$ rpki-client -vvf rpki.apnic.net/member_repository/A9194040/9B04A0F2A34011ECB3FA047BC4F9AE02/oHzT0QIaWMJAoSE3QAuXsYt5mNA.mft File: oHzT0QIaWMJAoSE3QAuXsYt5mNA.mft (raw, json) Hash identifier: Mv4LfWNkJuyldX7ELL5OkL223GByQSoCSxGXUhJWgWg= Subject key identifier: 62:BC:29:65:9C:F3:42:10:BD:4C:78:F1:A8:46:CF:63:A7:17:0F:AD Authority key identifier: A0:7C:D3:D1:02:1A:58:C2:40:A1:21:37:40:0B:97:B1:8B:79:98:D0 Certificate issuer: /CN=A9194040/serialNumber=A07CD3D1021A58C240A12137400B97B18B7998D0 Certificate serial: 0379 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oHzT0QIaWMJAoSE3QAuXsYt5mNA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9194040/9B04A0F2A34011ECB3FA047BC4F9AE02/oHzT0QIaWMJAoSE3QAuXsYt5mNA.mft Manifest number: 0375 Signing time: Fri 25 Apr 2025 00:40:37 +0000 Manifest this update: Fri 25 Apr 2025 00:40:36 +0000 Manifest next update: Fri 02 May 2025 00:40:36 +0000 Files and hashes: 1: oHzT0QIaWMJAoSE3QAuXsYt5mNA.crl (hash: FSGQDrn1tZd4gcevzIiRB4vgwjymbiW/RP4KjzFEl1w=) 2: D1E294C2A34411EC803D2585C4F9AE02.roa (hash: 9gufT/8L47ewBvsedXGTY9SOVItSQOfXiC+UqlsipuM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9194040/9B04A0F2A34011ECB3FA047BC4F9AE02/oHzT0QIaWMJAoSE3QAuXsYt5mNA.crl rsync://rpki.apnic.net/member_repository/A9194040/9B04A0F2A34011ECB3FA047BC4F9AE02/oHzT0QIaWMJAoSE3QAuXsYt5mNA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oHzT0QIaWMJAoSE3QAuXsYt5mNA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 00:40:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 889 (0x379) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9194040, serialNumber=A07CD3D1021A58C240A12137400B97B18B7998D0 Validity Not Before: Apr 25 00:40:36 2025 GMT Not After : May 2 00:40:36 2025 GMT Subject: CN=680ada04-de3a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:4c:d5:0f:5e:fe:43:da:9f:35:8f:ba:be:4b: 05:51:69:f9:37:32:07:24:a6:93:10:b4:44:02:07: 9a:ce:8a:f4:ab:0c:a9:c5:1c:c1:aa:23:ad:4f:03: e8:b9:73:4e:78:2d:6e:7c:03:f7:ca:64:a9:dd:b9: 9b:1a:53:7e:b0:9d:5e:d5:d6:bd:4c:a9:5a:74:05: 17:cb:33:01:8e:21:bd:b6:ee:81:4a:40:ce:29:78: 86:a7:94:29:08:96:49:ac:96:91:96:8a:f5:a1:f3: 2a:62:aa:e3:e0:42:51:a1:8c:97:bc:56:6e:14:78: e3:24:e4:af:95:f6:f2:06:cc:6d:b8:59:21:6d:98: 40:12:54:2e:6f:9f:02:b7:86:6d:98:6d:2f:cf:5a: 33:90:df:4d:ea:60:07:e4:79:1c:7d:d4:9a:36:b5: 9c:fd:e2:5d:3d:71:7c:44:24:37:2c:9d:ea:43:bb: 08:1b:21:65:47:24:c6:16:97:da:0a:88:fb:c6:44: a4:9d:7c:a0:e3:8a:c2:0a:5e:41:a5:6d:a0:2e:e1: 20:b4:be:eb:b1:df:46:e0:9a:e9:50:fe:34:06:e1: be:6f:10:31:c3:c6:85:78:31:e2:58:91:f0:31:9d: 1b:0d:b0:aa:b7:f5:60:53:d3:7b:e4:7b:f5:67:6c: a4:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:BC:29:65:9C:F3:42:10:BD:4C:78:F1:A8:46:CF:63:A7:17:0F:AD X509v3 Authority Key Identifier: