$ rpki-client -vvf rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.mft File: OHvc-OlHoaBOL0OH-99wZUpE0b0.mft (raw, json) Hash identifier: dN+9YU+5XsXparlXM6NEb+KNEmxx1ewHNQ9UJlXUfgA= Subject key identifier: 8A:12:A3:65:DF:F4:BD:C0:1F:92:E5:38:43:4C:40:B9:DD:2B:09:2A Authority key identifier: 38:7B:DC:F8:E9:47:A1:A0:4E:2F:43:87:FB:DF:70:65:4A:44:D1:BD Certificate issuer: /CN=A913ACF4/serialNumber=387BDCF8E947A1A04E2F4387FBDF70654A44D1BD Certificate serial: 093E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OHvc-OlHoaBOL0OH-99wZUpE0b0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.mft Manifest number: 0937 Signing time: Thu 24 Apr 2025 20:08:53 +0000 Manifest this update: Thu 24 Apr 2025 20:08:52 +0000 Manifest next update: Thu 01 May 2025 20:08:52 +0000 Files and hashes: 1: OHvc-OlHoaBOL0OH-99wZUpE0b0.crl (hash: IixegPzQgtLLNRRT+QQGuhFf1unwokwcbElIS18BrYg=) 2: 25E6E72899FE11EAB3E30513C4F9AE02.roa (hash: Z6vRCcxL1bmdrItPmj7qCyzvetl7oMIALv4P0w4CxB8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.crl rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OHvc-OlHoaBOL0OH-99wZUpE0b0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:08:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2366 (0x93e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913ACF4, serialNumber=387BDCF8E947A1A04E2F4387FBDF70654A44D1BD Validity Not Before: Apr 24 20:08:52 2025 GMT Not After : May 1 20:08:52 2025 GMT Subject: CN=680a9a55-e09c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:a4:72:a5:15:95:65:b6:62:9e:6b:77:35:d3: 2d:c7:8e:8e:59:04:32:de:1a:2b:9e:51:8b:7b:5d: 71:71:f3:91:ed:70:72:6b:a7:cb:f2:d9:5f:1b:c0: e6:84:5e:2f:1a:04:c1:7a:65:44:6a:d7:e1:be:52: b6:4c:65:85:0e:85:6a:9a:b1:e6:54:68:d1:64:07: ff:4e:23:02:d1:45:91:c0:5d:d5:eb:08:da:85:b0: ad:be:84:97:c9:7d:f3:b4:b7:ae:22:30:c0:39:4a: 4b:93:c2:dc:47:0c:66:f3:ca:91:a7:73:65:c2:76: 32:91:ac:91:43:14:44:f6:e8:c7:9d:45:93:65:a0: b0:15:71:53:30:1e:00:ec:ca:e5:c8:f5:14:61:75: 5f:a5:b4:5a:4c:67:3a:ab:ba:7a:1f:08:b2:37:8b: b1:04:26:fd:3c:5f:29:a4:65:4b:85:95:5f:6b:4f: f3:b2:e4:22:1e:78:29:b2:db:19:09:6a:80:36:7f: c8:42:ae:3d:96:49:47:cf:82:c1:63:67:3c:c7:f6: f0:9e:e1:67:3c:1b:f3:b8:64:63:e3:55:61:4a:73: 89:ad:78:7d:7c:5c:77:eb:05:d0:66:37:68:3d:b9: 28:7e:58:54:d4:09:d9:2f:a5:25:10:ce:e5:b7:8e: 28:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:12:A3:65:DF:F4:BD:C0:1F:92:E5:38:43:4C:40:B9:DD:2B:09:2A X509v3 Authority Key Identifier: keyid:38:7B:DC:F8:E9:47:A1:A0:4E:2F:43:87:FB:DF:70:65:4A:44:D1:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OHvc-OlHoaBOL0OH-99wZUpE0b0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 78:ef:e8:b4:aa:32:09:14:79:23:4e:1a:4e:97:79:29:fe:dd: 50:11:b1:6d:a7:8e:bb:5f:b2:10:89:2a:49:97:9d:13:16:4e: 32:26:81:aa:9e:1c:73:dc:55:30:5b:d1:00:5b:0d:96:af:dc: ac:46:78:e5:68:ed:23:44:11:15:fa:16:34:ef:d5:aa:ee:a9: 14:82:74:40:3d:7b:7c:8c:59:ad:38:6e:17:7f:70:2e:95:e7: 5a:26:c1:1c:b5:c2:60:f1:42:51:ad:d2:9f:1a:cc:d1:50:4d: 6e:9a:fd:e2:ae:93:22:32:05:89:f4:f3:20:0f:70:ea:fd:69: cf:a0:ac:db:5d:60:91:b1:22:df:83:d1:14:21:0b:6f:2b:16: 32:b5:5d:f2:cd:dd:3e:76:fe:03:f6:d6:2a:29:88:d8:40:a3: 27:9c:b5:18:57:db:fe:fb:8a:07:d8:f8:6a:0c:fe:94:23:76: 02:8b:45:02:05:b3:ad:f4:93:4b:a6:de:32:7c:bf:98:ce:7e: 34:9e:33:ec:4e:e1:52:04:f4:a2:54:d8:7c:3f:eb:56:c3:5d: 28:10:86:71:19:f4:99:6a:f9:67:d2:e0:21:ea:ca:e1:0a:ea: 76:b4:c0:93:63:25:f0:5d:da:c7:af:2e:7d:32:b7:ff:84:63: c9:09:de:67 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCT4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0FDRjQxMTAvBgNVBAUTKDM4N0JEQ0Y4RTk0N0ExQTA0RTJGNDM4N0ZCREY3MDY1 NEE0NEQxQkQwHhcNMjUwNDI0MjAwODUyWhcNMjUwNTAxMjAwODUyWjAYMRYwFAYD VQQDEw02ODBhOWE1NS1lMDljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5aRypRWVZbZinmt3NdMtx46OWQQy3hornlGLe11xcfOR7XBya6fL8tlfG8Dm hF4vGgTBemVEatfhvlK2TGWFDoVqmrHmVGjRZAf/TiMC0UWRwF3V6wjahbCtvoSX yX3ztLeuIjDAOUpLk8LcRwxm88qRp3NlwnYykayRQxRE9ujHnUWTZaCwFXFTMB4A 7MrlyPUUYXVfpbRaTGc6q7p6HwiyN4uxBCb9PF8ppGVLhZVfa0/zsuQiHngpstsZ CWqANn/IQq49lklHz4LBY2c8x/bwnuFnPBvzuGRj41VhSnOJrXh9fFx36wXQZjdo PbkoflhU1AnZL6UlEM7lt44o4QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIoSo2Xf 9L3AH5LlOENMQLndKwkqMB8GA1UdIwQYMBaAFDh73PjpR6GgTi9Dh/vfcGVKRNG9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQUNGNC83MEUzMDM2Qzk5 RkMxMUVBOTY1NTQ1MTBDNEY5QUUwMi9PSHZjLU9sSG9hQk9MME9ILTk5d1pVcEUw YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09IdmMtT2xIb2FCT0wwT0gtOTl3WlVwRTBiMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz QUNGNC83MEUzMDM2Qzk5RkMxMUVBOTY1NTQ1MTBDNEY5QUUwMi9PSHZjLU9sSG9h Qk9MME9ILTk5d1pVcEUwYjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB47+i0qjIJFHkjThpOl3kp/t1QEbFtp467X7IQiSpJl50TFk4yJoGq nhxz3FUwW9EAWw2Wr9ysRnjlaO0jRBEV+hY079Wq7qkUgnRAPXt8jFmtOG4Xf3Au ledaJsEctcJg8UJRrdKfGszRUE1umv3irpMiMgWJ9PMgD3Dq/WnPoKzbXWCRsSLf g9EUIQtvKxYytV3yzd0+dv4D9tYqKYjYQKMnnLUYV9v++4oH2PhqDP6UI3YCi0UC BbOt9JNLpt4yfL+Yzn40njPsTuFSBPSiVNh8P+tWw10oEIZxGfSZavln0uAh6srh Cup2tMCTYyXwXdrHry59Mrf/hGPJCd5n -----END CERTIFICATE-----Generated at Sat Apr 26 15:11:28 2025 by rpki-client