$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.mft File: ovb2YTEslb8FoLUjCxNx1GIv1ic.mft (raw, json) Hash identifier: luTK09L1q5ubKeS1XVNKHzAJj7BFNbF1KAz6GbHG2bA= Subject key identifier: 4A:4A:DB:3E:7A:DA:8B:2F:59:B9:8D:0B:82:7D:9F:A5:E6:2F:71:98 Authority key identifier: A2:F6:F6:61:31:2C:95:BF:05:A0:B5:23:0B:13:71:D4:62:2F:D6:27 Certificate issuer: /CN=A91E7BC4/serialNumber=A2F6F661312C95BF05A0B5230B1371D4622FD627 Certificate serial: 0D30 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ovb2YTEslb8FoLUjCxNx1GIv1ic.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.mft Manifest number: 0D28 Signing time: Thu 24 Apr 2025 17:59:30 +0000 Manifest this update: Thu 24 Apr 2025 17:59:29 +0000 Manifest next update: Thu 01 May 2025 17:59:29 +0000 Files and hashes: 1: ovb2YTEslb8FoLUjCxNx1GIv1ic.crl (hash: heHnObz4/K7vvqMNx3aa+Qt8WUI4njH0WVkhXUP/UUQ=) 2: 05054224D8E411E9BEB7986DC4F9AE02.roa (hash: C8YUnzVpdG1ic9MCuW7celmXkhXkYeCvagfWnZShYbQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.crl rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ovb2YTEslb8FoLUjCxNx1GIv1ic.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:59:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3376 (0xd30) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E7BC4, serialNumber=A2F6F661312C95BF05A0B5230B1371D4622FD627 Validity Not Before: Apr 24 17:59:29 2025 GMT Not After : May 1 17:59:29 2025 GMT Subject: CN=680a7c01-31a6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:12:ae:8e:0c:0a:f6:c1:36:dc:d0:35:4c:77: 8a:c0:8f:75:3d:3d:ae:03:59:bc:64:d1:82:09:a4: ee:a3:2d:14:74:66:81:ef:ca:65:83:39:71:2a:58: c3:e8:56:f8:2d:42:de:74:48:37:26:5a:e3:c2:10: 86:ed:58:52:47:0d:4e:92:c9:27:25:d9:8f:59:42: 04:57:2c:d6:f8:45:c0:b5:48:e8:1a:9e:91:3e:91: c9:c2:2e:84:24:21:8e:1b:f5:67:84:2a:c5:1b:9c: 62:a6:e1:32:d5:cb:1f:fe:6f:c3:0f:a5:a4:4b:b6: 5b:34:d3:16:51:e8:84:a7:a4:07:d8:be:81:5c:ff: 5e:81:0a:15:d9:6b:94:f5:9d:55:23:f2:e1:40:5e: c1:ef:ba:6c:2d:0e:61:1e:7a:a7:fc:1c:c7:06:a6: db:c8:66:a7:61:5e:3a:a6:d4:e6:6e:9e:5b:3a:e5: 2f:34:e1:74:c8:25:1d:5e:54:a2:5b:a1:18:e4:3b: 4b:f5:24:e5:30:fe:b9:15:a4:fb:6d:d7:32:0a:d1: cc:23:c2:df:9f:39:d4:b2:70:94:09:1d:00:cb:27: 19:9f:96:f3:06:43:32:1e:55:47:e8:07:5a:ae:3e: 75:65:cb:a5:d8:4e:f9:76:4d:25:5b:13:28:83:ed: 3c:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:4A:DB:3E:7A:DA:8B:2F:59:B9:8D:0B:82:7D:9F:A5:E6:2F:71:98 X509v3 Authority Key Identifier: keyid:A2:F6:F6:61:31:2C:95:BF:05:A0:B5:23:0B:13:71:D4:62:2F:D6:27 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ovb2YTEslb8FoLUjCxNx1GIv1ic.