$ rpki-client -vvf rpki.apnic.net/member_repository/A91CAB4E/2CA47066997011E8861DD057C4F9AE02/OhSUJb4yhdYRSwH2wvyIoXr_S-w.mft File: OhSUJb4yhdYRSwH2wvyIoXr_S-w.mft (raw, json) Hash identifier: uOWRAIE4Wyt51tzho6FojTzVPh6uLxxmJ63ZfK9EQ8w= Subject key identifier: 50:45:17:1E:3A:AC:AD:39:3C:DE:01:00:03:95:1D:E0:A1:F5:1B:54 Authority key identifier: 3A:14:94:25:BE:32:85:D6:11:4B:01:F6:C2:FC:88:A1:7A:FF:4B:EC Certificate issuer: /CN=A91CAB4E/serialNumber=3A149425BE3285D6114B01F6C2FC88A17AFF4BEC Certificate serial: 1378 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhSUJb4yhdYRSwH2wvyIoXr_S-w.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CAB4E/2CA47066997011E8861DD057C4F9AE02/OhSUJb4yhdYRSwH2wvyIoXr_S-w.mft Manifest number: 136F Signing time: Thu 24 Apr 2025 16:59:26 +0000 Manifest this update: Thu 24 Apr 2025 16:59:26 +0000 Manifest next update: Thu 01 May 2025 16:59:26 +0000 Files and hashes: 1: OhSUJb4yhdYRSwH2wvyIoXr_S-w.crl (hash: tCBDND2Sz7+oANw+xCclyd2tvlIL4ZcqRk9oBME0evE=) 2: 7F662C72997011E8B0FDEF57C4F9AE02.roa (hash: c+PuAbIml2jBjPavn1IEZDbXlxGsrH9yX4XnYZy8fpU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CAB4E/2CA47066997011E8861DD057C4F9AE02/OhSUJb4yhdYRSwH2wvyIoXr_S-w.crl rsync://rpki.apnic.net/member_repository/A91CAB4E/2CA47066997011E8861DD057C4F9AE02/OhSUJb4yhdYRSwH2wvyIoXr_S-w.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhSUJb4yhdYRSwH2wvyIoXr_S-w.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 16:59:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4984 (0x1378) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CAB4E, serialNumber=3A149425BE3285D6114B01F6C2FC88A17AFF4BEC Validity Not Before: Apr 24 16:59:26 2025 GMT Not After : May 1 16:59:26 2025 GMT Subject: CN=680a6dee-9b5a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:2b:7a:1d:c5:a4:27:fa:b9:2b:01:2a:50:b4: 61:70:6d:dc:db:f9:3a:3f:0d:ca:02:53:88:0d:7d: 60:aa:3a:1d:5d:bf:a6:22:22:44:04:71:07:12:cd: ea:30:d9:25:98:47:4f:62:f2:5a:4a:3d:ca:25:86: ad:2e:8f:f5:ff:d4:07:3c:9d:5f:c7:6b:33:01:0c: fc:b5:4c:95:fa:0d:36:b5:3f:83:82:aa:ff:c2:10: f8:bd:ab:02:f8:5a:94:f9:3b:fc:79:22:cb:dd:0f: 7c:4b:53:01:b2:ee:af:ea:9f:f0:0f:63:2b:89:1e: 94:2c:28:ff:d0:0b:9e:30:fd:89:65:66:17:de:be: cc:23:36:ca:de:3c:92:c1:ef:b7:e6:28:c1:ce:4f: fd:94:bb:c9:a0:e1:a3:ea:d3:ab:50:fd:90:3d:96: 9a:74:d7:4f:51:c3:94:57:41:2e:37:02:c8:fd:49: a1:a3:7b:2e:9f:75:ff:72:e8:74:55:d0:b5:d0:e8: f1:bb:aa:e2:87:e4:0a:50:0e:d5:57:54:a6:e2:70: 63:97:9b:c8:be:2f:c4:a0:aa:c7:74:77:7f:af:73: c0:91:f1:79:11:e3:5c:69:f7:ce:c9:b7:df:59:88: 4e:49:65:15:11:98:6c:7f:19:ec:ed:1f:18:f5:64: 14:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:45:17:1E:3A:AC:AD:39:3C:DE:01:00:03:95:1D:E0:A1:F5:1B:54 X509v3 Authority Key Identifier: keyid:3A:14:94:25:BE:32:85:D6:11:4B:01:F6:C2:FC:88:A1:7A:FF:4B:EC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CAB4E/2CA47066997011E8861DD057C4F9AE02/OhSUJb4yhdYRSwH2wvyIoXr_S-w.