$ rpki-client -vvf rpki.apnic.net/member_repository/A91EDF00/3AE0034A4E7E11EC9E298429C4F9AE02/ozzKgbVeBGVdG1p-LOaIw-RvxTA.mft File: ozzKgbVeBGVdG1p-LOaIw-RvxTA.mft (raw, json) Hash identifier: jorRk434DhbA04TmNmxGjFvX8jJp3x/bLKZoYDn9Mq0= Subject key identifier: AC:2B:01:EE:6C:85:D6:4D:BA:E2:0D:7A:2E:70:22:DF:A0:F7:62:D0 Authority key identifier: A3:3C:CA:81:B5:5E:04:65:5D:1B:5A:7E:2C:E6:88:C3:E4:6F:C5:30 Certificate issuer: /CN=A91EDF00/serialNumber=A33CCA81B55E04655D1B5A7E2CE688C3E46FC530 Certificate serial: 0453 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ozzKgbVeBGVdG1p-LOaIw-RvxTA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EDF00/3AE0034A4E7E11EC9E298429C4F9AE02/ozzKgbVeBGVdG1p-LOaIw-RvxTA.mft Manifest number: 044F Signing time: Thu 24 Apr 2025 23:59:11 +0000 Manifest this update: Thu 24 Apr 2025 23:59:11 +0000 Manifest next update: Thu 01 May 2025 23:59:11 +0000 Files and hashes: 1: ozzKgbVeBGVdG1p-LOaIw-RvxTA.crl (hash: /eWflVKwP8oosi8JqN2XG5OQOyK8p0xU+E2P7GO7yXk=) 2: 1B97FEB84E8111ECA3589560C4F9AE02.roa (hash: xAvVS/7W7xtAjphmjIYm8eiwHHWi2VdeCNpBEO7D7og=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EDF00/3AE0034A4E7E11EC9E298429C4F9AE02/ozzKgbVeBGVdG1p-LOaIw-RvxTA.crl rsync://rpki.apnic.net/member_repository/A91EDF00/3AE0034A4E7E11EC9E298429C4F9AE02/ozzKgbVeBGVdG1p-LOaIw-RvxTA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ozzKgbVeBGVdG1p-LOaIw-RvxTA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 23:59:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1107 (0x453) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EDF00, serialNumber=A33CCA81B55E04655D1B5A7E2CE688C3E46FC530 Validity Not Before: Apr 24 23:59:11 2025 GMT Not After : May 1 23:59:11 2025 GMT Subject: CN=680ad04f-7f1e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:90:a6:0e:26:6d:84:70:6e:2b:04:ca:d2:fd: 02:b7:8e:d7:57:bd:03:d5:97:fa:da:86:06:8b:06: c8:5f:8e:ef:7b:02:62:e0:64:64:e1:cf:1d:4c:8a: 7a:03:93:9d:e6:c4:de:f0:c3:a4:13:f6:bc:86:ea: 3e:a1:dc:02:b6:b8:13:fb:c6:18:9c:ad:dd:bd:d7: aa:7d:32:68:36:14:10:f4:54:5b:0e:e7:ec:9b:20: 6c:42:9f:62:ec:d6:bd:43:26:89:6d:f8:fe:13:0d: 11:6c:0d:ca:8a:4d:1a:fd:df:5b:06:83:1f:ed:b5: 62:ea:7a:89:b4:43:1a:9a:c3:1e:7b:21:6a:c3:9d: a7:c8:c4:89:73:cf:9b:13:85:26:a9:16:18:27:a1: 86:3e:f3:14:f1:e1:fc:bc:8b:92:07:36:07:26:29: 7f:f4:5c:4a:a3:21:70:b1:8d:1e:38:bb:3c:1d:89: 32:8a:ce:79:a6:38:5c:87:ec:34:89:97:0f:10:ab: 17:24:59:b8:24:0b:73:3b:92:0b:31:da:1d:89:97: 5a:1a:9b:9f:ac:1b:89:a7:5e:51:f5:dc:c5:35:f2: d4:73:ed:2c:eb:b2:59:79:5e:67:f8:54:e9:49:b6: 02:a4:eb:cf:58:2c:15:c5:ab:ce:92:64:43:dd:e5: 53:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:2B:01:EE:6C:85:D6:4D:BA:E2:0D:7A:2E:70:22:DF:A0:F7:62:D0 X509v3 Authority Key Identifier: