$ rpki-client -vvf rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.mft File: Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.mft (raw, json) Hash identifier: WOVX+l5FMj4GhDXk1euq/oBNbEHHjlpheYueo0UACtA= Subject key identifier: E7:3F:55:03:5A:72:B8:3F:41:01:42:32:FB:3C:6D:3B:A4:75:CE:92 Authority key identifier: 3A:CC:B6:95:39:AC:9F:42:88:BC:D0:F0:A5:42:50:D5:92:F5:40:D4 Certificate issuer: /CN=A91F0EBF/serialNumber=3ACCB69539AC9F4288BCD0F0A54250D592F540D4 Certificate serial: 21C6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.mft Manifest number: 2184 Signing time: Thu 24 Apr 2025 15:55:38 +0000 Manifest this update: Thu 24 Apr 2025 15:55:38 +0000 Manifest next update: Thu 01 May 2025 15:55:38 +0000 Files and hashes: 1: Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.crl (hash: A/qvIXf4YfoXDA3fLcuRAikZlsFY27im53EShXq0m/o=) 2: 5F649D88F27E11EE8704D12FC4F9AE02.roa (hash: 1ES+epsnD/DNY/mamto14c9DZbko73ok/bvGYlpnZRA=) 3: 5EDC2B56F27E11EE8704D12FC4F9AE02.roa (hash: RV1/DDfUdeMeAI1f60SGG8y1uSkd4aEtHJsKEOkYdXA=) 4: 586B33AEF44611EBA78C117AC4F9AE02.roa (hash: xubGUlPUlNCBLJe5+NADMrf4YV/wbfCmoqj7rhjCN20=) 5: 5480D316764D11EA8CB5C039C4F9AE02.roa (hash: ftobPRBcc8wlVTCOH3GxCPMFHQM9ebuoV2KFpLluNR4=) 6: 11DE1CDA467611EC988CDC09C4F9AE02.roa (hash: RArCcLO/kSE5acBXMMlQcl8HS4RV4DSQfZAIgouxT+4=) 7: A73C0BF6D93511E6B2617F7BC4F9AE02.roa (hash: 8McChURwVN9JYUVHRVTAHRcHa/Hxc6L3gNtxVyOyx0g=) 8: 63BFE4C0292811EEAF894530C4F9AE02.roa (hash: 4gXXPKgdGkdsiTu4Fh+U84K4r4ojzbdg0Z4yEj+nXpA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.crl rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 15:55:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8646 (0x21c6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F0EBF, serialNumber=3ACCB69539AC9F4288BCD0F0A54250D592F540D4 Validity Not Before: Apr 24 15:55:38 2025 GMT Not After : May 1 15:55:38 2025 GMT Subject: CN=680a5efa-cc13 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:1e:95:67:79:84:0f:fc:02:75:4e:68:72:2d: 20:79:9f:78:3f:aa:1e:8b:40:4e:d5:36:b4:bc:c8: a2:1a:08:05:5f:3c:5d:8c:91:97:bb:23:76:38:4e: 0f:6a:b4:3a:bf:c1:c3:af:07:09:7f:ba:fc:24:a9: 41:f7:49:ce:62:d5:ed:7f:1b:f3:fe:d7:73:96:b0: d8:c9:30:bc:3e:37:f6:fe:1c:b7:f7:b6:63:80:13: 0c:97:73:ca:0e:59:54:bb:bd:18:11:5a:e2:8d:8f: b0:9a:7d:98:4f:a5:48:38:18:56:6e:f1:c1:25:cf: 04:53:5a:ca:4c:5a:c2:23:18:3a:7d:51:56:5c:66: f1:aa:8c:07:53:45:36:c0:dc:34:6e:e6:09:9f:0c: 57:00:f8:5c:5f:a3:d1:ee:f6:9c:39:54:37:b3:cf: 5c:ca:63:44:41:82:fc:19:e2:95:3f:f2:7d:1e:e2: d8:72:c0:b8:3a:08:f6:77:89:7d:32:8b:ec:0a:12: 62:71:e1:84:36:64:1b:7a:f1:d0:7a:13:85:e5:0b: f4:ed:52:8c:98:8b:3e:c5:6c:4f:99:50:4c:03:a2: f6:96:d1:d1:95:2b:e5:b5:57:7d:88:9c:93:cd:d5: 