$ rpki-client -vvf rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.mft File: Ok9ILhJcCNuDBRbVGkot8eCqiso.mft (raw, json) Hash identifier: RNOfZIGblB0Or1W5mWbd5jVSFpHKTDG8cL6xblTJZf0= Subject key identifier: DA:12:ED:74:6D:DA:CB:08:CD:72:7B:3A:1D:3F:DF:B2:2B:E5:8D:F8 Authority key identifier: 3A:4F:48:2E:12:5C:08:DB:83:05:16:D5:1A:4A:2D:F1:E0:AA:8A:CA Certificate issuer: /CN=A918C158/serialNumber=3A4F482E125C08DB830516D51A4A2DF1E0AA8ACA Certificate serial: 0A3F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ok9ILhJcCNuDBRbVGkot8eCqiso.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.mft Manifest number: 0A3A Signing time: Thu 24 Apr 2025 19:38:08 +0000 Manifest this update: Thu 24 Apr 2025 19:38:08 +0000 Manifest next update: Thu 01 May 2025 19:38:08 +0000 Files and hashes: 1: Ok9ILhJcCNuDBRbVGkot8eCqiso.crl (hash: xWyGUqSX7Pwhi3Iby0Zbd7p8Uy6TvrPwfdM7A/T+sf8=) 2: F25A6266796A11EB82E0EE24C4F9AE02.roa (hash: aNxxH/k6H9pUK4+Yh6tMJ5W3Dxa/fkGC+OopIVqyBEI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.crl rsync://rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ok9ILhJcCNuDBRbVGkot8eCqiso.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:38:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2623 (0xa3f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918C158, serialNumber=3A4F482E125C08DB830516D51A4A2DF1E0AA8ACA Validity Not Before: Apr 24 19:38:08 2025 GMT Not After : May 1 19:38:08 2025 GMT Subject: CN=680a9320-24f5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:69:64:00:a2:88:4f:5d:3a:99:70:38:5a:fd: 35:d4:62:21:03:8d:15:37:a1:15:07:73:4c:a1:a0: 7d:73:06:0d:16:64:6d:35:7e:1d:e9:3a:f4:b2:64: 99:4b:e0:39:59:bd:e5:ed:b9:63:34:70:70:7d:87: 48:5a:08:6b:3c:c6:60:29:c3:c0:92:79:d6:51:b0: df:e7:1a:9f:ee:40:4c:3f:b8:bd:49:af:05:f6:07: 06:99:2d:f7:03:13:d5:b2:7c:dc:f3:8d:d4:0c:a7: 83:7f:0d:fd:93:9f:70:3b:f2:d4:80:da:b5:2e:cc: 50:29:e4:5e:6c:57:f8:d4:dd:56:f6:c0:e5:5c:a5: e6:9d:9c:26:6e:a6:08:4c:86:bf:8a:45:37:27:75: 35:36:e8:dc:83:4c:9b:c5:37:80:df:88:c0:21:1b: 10:10:43:eb:99:ea:40:0b:a6:00:80:72:04:9d:82: 9f:9b:61:6b:cc:bf:78:3e:23:72:e7:0b:d7:d7:a4: 8f:14:f4:38:f9:4b:e9:d3:1a:19:85:50:cf:b1:07: 19:e7:b0:7e:b2:fd:65:7c:6c:30:94:da:88:4a:b4: d4:75:25:c5:ed:8c:85:85:07:b8:38:27:1d:f3:eb: 73:ea:49:61:3a:3f:71:fa:93:55:81:23:27:ff:0e: 6b:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:12:ED:74:6D:DA:CB:08:CD:72:7B:3A:1D:3F:DF:B2:2B:E5:8D:F8 X509v3 Authority Key Identifier: keyid:3A:4F:48:2E:12:5C:08:DB:83:05:16:D5:1A:4A:2D:F1:E0:AA:8A:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ok9ILhJcCNuDBRbVGkot8eCqiso.