$ rpki-client -vvf rpki.apnic.net/member_repository/A9198267/02C86EAA78CB11EA820D7274C4F9AE02/OPsGr2SfQA9ROZSTW-335JJwyKo.mft File: OPsGr2SfQA9ROZSTW-335JJwyKo.mft (raw, json) Hash identifier: 1JQlIbNc5NY+hbZxb6RyCD10p5VBUCbEiW2g51LFZ/c= Subject key identifier: 4E:CB:D8:F0:F6:F6:08:BA:0E:3D:E1:48:59:A1:46:19:79:B4:12:9E Authority key identifier: 38:FB:06:AF:64:9F:40:0F:51:39:94:93:5B:ED:F7:E4:92:70:C8:AA Certificate issuer: /CN=A9198267/serialNumber=38FB06AF649F400F513994935BEDF7E49270C8AA Certificate serial: 09FB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OPsGr2SfQA9ROZSTW-335JJwyKo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9198267/02C86EAA78CB11EA820D7274C4F9AE02/OPsGr2SfQA9ROZSTW-335JJwyKo.mft Manifest number: 09EC Signing time: Fri 02 May 2025 20:03:17 +0000 Manifest this update: Fri 02 May 2025 20:03:17 +0000 Manifest next update: Fri 09 May 2025 20:03:17 +0000 Files and hashes: 1: OPsGr2SfQA9ROZSTW-335JJwyKo.crl (hash: y06GgRl+rp6JyshyYQl9WynLeobtxZT6JajKSB0PJu0=) 2: 2F43EE7278CC11EAB69DAC75C4F9AE02.roa (hash: vryPQgJZ9HPQvb4c/vnzkdnAafqVRFouOd+j23S6sMU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9198267/02C86EAA78CB11EA820D7274C4F9AE02/OPsGr2SfQA9ROZSTW-335JJwyKo.crl rsync://rpki.apnic.net/member_repository/A9198267/02C86EAA78CB11EA820D7274C4F9AE02/OPsGr2SfQA9ROZSTW-335JJwyKo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OPsGr2SfQA9ROZSTW-335JJwyKo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 09 May 2025 20:03:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2555 (0x9fb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9198267, serialNumber=38FB06AF649F400F513994935BEDF7E49270C8AA Validity Not Before: May 2 20:03:17 2025 GMT Not After : May 9 20:03:17 2025 GMT Subject: CN=68152505-5d59 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:fa:22:25:0b:ff:f6:71:a5:66:4c:5d:ac:5c: 5a:ab:06:8d:94:b7:e5:cc:e5:c8:5f:6e:28:31:8d: 90:54:d2:7a:9a:f5:56:94:d1:f7:f8:b9:0a:5a:03: a4:7d:92:7b:df:b8:08:26:d6:c0:6f:52:61:c5:6f: 3e:d4:27:bf:a4:39:99:45:95:c7:4e:2b:11:18:88: 9d:b1:57:66:61:0f:69:21:19:d2:83:d5:a9:8b:b3: 1f:b8:87:d2:ae:3a:98:7a:9a:71:39:55:93:32:f3: 6f:e0:88:7c:84:39:eb:19:3e:f5:6a:aa:01:eb:2c: 60:c8:74:23:59:7d:7e:b9:a6:6f:bf:07:9e:85:a7: 57:bf:02:6d:33:af:4c:b6:22:97:a2:59:2f:7c:94: 8c:8c:51:ab:6f:78:57:d1:ad:a4:55:fa:c2:c0:41: 41:a8:e2:2f:04:d2:27:12:0b:42:9d:86:12:28:4a: c7:78:d2:fe:57:09:4b:14:96:3c:ba:f1:49:25:37: 58:86:59:86:1d:c0:a1:19:de:fb:fe:10:02:78:68: ef:6d:d7:9f:f2:cb:84:9f:03:85:4c:07:ad:8f:e2: 6a:8b:1d:5e:b6:76:3f:c4:99:f9:7f:55:80:19:dd: 84:8b:c2:bf:ff:c5:1f:e4:de:81:ff:98:37:1a:b7: 75:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:CB:D8:F0:F6:F6:08:BA:0E:3D:E1:48:59:A1:46:19:79:B4:12:9E X509v3 Authority Key Identifier: keyid:38:FB:06:AF:64:9F:40:0F:51:39:94:93:5B:ED:F7:E4:92:70:C8:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9198267/02C86EAA78CB11EA820D7274C4F9AE02/OPsGr2SfQA9ROZSTW-335JJwyKo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OPsGr2SfQA9ROZSTW-335JJwyKo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9198267/02C86EAA78CB11EA820D7274C4F9AE02/OPsGr2SfQA9ROZSTW-335JJwyKo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 86:2e:9f:17:6f:23:32:13:af:ab:ed:39:82:50:3e:9f:c8:d5: 76:35:fc:d5:d1:43:c1:4e:67:ae:29:da:3f:86:93:05:de:cd: aa:d8:41:63:80:70:36:9a:26:db:11:fa:f4:df:4f:c0:0c:22: 5d:c7:e2:63:fe:e0:9c:c9:5b:9b:59:d6:03:c8:52:89:fb:a8: b6:06:29:49:ce:3c:38:e7:cc:7f:db:aa:86:08:f9:a6:47:82: d0:9d:61:72:40:1d:7c:9e:50:4b:4e:b8:b6:d0:1e:71:9e:fb: 01:13:3e:dc:da:1a:87:c3:0f:b4:3a:4c:39:8f:8c:38:42:d7: 20:05:d6:06:29:d1:63:cf:e1:88:c6:0e:40:a6:52:bb:3b:9d: 0c:0a:5c:52:e5:ca:43:b7:03:60:e8:91:bd:dd:a1:b1:5b:8e: c9:c6:1a:2f:ab:90:70:bb:b8:62:b2:33:5a:c1:1a:d5:47:01: 93:12:9f:b6:96:61:78:ef:0b:6c:8a:3e:b3:10:69:6b:2a:f3: c2:9d:11:c8:82:31:44:cb:16:75:6a:19:e9:76:aa:47:42:25: ca:ba:be:10:42:74:41:c9:35:f7:b9:f4:b8:30:04:4d:ad:da: 2e:f9:d9:e2:80:67:cd:a8:db:77:b1:be:12:79:05:de:f8:9a: 1f:7b:89:47 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCfswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTgyNjcxMTAvBgNVBAUTKDM4RkIwNkFGNjQ5RjQwMEY1MTM5OTQ5MzVCRURGN0U0 OTI3MEM4QUEwHhcNMjUwNTAyMjAwMzE3WhcNMjUwNTA5MjAwMzE3WjAYMRYwFAYD VQQDEw02ODE1MjUwNS01ZDU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyvoiJQv/9nGlZkxdrFxaqwaNlLflzOXIX24oMY2QVNJ6mvVWlNH3+LkKWgOk fZJ737gIJtbAb1JhxW8+1Ce/pDmZRZXHTisRGIidsVdmYQ9pIRnSg9Wpi7MfuIfS rjqYeppxOVWTMvNv4Ih8hDnrGT71aqoB6yxgyHQjWX1+uaZvvweehadXvwJtM69M tiKXolkvfJSMjFGrb3hX0a2kVfrCwEFBqOIvBNInEgtCnYYSKErHeNL+VwlLFJY8 uvFJJTdYhlmGHcChGd77/hACeGjvbdef8suEnwOFTAetj+Jqix1etnY/xJn5f1WA Gd2Ei8K//8Uf5N6B/5g3Grd1vwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE7L2PD2 9gi6Dj3hSFmhRhl5tBKeMB8GA1UdIwQYMBaAFDj7Bq9kn0APUTmUk1vt9+SScMiq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5ODI2Ny8wMkM4NkVBQTc4 Q0IxMUVBODIwRDcyNzRDNEY5QUUwMi9PUHNHcjJTZlFBOVJPWlNUVy0zMzVKSnd5 S28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09Qc0dyMlNmUUE5Uk9aU1RXLTMzNUpKd3lLby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 ODI2Ny8wMkM4NkVBQTc4Q0IxMUVBODIwRDcyNzRDNEY5QUUwMi9PUHNHcjJTZlFB OVJPWlNUVy0zMzVKSnd5S28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCGLp8XbyMyE6+r7TmCUD6fyNV2NfzV0UPBTmeuKdo/hpMF3s2q2EFj gHA2mibbEfr030/ADCJdx+Jj/uCcyVubWdYDyFKJ+6i2BilJzjw458x/26qGCPmm R4LQnWFyQB18nlBLTri20B5xnvsBEz7c2hqHww+0Okw5j4w4QtcgBdYGKdFjz+GI xg5AplK7O50MClxS5cpDtwNg6JG93aGxW47Jxhovq5Bwu7hisjNawRrVRwGTEp+2 lmF47wtsij6zEGlrKvPCnRHIgjFEyxZ1ahnpdqpHQiXKur4QQnRByTX3ufS4MARN rdou+dnigGfNqNt3sb4SeQXe+Jofe4lH -----END CERTIFICATE-----Generated at Sun May 4 17:44:59 2025 by rpki-client