$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft File: OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft (raw, json) Hash identifier: BNpG5yk4Ll3+2VewncuvPahXDHE7AL03DkMYkyYYSZU= Subject key identifier: 18:D8:03:46:20:B5:21:89:21:13:AB:EE:A2:EC:B5:DA:84:65:74:1D Authority key identifier: 3A:68:23:A1:0F:03:BF:AC:A4:06:8D:33:98:44:4F:36:41:08:54:85 Certificate issuer: /CN=A91E6856/serialNumber=3A6823A10F03BFACA4068D3398444F3641085485 Certificate serial: 013C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft Manifest number: 0139 Signing time: Thu 24 Apr 2025 17:44:31 +0000 Manifest this update: Thu 24 Apr 2025 17:44:31 +0000 Manifest next update: Thu 01 May 2025 17:44:31 +0000 Files and hashes: 1: OmgjoQ8Dv6ykBo0zmERPNkEIVIU.crl (hash: wkXShHPENs8unxlENYN1nZUXhqGXhs5j5m9P090cWB4=) 2: B2C9B10A881311EE8CFB5C43C4F9AE02.roa (hash: 6Te+3VLS/O5qxRt8jv/bM33nUlqEem+47I9pmRS4Z7o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.crl rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:44:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 316 (0x13c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E6856, serialNumber=3A6823A10F03BFACA4068D3398444F3641085485 Validity Not Before: Apr 24 17:44:31 2025 GMT Not After : May 1 17:44:31 2025 GMT Subject: CN=680a787f-dafa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:70:ab:37:01:63:44:5f:ca:0d:fa:c1:56:67: 7d:de:b0:df:f4:76:d7:25:9d:16:ec:79:0c:07:1f: 78:d0:4f:95:6a:7e:31:dd:cc:fc:37:00:de:11:d7: c0:c1:de:bb:cb:22:f6:55:fe:a0:20:91:b0:20:61: 9f:5f:d9:0c:ac:d4:b2:29:4e:aa:cd:5a:33:ca:a6: 84:68:4a:d6:9e:0b:b6:cf:e4:14:b0:0a:93:28:a7: 9e:9f:01:d8:22:98:9d:1b:9b:55:db:f2:4e:eb:1c: 8d:18:5d:d5:6a:82:13:56:98:4d:42:35:18:3f:84: a1:56:53:a4:5c:f2:e6:90:ef:ea:e8:98:da:b0:3c: a8:5d:31:5d:e7:ba:d6:24:b1:b5:4c:ea:19:51:3e: ed:77:06:c6:39:f7:c9:b1:7b:3a:5b:6a:19:3b:ba: b3:f6:2a:a6:e1:0f:99:d4:58:e2:b7:f8:99:b1:75: 0e:30:3f:0b:93:dd:fd:06:e3:fc:00:e4:cb:2f:56: 76:6b:4e:df:84:3a:36:d8:b5:bd:70:3f:7f:a3:76: 4e:ea:52:a4:66:bd:1f:f3:8a:c5:5b:c1:12:ba:f4: 92:d1:59:1e:8c:39:3a:16:2d:7a:db:2d:c3:dd:a9: 86:6c:5b:f2:c5:4b:7a:57:14:b0:74:ef:cd:03:10: 0b:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:D8:03:46:20:B5:21:89:21:13:AB:EE:A2:EC:B5:DA:84:65:74:1D X509v3 Authority Key Identifier: keyid:3A:68:23:A1:0F:03:BF:AC:A4:06:8D:33:98:44:4F:36:41:08:54:85 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2f:bc:f0:cf:f9:ea:e9:fb:7b:bf:58:d6:66:0a:99:dc:28:31: 