$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1025/8D7B9BF29D8411EF817E1420C4F9AE02/OZp7H8QgfroHB6hRUZXMaOg2q_g.mft File: OZp7H8QgfroHB6hRUZXMaOg2q_g.mft (raw, json) Hash identifier: hnrPPRffNQaljdK/3QIQ1xCx9clGwaKdG6m+Uj3++EI= Subject key identifier: 19:57:3E:CA:93:1C:41:F3:91:21:FD:E7:3E:5C:B0:2E:64:69:EE:87 Authority key identifier: 39:9A:7B:1F:C4:20:7E:BA:07:07:A8:51:51:95:CC:68:E8:36:AB:F8 Certificate issuer: /CN=A91C1025/serialNumber=399A7B1FC4207EBA0707A8515195CC68E836ABF8 Certificate serial: 5D Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OZp7H8QgfroHB6hRUZXMaOg2q_g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C1025/8D7B9BF29D8411EF817E1420C4F9AE02/OZp7H8QgfroHB6hRUZXMaOg2q_g.mft Manifest number: 5B Signing time: Fri 25 Apr 2025 06:09:21 +0000 Manifest this update: Fri 25 Apr 2025 06:09:21 +0000 Manifest next update: Fri 02 May 2025 06:09:21 +0000 Files and hashes: 1: OZp7H8QgfroHB6hRUZXMaOg2q_g.crl (hash: fXRL8EoerbkE1/JNgnrJFF7+NAPlNDmFMexToJnK93o=) 2: 4996A7209D9211EFAD3DCF45C4F9AE02.roa (hash: OktGMxzzHPz/jKeXT3HBwpZFefJQX2E3qJieHJ5ZqH0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C1025/8D7B9BF29D8411EF817E1420C4F9AE02/OZp7H8QgfroHB6hRUZXMaOg2q_g.crl rsync://rpki.apnic.net/member_repository/A91C1025/8D7B9BF29D8411EF817E1420C4F9AE02/OZp7H8QgfroHB6hRUZXMaOg2q_g.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OZp7H8QgfroHB6hRUZXMaOg2q_g.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:09:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 93 (0x5d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C1025, serialNumber=399A7B1FC4207EBA0707A8515195CC68E836ABF8 Validity Not Before: Apr 25 06:09:21 2025 GMT Not After : May 2 06:09:21 2025 GMT Subject: CN=680b2711-da15 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:ff:95:e1:a4:0e:fb:e3:d7:5c:e7:7b:aa:aa: f5:6e:96:cd:95:11:67:4d:87:d9:8c:29:e6:ca:1a: e7:ab:87:96:fd:3e:53:35:ef:2b:cd:51:c2:64:29: 8c:65:c8:49:11:12:eb:20:af:97:36:14:bb:26:ab: 28:fa:62:fd:b4:ab:16:bf:bf:99:48:49:14:f4:11: 7c:df:5c:d1:76:f6:ea:2f:1d:05:42:61:65:f7:6b: 10:00:a1:22:83:08:44:64:be:7a:e6:17:e8:e1:93: ae:d5:b5:93:4a:eb:55:ee:13:9a:7e:97:d3:27:1a: 1a:1c:ba:72:26:bf:46:fd:bc:97:63:25:2a:47:5b: df:b8:4a:e6:34:ae:36:93:dd:d1:9e:72:2c:ac:50: 09:42:67:3f:cb:f2:42:a4:08:88:e6:f0:68:e8:91: c8:76:04:e8:7c:06:e5:ba:f2:2b:d0:70:d2:12:66: ee:8c:79:94:bc:1b:4d:32:24:6b:bb:a4:19:df:a4: ea:dc:8f:af:ae:d7:63:ca:e6:89:74:33:34:a8:43: 58:c8:23:1d:a0:b8:88:74:c1:0c:53:ce:7f:10:69: 76:7f:93:a3:79:e9:5f:98:77:8b:68:d7:d9:59:dd: a3:e2:95:58:35:22:1f:c5:97:ce:b9:c0:ee:45:29: 32:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:57:3E:CA:93:1C:41:F3:91:21:FD:E7:3E:5C:B0:2E:64:69:EE:87 X509v3 Authority Key Identifier: keyid:39:9A:7B:1F:C4:20:7E:BA:07:07:A8:51:51:95:CC:68:E8:36:AB:F8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C1025/8D7B9BF29D8411EF817E1420C4F9AE02/OZp7H8QgfroHB6hRUZXMaOg2q_g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OZp7H8QgfroHB6hRUZXMaOg2q_g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1025/8D7B9BF29D8411EF817E1420C4F9AE02/OZp7H8QgfroHB6hRUZXMaOg2q_g.