$ rpki-client -vvf rpki.apnic.net/member_repository/A917604B/41C0135C6DAE11EEA80D0574C4F9AE02/oUvaoxV2pjZ6C1w6yrkcTp8xGO8.mft File: oUvaoxV2pjZ6C1w6yrkcTp8xGO8.mft (raw, json) Hash identifier: 6ltDZ8LQ5+8OHZ46Vu0KE4B2JXHnHB/2034h1sl3LHs= Subject key identifier: E3:B2:71:EE:B4:06:07:8D:85:27:F7:82:D4:F6:63:ED:77:6C:59:35 Authority key identifier: A1:4B:DA:A3:15:76:A6:36:7A:0B:5C:3A:CA:B9:1C:4E:9F:31:18:EF Certificate issuer: /CN=A917604B/serialNumber=A14BDAA31576A6367A0B5C3ACAB91C4E9F3118EF Certificate serial: 0122 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oUvaoxV2pjZ6C1w6yrkcTp8xGO8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917604B/41C0135C6DAE11EEA80D0574C4F9AE02/oUvaoxV2pjZ6C1w6yrkcTp8xGO8.mft Manifest number: 011F Signing time: Fri 25 Apr 2025 03:50:15 +0000 Manifest this update: Fri 25 Apr 2025 03:50:15 +0000 Manifest next update: Fri 02 May 2025 03:50:15 +0000 Files and hashes: 1: oUvaoxV2pjZ6C1w6yrkcTp8xGO8.crl (hash: jSwsJXnDbCc1DgErWAGnBE0ErEGvNQ5FMbN29zPpdlw=) 2: 2D7DCF98BA1411EFBD0C393DC4F9AE02.roa (hash: fg42UFyy2LFjnZK3Qasj9lnWcNe6AFnhvIhyePUvpAM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917604B/41C0135C6DAE11EEA80D0574C4F9AE02/oUvaoxV2pjZ6C1w6yrkcTp8xGO8.crl rsync://rpki.apnic.net/member_repository/A917604B/41C0135C6DAE11EEA80D0574C4F9AE02/oUvaoxV2pjZ6C1w6yrkcTp8xGO8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oUvaoxV2pjZ6C1w6yrkcTp8xGO8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 03:50:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 290 (0x122) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917604B, serialNumber=A14BDAA31576A6367A0B5C3ACAB91C4E9F3118EF Validity Not Before: Apr 25 03:50:15 2025 GMT Not After : May 2 03:50:15 2025 GMT Subject: CN=680b0677-7b70 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:81:a4:3a:52:bc:19:28:ac:f5:67:a7:93:46: 28:bf:1c:a1:f4:98:d5:36:71:3a:50:6a:19:29:0a: d3:51:03:88:34:31:8c:fe:1c:4b:01:ec:f9:40:40: fc:03:d5:5b:3b:09:c8:5d:39:c4:b0:21:10:2c:40: fa:ae:56:0e:ee:45:3e:2d:02:1f:1c:46:22:c1:3f: b8:3f:8d:2a:99:8b:a6:2b:37:4b:2a:b6:f2:44:d7: 7b:34:6c:1b:42:8b:c8:40:28:98:ac:84:f2:29:6c: ca:2e:a3:25:1e:1f:ea:33:7c:eb:7e:3b:09:98:e3: b4:3a:48:34:e2:04:8f:dd:59:a3:a5:63:b0:dd:a1: fb:97:2f:b1:d7:d5:46:f8:c5:c2:3c:76:04:9b:f3: 8e:5b:94:22:d0:db:7e:3b:14:a5:96:8b:20:46:ab: a2:db:12:13:66:0c:60:2f:6a:73:c0:84:f7:9f:fd: c9:8f:2a:35:9f:d4:3e:81:fd:c1:a1:66:16:7f:b4: 9d:c3:2f:f8:ac:e7:48:ee:79:21:59:39:ca:ef:fe: e8:9b:58:65:4f:b2:35:90:ce:5a:09:2c:0c:da:fb: 51:f3:67:12:1d:0b:84:51:71:23:a2:4d:e6:cc:c2: 44:cc:3b:8f:db:2c:92:93:fc:bc:e0:86:c2:75:25: 16:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:B2:71:EE:B4:06:07:8D:85:27:F7:82:D4:F6:63:ED:77:6C:59:35 X509v3 Authority Key Identifier: keyid:A1:4B:DA:A3:15:76:A6:36:7A:0B:5C:3A:CA:B9:1C:4E:9F:31:18:EF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917604B/41C0135C6DAE11EEA80D0574C4F9AE02/oUvaoxV2pjZ6C1w6yrkcTp8xGO8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oUvaoxV2pjZ6C1w6yrkcTp8xGO8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917604B/41C0135C6DAE11EEA80D0574C4F9AE02/oUvaoxV2pjZ6C1w6yrkcTp8xGO8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0b:75:e8:3a:fc:f6:a3:b4:dc:55:9e:0f:f2:7f:be:4e:31:21: a2:ae:6a:a8:2c:d5:14:67:fe:dd:2a:a4:03:03:eb:08:1b:99: 22:c4:4f:a0:f3:ae:32:e9:3b:6d:4b:37:fa:0c:91:5f:9e:54: 24:68:f8:11:15:bf:81:02:f7:85:18:bf:41:0b:ea:80:d8:39: 54:83:4f:6f:0b:12:17:e8:b9:c7:bb:8e:aa:af:71:84:f8:fc: 78:b9:a3:07:37:55:a8:8f:5f:aa:94:fe:67:4f:e1:14:8b:a2: 03:bd:e5:99:be:1d:81:bd:40:71:d2:86:80:0c:58:9f:78:d0: 6f:e7:9d:79:6e:22:1a:d3:33:84:90:1d:2a:f5:43:e0:5d:e5: 6b:b4:ee:11:5d:e5:1d:0f:0a:09:f8:58:db:b4:f3:b0:d4:4c: fa:f2:e7:0b:12:f9:3d:c2:85:41:34:71:89:8d:30:b4:cf:e3: 83:5b:9d:76:1e:43:d2:c0:17:59:cf:e6:45:38:55:89:47:9d: ff:3a:7c:ce:9f:c0:58:bf:57:28:d9:cd:64:27:06:5d:be:20: 6c:48:5a:1e:7f:de:95:21:6d:cc:4a:a7:94:79:83:6e:82:5e: 1f:4e:7f:5a:cb:ca:b1:8a:c5:d2:0b:c0:d8:39:a0:8c:8f:67: 49:12:df:cb -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzYwNEIxMTAvBgNVBAUTKEExNEJEQUEzMTU3NkE2MzY3QTBCNUMzQUNBQjkxQzRF OUYzMTE4RUYwHhcNMjUwNDI1MDM1MDE1WhcNMjUwNTAyMDM1MDE1WjAYMRYwFAYD VQQDEw02ODBiMDY3Ny03YjcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsYGkOlK8GSis9Wenk0Yovxyh9JjVNnE6UGoZKQrTUQOINDGM/hxLAez5QED8 A9VbOwnIXTnEsCEQLED6rlYO7kU+LQIfHEYiwT+4P40qmYumKzdLKrbyRNd7NGwb QovIQCiYrITyKWzKLqMlHh/qM3zrfjsJmOO0Okg04gSP3VmjpWOw3aH7ly+x19VG +MXCPHYEm/OOW5Qi0Nt+OxSllosgRqui2xITZgxgL2pzwIT3n/3Jjyo1n9Q+gf3B oWYWf7Sdwy/4rOdI7nkhWTnK7/7om1hlT7I1kM5aCSwM2vtR82cSHQuEUXEjok3m zMJEzDuP2yySk/y84IbCdSUW6QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOOyce60 BgeNhSf3gtT2Y+13bFk1MB8GA1UdIwQYMBaAFKFL2qMVdqY2egtcOsq5HE6fMRjv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NjA0Qi80MUMwMTM1QzZE QUUxMUVFQTgwRDA1NzRDNEY5QUUwMi9vVXZhb3hWMnBqWjZDMXc2eXJrY1RwOHhH TzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29VdmFveFYycGpaNkMxdzZ5cmtjVHA4eEdPOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 NjA0Qi80MUMwMTM1QzZEQUUxMUVFQTgwRDA1NzRDNEY5QUUwMi9vVXZhb3hWMnBq WjZDMXc2eXJrY1RwOHhHTzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQALdeg6/PajtNxVng/yf75OMSGirmqoLNUUZ/7dKqQDA+sIG5kixE+g 864y6TttSzf6DJFfnlQkaPgRFb+BAveFGL9BC+qA2DlUg09vCxIX6LnHu46qr3GE +Px4uaMHN1Woj1+qlP5nT+EUi6IDveWZvh2BvUBx0oaADFifeNBv5515biIa0zOE kB0q9UPgXeVrtO4RXeUdDwoJ+FjbtPOw1Ez68ucLEvk9woVBNHGJjTC0z+ODW512 HkPSwBdZz+ZFOFWJR53/OnzOn8BYv1co2c1kJwZdviBsSFoef96VIW3MSqeUeYNu gl4fTn9ay8qxisXSC8DYOaCMj2dJEt/L -----END CERTIFICATE-----Generated at Sat Apr 26 04:31:38 2025 by rpki-client