$ rpki-client -vvf rpki.apnic.net/member_repository/A9151638/12711732476C11EC89EF6239C4F9AE02/OFkvBW-DzNQKYq4RYCkmlChaLPQ.mft File: OFkvBW-DzNQKYq4RYCkmlChaLPQ.mft (raw, json) Hash identifier: PcYRXSG1VlrCc4wBbLOwtEVNYyC/kTyk5fZsI0az4PY= Subject key identifier: EA:9E:7D:6C:5D:5E:C8:B5:DB:EA:FE:D3:68:78:96:E0:9C:AA:EC:91 Authority key identifier: 38:59:2F:05:6F:83:CC:D4:0A:62:AE:11:60:29:26:94:28:5A:2C:F4 Certificate issuer: /CN=A9151638/serialNumber=38592F056F83CCD40A62AE1160292694285A2CF4 Certificate serial: 0467 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OFkvBW-DzNQKYq4RYCkmlChaLPQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9151638/12711732476C11EC89EF6239C4F9AE02/OFkvBW-DzNQKYq4RYCkmlChaLPQ.mft Manifest number: 0462 Signing time: Thu 24 Apr 2025 23:55:54 +0000 Manifest this update: Thu 24 Apr 2025 23:55:53 +0000 Manifest next update: Thu 01 May 2025 23:55:53 +0000 Files and hashes: 1: OFkvBW-DzNQKYq4RYCkmlChaLPQ.crl (hash: cH9Uxcb16TEkzhNCiUk/ZcgU3KTF8XpmYd5Bhw79iAs=) 2: 2404BA68477011EC8A31B762C4F9AE02.roa (hash: w9FaGj3sY61MFEZzIunRrfWZ3OYXoXaJ/HX3XZ5M44M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9151638/12711732476C11EC89EF6239C4F9AE02/OFkvBW-DzNQKYq4RYCkmlChaLPQ.crl rsync://rpki.apnic.net/member_repository/A9151638/12711732476C11EC89EF6239C4F9AE02/OFkvBW-DzNQKYq4RYCkmlChaLPQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OFkvBW-DzNQKYq4RYCkmlChaLPQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 23:55:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1127 (0x467) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9151638, serialNumber=38592F056F83CCD40A62AE1160292694285A2CF4 Validity Not Before: Apr 24 23:55:53 2025 GMT Not After : May 1 23:55:53 2025 GMT Subject: CN=680acf89-7b26 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:35:2c:93:27:75:26:e4:c7:f6:57:d3:d8:91: 3b:77:29:c0:9b:cf:15:88:ff:a2:fe:16:8f:cc:8f: 04:09:cb:58:85:94:07:19:4b:e6:e7:35:6c:76:1a: d2:3b:82:1c:0f:b0:05:ba:98:76:05:74:20:87:fb: a2:41:8f:42:e3:6a:dc:e5:f0:eb:fb:9d:68:95:e5: c0:bc:d3:7e:ef:8f:d4:1e:e2:1e:f7:2f:18:67:77: ba:68:f2:0b:17:2b:ee:e3:7f:db:f4:27:70:29:a5: 3d:0e:4b:1b:72:10:fd:d3:9e:bd:75:c5:ea:11:5f: e7:51:81:25:01:7b:0d:a8:d0:f9:8a:2c:70:47:c9: 50:00:e0:1a:8a:b2:cf:50:ec:8f:02:5b:d6:c2:ce: 81:47:5f:34:96:33:ed:f3:23:8f:25:22:57:04:06: b0:5a:63:7a:3d:19:d7:13:e9:56:9d:29:57:2c:f4: d5:49:01:f7:9e:f7:56:a8:47:5f:50:9f:f0:83:0b: bc:1e:96:58:30:6a:16:bd:24:e5:61:1b:7d:65:ec: 00:31:dd:b0:74:9e:81:f2:d6:08:c4:63:48:fc:53: 87:2e:9f:b0:b4:b5:4b:f3:a8:8e:7b:7d:fe:89:a3: 36:8d:56:73:5f:24:10:28:0b:9c:8b:16:a0:34:00: 15:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:9E:7D:6C:5D:5E:C8:B5:DB:EA:FE:D3:68:78:96:E0:9C:AA:EC:91 X509v3 Authority Key Identifier: keyid:38:59:2F:05:6F:83:CC:D4:0A:62:AE:11:60:29:26:94:28:5A:2C:F4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9151638/12711732476C11EC89EF6239C4F9AE02/OFkvBW-DzNQKYq4RYCkmlChaLPQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OFkvBW-DzNQKYq4RYCkmlChaLPQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9151638/12711732476C11EC89EF6239C4F9AE02/OFkvBW-DzNQKYq4RYCkmlChaLPQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a7:54:bd:d1:51:99:13:2f:a3:2a:0e:0f:48:65:59:88:52:9f: 7a:0a:96:b9:e4:19:e3:22:2e:b7:14:be:4e:15:49:ce:65:2e: 46:c8:23:97:e0:b2:3a:c5:f8:4d:41:27:c2:48:cb:25:08:91: f8:0e:1d:4a:33:44:7f:70:3b:9a:58:fe:34:84:fa:70:90:d9: e6:85:6a:57:c6:1f:b0:bb:eb:5d:03:55:32:ef:66:6e:d5:70: ae:d8:6c:6a:15:fb:75:fe:df:33:a0:48:16:8d:00:ed:ba:f9: cc:5f:d6:17:44:66:0e:db:20:de:c2:0f:c3:50:a6:35:39:de: 62:6b:db:8a:8a:92:fa:7a:1b:50:bd:a0:9b:84:75:95:21:2e: ce:a6:e3:ae:f6:d4:77:56:72:4c:91:a8:02:20:f7:af:40:a6: 4e:40:a0:f9:52:a6:49:31:66:19:56:41:75:72:10:32:1d:c9: 6e:5c:84:5d:65:12:8a:19:eb:72:20:29:81:90:37:f2:29:4b: ba:1b:ef:d0:51:65:ff:b8:49:47:42:ce:9e:5e:44:43:3d:84: 3f:a8:9e:92:4e:11:2e:f3:c0:f1:e4:87:e0:f5:0d:25:52:96: f3:2b:22:27:38:19:bb:76:7e:6c:eb:01:1d:54:ce:6e:16:3c: 99:cb:62:13 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBGcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTE2MzgxMTAvBgNVBAUTKDM4NTkyRjA1NkY4M0NDRDQwQTYyQUUxMTYwMjkyNjk0 Mjg1QTJDRjQwHhcNMjUwNDI0MjM1NTUzWhcNMjUwNTAxMjM1NTUzWjAYMRYwFAYD VQQDEw02ODBhY2Y4OS03YjI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyTUskyd1JuTH9lfT2JE7dynAm88ViP+i/haPzI8ECctYhZQHGUvm5zVsdhrS O4IcD7AFuph2BXQgh/uiQY9C42rc5fDr+51oleXAvNN+74/UHuIe9y8YZ3e6aPIL Fyvu43/b9CdwKaU9DksbchD90569dcXqEV/nUYElAXsNqND5iixwR8lQAOAairLP UOyPAlvWws6BR180ljPt8yOPJSJXBAawWmN6PRnXE+lWnSlXLPTVSQH3nvdWqEdf UJ/wgwu8HpZYMGoWvSTlYRt9ZewAMd2wdJ6B8tYIxGNI/FOHLp+wtLVL86iOe33+ iaM2jVZzXyQQKAucixagNAAVnQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOqefWxd Xsi12+r+02h4luCcquyRMB8GA1UdIwQYMBaAFDhZLwVvg8zUCmKuEWApJpQoWiz0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTYzOC8xMjcxMTczMjQ3 NkMxMUVDODlFRjYyMzlDNEY5QUUwMi9PRmt2QlctRHpOUUtZcTRSWUNrbWxDaGFM UFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09Ga3ZCVy1Eek5RS1lxNFJZQ2ttbENoYUxQUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 MTYzOC8xMjcxMTczMjQ3NkMxMUVDODlFRjYyMzlDNEY5QUUwMi9PRmt2QlctRHpO UUtZcTRSWUNrbWxDaGFMUFEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCnVL3RUZkTL6MqDg9IZVmIUp96Cpa55BnjIi63FL5OFUnOZS5GyCOX 4LI6xfhNQSfCSMslCJH4Dh1KM0R/cDuaWP40hPpwkNnmhWpXxh+wu+tdA1Uy72Zu 1XCu2GxqFft1/t8zoEgWjQDtuvnMX9YXRGYO2yDewg/DUKY1Od5ia9uKipL6ehtQ vaCbhHWVIS7OpuOu9tR3VnJMkagCIPevQKZOQKD5UqZJMWYZVkF1chAyHcluXIRd ZRKKGetyICmBkDfyKUu6G+/QUWX/uElHQs6eXkRDPYQ/qJ6SThEu88Dx5Ifg9Q0l UpbzKyInOBm7dn5s6wEdVM5uFjyZy2IT -----END CERTIFICATE-----Generated at Sat Apr 26 04:23:02 2025 by rpki-client