e:d6:44:e0:21:8f:b4:7f:10:86:d7:5b:2d: 07:75:1f:60:68:80:c6:41:b0:64:dc:e6:a3:15:20: b8:43:b3:92:ef:a2:9b:7c:7f:c4:84:a6:ed:24:01: d5:6f:fc:f4:9d:a8:70:ab:7d:67:08:b5:f8:1c:8a: 58:f1:58:cd:05:18:e1:05:66:f2:8c:32:2a:5b:ed: 32:24:13:ed:ad:24:86:a8:ed:23:e3:02:d0:7d:16: 6a:44:da:13:2d:2e:01:88:d3:d6:16:3f:cd:d1:cd: 0a:d8:2c:4c:d4:d4:79:c9:2f:60:5d:b9:c6:e7:f3: 13:3d:5a:92:b5:09:5c:56:d2:53:c7:9e:34:ac:34: 01:39:21:bc:ed:aa:fe:79:9d:33:87:00:d6:2c:4e: 29:21:54:2a:0a:3a:a4:fe:17:df:22:4c:59:4c:33: 43:5d:c0:6d:d6:aa:b2:2a:0f:26:d6:ed:a6:05:03: 07:1d:be:7d:38:51:0e:5c:a4:42:65:b7:3d:3e:37: 6b:a0:85:ad:47:c8:ce:10:5a:dc:7e:42:92:0f:30: 3d:ff:e7:e4:1f:6a:65:09:cf:37:88:22:66:41:0f: 89:8b:ba:c4:ab:dd:31:ac:6c:fc:a1:48:95:b0:b9: 4c:dd:55:9b:f0:28:82:de:24:97:1a:14:20:b2:fd: 94:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:04:06:D5:0C:55:CE:23:0C:32:EB:D0:40:AC:76:4C:9C:5B:A5:46 X509v3 Authority Key Identifier: keyid:38:6C:5C:B2:D6:E0:EC:61:41:AE:B7:3F:49:35:21:B0:52:0A:3C:FA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9123AB4/1FB040A0B17411E68EC88518C4F9AE02/OGxcstbg7GFBrrc_STUhsFIKPPo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OGxcstbg7GFBrrc_STUhsFIKPPo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9123AB4/1FB040A0B17411E68EC88518C4F9AE02/OGxcstbg7GFBrrc_STUhsFIKPPo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 28:e2:d7:22:a9:d4:d8:34:02:03:b2:dc:04:cf:b3:a6:d1:80: 21:f1:58:59:58:c0:1b:88:cb:e2:69:05:be:41:5f:32:1b:78: 7a:01:a1:48:2b:83:41:b8:f6:e4:ac:fd:a7:e6:28:07:72:90: 8a:31:91:6b:3f:a8:e4:93:48:2b:55:a5:91:5e:6e:3f:e7:18: ea:ca:25:87:30:dc:2d:40:57:91:38:5e:f6:94:6a:ae:4b:cc: 10:93:08:9a:b8:c2:b8:16:6f:0a:23:43:db:e9:f1:ef:d2:c5: ac:73:ab:ae:38:ee:b8:48:da:35:5a:3d:c4:62:cd:72:f6:ea: eb:2f:60:b5:a3:34:5c:97:aa:48:b3:a1:2b:74:7c:cd:2c:3f: 7d:ea:78:db:32:cf:94:28:f8:e0:75:43:5d:41:6f:d1:40:03: da:49:09:92:a1:bf:6a:67:ae:2d:95:97:c2:3e:b4:95:ff:6e: 91:b6:a2:bf:d4:e0:f5:17:91:cf:94:05:e3:7b:91:83:58:44: a7:4f:a1:85:86:5c:71:41:a6:d2:86:21:3b:3d:fd:c6:55:f1: 44:82:d6:1a:16:09:01:76:5d:ae:f3:c1:5d:14:63:c6:dc:22: b6:e7:c2:7f:e6:c5:b0:a5:7d:2b:6f:a7:01:f1:5a:dd:e5:f4: 7d:7f:e5:8f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHS0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjNBQjQxMTAvBgNVBAUTKDM4NkM1Q0IyRDZFMEVDNjE0MUFFQjczRjQ5MzUyMUIw NTIwQTNDRkEwHhcNMjUwNDI0MTYwOTM4WhcNMjUwNTAxMTYwOTM4WjAYMRYwFAYD VQQDEw02ODBhNjI0Mi1iY2U1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv07WROAhj7R/EIbXWy0HdR9gaIDGQbBk3OajFSC4Q7OS76KbfH/EhKbtJAHV b/z0nahwq31nCLX4HIpY8VjNBRjhBWbyjDIqW+0yJBPtrSSGqO0j4wLQfRZqRNoT LS4BiNPWFj/N0c0K2CxM1NR5yS9gXbnG5/MTPVqStQlcVtJTx540rDQBOSG87ar+ eZ0zhwDWLE4pIVQqCjqk/hffIkxZTDNDXcBt1qqyKg8m1u2mBQMHHb59OFEOXKRC Zbc9PjdroIWtR8jOEFrcfkKSDzA9/+fkH2plCc83iCJmQQ+Ji7rEq90xrGz8oUiV sLlM3VWb8CiC3iSXGhQgsv2UAQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMIEBtUM Vc4jDDLr0ECsdkycW6VGMB8GA1UdIwQYMBaAFDhsXLLW4OxhQa63P0k1IbBSCjz6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyM0FCNC8xRkIwNDBBMEIx NzQxMUU2OEVDODg1MThDNEY5QUUwMi9PR3hjc3RiZzdHRkJycmNfU1RVaHNGSUtQ UG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09HeGNzdGJnN0dGQnJyY19TVFVoc0ZJS1BQby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy M0FCNC8xRkIwNDBBMEIxNzQxMUU2OEVDODg1MThDNEY5QUUwMi9PR3hjc3RiZzdH RkJycmNfU1RVaHNGSUtQUG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAo4tciqdTYNAIDstwEz7Om0YAh8VhZWMAbiMviaQW+QV8yG3h6AaFI K4NBuPbkrP2n5igHcpCKMZFrP6jkk0grVaWRXm4/5xjqyiWHMNwtQFeROF72lGqu S8wQkwiauMK4Fm8KI0Pb6fHv0sWsc6uuOO64SNo1Wj3EYs1y9urrL2C1ozRcl6pI s6ErdHzNLD996njbMs+UKPjgdUNdQW/RQAPaSQmSob9qZ64tlZfCPrSV/26RtqK/ 1OD1F5HPlAXje5GDWESnT6GFhlxxQabShiE7Pf3GVfFEgtYaFgkBdl2u88FdFGPG 3CK258J/5sWwpX0rb6cB8Vrd5fR9f+WP -----END CERTIFICATE-----Generated at Sat Apr 26 13:04:21 2025 by rpki-client