$ rpki-client -vvf rpki.apnic.net/member_repository/A91DD584/327073829CB111EFAEA00D25C4F9AE02/oPojd21UTId5RsrHxId0ZRmTfbg.mft File: oPojd21UTId5RsrHxId0ZRmTfbg.mft (raw, json) Hash identifier: abEyLXBgf1TaxoaIzVf6OivIfYfTCHxEUBve7PIAy2w= Subject key identifier: 99:B5:47:9D:27:EA:B5:17:28:2D:8D:4C:D5:67:38:62:E8:C7:C2:A7 Authority key identifier: A0:FA:23:77:6D:54:4C:87:79:46:CA:C7:C4:87:74:65:19:93:7D:B8 Certificate issuer: /CN=A91DD584/serialNumber=A0FA23776D544C877946CAC7C487746519937DB8 Certificate serial: 62 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oPojd21UTId5RsrHxId0ZRmTfbg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DD584/327073829CB111EFAEA00D25C4F9AE02/oPojd21UTId5RsrHxId0ZRmTfbg.mft Manifest number: 5F Signing time: Thu 01 May 2025 06:07:33 +0000 Manifest this update: Thu 01 May 2025 06:07:33 +0000 Manifest next update: Thu 08 May 2025 06:07:33 +0000 Files and hashes: 1: oPojd21UTId5RsrHxId0ZRmTfbg.crl (hash: X3fBPavb+Fnth/zYTz5EuabVl1adPEvH0qNMF/4cjMg=) 2: B4C685B09CB111EFA6F8E627C4F9AE02.roa (hash: GuNo7IUV7Thwoh9B3txt8mnx9fY3g5B8M+APQokJxqg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DD584/327073829CB111EFAEA00D25C4F9AE02/oPojd21UTId5RsrHxId0ZRmTfbg.crl rsync://rpki.apnic.net/member_repository/A91DD584/327073829CB111EFAEA00D25C4F9AE02/oPojd21UTId5RsrHxId0ZRmTfbg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oPojd21UTId5RsrHxId0ZRmTfbg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 08 May 2025 06:07:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 98 (0x62) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DD584, serialNumber=A0FA23776D544C877946CAC7C487746519937DB8 Validity Not Before: May 1 06:07:33 2025 GMT Not After : May 8 06:07:33 2025 GMT Subject: CN=68130fa5-bcfa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:b7:a7:62:56:da:ef:77:b3:72:cd:4c:32:dc: 99:63:91:f7:3c:6f:f0:04:40:21:13:65:23:7a:8d: 07:95:3a:49:4b:d5:50:cd:2c:78:f8:45:94:5d:33: 55:f5:f7:a4:e8:b5:0b:2c:be:b1:b7:24:06:d0:d9: a0:ca:97:85:21:84:c9:ea:4c:8e:87:af:7f:0d:97: d4:6b:47:4d:ae:5b:94:a1:3d:b4:a3:fc:49:b8:36: f8:d8:42:b5:c7:80:c2:29:59:4a:f0:c5:72:12:ed: c8:82:97:cf:9e:b5:17:f4:31:51:0b:91:09:98:7b: f0:47:68:c6:22:63:15:c7:38:9f:82:db:b4:c5:5e: 9a:68:10:c8:07:2c:71:55:a2:88:bd:60:06:ac:1b: ec:53:0c:fa:64:04:c8:18:1c:27:f5:bc:b8:a9:3f: dd:66:3f:a5:05:cc:f7:ae:5c:35:a4:d4:05:61:64: 89:bb:95:3b:86:fe:e8:0b:59:33:cd:b9:27:e3:88: 4f:bc:ad:f1:9b:ff:86:06:1c:2c:24:17:11:6d:9e: 9c:fd:8a:cf:00:7e:fc:47:cd:03:36:49:f9:c4:9b: 92:6f:8b:d9:f6:5d:ec:35:ed:b7:57:86:77:af:61: 0b:56:1a:9c:80:ea:1e:fb:0c:f4:e0:87:37:34:6a: ad:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:B5:47:9D:27:EA:B5:17:28:2D:8D:4C:D5:67:38:62:E8:C7:C2:A7 X509v3 Authority Key Identifier: keyid:A0:FA:23:77:6D:54:4C:87:79:46:CA:C7:C4:87:74:65:19:93:7D:B8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DD584/327073829CB111EFAEA00D25C4F9AE02/oPojd21UTId5RsrHxId0ZRmTfbg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oPojd21UTId5RsrHxId0ZRmTfbg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DD584/327073829CB111EFAEA00D25C4F9AE02/oPojd21UTId5RsrHxId0ZRmTfbg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 64:34:52:c5:94:f9:2c:4e:99:ba:0f:e1:fa:c1:20:3a:6e:e1: 77:84:91:f7:4c:43:f6:c7:57:55:45:e8:24:ba:8e:59:0d:10: af:fe:f9:18:d0:c2:a0:0d:a7:bd:90:9a:f8:f5:98:2e:9c:77: d5:c4:bd:90:85:05:03:ce:a1:5f:dc:a5:ec:d4:85:22:f4:e7: 47:4e:9f:08:c5:11:99:44:7b:16:0a:c8:e3:99:4c:76:55:40: 37:f1:3c:5f:3e:06:d1:73:d7:74:5f:76:2e:d9:aa:b1:5d:22: 25:c4:3e:d2:7f:2b:61:75:50:7b:19:f5:6b:7c:a3:16:75:b6: a7:48:ef:3f:65:fd:39:58:15:d7:69:67:81:ce:26:e9:bc:01: 68:73:6c:0a:81:4d:82:cd:0d:cb:3d:76:4f:ef:dc:07:0e:ad: a0:34:62:61:d4:83:a2:68:79:df:e2:79:4a:07:7c:b2:00:c4: ae:ba:3d:d7:70:68:6d:09:04:d2:8c:d7:64:33:ad:43:cc:5e: 3d:73:fb:83:b2:30:3e:69:c4:98:ff:78:d2:01:4e:a9:9f:de: cb:62:89:36:0c:36:f4:95:9e:d9:1c:ac:0c:04:27:40:71:25: 99:5f:8c:82:40:d1:eb:43:86:5a:7f:aa:16:36:a0:3c:8c:24: 5d:6e:7d:17 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBYjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE RDU4NDExMC8GA1UEBRMoQTBGQTIzNzc2RDU0NEM4Nzc5NDZDQUM3QzQ4Nzc0NjUx OTkzN0RCODAeFw0yNTA1MDEwNjA3MzNaFw0yNTA1MDgwNjA3MzNaMBgxFjAUBgNV BAMTDTY4MTMwZmE1LWJjZmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC0t6diVtrvd7NyzUwy3Jljkfc8b/AEQCETZSN6jQeVOklL1VDNLHj4RZRdM1X1 96TotQssvrG3JAbQ2aDKl4UhhMnqTI6Hr38Nl9RrR02uW5ShPbSj/Em4NvjYQrXH gMIpWUrwxXIS7ciCl8+etRf0MVELkQmYe/BHaMYiYxXHOJ+C27TFXppoEMgHLHFV ooi9YAasG+xTDPpkBMgYHCf1vLipP91mP6UFzPeuXDWk1AVhZIm7lTuG/ugLWTPN uSfjiE+8rfGb/4YGHCwkFxFtnpz9is8AfvxHzQM2SfnEm5Jvi9n2Xew17bdXhnev YQtWGpyA6h77DPTghzc0aq37AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUmbVHnSfq tRcoLY1M1Wc4YujHwqcwHwYDVR0jBBgwFoAUoPojd21UTId5RsrHxId0ZRmTfbgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURENTg0LzMyNzA3MzgyOUNC MTExRUZBRUEwMEQyNUM0RjlBRTAyL29Qb2pkMjFVVElkNVJzckh4SWQwWlJtVGZi Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvb1BvamQyMVVUSWQ1UnNySHhJZDBaUm1UZmJnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURE NTg0LzMyNzA3MzgyOUNCMTExRUZBRUEwMEQyNUM0RjlBRTAyL29Qb2pkMjFVVElk NVJzckh4SWQwWlJtVGZiZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGQ0UsWU+SxOmboP4frBIDpu4XeEkfdMQ/bHV1VF6CS6jlkNEK/++RjQ wqANp72Qmvj1mC6cd9XEvZCFBQPOoV/cpezUhSL050dOnwjFEZlEexYKyOOZTHZV QDfxPF8+BtFz13Rfdi7ZqrFdIiXEPtJ/K2F1UHsZ9Wt8oxZ1tqdI7z9l/TlYFddp Z4HOJum8AWhzbAqBTYLNDcs9dk/v3AcOraA0YmHUg6Joed/ieUoHfLIAxK66Pddw aG0JBNKM12QzrUPMXj1z+4OyMD5pxJj/eNIBTqmf3stiiTYMNvSVntkcrAwEJ0Bx JZlfjIJA0etDhlp/qhY2oDyMJF1ufRc= -----END CERTIFICATE-----Generated at Fri May 2 08:49:33 2025 by rpki-client