$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7656/0EE3A5BC0CD611EABF562553C4F9AE02/ogxX9SzpjIhI9jYlDkpGcIEbUHY.mft File: ogxX9SzpjIhI9jYlDkpGcIEbUHY.mft (raw, json) Hash identifier: 4zTr+Q3FODKtdpJgxKXTAMHF2e9xVl55Z+rFvQ2D/xY= Subject key identifier: C1:A6:27:C1:E9:88:FF:7C:0E:44:50:93:B0:53:69:FD:81:BF:7F:4A Authority key identifier: A2:0C:57:F5:2C:E9:8C:88:48:F6:36:25:0E:4A:46:70:81:1B:50:76 Certificate issuer: /CN=A91E7656/serialNumber=A20C57F52CE98C8848F636250E4A4670811B5076 Certificate serial: 0BFF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ogxX9SzpjIhI9jYlDkpGcIEbUHY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E7656/0EE3A5BC0CD611EABF562553C4F9AE02/ogxX9SzpjIhI9jYlDkpGcIEbUHY.mft Manifest number: 0BFF Signing time: Thu 24 Apr 2025 18:36:20 +0000 Manifest this update: Thu 24 Apr 2025 18:36:19 +0000 Manifest next update: Thu 01 May 2025 18:36:19 +0000 Files and hashes: 1: ogxX9SzpjIhI9jYlDkpGcIEbUHY.crl (hash: RU1TPjEoMGt3W4jNfv6zS1BSm9r+huwS2XNfJ2WL3L8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E7656/0EE3A5BC0CD611EABF562553C4F9AE02/ogxX9SzpjIhI9jYlDkpGcIEbUHY.crl rsync://rpki.apnic.net/member_repository/A91E7656/0EE3A5BC0CD611EABF562553C4F9AE02/ogxX9SzpjIhI9jYlDkpGcIEbUHY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ogxX9SzpjIhI9jYlDkpGcIEbUHY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 18:36:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3071 (0xbff) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E7656, serialNumber=A20C57F52CE98C8848F636250E4A4670811B5076 Validity Not Before: Apr 24 18:36:19 2025 GMT Not After : May 1 18:36:19 2025 GMT Subject: CN=680a84a4-4605 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:9f:01:88:59:3b:f5:57:ba:0b:0a:85:23:a0: 1d:4a:3f:7c:be:d1:f3:5e:2f:f7:4b:76:10:72:11: f9:df:37:0c:82:2e:97:1a:9c:63:04:24:9b:7a:82: 72:8a:6c:04:5d:3d:50:cb:c0:86:fc:34:50:21:7a: d6:2c:79:c2:7d:a7:b3:64:02:4d:e0:4b:13:e7:b4: 6a:d9:89:28:88:fc:fd:18:a2:45:67:b8:e6:50:3c: a2:da:16:ac:9b:e9:46:76:1c:52:87:6c:81:68:22: cd:45:82:ae:bd:e7:24:70:95:6a:a7:22:b4:e1:3f: 6e:b3:8a:6e:4f:35:b4:a0:db:9f:f3:6c:1b:1e:c2: e1:17:6c:9c:e6:6e:d4:2e:bc:9e:e3:e1:5a:df:88: aa:49:d3:47:1a:11:a5:72:1d:9c:55:57:03:16:ca: 24:fe:e0:97:30:a6:ab:da:a7:c6:73:8e:6f:cd:e0: 1a:7e:b5:2a:75:07:48:58:5b:a0:44:3a:21:c7:4e: e2:fb:5b:ec:20:b8:6d:3c:74:f0:90:ba:87:1a:53: 93:1a:97:82:18:cb:8e:27:3f:d0:7c:a5:e3:c3:ec: ce:f4:f8:9e:00:06:3e:62:20:48:68:85:d5:70:e4: 16:b3:dd:41:d7:3e:49:46:8b:bb:53:74:f4:51:d2: a5:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:A6:27:C1:E9:88:FF:7C:0E:44:50:93:B0:53:69:FD:81:BF:7F:4A X509v3 Authority Key Identifier: