$ rpki-client -vvf rpki.apnic.net/member_repository/A91A3873/112EC196FDB811EC8E386913C4F9AE02/O0eqDQMgkZXwVVxgreMpTy03oqE.mft File: O0eqDQMgkZXwVVxgreMpTy03oqE.mft (raw, json) Hash identifier: L6h0yz++9URgRZcGy55gcAdAHrFgFWTv4NbvselLmrg= Subject key identifier: 59:9C:EE:2B:B1:53:A0:66:DA:58:29:C0:72:FA:9C:40:CB:17:DD:7F Authority key identifier: 3B:47:AA:0D:03:20:91:95:F0:55:5C:60:AD:E3:29:4F:2D:37:A2:A1 Certificate issuer: /CN=A91A3873/serialNumber=3B47AA0D03209195F0555C60ADE3294F2D37A2A1 Certificate serial: 029A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O0eqDQMgkZXwVVxgreMpTy03oqE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A3873/112EC196FDB811EC8E386913C4F9AE02/O0eqDQMgkZXwVVxgreMpTy03oqE.mft Manifest number: 0295 Signing time: Fri 25 Apr 2025 01:19:25 +0000 Manifest this update: Fri 25 Apr 2025 01:19:24 +0000 Manifest next update: Fri 02 May 2025 01:19:24 +0000 Files and hashes: 1: O0eqDQMgkZXwVVxgreMpTy03oqE.crl (hash: X/Ueudh9IiNpsIljbX8jzSWXkMX5ibBZiSEIpYCoe2M=) 2: C78C216A070211EDB5178252C4F9AE02.roa (hash: m2ymxbp9bibtqYct6a7VfehiW03KNEWGSV8uvf4S5FQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A3873/112EC196FDB811EC8E386913C4F9AE02/O0eqDQMgkZXwVVxgreMpTy03oqE.crl rsync://rpki.apnic.net/member_repository/A91A3873/112EC196FDB811EC8E386913C4F9AE02/O0eqDQMgkZXwVVxgreMpTy03oqE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O0eqDQMgkZXwVVxgreMpTy03oqE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 01:19:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 666 (0x29a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A3873, serialNumber=3B47AA0D03209195F0555C60ADE3294F2D37A2A1 Validity Not Before: Apr 25 01:19:24 2025 GMT Not After : May 2 01:19:24 2025 GMT Subject: CN=680ae31d-deb8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:dc:35:83:27:66:6b:a1:b5:a2:36:b9:0a:46: 4d:6e:df:69:06:e5:d8:17:12:0d:5d:13:17:4b:cf: bb:93:6a:30:7c:0c:b8:ea:bd:8e:cf:90:06:ea:37: cb:4e:09:ce:f4:76:c4:58:eb:9a:c7:44:23:75:7b: 3b:ea:10:af:c5:89:20:3e:33:00:ed:cd:42:d3:df: 39:ba:f0:9d:56:53:82:9d:83:49:44:1a:2f:03:1b: c7:18:8e:d1:c2:9f:65:27:fb:48:98:48:06:c6:69: 0a:81:1d:14:af:ca:2e:65:8d:4c:d5:0a:ee:b7:66: 85:ab:15:66:1e:2f:b5:9f:4e:ef:4f:cd:10:5b:69: ea:5a:3f:88:bf:98:7e:f4:76:b1:fe:82:d8:2c:cc: 1e:50:a6:e4:85:94:e2:9f:cf:57:69:5c:11:a5:f7: f3:59:7c:0e:ce:b3:5d:99:9c:26:a7:76:58:b6:64: b9:f9:0a:55:59:bc:c4:c9:97:1b:8d:26:36:d9:11: b5:85:55:a7:98:23:7f:53:31:bd:b2:cf:49:a2:94: b6:2a:a8:dc:4b:20:a8:d3:44:90:f6:02:fa:aa:cc: 2f:f3:31:4e:19:c0:9d:b2:a6:24:02:f9:88:ba:00: 68:bd:80:e5:63:65:0f:e4:a4:e4:5f:08:1f:04:e2: 80:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:9C:EE:2B:B1:53:A0:66:DA:58:29:C0:72:FA:9C:40:CB:17:DD:7F X509v3 Authority Key Identifier: keyid:3B:47:AA:0D:03:20:91:95:F0:55:5C:60:AD:E3:29:4F:2D:37:A2:A1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A3873/112EC196FDB811EC8E386913C4F9AE02/O0eqDQMgkZXwVVxgreMpTy03oqE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O0eqDQMgkZXwVVxgreMpTy03oqE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A3873/112EC196FDB811EC8E386913C4F9AE02/O0eqDQMgkZXwVVxgreMpTy03oqE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 03:5e:a4:3c:c3:af:4a:07:f6:67:21:de:c0:42:cc:9b:8d:4f: 84:3e:d4:ce:d9:74:4d:5c:60:8f:c2:d1:5d:3d:14:37:17:b0: d1:43:80:e4:49:b9:d7:42:bc:cb:53:3a:0b:6b:72:0d:3b:6f: 98:03:77:9e:95:39:b9:e1:0f:92:b1:c3:50:5f:d9:b3:9e:75: bb:86:39:16:a6:4b:0c:68:9b:65:2d:1a:e0:97:20:a6:cd:6a: 7b:4d:4e:ef:70:b1:cd:c9:91:82:2a:9e:77:7b:55:2c:b5:44: 02:55:5c:fa:fb:1a:38:91:f8:97:07:b4:e9:92:30:12:54:f4: 2c:4e:d8:74:1c:3e:48:a0:f4:c8:a2:7f:85:61:6f:45:6d:0c: b8:f0:34:e2:fc:df:eb:8e:9f:04:01:65:85:a3:28:a8:c6:3b: 8d:88:d5:9c:8b:30:b2:0b:5d:ed:92:96:5e:63:d5:b7:9d:20: 3f:de:cd:c7:e2:08:f4:4d:e2:bb:01:10:3a:72:47:05:51:e5: d5:f0:d6:12:e6:c5:3c:68:d8:71:d2:e4:89:cc:1f:dc:4e:3d: 99:52:70:ad:bd:ab:fd:4c:65:b5:68:8f:28:a4:fa:1c:0f:c2: ef:7f:7a:fa:3f:73:60:d5:32:cf:f4:07:bd:de:56:7c:72:08: 5d:96:0f:c7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICApowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTM4NzMxMTAvBgNVBAUTKDNCNDdBQTBEMDMyMDkxOTVGMDU1NUM2MEFERTMyOTRG MkQzN0EyQTEwHhcNMjUwNDI1MDExOTI0WhcNMjUwNTAyMDExOTI0WjAYMRYwFAYD VQQDEw02ODBhZTMxZC1kZWI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqtw1gydma6G1oja5CkZNbt9pBuXYFxINXRMXS8+7k2owfAy46r2Oz5AG6jfL TgnO9HbEWOuax0QjdXs76hCvxYkgPjMA7c1C0985uvCdVlOCnYNJRBovAxvHGI7R wp9lJ/tImEgGxmkKgR0Ur8ouZY1M1Qrut2aFqxVmHi+1n07vT80QW2nqWj+Iv5h+ 9Hax/oLYLMweUKbkhZTin89XaVwRpffzWXwOzrNdmZwmp3ZYtmS5+QpVWbzEyZcb jSY22RG1hVWnmCN/UzG9ss9JopS2KqjcSyCo00SQ9gL6qswv8zFOGcCdsqYkAvmI ugBovYDlY2UP5KTkXwgfBOKATwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFmc7iux U6Bm2lgpwHL6nEDLF91/MB8GA1UdIwQYMBaAFDtHqg0DIJGV8FVcYK3jKU8tN6Kh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMzg3My8xMTJFQzE5NkZE QjgxMUVDOEUzODY5MTNDNEY5QUUwMi9PMGVxRFFNZ2taWHdWVnhncmVNcFR5MDNv cUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL08wZXFEUU1na1pYd1ZWeGdyZU1wVHkwM29xRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB Mzg3My8xMTJFQzE5NkZEQjgxMUVDOEUzODY5MTNDNEY5QUUwMi9PMGVxRFFNZ2ta WHdWVnhncmVNcFR5MDNvcUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQADXqQ8w69KB/ZnId7AQsybjU+EPtTO2XRNXGCPwtFdPRQ3F7DRQ4Dk SbnXQrzLUzoLa3INO2+YA3eelTm54Q+SscNQX9mznnW7hjkWpksMaJtlLRrglyCm zWp7TU7vcLHNyZGCKp53e1UstUQCVVz6+xo4kfiXB7TpkjASVPQsTth0HD5IoPTI on+FYW9FbQy48DTi/N/rjp8EAWWFoyioxjuNiNWcizCyC13tkpZeY9W3nSA/3s3H 4gj0TeK7ARA6ckcFUeXV8NYS5sU8aNhx0uSJzB/cTj2ZUnCtvav9TGW1aI8opPoc D8Lvf3r6P3Ng1TLP9Ae93lZ8cghdlg/H -----END CERTIFICATE-----Generated at Sat Apr 26 04:35:58 2025 by rpki-client