keyid:A3:3C:CA:81:B5:5E:04:65:5D:1B:5A:7E:2C:E6:88:C3:E4:6F:C5:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EDF00/3AE0034A4E7E11EC9E298429C4F9AE02/ozzKgbVeBGVdG1p-LOaIw-RvxTA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ozzKgbVeBGVdG1p-LOaIw-RvxTA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EDF00/3AE0034A4E7E11EC9E298429C4F9AE02/ozzKgbVeBGVdG1p-LOaIw-RvxTA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 44:f9:eb:a2:cf:90:50:95:14:bb:e2:24:4c:53:19:ab:8e:6e: b3:32:00:dc:4a:27:a7:5e:a6:1f:11:ea:8d:b9:ef:19:82:50: df:24:89:92:91:fb:62:36:ad:be:6a:92:ab:14:93:f3:51:11: 77:91:db:30:66:1d:5e:d4:4b:fc:eb:03:45:56:fd:36:b9:8b: fc:20:7d:28:4d:6e:c1:3a:6b:b6:7b:f6:53:6d:ea:8f:5a:ac: 23:ce:2f:c8:0e:1c:85:a8:65:6d:c1:f0:4f:39:68:bc:f5:b0: d6:de:e9:86:a0:19:f2:4c:3b:c6:34:c1:1f:e3:da:4f:72:df: 84:fd:f1:50:6e:15:10:a7:55:4e:45:d9:60:8f:42:38:31:57: 57:c6:3d:7b:00:cf:6d:bc:32:48:92:5b:93:fe:ac:67:cc:88: 95:c7:ae:38:93:51:b2:b0:a4:8f:22:64:6d:3a:0b:e1:d3:17: dc:3b:13:a3:c5:2f:09:2e:9d:bf:36:68:12:95:86:a3:41:85: 26:de:cc:96:bc:d6:82:83:4d:52:49:e2:1c:19:94:ad:9b:68: 52:d7:df:4e:2c:ce:45:b8:57:e0:b1:d3:68:40:de:f2:5f:2a: 2c:34:18:92:94:06:9a:2e:68:9f:4c:04:e6:42:0b:ae:62:c9: 2a:9d:0e:0a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBFMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RURGMDAxMTAvBgNVBAUTKEEzM0NDQTgxQjU1RTA0NjU1RDFCNUE3RTJDRTY4OEMz RTQ2RkM1MzAwHhcNMjUwNDI0MjM1OTExWhcNMjUwNTAxMjM1OTExWjAYMRYwFAYD VQQDEw02ODBhZDA0Zi03ZjFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyZCmDiZthHBuKwTK0v0Ct47XV70D1Zf62oYGiwbIX47vewJi4GRk4c8dTIp6 A5Od5sTe8MOkE/a8huo+odwCtrgT+8YYnK3dvdeqfTJoNhQQ9FRbDufsmyBsQp9i 7Na9QyaJbfj+Ew0RbA3Kik0a/d9bBoMf7bVi6nqJtEMamsMeeyFqw52nyMSJc8+b E4UmqRYYJ6GGPvMU8eH8vIuSBzYHJil/9FxKoyFwsY0eOLs8HYkyis55pjhch+w0 iZcPEKsXJFm4JAtzO5ILMdodiZdaGpufrBuJp15R9dzFNfLUc+0s67JZeV5n+FTp SbYCpOvPWCwVxavOkmRD3eVThwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKwrAe5s hdZNuuINei5wIt+g92LQMB8GA1UdIwQYMBaAFKM8yoG1XgRlXRtafizmiMPkb8Uw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFREYwMC8zQUUwMDM0QTRF N0UxMUVDOUUyOTg0MjlDNEY5QUUwMi9venpLZ2JWZUJHVmRHMXAtTE9hSXctUnZ4 VEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL296ektnYlZlQkdWZEcxcC1MT2FJdy1SdnhUQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF REYwMC8zQUUwMDM0QTRFN0UxMUVDOUUyOTg0MjlDNEY5QUUwMi9venpLZ2JWZUJH VmRHMXAtTE9hSXctUnZ4VEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBE+euiz5BQlRS74iRMUxmrjm6zMgDcSienXqYfEeqNue8ZglDfJImS kftiNq2+apKrFJPzURF3kdswZh1e1Ev86wNFVv02uYv8IH0oTW7BOmu2e/ZTbeqP Wqwjzi/IDhyFqGVtwfBPOWi89bDW3umGoBnyTDvGNMEf49pPct+E/fFQbhUQp1VO Rdlgj0I4MVdXxj17AM9tvDJIkluT/qxnzIiVx644k1GysKSPImRtOgvh0xfcOxOj xS8JLp2/NmgSlYajQYUm3syWvNaCg01SSeIcGZStm2hS199OLM5FuFfgsdNoQN7y XyosNBiSlAaaLmifTATmQguuYskqnQ4K -----END CERTIFICATE-----Generated at Sat Apr 26 13:00:14 2025 by rpki-client