4f:ed:bf:d1:72:25:66:45:f1:5f:f6:9c:64:d5:24:6f:9c:16: 11:4a:ee:9a:e9:f7:d6:e8:2e:5d:3b:63:16:9c:86:1c:61:89: ce:b8:eb:96:dc:75:48:20:26:89:49:17:8d:a4:a3:39:06:28: a4:38:d9:a6:51:4e:2b:dc:48:0f:a4:a4:8c:d7:84:ae:89:c6: 2a:20:a5:e8:00:7a:44:07:b2:b1:46:95:1e:06:f2:1b:a4:02: c6:90:f6:41:01:76:47:50:83:f0:26:c1:0d:fa:ad:21:77:05: 74:88:0c:8d:86:7c:7c:32:15:92:de:89:da:b4:f6:f0:06:ad: 5b:bb:3e:15:fe:93:90:a1:ab:77:ce:8c:c6:e3:0e:9a:14:79: c9:b3:1e:e4:01:89:43:69:91:15:35:69:5e:0e:53:6f:15:98: e0:33:cc:91:0c:e7:c6:4b:45:1c:e6:ef:66:ea:1d:1c:92:2a: a1:56:94:f7:b4:f1:80:93:12:48:b8:bb:d8:c6:2f:3a:5d:65: a7:42:22:09:b2:4d:b3:78:71:74:0d:9c:72:d6:08:10:7c:de: cf:3e:2b:c7:74:22:eb:5c:fd:cd:66:b0:e2:c4:45:9f:26:a8: 53:30:e5:6a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICATwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTY4NTYxMTAvBgNVBAUTKDNBNjgyM0ExMEYwM0JGQUNBNDA2OEQzMzk4NDQ0RjM2 NDEwODU0ODUwHhcNMjUwNDI0MTc0NDMxWhcNMjUwNTAxMTc0NDMxWjAYMRYwFAYD VQQDEw02ODBhNzg3Zi1kYWZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv3CrNwFjRF/KDfrBVmd93rDf9HbXJZ0W7HkMBx940E+Van4x3cz8NwDeEdfA wd67yyL2Vf6gIJGwIGGfX9kMrNSyKU6qzVozyqaEaErWngu2z+QUsAqTKKeenwHY IpidG5tV2/JO6xyNGF3VaoITVphNQjUYP4ShVlOkXPLmkO/q6JjasDyoXTFd57rW JLG1TOoZUT7tdwbGOffJsXs6W2oZO7qz9iqm4Q+Z1Fjit/iZsXUOMD8Lk939BuP8 AOTLL1Z2a07fhDo22LW9cD9/o3ZO6lKkZr0f84rFW8ESuvSS0VkejDk6Fi162y3D 3amGbFvyxUt6VxSwdO/NAxALmwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBjYA0Yg tSGJIROr7qLstdqEZXQdMB8GA1UdIwQYMBaAFDpoI6EPA7+spAaNM5hETzZBCFSF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjg1Ni8yRERCNDI2RTQ4 NjMxMUVFQkMwQkQyMTNDNEY5QUUwMi9PbWdqb1E4RHY2eWtCbzB6bUVSUE5rRUlW SVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL09tZ2pvUThEdjZ5a0JvMHptRVJQTmtFSVZJVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF Njg1Ni8yRERCNDI2RTQ4NjMxMUVFQkMwQkQyMTNDNEY5QUUwMi9PbWdqb1E4RHY2 eWtCbzB6bUVSUE5rRUlWSVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAvvPDP+erp+3u/WNZmCpncKDFP7b/RciVmRfFf9pxk1SRvnBYRSu6a 6ffW6C5dO2MWnIYcYYnOuOuW3HVIICaJSReNpKM5BiikONmmUU4r3EgPpKSM14Su icYqIKXoAHpEB7KxRpUeBvIbpALGkPZBAXZHUIPwJsEN+q0hdwV0iAyNhnx8MhWS 3onatPbwBq1buz4V/pOQoat3zozG4w6aFHnJsx7kAYlDaZEVNWleDlNvFZjgM8yR DOfGS0Uc5u9m6h0ckiqhVpT3tPGAkxJIuLvYxi86XWWnQiIJsk2zeHF0DZxy1ggQ fN7PPivHdCLrXP3NZrDixEWfJqhTMOVq -----END CERTIFICATE-----Generated at Sat Apr 26 14:18:56 2025 by rpki-client