$ rpki-client -vvf rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.mft File: OHvc-OlHoaBOL0OH-99wZUpE0b0.mft (raw, json) Hash identifier: 4UloxOJFXpt67G29xdrM6Fxc68ard4MtNnsEecgecag= Subject key identifier: 8F:94:EF:5B:38:D1:0A:64:7E:4E:33:12:8A:A5:68:14:00:61:A3:8C Authority key identifier: 38:7B:DC:F8:E9:47:A1:A0:4E:2F:43:87:FB:DF:70:65:4A:44:D1:BD Certificate issuer: /CN=A913ACF4/serialNumber=387BDCF8E947A1A04E2F4387FBDF70654A44D1BD Certificate serial: 0958 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OHvc-OlHoaBOL0OH-99wZUpE0b0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.mft Manifest number: 0951 Signing time: Thu 12 Jun 2025 19:59:22 +0000 Manifest this update: Thu 12 Jun 2025 19:59:21 +0000 Manifest next update: Thu 19 Jun 2025 19:59:21 +0000 Files and hashes: 1: OHvc-OlHoaBOL0OH-99wZUpE0b0.crl (hash: xlQ0cquJirKo4c0B3y9B7rvqlh7MkeVqnFhkwItxmKw=) 2: 25E6E72899FE11EAB3E30513C4F9AE02.roa (hash: Z6vRCcxL1bmdrItPmj7qCyzvetl7oMIALv4P0w4CxB8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.crl rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OHvc-OlHoaBOL0OH-99wZUpE0b0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 19 Jun 2025 19:59:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2392 (0x958) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913ACF4, serialNumber=387BDCF8E947A1A04E2F4387FBDF70654A44D1BD Validity Not Before: Jun 12 19:59:21 2025 GMT Not After : Jun 19 19:59:21 2025 GMT Subject: CN=684b3199-d05d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:26:74:7d:c6:b7:db:6f:b1:f8:0c:08:0c:f8: da:b5:ad:28:6b:12:f2:45:e0:1e:6c:03:67:ae:45: 85:80:39:39:c6:e4:17:9e:56:3a:18:32:14:e6:e8: df:06:58:4a:32:27:e4:6a:14:d3:f8:77:1a:f4:7f: b0:7e:d3:a2:6b:c4:0c:97:0f:b4:2f:aa:a5:4b:33: 93:cb:ee:0e:b0:fa:d8:b0:eb:fd:c9:43:a9:1d:dc: de:4c:2a:1d:d5:c4:e8:bc:bd:24:8e:ac:7a:51:69: 44:f7:16:2e:31:e0:ed:d6:9f:9b:4c:08:28:e5:e8: ee:31:0b:82:66:f0:5f:1b:0b:37:1f:93:8a:ad:4b: 97:bd:a6:73:a6:c6:47:54:fe:95:35:b1:86:d6:c8: 7d:b3:8a:9a:57:ed:66:b5:70:69:0b:61:f9:ca:84: 86:d8:d1:08:d3:9d:73:07:09:52:a4:ea:b3:48:a4: 7a:bf:05:55:77:f5:d3:0e:fd:2a:88:98:ab:26:bb: 53:1a:fa:ca:4e:c8:a1:94:21:c0:18:a7:b0:e7:1d: 39:54:77:33:f5:68:69:98:73:02:09:e8:53:17:a4: f9:9e:bf:19:0d:c0:ca:a1:7a:c9:1d:01:4b:91:70: fd:b9:94:f2:a3:e2:45:45:9f:dd:e4:69:f0:6b:5c: bb:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:94:EF:5B:38:D1:0A:64:7E:4E:33:12:8A:A5:68:14:00:61:A3:8C X509v3 Authority Key Identifier: keyid:38:7B:DC:F8:E9:47:A1:A0:4E:2F:43:87:FB:DF:70:65:4A:44:D1:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OHvc-OlHoaBOL0OH-99wZUpE0b0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 37:7e:10:6f:97:19:fa:08:83:1d:ed:51:c6:90:da:a4:bd:0a: 3e:af:28:01:fc:f0:49:2b:77:87:77:17:14:6f:9e:00:97:21: e9:9d:2c:5c:f9:59:61:00:26:0e:0c:af:f7:e4:9f:1a:b1:c3: b1:d8:ab:68:80:03:3c:64:b4:8d:0c:f6:05:f5:a9:18:e1:39: 3c:79:2f:15:a6:b8:7d:95:10:27:4d:a6:a7:c8:85:28:bc:51: 19:08:f3:63:0d:c9:46:58:2d:8f:88:25:10:46:e1:4d:78:ba: d3:5d:2b:eb:b8:eb:21:4e:04:25:1d:72:3a:4a:a8:ae:55:eb: cb:72:eb:2c:9d:1d:1c:17:82:c5:0f:9e:49:cc:8c:4c:61:78: 61:29:24:f9:de:a6:8e:f6:8f:18:ab:9b:2f:5d:48:71:65:86: 26:11:4a:0e:31:8b:4e:89:45:88:f8:12:54:f1:46:a6:c4:82: b2:d3:47:67:17:19:ba:f9:41:53:ad:9d:e2:b1:59:b7:85:91: 3b:dd:64:4f:39:53:a1:3b:67:e3:d2:b7:f0:20:b0:09:f6:2a: 78:0a:dc:56:c4:78:30:9a:05:93:0b:ed:ab:a4:c7:e2:3c:6c: 4a:05:7d:24:47:49:bf:ab:b7:01:07:6b:0d:80:de:77:16:d6: 52:df:cb:23 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCVgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0FDRjQxMTAvBgNVBAUTKDM4N0JEQ0Y4RTk0N0ExQTA0RTJGNDM4N0ZCREY3MDY1 NEE0NEQxQkQwHhcNMjUwNjEyMTk1OTIxWhcNMjUwNjE5MTk1OTIxWjAYMRYwFAYD VQQDEw02ODRiMzE5OS1kMDVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApCZ0fca322+x+AwIDPjata0oaxLyReAebANnrkWFgDk5xuQXnlY6GDIU5ujf BlhKMifkahTT+Hca9H+wftOia8QMlw+0L6qlSzOTy+4OsPrYsOv9yUOpHdzeTCod 1cTovL0kjqx6UWlE9xYuMeDt1p+bTAgo5ejuMQuCZvBfGws3H5OKrUuXvaZzpsZH VP6VNbGG1sh9s4qaV+1mtXBpC2H5yoSG2NEI051zBwlSpOqzSKR6vwVVd/XTDv0q iJirJrtTGvrKTsihlCHAGKew5x05VHcz9WhpmHMCCehTF6T5nr8ZDcDKoXrJHQFL kXD9uZTyo+JFRZ/d5Gnwa1y7OwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFI+U71s4 0Qpkfk4zEoqlaBQAYaOMMB8GA1UdIwQYMBaAFDh73PjpR6GgTi9Dh/vfcGVKRNG9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQUNGNC83MEUzMDM2Qzk5 RkMxMUVBOTY1NTQ1MTBDNEY5QUUwMi9PSHZjLU9sSG9hQk9MME9ILTk5d1pVcEUw YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09IdmMtT2xIb2FCT0wwT0gtOTl3WlVwRTBiMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz QUNGNC83MEUzMDM2Qzk5RkMxMUVBOTY1NTQ1MTBDNEY5QUUwMi9PSHZjLU9sSG9h Qk9MME9ILTk5d1pVcEUwYjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA3fhBvlxn6CIMd7VHGkNqkvQo+rygB/PBJK3eHdxcUb54AlyHpnSxc +VlhACYODK/35J8ascOx2KtogAM8ZLSNDPYF9akY4Tk8eS8Vprh9lRAnTaanyIUo vFEZCPNjDclGWC2PiCUQRuFNeLrTXSvruOshTgQlHXI6SqiuVevLcussnR0cF4LF D55JzIxMYXhhKST53qaO9o8Yq5svXUhxZYYmEUoOMYtOiUWI+BJU8UamxIKy00dn Fxm6+UFTrZ3isVm3hZE73WRPOVOhO2fj0rfwILAJ9ip4CtxWxHgwmgWTC+2rpMfi PGxKBX0kR0m/q7cBB2sNgN53FtZS38sj -----END CERTIFICATE-----Generated at Sat Jun 14 19:37:20 2025 by rpki-client