keyid:A0:7C:D3:D1:02:1A:58:C2:40:A1:21:37:40:0B:97:B1:8B:79:98:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9194040/9B04A0F2A34011ECB3FA047BC4F9AE02/oHzT0QIaWMJAoSE3QAuXsYt5mNA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oHzT0QIaWMJAoSE3QAuXsYt5mNA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9194040/9B04A0F2A34011ECB3FA047BC4F9AE02/oHzT0QIaWMJAoSE3QAuXsYt5mNA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 85:f0:57:11:7b:21:78:b1:97:b5:1d:b7:2a:8f:6e:3f:0b:0a: c0:69:36:a7:14:f1:9f:a9:e3:68:c5:97:cc:6d:23:7e:4a:46: e3:4a:a5:31:4d:cc:a0:00:a1:fd:99:17:0b:a9:fa:ab:11:97: d6:23:09:e1:80:9f:37:bd:61:42:2a:56:99:ff:08:e0:80:c7: c5:10:cf:2d:7d:17:7e:11:a0:81:aa:73:f2:a6:a1:af:a1:35: 5a:17:66:f6:fc:c0:32:00:6d:26:aa:b2:1f:01:d5:c5:85:fd: 16:a7:f8:c9:89:26:f6:cd:63:77:67:e5:8d:ed:7a:16:58:aa: a9:56:a6:de:d5:51:4b:40:1a:f3:7b:db:cf:ee:03:ce:78:37: 00:b0:34:76:be:03:39:59:94:a5:f8:72:5a:8c:ba:84:93:0a: 82:c1:af:9e:23:8d:08:8f:2f:8a:26:9c:3a:10:d5:ad:56:55: 17:d6:b4:74:38:b8:d5:34:6f:eb:05:41:02:7c:c6:b4:09:99: e4:47:28:09:38:e3:f3:a1:02:8a:a2:ce:62:b7:f0:5f:0d:0a: 26:a0:d1:b1:ca:7c:67:a3:78:57:2a:a8:b6:d3:67:2e:83:9d: cc:d2:0b:1c:ad:67:a4:ee:44:de:01:e1:31:78:5c:c1:74:bc: fb:9c:4a:8c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA3kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTQwNDAxMTAvBgNVBAUTKEEwN0NEM0QxMDIxQTU4QzI0MEExMjEzNzQwMEI5N0Ix OEI3OTk4RDAwHhcNMjUwNDI1MDA0MDM2WhcNMjUwNTAyMDA0MDM2WjAYMRYwFAYD VQQDEw02ODBhZGEwNC1kZTNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7UzVD17+Q9qfNY+6vksFUWn5NzIHJKaTELREAgeazor0qwypxRzBqiOtTwPo uXNOeC1ufAP3ymSp3bmbGlN+sJ1e1da9TKladAUXyzMBjiG9tu6BSkDOKXiGp5Qp CJZJrJaRlor1ofMqYqrj4EJRoYyXvFZuFHjjJOSvlfbyBsxtuFkhbZhAElQub58C t4ZtmG0vz1ozkN9N6mAH5HkcfdSaNrWc/eJdPXF8RCQ3LJ3qQ7sIGyFlRyTGFpfa Coj7xkSknXyg44rCCl5BpW2gLuEgtL7rsd9G4JrpUP40BuG+bxAxw8aFeDHiWJHw MZ0bDbCqt/VgU9N75Hv1Z2ykEQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGK8KWWc 80IQvUx48ahGz2OnFw+tMB8GA1UdIwQYMBaAFKB809ECGljCQKEhN0ALl7GLeZjQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NDA0MC85QjA0QTBGMkEz NDAxMUVDQjNGQTA0N0JDNEY5QUUwMi9vSHpUMFFJYVdNSkFvU0UzUUF1WHNZdDVt TkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29IelQwUUlhV01KQW9TRTNRQXVYc1l0NW1OQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NDA0MC85QjA0QTBGMkEzNDAxMUVDQjNGQTA0N0JDNEY5QUUwMi9vSHpUMFFJYVdN SkFvU0UzUUF1WHNZdDVtTkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCF8FcReyF4sZe1Hbcqj24/CwrAaTanFPGfqeNoxZfMbSN+SkbjSqUx TcygAKH9mRcLqfqrEZfWIwnhgJ83vWFCKlaZ/wjggMfFEM8tfRd+EaCBqnPypqGv oTVaF2b2/MAyAG0mqrIfAdXFhf0Wp/jJiSb2zWN3Z+WN7XoWWKqpVqbe1VFLQBrz e9vP7gPOeDcAsDR2vgM5WZSl+HJajLqEkwqCwa+eI40Ijy+KJpw6ENWtVlUX1rR0 OLjVNG/rBUECfMa0CZnkRygJOOPzoQKKos5it/BfDQomoNGxynxno3hXKqi202cu g53M0gscrWek7kTeAeExeFzBdLz7nEqM -----END CERTIFICATE-----Generated at Sat Apr 26 14:34:06 2025 by rpki-client