$ rpki-client -vvf rpki.apnic.net/member_repository/A9144CB7/8C93F76CE17611EFB7981B19C4F9AE02/opgFnwZTffjAi4klX3lZQaMcGAA.mft File: opgFnwZTffjAi4klX3lZQaMcGAA.mft (raw, json) Hash identifier: XyWoZjcfkEGa/qG5aMz5fdgCckOP5ytRkw3sWnZazMI= Subject key identifier: 1B:24:5F:90:9C:EE:7A:48:2F:8C:F0:6D:0E:A7:A5:0A:14:6C:6A:13 Authority key identifier: A2:98:05:9F:06:53:7D:F8:C0:8B:89:25:5F:79:59:41:A3:1C:18:00 Certificate issuer: /CN=A9144CB7/serialNumber=A298059F06537DF8C08B89255F795941A31C1800 Certificate serial: 2D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/opgFnwZTffjAi4klX3lZQaMcGAA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9144CB7/8C93F76CE17611EFB7981B19C4F9AE02/opgFnwZTffjAi4klX3lZQaMcGAA.mft Manifest number: 2C Signing time: Fri 25 Apr 2025 06:41:57 +0000 Manifest this update: Fri 25 Apr 2025 06:41:57 +0000 Manifest next update: Fri 02 May 2025 06:41:57 +0000 Files and hashes: 1: opgFnwZTffjAi4klX3lZQaMcGAA.crl (hash: pO3I2VgvC1APVNRGMWkZlnRKPl0YaOPkllXZxpkvXgM=) 2: E8716FD4EA3511EF89116C52C4F9AE02.roa (hash: /ib2O66BEz/+EIpjbYLfsm9ZEc6Tr2GDRN2PvAJwp9o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9144CB7/8C93F76CE17611EFB7981B19C4F9AE02/opgFnwZTffjAi4klX3lZQaMcGAA.crl rsync://rpki.apnic.net/member_repository/A9144CB7/8C93F76CE17611EFB7981B19C4F9AE02/opgFnwZTffjAi4klX3lZQaMcGAA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/opgFnwZTffjAi4klX3lZQaMcGAA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:41:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45 (0x2d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9144CB7, serialNumber=A298059F06537DF8C08B89255F795941A31C1800 Validity Not Before: Apr 25 06:41:57 2025 GMT Not After : May 2 06:41:57 2025 GMT Subject: CN=680b2eb5-c335 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:35:17:64:22:6a:f5:51:6e:78:8f:2e:52:58: a1:0f:41:02:e1:59:f0:a3:05:0d:e7:9a:ce:41:16: a1:2c:eb:25:c7:9e:85:26:9e:0d:64:e3:3c:2e:86: 87:36:92:a7:6e:01:0c:58:d9:ab:31:08:8c:0d:28: 35:6c:b1:52:fb:04:08:3f:eb:05:51:b8:7d:9e:6f: 28:06:e6:de:e7:7d:fe:85:64:73:ee:91:02:37:c1: ef:cd:16:7c:88:87:42:74:6e:ba:ee:1b:ca:37:43: ef:7a:54:4c:f8:03:7b:de:a4:89:df:04:27:72:51: 59:4a:44:1e:15:04:0b:f8:fb:80:06:cb:e4:34:de: 5c:c6:7f:c0:b7:10:ad:08:7f:e1:53:0e:ed:44:4c: ff:73:e1:af:e9:71:0b:27:ad:1d:54:68:3b:1f:6d: 3e:80:f5:67:d1:f4:33:f9:93:d1:eb:ce:ee:e4:03: ab:6b:a8:cd:4d:dc:33:fb:c7:3f:53:84:ec:16:8c: c7:a5:9e:f2:60:de:9f:34:0e:dd:3e:11:88:fe:09: 5c:f5:4c:09:c5:f4:37:f4:e7:00:8f:18:5f:d7:7f: 74:6d:26:54:00:3c:f0:28:82:55:d2:dd:50:d9:0e: c6:c1:bd:43:34:03:78:d6:14:c1:3c:c4:43:69:5f: 17:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:24:5F:90:9C:EE:7A:48:2F:8C:F0:6D:0E:A7:A5:0A:14:6C:6A:13 X509v3 Authority Key Identifier: keyid:A2:98:05:9F:06:53:7D:F8:C0:8B:89:25:5F:79:59:41:A3:1C:18:00 