$ rpki-client -vvf rpki.apnic.net/member_repository/A9197CED/83F56DAC1D8411E2910689DA08B02CD2/Op4IQWhX5XRXw49Tbg1usjbf-2E.mft File: Op4IQWhX5XRXw49Tbg1usjbf-2E.mft (raw, json) Hash identifier: D4dikVJ4NMFn6j0HIC0wvqZft45EHF6qzYVIcO0shAc= Subject key identifier: 33:5E:5B:00:5D:46:9A:94:61:33:88:83:53:FA:16:02:5B:F7:51:B9 Authority key identifier: 3A:9E:08:41:68:57:E5:74:57:C3:8F:53:6E:0D:6E:B2:36:DF:FB:61 Certificate issuer: /CN=A9197CED/serialNumber=3A9E08416857E57457C38F536E0D6EB236DFFB61 Certificate serial: 35D4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Op4IQWhX5XRXw49Tbg1usjbf-2E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9197CED/83F56DAC1D8411E2910689DA08B02CD2/Op4IQWhX5XRXw49Tbg1usjbf-2E.mft Manifest number: 3534 Signing time: Thu 24 Apr 2025 14:23:56 +0000 Manifest this update: Thu 24 Apr 2025 14:23:56 +0000 Manifest next update: Thu 01 May 2025 14:23:56 +0000 Files and hashes: 1: Op4IQWhX5XRXw49Tbg1usjbf-2E.crl (hash: oCTBCSj1IhZoTuteWT06CI8UrNCZZ3pmNBLIXG7NN0U=) 2: A96CFF2E19C911F0BE901A50C4F9AE02.roa (hash: a00cqrXWT6VD+OkUHfqfeCDeSngMMd4dCO8jlB8sdUQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9197CED/83F56DAC1D8411E2910689DA08B02CD2/Op4IQWhX5XRXw49Tbg1usjbf-2E.crl rsync://rpki.apnic.net/member_repository/A9197CED/83F56DAC1D8411E2910689DA08B02CD2/Op4IQWhX5XRXw49Tbg1usjbf-2E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Op4IQWhX5XRXw49Tbg1usjbf-2E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 14:23:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13780 (0x35d4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9197CED, serialNumber=3A9E08416857E57457C38F536E0D6EB236DFFB61 Validity Not Before: Apr 24 14:23:56 2025 GMT Not After : May 1 14:23:56 2025 GMT Subject: CN=680a497c-67db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:03:d0:74:37:dc:9f:d7:08:f3:6c:f5:83:79: 6a:db:a6:c4:f6:44:3d:45:f1:15:c8:88:b5:07:9c: 89:a8:20:c8:f9:cb:25:6f:42:97:6d:ac:33:4e:8b: 80:73:95:68:36:a2:6b:82:0c:70:8a:db:8a:ec:9d: 41:48:ee:5c:ca:d5:e7:dd:35:72:09:95:4a:91:df: 15:f9:f1:40:b3:b7:6e:89:7e:22:f3:22:da:2c:5c: 97:79:27:28:8e:71:54:39:79:c9:f2:9b:23:91:33: 6c:0b:65:6d:c6:7e:ed:ba:30:43:c4:f0:0a:96:c8: c5:74:58:f7:40:90:45:46:ed:2d:3b:ef:f1:b2:24: 72:2f:6f:6b:4b:f5:61:2b:64:69:fd:58:c1:e8:0f: 40:46:3c:ce:88:6a:fc:d6:9b:47:42:16:df:b3:92: 65:f7:aa:f0:63:8a:6e:74:fb:a8:f6:a6:8c:01:05: 85:8a:bc:46:2b:e0:06:27:83:c8:9d:fc:81:1e:29: db:6f:d9:52:19:49:e2:5d:a5:b5:87:2b:49:79:b9: d5:43:f3:03:29:96:07:56:85:89:cc:13:31:21:e7: 34:37:82:84:9e:65:e2:26:e2:dd:48:30:14:67:53: 8e:f7:90:50:e7:57:c3:11:ac:df:5a:00:2f:56:9d: fb:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:5E:5B:00:5D:46:9A:94:61:33:88:83:53:FA:16:02:5B:F7:51:B9 X509v3 Authority Key Identifier: keyid:3A:9E:08:41:68:57:E5:74:57:C3:8F:53:6E:0D:6E:B2:36:DF:FB:61 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9197CED/83F56DAC1D8411E2910689DA08B02CD2/Op4IQWhX5XRXw49Tbg1usjbf-2E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Op4IQWhX5XRXw49Tbg1usjbf-2E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9197CED/83F56DAC1D8411E2910689DA08B02CD2/Op4IQWhX5XRXw49Tbg1usjbf-2E.