keyid:A2:0C:57:F5:2C:E9:8C:88:48:F6:36:25:0E:4A:46:70:81:1B:50:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E7656/0EE3A5BC0CD611EABF562553C4F9AE02/ogxX9SzpjIhI9jYlDkpGcIEbUHY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ogxX9SzpjIhI9jYlDkpGcIEbUHY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7656/0EE3A5BC0CD611EABF562553C4F9AE02/ogxX9SzpjIhI9jYlDkpGcIEbUHY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 34:e7:70:cd:b3:b2:3a:1e:ab:02:aa:be:b4:c0:c4:f6:4e:25: 5d:20:bd:b9:d2:27:b0:7b:78:c1:31:fc:11:16:2d:1d:d4:53: 6d:82:ec:7a:64:8f:8f:a3:de:d8:e2:57:af:eb:00:24:90:ec: 83:64:91:4b:71:d2:a2:d1:41:89:a0:d3:94:60:97:11:91:21: 2d:0a:ed:8c:b7:17:37:ee:f9:d7:98:dc:0c:b9:b4:ab:9b:b9: f3:9d:94:a7:8e:cf:cd:ed:b4:8b:52:b2:94:85:a7:b4:bb:94: 40:31:1e:e2:bb:27:d3:01:ba:6f:6e:6e:c6:3c:0a:13:bf:7e: e0:61:74:35:fe:0c:1f:b1:8e:b8:a0:4b:e7:cc:92:bc:4d:59: 7e:cc:e9:83:a4:9c:cb:ab:e9:9f:ed:c9:a0:a0:f7:fa:8d:07: a7:16:3c:af:cc:85:74:5e:cb:b5:d3:f8:06:6e:69:d2:78:df: a4:0e:61:81:91:bc:1e:6e:2c:24:1c:6b:88:ee:ea:97:61:4e: 05:0b:89:46:b2:c5:45:06:89:bc:b1:87:46:2c:b2:59:c4:e2: f5:72:a8:8c:ab:bf:d4:b6:61:dc:5b:97:38:e1:4f:cb:a6:23: db:f3:53:ea:7c:65:19:c8:e1:d1:89:7f:2d:8f:2a:69:38:02: 09:65:a7:79 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC/8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTc2NTYxMTAvBgNVBAUTKEEyMEM1N0Y1MkNFOThDODg0OEY2MzYyNTBFNEE0Njcw ODExQjUwNzYwHhcNMjUwNDI0MTgzNjE5WhcNMjUwNTAxMTgzNjE5WjAYMRYwFAYD VQQDEw02ODBhODRhNC00NjA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw58BiFk79Ve6CwqFI6AdSj98vtHzXi/3S3YQchH53zcMgi6XGpxjBCSbeoJy imwEXT1Qy8CG/DRQIXrWLHnCfaezZAJN4EsT57Rq2YkoiPz9GKJFZ7jmUDyi2has m+lGdhxSh2yBaCLNRYKuveckcJVqpyK04T9us4puTzW0oNuf82wbHsLhF2yc5m7U Lrye4+Fa34iqSdNHGhGlch2cVVcDFsok/uCXMKar2qfGc45vzeAafrUqdQdIWFug RDohx07i+1vsILhtPHTwkLqHGlOTGpeCGMuOJz/QfKXjw+zO9PieAAY+YiBIaIXV cOQWs91B1z5JRou7U3T0UdKlVwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMGmJ8Hp iP98DkRQk7BTaf2Bv39KMB8GA1UdIwQYMBaAFKIMV/Us6YyISPY2JQ5KRnCBG1B2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNzY1Ni8wRUUzQTVCQzBD RDYxMUVBQkY1NjI1NTNDNEY5QUUwMi9vZ3hYOVN6cGpJaEk5allsRGtwR2NJRWJV SFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29neFg5U3pwakloSTlqWWxEa3BHY0lFYlVIWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NzY1Ni8wRUUzQTVCQzBDRDYxMUVBQkY1NjI1NTNDNEY5QUUwMi9vZ3hYOVN6cGpJ aEk5allsRGtwR2NJRWJVSFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA053DNs7I6HqsCqr60wMT2TiVdIL250iewe3jBMfwRFi0d1FNtgux6 ZI+Po97Y4lev6wAkkOyDZJFLcdKi0UGJoNOUYJcRkSEtCu2Mtxc37vnXmNwMubSr m7nznZSnjs/N7bSLUrKUhae0u5RAMR7iuyfTAbpvbm7GPAoTv37gYXQ1/gwfsY64 oEvnzJK8TVl+zOmDpJzLq+mf7cmgoPf6jQenFjyvzIV0Xsu10/gGbmnSeN+kDmGB kbwebiwkHGuI7uqXYU4FC4lGssVFBom8sYdGLLJZxOL1cqiMq7/UtmHcW5c44U/L piPb81PqfGUZyOHRiX8tjyppOAIJZad5 -----END CERTIFICATE-----Generated at Sat Apr 26 04:35:09 2025 by rpki-client