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 72:71:94:49:7c:08:c9:c8:0e:81:7e:74:49:1f:f5:46:ed:53: 86:53:34:5e:b0:c6:cd:b8:69:30:f6:70:94:e2:5d:7d:5d:45: dc:88:5a:b5:ef:fc:e5:d7:b9:27:15:d7:1f:98:3d:91:ea:dc: 82:7f:96:82:38:32:de:4f:5d:e7:45:77:2a:ee:57:5f:16:f0: f6:7b:d7:78:54:4c:97:c8:7e:98:1a:cf:b4:1f:6b:94:f3:6f: a0:f2:d5:6f:45:b8:b0:b6:5b:54:da:78:d3:86:db:8e:8c:08: 52:4b:b1:6a:53:9d:b1:fb:a0:77:87:20:21:88:57:a3:dd:60: 2f:07:f4:b7:7f:22:08:b8:ec:6a:38:9e:60:d5:2f:f0:00:31: c9:53:8e:6c:cf:cd:1d:0e:ae:32:d9:e5:46:6f:14:18:15:4a: 9b:e6:87:4c:ce:60:13:14:da:76:10:41:35:35:87:b7:b1:79: 0e:d0:7e:86:f9:0d:4e:41:61:6b:39:d0:f9:73:35:85:55:ac: 01:f0:61:bb:c5:6b:9f:d6:0b:ba:3a:96:99:75:8d:c0:8a:6b: 38:b9:75:cf:f6:ae:df:d5:1b:4b:96:69:1c:09:13:6d:d6:cb: f6:6f:24:19:41:cd:09:c8:d1:96:85:93:ec:75:ed:16:29:3f: 8c:49:aa:44 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCj8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEMxNTgxMTAvBgNVBAUTKDNBNEY0ODJFMTI1QzA4REI4MzA1MTZENTFBNEEyREYx RTBBQThBQ0EwHhcNMjUwNDI0MTkzODA4WhcNMjUwNTAxMTkzODA4WjAYMRYwFAYD VQQDEw02ODBhOTMyMC0yNGY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw2lkAKKIT106mXA4Wv011GIhA40VN6EVB3NMoaB9cwYNFmRtNX4d6Tr0smSZ S+A5Wb3l7bljNHBwfYdIWghrPMZgKcPAknnWUbDf5xqf7kBMP7i9Sa8F9gcGmS33 AxPVsnzc843UDKeDfw39k59wO/LUgNq1LsxQKeRebFf41N1W9sDlXKXmnZwmbqYI TIa/ikU3J3U1Nujcg0ybxTeA34jAIRsQEEPrmepAC6YAgHIEnYKfm2FrzL94PiNy 5wvX16SPFPQ4+Uvp0xoZhVDPsQcZ57B+sv1lfGwwlNqISrTUdSXF7YyFhQe4OCcd 8+tz6klhOj9x+pNVgSMn/w5rpQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNoS7XRt 2ssIzXJ7Oh0/37Ir5Y34MB8GA1UdIwQYMBaAFDpPSC4SXAjbgwUW1RpKLfHgqorK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QzE1OC9BRTUxRDgwMjY3 M0IxMUVBOTlCMkU1NTZDNEY5QUUwMi9PazlJTGhKY0NOdURCUmJWR2tvdDhlQ3Fp c28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09rOUlMaEpjQ051REJSYlZHa290OGVDcWlzby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 QzE1OC9BRTUxRDgwMjY3M0IxMUVBOTlCMkU1NTZDNEY5QUUwMi9PazlJTGhKY0NO dURCUmJWR2tvdDhlQ3Fpc28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBycZRJfAjJyA6BfnRJH/VG7VOGUzResMbNuGkw9nCU4l19XUXciFq1 7/zl17knFdcfmD2R6tyCf5aCODLeT13nRXcq7ldfFvD2e9d4VEyXyH6YGs+0H2uU 82+g8tVvRbiwtltU2njThtuOjAhSS7FqU52x+6B3hyAhiFej3WAvB/S3fyIIuOxq OJ5g1S/wADHJU45sz80dDq4y2eVGbxQYFUqb5odMzmATFNp2EEE1NYe3sXkO0H6G +Q1OQWFrOdD5czWFVawB8GG7xWuf1gu6OpaZdY3Aims4uXXP9q7f1RtLlmkcCRNt 1sv2byQZQc0JyNGWhZPsde0WKT+MSapE -----END CERTIFICATE-----Generated at Sat Apr 26 04:35:48 2025 by rpki-client