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8c:1f:23:5f:3e:f6:3c:da:82:49:6a:ef:2d:66:61:11:08:66: bd:8a:b4:08:a6:93:f3:6d:b6:13:53:ad:80:18:38:cd:b3:46: c4:f8:43:49:91:c9:52:31:42:1a:87:bd:ca:6a:5e:3c:0c:32: ce:ba:02:18:61:a9:d0:e3:47:bf:14:56:4a:dd:a0:1c:b9:f9: bd:a3:52:c8:b0:99:c4:ba:20:79:98:c0:f0:f7:97:56:c1:6d: a5:de:24:48:c1:19:cf:af:3d:74:77:34:a1:1d:8a:4e:34:5c: b8:63:46:60:7a:ba:54:56:42:e8:5c:26:fa:f5:6f:32:7c:71: d9:ac:c1:e0:f1:ea:79:eb:17:e3:65:44:bd:71:97:be:5b:ce: 32:f0:52:46:4b:30:57:5a:cc:fc:9b:ba:46:88:06:15:31:2b: 6b:98:f9:e2:15:9c:cb:17:e3:27:36:a6:f3:1e:fa:09:47:0d: 64:49:5d:e1:97:7b:23:37:25:05:8c:83:35:a3:da:2b:e6:56: e4:b5:09:74:1f:c0:ef:02:05:a8:cd:42:a8:37:60:8c:c7:94: 6a:16:f2:33:0f:8e:3a:22:d4:aa:61:79:45:c5:ef:c3:0e:4d: 18:75:46:03:f7:bd:0a:0e:e0:34:59:7e:45:49:e0:9a:c3:2a: 5a:69:cc:55 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNdQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTdDRUQxMTAvBgNVBAUTKDNBOUUwODQxNjg1N0U1NzQ1N0MzOEY1MzZFMEQ2RUIy MzZERkZCNjEwHhcNMjUwNDI0MTQyMzU2WhcNMjUwNTAxMTQyMzU2WjAYMRYwFAYD VQQDEw02ODBhNDk3Yy02N2RiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwgPQdDfcn9cI82z1g3lq26bE9kQ9RfEVyIi1B5yJqCDI+cslb0KXbawzTouA c5VoNqJrggxwituK7J1BSO5cytXn3TVyCZVKkd8V+fFAs7duiX4i8yLaLFyXeSco jnFUOXnJ8psjkTNsC2Vtxn7tujBDxPAKlsjFdFj3QJBFRu0tO+/xsiRyL29rS/Vh K2Rp/VjB6A9ARjzOiGr81ptHQhbfs5Jl96rwY4pudPuo9qaMAQWFirxGK+AGJ4PI nfyBHinbb9lSGUniXaW1hytJebnVQ/MDKZYHVoWJzBMxIec0N4KEnmXiJuLdSDAU Z1OO95BQ51fDEazfWgAvVp37jQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDNeWwBd RpqUYTOIg1P6FgJb91G5MB8GA1UdIwQYMBaAFDqeCEFoV+V0V8OPU24NbrI23/th MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5N0NFRC84M0Y1NkRBQzFE ODQxMUUyOTEwNjg5REEwOEIwMkNEMi9PcDRJUVdoWDVYUlh3NDlUYmcxdXNqYmYt MkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09wNElRV2hYNVhSWHc0OVRiZzF1c2piZi0yRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 N0NFRC84M0Y1NkRBQzFEODQxMUUyOTEwNjg5REEwOEIwMkNEMi9PcDRJUVdoWDVY Ulh3NDlUYmcxdXNqYmYtMkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCMHyNfPvY82oJJau8tZmERCGa9irQIppPzbbYTU62AGDjNs0bE+ENJ kclSMUIah73Kal48DDLOugIYYanQ40e/FFZK3aAcufm9o1LIsJnEuiB5mMDw95dW wW2l3iRIwRnPrz10dzShHYpONFy4Y0ZgerpUVkLoXCb69W8yfHHZrMHg8ep56xfj ZUS9cZe+W84y8FJGSzBXWsz8m7pGiAYVMStrmPniFZzLF+MnNqbzHvoJRw1kSV3h l3sjNyUFjIM1o9or5lbktQl0H8DvAgWozUKoN2CMx5RqFvIzD446ItSqYXlFxe/D Dk0YdUYD970KDuA0WX5FSeCawypaacxV -----END CERTIFICATE-----Generated at Sat Apr 26 04:27:05 2025 by rpki-client