$ rpki-client -vvf rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.mft File: oZOMkSrC9KlYuT2vj0snIBWw2Ng.mft (raw, json) Hash identifier: /+t2+aEAfhmvyczI0Zc67hao/CHW+VSX7MiMs4tUk0U= Subject key identifier: 92:87:A4:C8:25:14:16:F5:B2:B7:A4:C6:BF:F9:80:06:4F:E8:4D:40 Authority key identifier: A1:93:8C:91:2A:C2:F4:A9:58:B9:3D:AF:8F:4B:27:20:15:B0:D8:D8 Certificate issuer: /CN=A91D9D8B/serialNumber=A1938C912AC2F4A958B93DAF8F4B272015B0D8D8 Certificate serial: 01BF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oZOMkSrC9KlYuT2vj0snIBWw2Ng.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.mft Manifest number: 01BA Signing time: Fri 25 Apr 2025 02:17:01 +0000 Manifest this update: Fri 25 Apr 2025 02:17:00 +0000 Manifest next update: Fri 02 May 2025 02:17:00 +0000 Files and hashes: 1: oZOMkSrC9KlYuT2vj0snIBWw2Ng.crl (hash: DcWSUNG8uqPC1tFF0FjI8kLWMtihUyCZDJ+SnWVnfLY=) 2: 95C4C7AA7F7911ED9C1EAE19C4F9AE02.roa (hash: KfdVVRr1UwfhsTtUMM0Ph6w9qtVR9qcrLdXdVzGndCs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.crl rsync://rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oZOMkSrC9KlYuT2vj0snIBWw2Ng.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 02:17:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 447 (0x1bf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D9D8B, serialNumber=A1938C912AC2F4A958B93DAF8F4B272015B0D8D8 Validity Not Before: Apr 25 02:17:00 2025 GMT Not After : May 2 02:17:00 2025 GMT Subject: CN=680af09d-4bcc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:6a:f8:f6:3f:d4:20:fd:9a:68:7e:ab:f2:7c: 23:8d:21:a8:04:4c:d1:b3:9c:02:6f:fc:f9:48:8e: dd:32:1e:e9:7f:12:63:c5:38:5e:3a:0f:65:a7:2d: 6b:d6:35:64:34:f9:b6:4d:45:5d:8c:1f:13:6f:7c: e4:5b:0a:bf:8f:8d:f6:66:d6:c5:40:24:46:ec:11: 8d:a2:47:eb:51:1b:5c:75:c6:70:69:c7:46:1f:eb: cc:2f:b8:f1:ad:f0:9b:02:a4:27:18:b5:d6:a5:77: 0b:f1:32:40:85:3a:d9:c4:a8:bc:c0:e2:3b:5f:1d: 28:02:cb:a5:b9:f0:43:1d:2c:42:3a:64:3f:80:dd: 62:11:87:b7:03:df:bc:8c:37:97:a5:35:9b:40:47: 37:eb:03:48:63:5b:b8:14:f2:4d:e8:81:73:c7:56: 0f:9a:50:21:57:d2:84:e7:9b:83:b1:2f:2f:83:c4: 95:af:60:bb:bc:a6:ed:39:08:a6:eb:21:0b:d1:86: 83:9f:5b:67:fa:cb:a1:c4:b2:d7:d7:13:59:3b:a2: 40:66:9f:d9:92:35:9d:c0:4c:9f:f5:49:7d:7c:dc: b1:c5:85:69:f6:53:00:7e:3a:1f:2f:28:cc:04:e2: 57:4f:bf:de:58:5e:8d:2d:2d:97:50:ab:6e:5c:69: 39:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:87:A4:C8:25:14:16:F5:B2:B7:A4:C6:BF:F9:80:06:4F:E8:4D:40 X509v3 Authority Key Identifier: keyid:A1:93:8C:91:2A:C2:F4:A9:58:B9:3D:AF:8F:4B:27:20:15:B0:D8:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oZOMkSrC9KlYuT2vj0snIBWw2Ng.