$ rpki-client -vvf rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.mft File: OhbEBL_tNHJEowpa__ZuSZKqKCE.mft (raw, json) Hash identifier: tMEn2GEnEGYGyps9KCkTG3PolKrGTbS4Sp1GgZag6j0= Subject key identifier: 93:E2:58:52:25:84:9B:4C:07:91:13:C2:D1:55:0D:4D:90:12:77:95 Authority key identifier: 3A:16:C4:04:BF:ED:34:72:44:A3:0A:5A:FF:F6:6E:49:92:AA:28:21 Certificate issuer: /CN=A91A65C4/serialNumber=3A16C404BFED347244A30A5AFFF66E4992AA2821 Certificate serial: 0438 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhbEBL_tNHJEowpa__ZuSZKqKCE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.mft Manifest number: 0432 Signing time: Fri 25 Apr 2025 00:06:08 +0000 Manifest this update: Fri 25 Apr 2025 00:06:08 +0000 Manifest next update: Fri 02 May 2025 00:06:08 +0000 Files and hashes: 1: OhbEBL_tNHJEowpa__ZuSZKqKCE.crl (hash: YN9LiMRAbPZl2gX0N82svgdfW6AiJWgNQ9VEgscjuZ8=) 2: 9D77DCA4599A11ECA574BF52C4F9AE02.roa (hash: /fF1tdSaYFH2w1w+0HXHgYqEthaF4A0sGCD2uCBxpiY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.crl rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhbEBL_tNHJEowpa__ZuSZKqKCE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 00:06:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1080 (0x438) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A65C4, serialNumber=3A16C404BFED347244A30A5AFFF66E4992AA2821 Validity Not Before: Apr 25 00:06:08 2025 GMT Not After : May 2 00:06:08 2025 GMT Subject: CN=680ad1f0-3fc8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:95:94:9d:ca:37:4e:f0:5c:72:a7:72:5d:12: c8:9c:8f:a9:28:b9:78:92:48:dd:fb:f4:02:ee:3f: d8:c3:ee:aa:52:a0:03:41:ae:12:99:4f:d2:5a:9b: aa:a3:6a:8b:ad:d4:54:e2:56:2f:fe:a5:0e:f8:c3: 82:6f:c5:64:b1:bd:c8:0c:7f:51:6a:46:f4:b2:36: 81:24:37:8a:d4:34:0d:97:6c:96:05:bd:11:dc:b4: 94:2b:5a:4c:81:a3:af:f8:a8:b1:40:80:2b:85:77: 53:ac:af:c1:40:ee:b0:f9:3d:a7:e4:17:8f:e3:38: 38:f7:71:00:0c:4b:16:08:4a:3c:3f:69:0f:cf:fe: f1:a0:0c:e7:31:2b:c5:0f:28:7b:85:c9:19:d6:18: 0b:e7:59:47:b4:5a:5c:46:a9:a0:c3:a7:5f:a3:32: 6d:29:97:1b:bd:b2:ee:78:20:5d:b2:42:37:2d:b7: 7e:06:b6:09:83:57:d2:89:75:26:b0:57:ae:b1:ed: 4a:41:47:85:76:77:c7:96:95:b6:72:1b:98:5f:b4: 66:75:4c:b1:39:5e:19:f4:5d:86:0f:e5:2e:d5:4e: 27:e6:ff:59:c5:74:4b:cd:50:1a:0e:84:b0:9c:98: 5c:b8:92:ee:1a:be:9a:91:7d:fa:a8:ce:54:a5:43: 05:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:E2:58:52:25:84:9B:4C:07:91:13:C2:D1:55:0D:4D:90:12:77:95 X509v3 Authority Key Identifier: keyid:3A:16:C4:04:BF:ED:34:72:44:A3:0A:5A:FF:F6:6E:49:92:AA:28:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhbEBL_tNHJEowpa__ZuSZKqKCE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 24:0b:af:94:eb:00:f8:74:04:dc:ba:6a:a0:57:98:55:cf:0f: d2:3e:86:73:13:d0:cc:41:b5:8d:11:01:9b:19:ef:fc:b1:3d: d1:69:98:e7:13:bb:2c:05:3d:07:0d:7f:36:0f:bf:d1:26:57: b7:4f:4f:9f:61:02:76:d6:5e:50:9c:75:75:d1:a2:4c:61:26: 46:d9:e8:b7:65:23:a7:6e:aa:c0:80:7c:36:a5:7b:75:32:6a: f6:a5:a0:cf:a6:2b:df:b9:0c:f9:c8:8e:5b:61:15:70:f6:28: ea:39:3f:3d:82:18:c2:55:7f:21:dd:ff:6d:51:42:45:3f:91: 55:6b:4a:ec:d4:fc:2d:97:63:6e:82:8f:e4:b1:96:6e:6a:bc: 49:60:22:ca:0d:95:9f:23:a4:fa:dd:79:4c:fc:1f:05:03:49: 16:af:7a:af:53:a7:f4:0c:3b:93:55:cf:0d:2d:6e:d2:10:3b: 2c:67:4f:53:32:77:21:3f:a6:0a:c8:04:c8:67:60:36:10:6c: 30:02:6f:8f:58:bd:40:d7:4a:fe:99:7c:2f:db:2d:41:c4:a7: 95:67:75:d6:a8:3b:87:f0:ef:72:3c:69:b3:ac:7e:83:53:c8: 8a:05:ab:d6:1a:4e:19:84:14:4e:74:5a:a4:f5:11:e7:f9:25: 31:8e:6f:82 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBDgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTY1QzQxMTAvBgNVBAUTKDNBMTZDNDA0QkZFRDM0NzI0NEEzMEE1QUZGRjY2RTQ5 OTJBQTI4MjEwHhcNMjUwNDI1MDAwNjA4WhcNMjUwNTAyMDAwNjA4WjAYMRYwFAYD VQQDEw02ODBhZDFmMC0zZmM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApZWUnco3TvBccqdyXRLInI+pKLl4kkjd+/QC7j/Yw+6qUqADQa4SmU/SWpuq o2qLrdRU4lYv/qUO+MOCb8Vksb3IDH9Rakb0sjaBJDeK1DQNl2yWBb0R3LSUK1pM gaOv+KixQIArhXdTrK/BQO6w+T2n5BeP4zg493EADEsWCEo8P2kPz/7xoAznMSvF Dyh7hckZ1hgL51lHtFpcRqmgw6dfozJtKZcbvbLueCBdskI3Lbd+BrYJg1fSiXUm sFeuse1KQUeFdnfHlpW2chuYX7RmdUyxOV4Z9F2GD+Uu1U4n5v9ZxXRLzVAaDoSw nJhcuJLuGr6akX36qM5UpUMF3QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJPiWFIl hJtMB5ETwtFVDU2QEneVMB8GA1UdIwQYMBaAFDoWxAS/7TRyRKMKWv/2bkmSqigh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNjVDNC8zRTNBNTUwMjU5 OTgxMUVDOTM5MUQ1NTBDNEY5QUUwMi9PaGJFQkxfdE5ISkVvd3BhX19adVNaS3FL Q0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09oYkVCTF90TkhKRW93cGFfX1p1U1pLcUtDRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NjVDNC8zRTNBNTUwMjU5OTgxMUVDOTM5MUQ1NTBDNEY5QUUwMi9PaGJFQkxfdE5I SkVvd3BhX19adVNaS3FLQ0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAkC6+U6wD4dATcumqgV5hVzw/SPoZzE9DMQbWNEQGbGe/8sT3RaZjn E7ssBT0HDX82D7/RJle3T0+fYQJ21l5QnHV10aJMYSZG2ei3ZSOnbqrAgHw2pXt1 Mmr2paDPpivfuQz5yI5bYRVw9ijqOT89ghjCVX8h3f9tUUJFP5FVa0rs1Pwtl2Nu go/ksZZuarxJYCLKDZWfI6T63XlM/B8FA0kWr3qvU6f0DDuTVc8NLW7SEDssZ09T MnchP6YKyATIZ2A2EGwwAm+PWL1A10r+mXwv2y1BxKeVZ3XWqDuH8O9yPGmzrH6D U8iKBavWGk4ZhBROdFqk9RHn+SUxjm+C -----END CERTIFICATE-----Generated at Sat Apr 26 05:55:00 2025 by rpki-client