5a:0f:9a:57:57:b8:d1:3f:55:15:8f:a9:56:02:fc: 38:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:3F:55:03:5A:72:B8:3F:41:01:42:32:FB:3C:6D:3B:A4:75:CE:92 X509v3 Authority Key Identifier: keyid:3A:CC:B6:95:39:AC:9F:42:88:BC:D0:F0:A5:42:50:D5:92:F5:40:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 97:60:48:36:91:20:77:93:81:f0:43:88:ad:90:c8:9f:6f:fd: 80:5d:98:4a:2b:94:ce:b1:3f:cd:49:bd:db:f2:55:6a:20:30: d3:8f:a5:3f:ac:b9:fb:1b:4a:8a:d7:53:59:be:3c:39:40:40: 21:9b:04:aa:12:cf:46:4f:a0:36:b7:5f:6c:66:2e:d1:72:02: 43:36:c6:9e:1e:d3:3c:3e:75:0f:7d:1f:72:ea:a1:f8:4f:24: ab:da:97:54:b0:21:a0:62:7a:63:2a:e3:1a:5e:b7:d3:b5:f5: ce:e3:d1:bb:f7:f1:8d:26:8c:2f:3c:61:ee:07:76:ee:0c:26: ca:e3:d9:56:32:2d:ef:83:bc:5d:a7:01:4a:4f:10:a3:00:7e: f1:e9:93:63:89:c3:a7:70:24:29:f9:1b:96:ef:fa:b3:d3:05: 4d:ec:22:fd:01:77:41:71:bf:99:6b:b8:b2:02:42:34:8d:c9: fa:1b:0a:7d:a8:ea:32:cf:a7:59:81:ff:90:a1:d1:8f:7e:f4: c4:c9:63:53:e4:bb:6d:53:f5:88:39:60:e2:11:e2:4c:23:fa: a6:79:47:f8:27:71:b8:91:04:25:c0:42:90:3d:9e:b8:cd:dc: 50:70:c8:0c:de:24:d3:c9:09:2e:6b:a1:23:3a:e2:90:e3:85: 14:ba:57:23 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICIcYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjBFQkYxMTAvBgNVBAUTKDNBQ0NCNjk1MzlBQzlGNDI4OEJDRDBGMEE1NDI1MEQ1 OTJGNTQwRDQwHhcNMjUwNDI0MTU1NTM4WhcNMjUwNTAxMTU1NTM4WjAYMRYwFAYD VQQDEw02ODBhNWVmYS1jYzEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAth6VZ3mED/wCdU5oci0geZ94P6oei0BO1Ta0vMiiGggFXzxdjJGXuyN2OE4P arQ6v8HDrwcJf7r8JKlB90nOYtXtfxvz/tdzlrDYyTC8Pjf2/hy397ZjgBMMl3PK DllUu70YEVrijY+wmn2YT6VIOBhWbvHBJc8EU1rKTFrCIxg6fVFWXGbxqowHU0U2 wNw0buYJnwxXAPhcX6PR7vacOVQ3s89cymNEQYL8GeKVP/J9HuLYcsC4Ogj2d4l9 MovsChJiceGENmQbevHQehOF5Qv07VKMmIs+xWxPmVBMA6L2ltHRlSvltVd9iJyT zdVaD5pXV7jRP1UVj6lWAvw4WQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOc/VQNa crg/QQFCMvs8bTukdc6SMB8GA1UdIwQYMBaAFDrMtpU5rJ9CiLzQ8KVCUNWS9UDU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMEVCRi81Rjg0RDdEOERC ODAxMUU1OUFCN0VEMUVDNEY5QUUwMi9Pc3kybFRtc24wS0l2TkR3cFVKUTFaTDFR TlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09zeTJsVG1zbjBLSXZORHdwVUpRMVpMMVFOUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MEVCRi81Rjg0RDdEOERCODAxMUU1OUFCN0VEMUVDNEY5QUUwMi9Pc3kybFRtc24w S0l2TkR3cFVKUTFaTDFRTlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCXYEg2kSB3k4HwQ4itkMifb/2AXZhKK5TOsT/NSb3b8lVqIDDTj6U/ rLn7G0qK11NZvjw5QEAhmwSqEs9GT6A2t19sZi7RcgJDNsaeHtM8PnUPfR9y6qH4 TySr2pdUsCGgYnpjKuMaXrfTtfXO49G79/GNJowvPGHuB3buDCbK49lWMi3vg7xd pwFKTxCjAH7x6ZNjicOncCQp+RuW7/qz0wVN7CL9AXdBcb+Za7iyAkI0jcn6Gwp9 qOoyz6dZgf+QodGPfvTEyWNT5LttU/WIOWDiEeJMI/qmeUf4J3G4kQQlwEKQPZ64 zdxQcMgM3iTTyQkua6EjOuKQ44UUulcj -----END CERTIFICATE-----Generated at Sat Apr 26 13:33:28 2025 by rpki-client