$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA944/796C9D7436B911E9984B765CC4F9AE02/O407UYT_W0gbWw5ZsLIpzAbWCR4.mft File: O407UYT_W0gbWw5ZsLIpzAbWCR4.mft (raw, json) Hash identifier: bcuMRhsMIigXL4IITTRlKG7UUV9X75IjLYnbfMJWPh8= Subject key identifier: E9:D3:29:96:90:95:64:91:26:5E:F5:5C:F3:71:AA:D1:D1:0B:34:02 Authority key identifier: 3B:8D:3B:51:84:FF:5B:48:1B:5B:0E:59:B0:B2:29:CC:06:D6:09:1E Certificate issuer: /CN=A91EA944/serialNumber=3B8D3B5184FF5B481B5B0E59B0B229CC06D6091E Certificate serial: 1051 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O407UYT_W0gbWw5ZsLIpzAbWCR4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA944/796C9D7436B911E9984B765CC4F9AE02/O407UYT_W0gbWw5ZsLIpzAbWCR4.mft Manifest number: 1049 Signing time: Thu 24 Apr 2025 17:23:30 +0000 Manifest this update: Thu 24 Apr 2025 17:23:29 +0000 Manifest next update: Thu 01 May 2025 17:23:29 +0000 Files and hashes: 1: O407UYT_W0gbWw5ZsLIpzAbWCR4.crl (hash: pRCgTQxFnRCIRScZHTx1bZeWfHvi0pExbnoyOrqnpmU=) 2: E3272FE036B911E99F4D9A5CC4F9AE02.roa (hash: cjRvE9qcGsnVMBQMShsH1bjq0rqs5KnVL8lFydaV3ng=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA944/796C9D7436B911E9984B765CC4F9AE02/O407UYT_W0gbWw5ZsLIpzAbWCR4.crl rsync://rpki.apnic.net/member_repository/A91EA944/796C9D7436B911E9984B765CC4F9AE02/O407UYT_W0gbWw5ZsLIpzAbWCR4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O407UYT_W0gbWw5ZsLIpzAbWCR4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:23:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4177 (0x1051) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA944, serialNumber=3B8D3B5184FF5B481B5B0E59B0B229CC06D6091E Validity Not Before: Apr 24 17:23:29 2025 GMT Not After : May 1 17:23:29 2025 GMT Subject: CN=680a7391-cbb8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:23:08:36:0a:5b:3d:79:c4:57:0d:fb:41:b9: 7f:70:18:6c:5a:d9:36:2b:e3:3a:8a:b3:84:65:c0: c0:98:83:73:52:79:32:8b:cf:38:24:92:d3:d2:41: b9:f5:92:56:13:66:d8:1b:a1:05:98:13:7d:1b:14: 71:62:33:f4:ba:c2:fd:b2:cf:39:cd:ca:3f:08:5d: c0:46:50:75:6e:9a:3c:0b:be:5a:ce:4e:1b:87:c7: 3c:de:d7:77:5f:22:8b:d5:79:af:8f:5c:d7:cd:52: 9b:96:75:3b:14:bf:5d:ac:08:de:0d:fe:ce:c5:d4: d1:d5:b8:a6:85:c9:e5:8b:ee:c9:0b:29:5b:14:c7: c2:17:62:44:0f:a8:c1:2b:00:4b:c8:c1:97:18:dd: f1:46:03:a9:87:47:e9:4a:25:55:af:89:c5:05:71: 3b:32:17:af:eb:c5:18:99:5c:2a:e2:fc:16:ca:cd: b4:68:8f:45:bb:36:d6:6f:9b:5b:02:ca:06:be:53: 13:98:67:8d:76:d1:b0:52:69:96:99:22:19:24:2f: 5c:2c:5d:fe:ea:be:e2:c3:bb:eb:c9:47:e8:6f:0a: e8:ef:44:bd:12:37:1d:6c:bb:dc:d7:47:e6:a9:cc: d8:39:9e:32:69:e3:18:7d:40:3f:99:0d:68:a3:b1: c3:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:D3:29:96:90:95:64:91:26:5E:F5:5C:F3:71:AA:D1:D1:0B:34:02 X509v3 Authority Key Identifier: keyid:3B:8D:3B:51:84:FF:5B:48:1B:5B:0E:59:B0:B2:29:CC:06:D6:09:1E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA944/796C9D7436B911E9984B765CC4F9AE02/O407UYT_W0gbWw5ZsLIpzAbWCR4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O407UYT_W0gbWw5ZsLIpzAbWCR4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA944/796C9D7436B911E9984B765CC4F9AE02/O407UYT_W0gbWw5ZsLIpzAbWCR4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9f:50:cd:08:a1:83:99:0c:3b:68:2c:0f:2e:84:92:2f:35:42: d4:ab:e6:6f:79:da:05:81:eb:fe:08:00:2a:35:59:52:65:a7: 76:fe:18:71:f3:d1:d8:82:2d:24:12:54:4b:e4:79:97:db:41: 04:e2:cb:e4:54:1c:95:f1:eb:9a:7a:9a:d0:bf:fc:cc:b0:ef: 64:6e:e0:40:fc:1f:e8:7d:ca:b2:54:00:d6:fd:91:2a:d6:29: 3d:15:42:a6:34:07:0e:74:1a:95:41:90:fb:ae:fe:55:15:65: f0:36:5c:d7:56:ba:b7:e8:38:5d:05:d9:bf:48:a5:e1:18:bf: cd:ce:96:b0:d1:59:3b:5e:5d:86:ec:8c:28:74:a2:90:7d:34: f2:03:97:54:87:e9:e5:3e:59:f8:67:3a:80:fa:5c:f3:ef:af: ce:51:54:4a:29:81:8f:d7:25:61:a2:fc:1b:7b:96:f6:97:70: d3:95:e6:d4:1d:2a:15:29:ec:f1:51:29:e0:81:66:5a:b2:95: fc:29:51:45:d3:ab:6e:1b:0b:85:ab:80:72:5f:d4:a3:7a:37: 9e:ec:09:46:ab:03:80:1a:86:b6:3c:e5:c3:77:1c:59:fe:b5: 99:dc:37:58:a7:d2:ad:00:39:23:a2:3b:d8:0e:c4:5d:13:05: bc:85:9f:ab -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEFEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUE5NDQxMTAvBgNVBAUTKDNCOEQzQjUxODRGRjVCNDgxQjVCMEU1OUIwQjIyOUND MDZENjA5MUUwHhcNMjUwNDI0MTcyMzI5WhcNMjUwNTAxMTcyMzI5WjAYMRYwFAYD VQQDEw02ODBhNzM5MS1jYmI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxCMINgpbPXnEVw37Qbl/cBhsWtk2K+M6irOEZcDAmINzUnkyi884JJLT0kG5 9ZJWE2bYG6EFmBN9GxRxYjP0usL9ss85zco/CF3ARlB1bpo8C75azk4bh8c83td3 XyKL1Xmvj1zXzVKblnU7FL9drAjeDf7OxdTR1bimhcnli+7JCylbFMfCF2JED6jB KwBLyMGXGN3xRgOph0fpSiVVr4nFBXE7Mhev68UYmVwq4vwWys20aI9FuzbWb5tb AsoGvlMTmGeNdtGwUmmWmSIZJC9cLF3+6r7iw7vryUfobwro70S9EjcdbLvc10fm qczYOZ4yaeMYfUA/mQ1oo7HD3QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOnTKZaQ lWSRJl71XPNxqtHRCzQCMB8GA1UdIwQYMBaAFDuNO1GE/1tIG1sOWbCyKcwG1gke MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTk0NC83OTZDOUQ3NDM2 QjkxMUU5OTg0Qjc2NUNDNEY5QUUwMi9PNDA3VVlUX1cwZ2JXdzVac0xJcHpBYldD UjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL080MDdVWVRfVzBnYld3NVpzTElwekFiV0NSNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QTk0NC83OTZDOUQ3NDM2QjkxMUU5OTg0Qjc2NUNDNEY5QUUwMi9PNDA3VVlUX1cw Z2JXdzVac0xJcHpBYldDUjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCfUM0IoYOZDDtoLA8uhJIvNULUq+ZvedoFgev+CAAqNVlSZad2/hhx 89HYgi0kElRL5HmX20EE4svkVByV8euaeprQv/zMsO9kbuBA/B/ofcqyVADW/ZEq 1ik9FUKmNAcOdBqVQZD7rv5VFWXwNlzXVrq36DhdBdm/SKXhGL/Nzpaw0Vk7Xl2G 7IwodKKQfTTyA5dUh+nlPln4ZzqA+lzz76/OUVRKKYGP1yVhovwbe5b2l3DTlebU HSoVKezxUSnggWZaspX8KVFF06tuGwuFq4ByX9Sjejee7AlGqwOAGoa2POXDdxxZ /rWZ3DdYp9KtADkjojvYDsRdEwW8hZ+r -----END CERTIFICATE-----Generated at Sat Apr 26 15:11:03 2025 by rpki-client