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 38:ec:6e:09:a0:bc:ce:ed:ef:a7:23:9a:b8:1b:f1:e0:d2:10: f6:02:78:80:0b:1a:18:69:10:e5:ba:76:65:5e:4d:c2:a7:d9: b3:39:76:1a:48:ce:02:05:a7:65:6e:42:79:43:4c:92:f5:f3: bd:45:03:75:e1:b6:b0:f9:35:b0:a5:20:72:9c:d7:c4:a9:93: 5a:5b:7e:e1:70:57:4c:fc:b5:e0:fc:53:34:cc:bd:ea:90:c1: 18:f0:5e:42:0f:e6:67:71:84:01:53:ee:f4:58:9f:e8:83:f3: f6:b3:68:ba:ac:02:d9:4b:12:94:8e:c1:9e:78:17:ed:d7:b0: 18:0a:f7:76:12:50:a2:eb:e4:bb:d0:7e:b8:45:c9:d9:6f:4a: 34:07:bf:99:f7:a7:9c:9c:b0:c4:e2:9a:f1:b9:c8:50:d4:6f: 36:0c:7b:47:6e:63:22:f9:95:8a:4c:32:d1:7e:23:dc:e8:dc: f0:6b:5b:d9:4d:cd:fe:e7:86:18:b8:33:73:d3:ed:b9:d8:e3: b7:04:2b:5b:af:3f:37:54:b7:71:12:ce:0b:c9:a0:fd:92:01: ba:04:1d:a9:b5:f4:12:19:8b:d5:9c:14:7f:84:01:85:48:7d: 89:34:ea:ac:4c:25:f0:8c:48:7c:7b:67:72:89:ea:09:78:5a: d4:14:52:46 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDTAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTdCQzQxMTAvBgNVBAUTKEEyRjZGNjYxMzEyQzk1QkYwNUEwQjUyMzBCMTM3MUQ0 NjIyRkQ2MjcwHhcNMjUwNDI0MTc1OTI5WhcNMjUwNTAxMTc1OTI5WjAYMRYwFAYD VQQDEw02ODBhN2MwMS0zMWE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwhKujgwK9sE23NA1THeKwI91PT2uA1m8ZNGCCaTuoy0UdGaB78plgzlxKljD 6Fb4LULedEg3JlrjwhCG7VhSRw1OksknJdmPWUIEVyzW+EXAtUjoGp6RPpHJwi6E JCGOG/VnhCrFG5xipuEy1csf/m/DD6WkS7ZbNNMWUeiEp6QH2L6BXP9egQoV2WuU 9Z1VI/LhQF7B77psLQ5hHnqn/BzHBqbbyGanYV46ptTmbp5bOuUvNOF0yCUdXlSi W6EY5DtL9STlMP65FaT7bdcyCtHMI8LfnznUsnCUCR0AyycZn5bzBkMyHlVH6Ada rj51Zcul2E75dk0lWxMog+08FwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEpK2z56 2osvWbmNC4J9n6XmL3GYMB8GA1UdIwQYMBaAFKL29mExLJW/BaC1IwsTcdRiL9Yn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFN0JDNC8yNjFEMjgzMEQ1 MEQxMUU5QkFENkMyMjZDNEY5QUUwMi9vdmIyWVRFc2xiOEZvTFVqQ3hOeDFHSXYx aWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL292YjJZVEVzbGI4Rm9MVWpDeE54MUdJdjFpYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF N0JDNC8yNjFEMjgzMEQ1MEQxMUU5QkFENkMyMjZDNEY5QUUwMi9vdmIyWVRFc2xi OEZvTFVqQ3hOeDFHSXYxaWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA47G4JoLzO7e+nI5q4G/Hg0hD2AniACxoYaRDlunZlXk3Cp9mzOXYa SM4CBadlbkJ5Q0yS9fO9RQN14baw+TWwpSBynNfEqZNaW37hcFdM/LXg/FM0zL3q kMEY8F5CD+ZncYQBU+70WJ/og/P2s2i6rALZSxKUjsGeeBft17AYCvd2ElCi6+S7 0H64RcnZb0o0B7+Z96ecnLDE4prxuchQ1G82DHtHbmMi+ZWKTDLRfiPc6Nzwa1vZ Tc3+54YYuDNz0+252OO3BCtbrz83VLdxEs4LyaD9kgG6BB2ptfQSGYvVnBR/hAGF SH2JNOqsTCXwjEh8e2dyieoJeFrUFFJG -----END CERTIFICATE-----Generated at Sat Apr 26 16:59:54 2025 by rpki-client