$ rpki-client -vvf rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.mft File: oKMiStDIKz-aYvNHrKP5RdsI8rA.mft (raw, json) Hash identifier: cgAB2oYiWaszY4L1/IwqRZZXHMuthUYkD01/yjeeG/I= Subject key identifier: A5:44:40:E5:39:FC:3A:B4:43:9D:E0:ED:00:23:DD:A8:A1:F5:2C:88 Authority key identifier: A0:A3:22:4A:D0:C8:2B:3F:9A:62:F3:47:AC:A3:F9:45:DB:08:F2:B0 Certificate issuer: /CN=A91B80BD/serialNumber=A0A3224AD0C82B3F9A62F347ACA3F945DB08F2B0 Certificate serial: 3043 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oKMiStDIKz-aYvNHrKP5RdsI8rA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.mft Manifest number: 3015 Signing time: Thu 24 Apr 2025 15:28:02 +0000 Manifest this update: Thu 24 Apr 2025 15:28:01 +0000 Manifest next update: Thu 01 May 2025 15:28:01 +0000 Files and hashes: 1: oKMiStDIKz-aYvNHrKP5RdsI8rA.crl (hash: 8obcRVmbWhNJVgbK4qBLB1txTcMeILIJtH2LiqYb0Rk=) 2: 583C1F6854F611E79DF7E643C4F9AE02.roa (hash: J9SJ4DIJ/7Jqarub1sf8j6PHgZAGlGGdRbRsMiv9apI=) 3: 915E51B8F3BE11ED8B9B1450C4F9AE02.roa (hash: 9deMiuArgkPyt65CV7Ht+L/9JKrWYVcP+qJb8LKGzOI=) 4: 4C72E61CB0EC11E5A6934B42C4F9AE02.roa (hash: 2+WTGnYcaeWw8w6rtvBrYx7uq+JHkK1rDrCVxpG+T+Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.crl rsync://rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oKMiStDIKz-aYvNHrKP5RdsI8rA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 15:28:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12355 (0x3043) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B80BD, serialNumber=A0A3224AD0C82B3F9A62F347ACA3F945DB08F2B0 Validity Not Before: Apr 24 15:28:01 2025 GMT Not After : May 1 15:28:01 2025 GMT Subject: CN=680a5881-f4ab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:cb:9b:f4:1c:d6:8a:d6:02:fb:e7:13:a1:96: 28:7a:3d:37:75:d2:4b:99:d1:4c:12:c1:03:3a:a5: e6:44:a2:82:cf:ba:4e:ac:a7:5a:3a:58:b5:5b:09: af:6d:f4:72:e6:c2:64:fb:41:8e:15:b5:97:be:da: 4f:ed:61:99:4a:84:f7:26:5c:49:9f:6d:1f:b8:15: 29:50:bb:7e:35:3c:54:a0:0d:8c:c9:c5:38:9d:3f: fa:37:0f:ec:2a:17:f9:53:70:67:53:ae:e8:10:a5: f8:9c:d9:9f:17:d0:04:c3:ec:c7:8c:1e:80:b7:c1: d0:13:df:64:01:55:f5:58:6e:b1:02:3f:66:6d:e6: ec:2d:fb:d2:79:f7:3f:ff:17:53:22:28:0a:76:a6: 24:e9:4d:06:35:d5:53:68:fb:f1:bd:46:7a:d5:7c: 82:a8:62:1f:f4:0b:c1:c3:62:cd:50:64:ac:e7:c6: 33:5d:7a:30:90:5a:1e:18:94:f5:2c:48:9e:e8:1f: 53:09:f2:de:48:9e:79:74:bb:9a:f9:d6:c6:6e:3b: 4c:43:13:1b:22:3a:d9:d5:eb:d0:43:6a:97:c6:97: 2c:31:fd:3a:b3:9a:8e:d7:f5:66:d5:f5:8d:e1:25: 8a:7b:cf:69:ae:cb:e3:50:39:4e:2e:69:3c:c5:f8: 8c:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:44:40:E5:39:FC:3A:B4:43:9D:E0:ED:00:23:DD:A8:A1:F5:2C:88 X509v3 Authority Key