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 22:09:cb:ab:2f:89:c5:c2:a0:91:37:92:36:2b:71:2e:4e:bc: ea:fd:3a:ae:d3:63:57:4a:35:be:81:81:e1:22:e5:56:4e:4a: 8b:7f:c7:92:6a:c2:a4:35:18:8a:3a:38:33:b2:6d:e7:dc:94: 39:9f:e1:cb:1b:8a:2b:4a:18:97:3b:87:bd:89:ff:a6:df:f1: 8a:1a:af:92:1d:a4:27:6a:bf:d4:7e:73:19:a2:ac:5c:da:56: e2:5c:cd:0c:77:1c:90:42:8f:52:52:16:25:f7:7a:7a:ea:a8: b5:40:58:3d:19:c6:83:e1:a4:89:f0:62:99:8f:cc:fb:21:91: 17:2e:93:35:ed:47:6d:32:28:17:cd:e7:67:41:c8:96:79:00: 6a:45:70:fc:8c:91:80:74:53:61:aa:80:b7:72:62:84:93:06: c2:88:fb:e9:17:e0:89:e8:56:fb:15:75:79:45:e6:d4:6c:41: 1a:19:14:5f:2b:46:0e:96:0d:2c:07:85:f5:cd:5c:64:a6:26: ba:ae:0b:08:27:7e:f1:e8:f8:df:7a:10:ea:84:89:4d:86:1f: 8b:e3:2c:1d:06:99:8a:e4:d5:3c:d0:d0:da:c7:5c:f1:5a:d2: 5a:d7:f8:0c:90:4c:ef:79:3f:9e:05:30:60:b1:fb:2b:8d:b1: ea:e4:de:d7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAb8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDlEOEIxMTAvBgNVBAUTKEExOTM4QzkxMkFDMkY0QTk1OEI5M0RBRjhGNEIyNzIw MTVCMEQ4RDgwHhcNMjUwNDI1MDIxNzAwWhcNMjUwNTAyMDIxNzAwWjAYMRYwFAYD VQQDEw02ODBhZjA5ZC00YmNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwGr49j/UIP2aaH6r8nwjjSGoBEzRs5wCb/z5SI7dMh7pfxJjxTheOg9lpy1r 1jVkNPm2TUVdjB8Tb3zkWwq/j432ZtbFQCRG7BGNokfrURtcdcZwacdGH+vML7jx rfCbAqQnGLXWpXcL8TJAhTrZxKi8wOI7Xx0oAsulufBDHSxCOmQ/gN1iEYe3A9+8 jDeXpTWbQEc36wNIY1u4FPJN6IFzx1YPmlAhV9KE55uDsS8vg8SVr2C7vKbtOQim 6yEL0YaDn1tn+suhxLLX1xNZO6JAZp/ZkjWdwEyf9Ul9fNyxxYVp9lMAfjofLyjM BOJXT7/eWF6NLS2XUKtuXGk55wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJKHpMgl FBb1srekxr/5gAZP6E1AMB8GA1UdIwQYMBaAFKGTjJEqwvSpWLk9r49LJyAVsNjY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOUQ4Qi81RjExRTAyQTdG NzUxMUVEOEFGQkU2NzNDNEY5QUUwMi9vWk9Na1NyQzlLbFl1VDJ2ajBzbklCV3cy TmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29aT01rU3JDOUtsWXVUMnZqMHNuSUJXdzJOZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE OUQ4Qi81RjExRTAyQTdGNzUxMUVEOEFGQkU2NzNDNEY5QUUwMi9vWk9Na1NyQzlL bFl1VDJ2ajBzbklCV3cyTmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAiCcurL4nFwqCRN5I2K3EuTrzq/Tqu02NXSjW+gYHhIuVWTkqLf8eS asKkNRiKOjgzsm3n3JQ5n+HLG4orShiXO4e9if+m3/GKGq+SHaQnar/UfnMZoqxc 2lbiXM0MdxyQQo9SUhYl93p66qi1QFg9GcaD4aSJ8GKZj8z7IZEXLpM17UdtMigX zednQciWeQBqRXD8jJGAdFNhqoC3cmKEkwbCiPvpF+CJ6Fb7FXV5RebUbEEaGRRf K0YOlg0sB4X1zVxkpia6rgsIJ37x6PjfehDqhIlNhh+L4ywdBpmK5NU80NDax1zx WtJa1/gMkEzveT+eBTBgsfsrjbHq5N7X -----END CERTIFICATE-----Generated at Sat Apr 26 14:01:38 2025 by rpki-client