$ rpki-client -vvf rpki.apnic.net/member_repository/A91F61DA/17C81FD0F41E11E9A8343A74C4F9AE02/oVZKa9a5Cg-he_V9i-rJ4pJZves.mft File: oVZKa9a5Cg-he_V9i-rJ4pJZves.mft (raw, json) Hash identifier: JB7E9spcEV5fuyXlwA4fG7S1O+4RmJR2kczu0Lv9EUY= Subject key identifier: 07:C8:B2:B1:65:65:4E:7A:0E:10:22:80:DA:BA:7E:9B:FA:B2:88:C4 Authority key identifier: A1:56:4A:6B:D6:B9:0A:0F:A1:7B:F5:7D:8B:EA:C9:E2:92:59:BD:EB Certificate issuer: /CN=A91F61DA/serialNumber=A1564A6BD6B90A0FA17BF57D8BEAC9E29259BDEB Certificate serial: 0C97 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oVZKa9a5Cg-he_V9i-rJ4pJZves.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F61DA/17C81FD0F41E11E9A8343A74C4F9AE02/oVZKa9a5Cg-he_V9i-rJ4pJZves.mft Manifest number: 0C8E Signing time: Wed 30 Apr 2025 18:04:23 +0000 Manifest this update: Wed 30 Apr 2025 18:04:23 +0000 Manifest next update: Wed 07 May 2025 18:04:23 +0000 Files and hashes: 1: oVZKa9a5Cg-he_V9i-rJ4pJZves.crl (hash: Rmtj3+CxF5YxXKtewRlwlq4pXgGC+LPZNJASOkfS5Tc=) 2: EA18D5547D8F11EC8E894A1DC4F9AE02.roa (hash: Anh2GximFPk7REReNBXULcTH3P6lLG5IbasX9kKM4Fs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F61DA/17C81FD0F41E11E9A8343A74C4F9AE02/oVZKa9a5Cg-he_V9i-rJ4pJZves.crl rsync://rpki.apnic.net/member_repository/A91F61DA/17C81FD0F41E11E9A8343A74C4F9AE02/oVZKa9a5Cg-he_V9i-rJ4pJZves.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oVZKa9a5Cg-he_V9i-rJ4pJZves.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 07 May 2025 18:04:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3223 (0xc97) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F61DA, serialNumber=A1564A6BD6B90A0FA17BF57D8BEAC9E29259BDEB Validity Not Before: Apr 30 18:04:23 2025 GMT Not After : May 7 18:04:23 2025 GMT Subject: CN=68126627-c62d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:34:d9:11:27:27:72:a6:a1:33:b1:7e:9d:8c: 4e:02:02:3a:82:85:e4:5e:a1:82:50:0a:39:f4:a5: 45:f2:bf:f7:50:62:2b:0a:a3:6c:08:f0:f6:31:25: 7b:ee:64:fc:32:a1:32:e1:8f:6d:cc:58:c1:22:43: 24:2e:b2:1d:00:5d:3e:b5:c5:19:fb:9e:30:e4:20: 3a:28:85:a6:06:f2:26:b3:9c:1d:89:19:95:8e:e2: d3:e9:18:b5:12:b8:c7:28:c9:5a:bb:4c:e1:ec:83: 99:63:1f:09:6b:83:42:8b:42:55:9e:5e:d9:0f:94: 8b:5c:91:b3:0c:ad:03:32:5c:ac:c6:d0:e9:d6:63: ae:3b:60:cf:d0:57:e5:d4:7d:8b:4c:09:2a:de:e1: d5:77:20:99:d6:1e:d4:a9:d4:71:15:99:43:b5:6c: 8c:c1:42:dd:76:a0:46:58:8c:d5:b7:fc:d1:d1:51: cb:b2:fc:23:7f:34:89:f0:f7:ff:5c:08:cf:0e:e7: 43:3c:eb:96:7d:58:6d:c6:ff:46:90:9c:1a:dd:eb: 2e:e8:5c:a9:65:6b:20:8a:0b:ac:11:c9:d7:3f:b4: 8e:3f:f2:f6:fb:0e:6e:d8:f8:ca:ab:13:ed:7a:ee: 8a:d9:72:b5:b5:7d:71:87:cb:59:26:28:9b:5a:d8: da:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:C8:B2:B1:65:65:4E:7A:0E:10:22:80:DA:BA:7E:9B:FA:B2:88:C4 X509v3 Authority Key Identifier: keyid:A1:56:4A:6B:D6:B9:0A:0F:A1:7B:F5:7D:8B:EA:C9:E2:92:59:BD:EB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F61DA/17C81FD0F41E11E9A8343A74C4F9AE02/oVZKa9a5Cg-he_V9i-rJ4pJZves.