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhSUJb4yhdYRSwH2wvyIoXr_S-w.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CAB4E/2CA47066997011E8861DD057C4F9AE02/OhSUJb4yhdYRSwH2wvyIoXr_S-w.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8e:40:ad:e4:86:66:f5:fa:cc:4c:4f:2e:b6:e8:e0:41:37:75: d4:9f:a4:77:23:24:b6:d7:78:8d:1c:0d:54:24:ad:78:a4:41: 82:2a:3e:a2:ff:21:7a:80:d0:a7:23:96:95:23:76:da:d0:21: 81:04:ab:be:dc:67:69:b8:0f:a4:af:ef:28:ca:96:96:3b:55: 3c:78:b1:ba:55:8d:58:74:9e:8f:0d:0c:86:a7:a3:9a:94:0c: de:59:8b:a7:c4:cc:0c:d7:fa:74:95:0f:ba:28:3e:14:db:b7: 29:33:81:b2:bd:a8:18:ea:f8:34:5c:bb:2b:d1:78:a8:f3:fd: 5f:b1:e0:60:55:79:01:e2:fe:41:15:02:40:5a:cf:76:7e:24: 68:5d:3f:f3:e6:59:0c:f2:28:ab:b4:38:f1:31:74:30:1f:f7: 1d:fc:68:7d:da:af:93:10:a6:70:c1:c9:ef:96:14:a4:2d:3f: 54:cb:15:9c:4a:e2:88:c1:84:0e:77:6a:23:7f:44:27:3e:46: c7:f7:23:b7:0f:32:7c:66:ef:a0:4b:ad:f9:7e:3d:e2:fb:d9: 9c:3d:fa:4e:58:e9:58:2b:15:70:3f:1a:60:af:2d:1f:a0:40: 0e:8e:1b:a2:a6:a3:b6:26:97:30:06:e8:2b:28:a2:4f:34:43: 11:01:35:13 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICE3gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0FCNEUxMTAvBgNVBAUTKDNBMTQ5NDI1QkUzMjg1RDYxMTRCMDFGNkMyRkM4OEEx N0FGRjRCRUMwHhcNMjUwNDI0MTY1OTI2WhcNMjUwNTAxMTY1OTI2WjAYMRYwFAYD VQQDEw02ODBhNmRlZS05YjVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3it6HcWkJ/q5KwEqULRhcG3c2/k6Pw3KAlOIDX1gqjodXb+mIiJEBHEHEs3q MNklmEdPYvJaSj3KJYatLo/1/9QHPJ1fx2szAQz8tUyV+g02tT+Dgqr/whD4vasC +FqU+Tv8eSLL3Q98S1MBsu6v6p/wD2MriR6ULCj/0AueMP2JZWYX3r7MIzbK3jyS we+35ijBzk/9lLvJoOGj6tOrUP2QPZaadNdPUcOUV0EuNwLI/Umho3sun3X/cuh0 VdC10Ojxu6rih+QKUA7VV1Sm4nBjl5vIvi/EoKrHdHd/r3PAkfF5EeNcaffOybff WYhOSWUVEZhsfxns7R8Y9WQUKQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFBFFx46 rK05PN4BAAOVHeCh9RtUMB8GA1UdIwQYMBaAFDoUlCW+MoXWEUsB9sL8iKF6/0vs MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQUI0RS8yQ0E0NzA2Njk5 NzAxMUU4ODYxREQwNTdDNEY5QUUwMi9PaFNVSmI0eWhkWVJTd0gyd3Z5SW9Ycl9T LXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09oU1VKYjR5aGRZUlN3SDJ3dnlJb1hyX1Mtdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD QUI0RS8yQ0E0NzA2Njk5NzAxMUU4ODYxREQwNTdDNEY5QUUwMi9PaFNVSmI0eWhk WVJTd0gyd3Z5SW9Ycl9TLXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCOQK3khmb1+sxMTy626OBBN3XUn6R3IyS213iNHA1UJK14pEGCKj6i /yF6gNCnI5aVI3ba0CGBBKu+3GdpuA+kr+8oypaWO1U8eLG6VY1YdJ6PDQyGp6Oa lAzeWYunxMwM1/p0lQ+6KD4U27cpM4GyvagY6vg0XLsr0Xio8/1fseBgVXkB4v5B FQJAWs92fiRoXT/z5lkM8iirtDjxMXQwH/cd/Gh92q+TEKZwwcnvlhSkLT9UyxWc SuKIwYQOd2ojf0QnPkbH9yO3DzJ8Zu+gS635fj3i+9mcPfpOWOlYKxVwPxpgry0f oEAOjhuipqO2JpcwBugrKKJPNEMRATUT -----END CERTIFICATE-----Generated at Sat Apr 26 04:35:58 2025 by rpki-client