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9144CB7/8C93F76CE17611EFB7981B19C4F9AE02/opgFnwZTffjAi4klX3lZQaMcGAA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/opgFnwZTffjAi4klX3lZQaMcGAA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9144CB7/8C93F76CE17611EFB7981B19C4F9AE02/opgFnwZTffjAi4klX3lZQaMcGAA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 09:5d:5f:57:95:e6:ee:e9:56:75:ee:1b:3a:fd:0a:29:d3:48: f3:2a:aa:e1:e5:cb:6a:8a:4e:a3:4f:ef:e6:7a:ad:70:4d:bb: 27:82:85:8c:4c:15:5b:8a:44:ee:52:0a:9e:e8:9d:be:ff:32: b0:7c:47:ea:0c:76:b6:79:b7:85:5a:00:a7:31:1f:8b:1d:ad: 97:c3:13:6c:66:b6:50:07:a8:72:ad:d0:f3:a7:50:8d:c2:99: e6:26:b4:7d:5c:37:a0:b4:2c:f3:94:c3:ed:63:6f:13:94:69: 32:de:22:af:8e:a8:90:d7:d3:b9:4b:9f:06:40:39:62:5e:72: 59:4f:a5:13:97:9a:d5:ce:85:81:3a:cd:35:e7:44:0f:1d:46: 4e:f8:1e:bf:f6:01:3f:88:dc:38:f9:5a:dd:a0:ad:62:91:ba: 6b:3b:37:73:16:57:c7:66:ee:84:8d:2a:ec:47:d6:f9:30:45: 05:2d:c3:54:aa:ad:aa:cc:13:ee:4d:5a:38:c0:93:c5:cc:10: 8b:b0:aa:f1:1a:2f:8f:f0:06:92:32:3e:82:8b:58:6b:87:90: a9:9b:60:19:e5:bd:78:d6:2d:b0:c4:3f:21:ee:ca:83:6b:b7: 7c:25:f5:1b:22:e6:6e:c8:58:ee:77:ba:aa:1e:e6:91:58:23: e7:4d:14:46 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBLTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 NENCNzExMC8GA1UEBRMoQTI5ODA1OUYwNjUzN0RGOEMwOEI4OTI1NUY3OTU5NDFB MzFDMTgwMDAeFw0yNTA0MjUwNjQxNTdaFw0yNTA1MDIwNjQxNTdaMBgxFjAUBgNV BAMTDTY4MGIyZWI1LWMzMzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDDNRdkImr1UW54jy5SWKEPQQLhWfCjBQ3nms5BFqEs6yXHnoUmng1k4zwuhoc2 kqduAQxY2asxCIwNKDVssVL7BAg/6wVRuH2ebygG5t7nff6FZHPukQI3we/NFnyI h0J0brruG8o3Q+96VEz4A3vepInfBCdyUVlKRB4VBAv4+4AGy+Q03lzGf8C3EK0I f+FTDu1ETP9z4a/pcQsnrR1UaDsfbT6A9WfR9DP5k9Hrzu7kA6trqM1N3DP7xz9T hOwWjMelnvJg3p80Dt0+EYj+CVz1TAnF9Df05wCPGF/Xf3RtJlQAPPAoglXS3VDZ DsbBvUM0A3jWFME8xENpXxeXAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUGyRfkJzu ekgvjPBtDqelChRsahMwHwYDVR0jBBgwFoAUopgFnwZTffjAi4klX3lZQaMcGAAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ0Q0I3LzhDOTNGNzZDRTE3 NjExRUZCNzk4MUIxOUM0RjlBRTAyL29wZ0Zud1pUZmZqQWk0a2xYM2xaUWFNY0dB QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvb3BnRm53WlRmZmpBaTRrbFgzbFpRYU1jR0FBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ0 Q0I3LzhDOTNGNzZDRTE3NjExRUZCNzk4MUIxOUM0RjlBRTAyL29wZ0Zud1pUZmZq QWk0a2xYM2xaUWFNY0dBQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAAldX1eV5u7pVnXuGzr9CinTSPMqquHly2qKTqNP7+Z6rXBNuyeChYxM FVuKRO5SCp7onb7/MrB8R+oMdrZ5t4VaAKcxH4sdrZfDE2xmtlAHqHKt0POnUI3C meYmtH1cN6C0LPOUw+1jbxOUaTLeIq+OqJDX07lLnwZAOWJecllPpROXmtXOhYE6 zTXnRA8dRk74Hr/2AT+I3Dj5Wt2grWKRums7N3MWV8dm7oSNKuxH1vkwRQUtw1Sq rarME+5NWjjAk8XMEIuwqvEaL4/wBpIyPoKLWGuHkKmbYBnlvXjWLbDEPyHuyoNr t3wl9Rsi5m7IWO53uqoe5pFYI+dNFEY= -----END CERTIFICATE-----Generated at Sat Apr 26 04:36:47 2025 by rpki-client