Identifier: keyid:A0:A3:22:4A:D0:C8:2B:3F:9A:62:F3:47:AC:A3:F9:45:DB:08:F2:B0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oKMiStDIKz-aYvNHrKP5RdsI8rA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 90:58:cb:3e:54:95:50:72:8d:c1:42:79:9f:3d:d7:b7:a9:36: 70:ca:30:54:5b:62:b7:e3:dd:e3:bc:a8:2d:71:1c:bb:40:d0: bf:1a:6a:e8:85:81:a9:8b:f1:68:c4:3e:ec:3b:35:2d:06:96: 7d:c4:a1:b8:42:ee:5a:8f:31:55:07:83:29:f1:af:c4:b4:d1: 91:c8:ea:b1:77:c8:f4:5c:e5:ae:e9:66:b8:d4:32:b3:27:33: b2:e7:91:a3:29:03:72:24:78:a6:3a:73:43:d6:d1:cb:ce:4f: dc:26:e8:50:7a:bd:d0:f6:3e:4e:06:9b:45:3a:89:19:13:c6: 0a:d0:76:65:e2:15:89:0d:d1:16:2f:fb:fe:18:3a:ab:2e:68: fa:54:29:80:53:36:f6:fc:ba:b9:cc:48:22:59:6c:c6:05:3e: 5a:8e:ef:fb:b9:c6:52:ac:d1:a2:45:35:67:77:af:8a:12:7d: 4b:83:f7:cc:22:23:6a:96:52:88:4f:78:9d:19:bb:21:b9:81: cb:24:75:fd:21:ec:3a:8a:dd:c7:b8:8a:19:0a:07:d7:45:36: 29:bf:4e:76:6a:38:88:bc:65:00:5f:dc:42:32:1b:9a:34:11: 2d:e8:d9:da:e8:0a:96:09:16:78:e2:d0:89:71:58:10:be:bd: 5c:b3:d9:75 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICMEMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjgwQkQxMTAvBgNVBAUTKEEwQTMyMjRBRDBDODJCM0Y5QTYyRjM0N0FDQTNGOTQ1 REIwOEYyQjAwHhcNMjUwNDI0MTUyODAxWhcNMjUwNTAxMTUyODAxWjAYMRYwFAYD VQQDEw02ODBhNTg4MS1mNGFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAncub9BzWitYC++cToZYoej03ddJLmdFMEsEDOqXmRKKCz7pOrKdaOli1Wwmv bfRy5sJk+0GOFbWXvtpP7WGZSoT3JlxJn20fuBUpULt+NTxUoA2MycU4nT/6Nw/s Khf5U3BnU67oEKX4nNmfF9AEw+zHjB6At8HQE99kAVX1WG6xAj9mbebsLfvSefc/ /xdTIigKdqYk6U0GNdVTaPvxvUZ61XyCqGIf9AvBw2LNUGSs58YzXXowkFoeGJT1 LEie6B9TCfLeSJ55dLua+dbGbjtMQxMbIjrZ1evQQ2qXxpcsMf06s5qO1/Vm1fWN 4SWKe89prsvjUDlOLmk8xfiMIwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKVEQOU5 /Dq0Q53g7QAj3aih9SyIMB8GA1UdIwQYMBaAFKCjIkrQyCs/mmLzR6yj+UXbCPKw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCODBCRC9CNUE2MzZEOEZF NUMxMUUyQUVDMDQyNTA1OTExRUEzMi9vS01pU3RESUt6LWFZdk5IcktQNVJkc0k4 ckEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29LTWlTdERJS3otYVl2TkhyS1A1UmRzSThyQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC ODBCRC9CNUE2MzZEOEZFNUMxMUUyQUVDMDQyNTA1OTExRUEzMi9vS01pU3RESUt6 LWFZdk5IcktQNVJkc0k4ckEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCQWMs+VJVQco3BQnmfPde3qTZwyjBUW2K3493jvKgtcRy7QNC/Gmro hYGpi/FoxD7sOzUtBpZ9xKG4Qu5ajzFVB4Mp8a/EtNGRyOqxd8j0XOWu6Wa41DKz JzOy55GjKQNyJHimOnND1tHLzk/cJuhQer3Q9j5OBptFOokZE8YK0HZl4hWJDdEW L/v+GDqrLmj6VCmAUzb2/Lq5zEgiWWzGBT5aju/7ucZSrNGiRTVnd6+KEn1Lg/fM IiNqllKIT3idGbshuYHLJHX9Iew6it3HuIoZCgfXRTYpv052ajiIvGUAX9xCMhua NBEt6Nna6AqWCRZ44tCJcVgQvr1cs9l1 -----END CERTIFICATE-----Generated at Sat Apr 26 12:34:36 2025 by rpki-client