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2e:1f:72:32:b5:6f:e8:54:c3:d0:1a:e7:63:0b:8c:d4:1b:90: 3f:fd:77:f0:6d:55:87:05:10:fb:8c:dc:12:1b:f5:78:2d:90: 1a:10:37:09:c5:f2:2c:e8:1a:13:07:ba:13:bb:dc:f9:64:e8: db:98:e2:07:7b:23:c9:e4:b2:b4:84:28:b8:01:2d:45:52:0c: 7b:1b:ea:a1:41:e3:5b:8e:72:20:88:f6:ab:f4:7c:bf:30:f5: 10:e5:ac:8b:eb:b8:de:c7:61:49:65:93:24:0d:83:b2:0b:8c: e3:ae:cc:98:d7:50:66:e9:c3:26:86:b5:3c:c0:00:66:34:57: 98:31:47:de:c0:71:86:e2:9b:9d:f7:0e:5a:9e:b0:28:46:88: 37:7f:fe:47:3a:21:da:2f:0d:9d:e8:6d:41:d2:8f:f0:27:ee: 55:c3:b3:5f:c1:62:b4:05:f8:d5:b7:39:f5:26:b5:28:61:c5: 29:ff:1d:3c:cc:ea:92:eb:37:9a:f4:5a:09:90:fb:59:17:22: f0:de:05:9b:df:15:45:3b:23:d7:10:ab:83:ad:7e:de:70:d4: 05:0a:47:e7:a1:d7:c7:80:1c:ae:f5:8c:d6:41:30:be:b9:4d: ea:0a:17:7f:7f:e9:6d:67:31:7d:0c:54:71:5c:1b:4f:eb:64: 3d:ab:0b:9c -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBXTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD MTAyNTExMC8GA1UEBRMoMzk5QTdCMUZDNDIwN0VCQTA3MDdBODUxNTE5NUNDNjhF ODM2QUJGODAeFw0yNTA0MjUwNjA5MjFaFw0yNTA1MDIwNjA5MjFaMBgxFjAUBgNV BAMTDTY4MGIyNzExLWRhMTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCv/5XhpA7749dc53uqqvVuls2VEWdNh9mMKebKGuerh5b9PlM17yvNUcJkKYxl yEkREusgr5c2FLsmqyj6Yv20qxa/v5lISRT0EXzfXNF29uovHQVCYWX3axAAoSKD CERkvnrmF+jhk67VtZNK61XuE5p+l9MnGhocunImv0b9vJdjJSpHW9+4SuY0rjaT 3dGeciysUAlCZz/L8kKkCIjm8Gjokch2BOh8BuW68ivQcNISZu6MeZS8G00yJGu7 pBnfpOrcj6+u12PK5ol0MzSoQ1jIIx2guIh0wQxTzn8QaXZ/k6N56V+Yd4to19lZ 3aPilVg1Ih/Fl865wO5FKTJFAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUGVc+ypMc QfORIf3nPlywLmRp7ocwHwYDVR0jBBgwFoAUOZp7H8QgfroHB6hRUZXMaOg2q/gw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMxMDI1LzhEN0I5QkYyOUQ4 NDExRUY4MTdFMTQyMEM0RjlBRTAyL09acDdIOFFnZnJvSEI2aFJVWlhNYU9nMnFf Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvT1pwN0g4UWdmcm9IQjZoUlVaWE1hT2cycV9nLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMx MDI1LzhEN0I5QkYyOUQ4NDExRUY4MTdFMTQyMEM0RjlBRTAyL09acDdIOFFnZnJv SEI2aFJVWlhNYU9nMnFfZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAC4fcjK1b+hUw9Aa52MLjNQbkD/9d/BtVYcFEPuM3BIb9XgtkBoQNwnF 8izoGhMHuhO73Plk6NuY4gd7I8nksrSEKLgBLUVSDHsb6qFB41uOciCI9qv0fL8w 9RDlrIvruN7HYUllkyQNg7ILjOOuzJjXUGbpwyaGtTzAAGY0V5gxR97AcYbim533 DlqesChGiDd//kc6IdovDZ3obUHSj/An7lXDs1/BYrQF+NW3OfUmtShhxSn/HTzM 6pLrN5r0WgmQ+1kXIvDeBZvfFUU7I9cQq4Otft5w1AUKR+eh18eAHK71jNZBML65 TeoKF39/6W1nMX0MVHFcG0/rZD2rC5w= -----END CERTIFICATE-----Generated at Sat Apr 26 15:22:25 2025 by rpki-client