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oVZKa9a5Cg-he_V9i-rJ4pJZves.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F61DA/17C81FD0F41E11E9A8343A74C4F9AE02/oVZKa9a5Cg-he_V9i-rJ4pJZves.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0e:54:c9:84:d0:28:d0:6a:a1:ab:ce:de:cc:3f:ff:ae:c1:82: 83:3d:37:ba:a4:66:97:83:83:7b:ec:75:8d:23:67:89:5c:79: 37:02:23:f2:eb:ec:04:1d:e2:57:f5:34:bc:2f:6f:08:b5:0c: c3:49:68:0d:5d:ca:86:76:c1:0b:a7:30:8e:a8:d9:cb:ff:c5: 58:98:e1:81:5a:f8:75:6e:9b:19:6b:08:1f:fa:48:b1:f0:84: e8:90:0f:d9:f5:ab:42:e0:bc:0b:84:87:5b:ff:04:d1:e1:b3: d0:cf:22:3a:be:4c:36:ab:12:a4:82:87:93:4a:e9:34:9e:28: 8b:c3:09:a3:90:be:4b:bd:cc:78:59:5c:99:a2:ee:8f:c9:e0: 4e:26:46:f4:43:71:d0:6a:a9:ec:e0:46:d2:4e:4e:4b:04:d6: d2:d1:f7:f1:1f:a5:9d:97:ca:b6:f6:3f:5b:cf:f8:b0:c9:bc: 05:e2:ab:33:2b:6d:d3:61:24:ee:db:74:5d:ca:84:c1:1c:0e: 1a:5a:32:44:b3:85:65:3f:63:2a:8c:8c:e8:3c:19:92:34:0d: b6:ae:3b:15:74:89:43:6a:0a:fc:e9:a8:ce:50:31:f1:02:d8: 06:8a:ca:60:b2:59:5f:d8:7d:c2:01:88:66:6b:1a:90:11:52: 25:de:d9:39 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDJcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjYxREExMTAvBgNVBAUTKEExNTY0QTZCRDZCOTBBMEZBMTdCRjU3RDhCRUFDOUUy OTI1OUJERUIwHhcNMjUwNDMwMTgwNDIzWhcNMjUwNTA3MTgwNDIzWjAYMRYwFAYD VQQDEw02ODEyNjYyNy1jNjJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuzTZEScncqahM7F+nYxOAgI6goXkXqGCUAo59KVF8r/3UGIrCqNsCPD2MSV7 7mT8MqEy4Y9tzFjBIkMkLrIdAF0+tcUZ+54w5CA6KIWmBvIms5wdiRmVjuLT6Ri1 ErjHKMlau0zh7IOZYx8Ja4NCi0JVnl7ZD5SLXJGzDK0DMlysxtDp1mOuO2DP0Ffl 1H2LTAkq3uHVdyCZ1h7UqdRxFZlDtWyMwULddqBGWIzVt/zR0VHLsvwjfzSJ8Pf/ XAjPDudDPOuWfVhtxv9GkJwa3esu6FypZWsgigusEcnXP7SOP/L2+w5u2PjKqxPt eu6K2XK1tX1xh8tZJiibWtjaXQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAfIsrFl ZU56DhAigNq6fpv6sojEMB8GA1UdIwQYMBaAFKFWSmvWuQoPoXv1fYvqyeKSWb3r MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjFEQS8xN0M4MUZEMEY0 MUUxMUU5QTgzNDNBNzRDNEY5QUUwMi9vVlpLYTlhNUNnLWhlX1Y5aS1ySjRwSlp2 ZXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29WWkthOWE1Q2ctaGVfVjlpLXJKNHBKWnZlcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NjFEQS8xN0M4MUZEMEY0MUUxMUU5QTgzNDNBNzRDNEY5QUUwMi9vVlpLYTlhNUNn LWhlX1Y5aS1ySjRwSlp2ZXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAOVMmE0CjQaqGrzt7MP/+uwYKDPTe6pGaXg4N77HWNI2eJXHk3AiPy 6+wEHeJX9TS8L28ItQzDSWgNXcqGdsELpzCOqNnL/8VYmOGBWvh1bpsZawgf+kix 8ITokA/Z9atC4LwLhIdb/wTR4bPQzyI6vkw2qxKkgoeTSuk0niiLwwmjkL5Lvcx4 WVyZou6PyeBOJkb0Q3HQaqns4EbSTk5LBNbS0ffxH6Wdl8q29j9bz/iwybwF4qsz K23TYSTu23RdyoTBHA4aWjJEs4VlP2MqjIzoPBmSNA22rjsVdIlDagr86ajOUDHx AtgGispgsllf2H3CAYhmaxqQEVIl3tk5 -----END CERTIFICATE-----Generated at Wed Apr 30 22:41:09 2025 by rpki-client