$ rpki-client -vvf rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/oMgM7gY8nMgs3LC8dFxP5G3QJlc.mft File: oMgM7gY8nMgs3LC8dFxP5G3QJlc.mft (raw, json) Hash identifier: 5QTHTuYwam0V5sEcNk37DUS7VkVqK8lnj7ftdmwQGd0= Subject key identifier: 8E:A8:AC:3E:32:ED:51:8C:A6:A0:59:E4:0F:97:3E:D0:2C:C1:6C:F0 Authority key identifier: A0:C8:0C:EE:06:3C:9C:C8:2C:DC:B0:BC:74:5C:4F:E4:6D:D0:26:57 Certificate issuer: /CN=A91FAA91/serialNumber=A0C80CEE063C9CC82CDCB0BC745C4FE46DD02657 Certificate serial: 019B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oMgM7gY8nMgs3LC8dFxP5G3QJlc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/oMgM7gY8nMgs3LC8dFxP5G3QJlc.mft Manifest number: 0180 Signing time: Fri 25 Apr 2025 03:08:43 +0000 Manifest this update: Fri 25 Apr 2025 03:08:43 +0000 Manifest next update: Fri 02 May 2025 03:08:43 +0000 Files and hashes: 1: oMgM7gY8nMgs3LC8dFxP5G3QJlc.crl (hash: 1/Ak67IxODK0g+JFqjGj7bsNV/K6hxFJeybLALrRyKM=) 2: CE65A4E4A57E11EFA1B6E428C4F9AE02.roa (hash: 1SKbx2XsDMYzA80POo6zzafuauDwKbPNh6n7Ob5AjVA=) 3: D0103496FD6611EE9188C568C4F9AE02.roa (hash: PxpNeamT7nJAO8ypf86mF4tTFHjbBgphhBI0WaQ2K6I=) 4: E762B166FAF811EE92A3642EC4F9AE02.roa (hash: e/dOTjn5zjRzl7VVF4lYBqEjUR3aP4ajbLKyVpxXtqo=) 5: 1D9A36F40C6B11EF95ACFA13C4F9AE02.roa (hash: NJPr7OZom8PgcjW18JJjDNXMEozgSB9WGNPuyE4apbo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/oMgM7gY8nMgs3LC8dFxP5G3QJlc.crl rsync://rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/oMgM7gY8nMgs3LC8dFxP5G3QJlc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oMgM7gY8nMgs3LC8dFxP5G3QJlc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 03:08:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 411 (0x19b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FAA91, serialNumber=A0C80CEE063C9CC82CDCB0BC745C4FE46DD02657 Validity Not Before: Apr 25 03:08:43 2025 GMT Not After : May 2 03:08:43 2025 GMT Subject: CN=680afcbb-63bc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:f4:44:8f:91:c7:61:ee:89:bd:aa:9b:d5:3e: b6:54:f5:4e:a9:24:e3:48:9f:0e:f7:18:b9:b4:7f: 41:bf:6d:ab:31:c3:48:65:c7:d5:92:df:a0:88:b0: d7:1d:0d:f8:c1:11:5a:4d:15:e1:71:61:52:66:15: 08:60:37:1d:52:33:b4:ca:a4:52:cb:8f:5a:29:1a: 91:c0:6b:20:51:00:d8:95:e5:4b:05:50:c4:6a:ea: 2c:35:7e:81:bc:81:cf:cb:2c:1f:16:fe:29:59:9f: 38:9a:d8:df:6e:d0:9a:0d:42:0e:c6:b9:c6:93:9a: af:03:bd:33:ec:b9:3d:41:82:3a:14:6b:3d:23:f1: dd:63:79:26:ea:f1:c7:fe:6f:d6:86:ee:d1:c0:95: d3:a1:a9:0a:88:58:e8:b0:e0:0f:1d:b8:6b:a5:40: 6c:9a:cf:71:83:19:a5:25:42:e7:59:de:02:ae:a8: f4:c2:de:43:b7:0a:1a:4f:70:d7:a5:58:56:8d:2b: ef:40:fd:19:4b:7d:57:a8:18:c9:2c:a5:d4:de:98: 26:14:62:35:f4:19:3e:13:fe:18:8e:b0:1a:2f:e3: b8:9d:e0:e5:f0:9e:45:36:fb:5d:fe:3f:42:23:92: af:9d:c0:95:17:f2:df:db:99:42:7b:b3:05:da:ad: f6:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:A8:AC:3E:32:ED:51:8C:A6:A0:59:E4:0F:97:3E:D0:2C:C1:6C:F0 X509v3 Authority Key Identifier: keyid:A0:C8:0C:EE:06:3C:9C:C8:2C:DC:B0:BC:74:5C:4F:E4:6D:D0:26:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/oMgM7gY8nMgs3LC8dFxP5G3QJlc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oMgM7gY8nMgs3LC8dFxP5G3QJlc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/oMgM7gY8nMgs3LC8dFxP5G3QJlc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 04:91:41:a8:0c:84:29:a4:a3:77:c7:ec:8f:e5:2b:d5:f4:79: af:aa:ec:2d:81:96:91:23:63:04:9f:b0:46:94:fc:1b:ae:c4: 1d:03:2c:52:74:20:77:34:2f:a4:e9:43:7b:3c:10:95:60:fc: 8d:56:b0:93:99:66:c4:a7:a1:65:12:6e:c9:22:ce:5b:ef:b5: ec:d6:7d:1a:74:2c:5f:2d:48:33:7e:75:b3:fd:fe:af:5c:bc: cd:37:60:2b:47:a2:36:4f:93:1a:e0:bb:3d:d0:89:19:13:80: 42:80:a0:10:6c:e2:c8:d0:1f:b6:cd:7e:51:eb:b6:bc:de:25: 22:e3:49:35:6d:2f:66:5a:00:34:49:2f:9c:27:c2:42:5e:c7: 83:ee:44:08:35:a1:8e:d6:04:2a:8d:d9:71:cc:19:57:62:4f: 1f:6f:4d:81:f3:22:11:f1:ba:a9:84:9f:f9:88:b2:84:8a:0e: 88:61:c6:b6:cf:74:a7:c8:0f:ab:b9:2e:ce:9a:4d:05:b6:1b: 00:74:28:8c:b9:5b:fd:f6:6c:7a:45:88:a8:e3:eb:9d:d5:5b: f5:a7:43:0f:68:4c:a5:45:43:01:ca:5e:7d:59:34:da:c1:94: a8:af:97:d8:ff:2f:9d:49:aa:c7:19:c0:98:61:92:6f:fb:ce: 90:04:bd:e4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAZswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkFBOTExMTAvBgNVBAUTKEEwQzgwQ0VFMDYzQzlDQzgyQ0RDQjBCQzc0NUM0RkU0 NkREMDI2NTcwHhcNMjUwNDI1MDMwODQzWhcNMjUwNTAyMDMwODQzWjAYMRYwFAYD VQQDEw02ODBhZmNiYi02M2JjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyPREj5HHYe6Jvaqb1T62VPVOqSTjSJ8O9xi5tH9Bv22rMcNIZcfVkt+giLDX HQ34wRFaTRXhcWFSZhUIYDcdUjO0yqRSy49aKRqRwGsgUQDYleVLBVDEauosNX6B vIHPyywfFv4pWZ84mtjfbtCaDUIOxrnGk5qvA70z7Lk9QYI6FGs9I/HdY3km6vHH /m/Whu7RwJXToakKiFjosOAPHbhrpUBsms9xgxmlJULnWd4Crqj0wt5DtwoaT3DX pVhWjSvvQP0ZS31XqBjJLKXU3pgmFGI19Bk+E/4YjrAaL+O4neDl8J5FNvtd/j9C I5KvncCVF/Lf25lCe7MF2q32lwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFI6orD4y 7VGMpqBZ5A+XPtAswWzwMB8GA1UdIwQYMBaAFKDIDO4GPJzILNywvHRcT+Rt0CZX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQUE5MS85NDIwRDIxMDBB NUExMUVFQTNGNUI0NDFDNEY5QUUwMi9vTWdNN2dZOG5NZ3MzTEM4ZEZ4UDVHM1FK bGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29NZ003Z1k4bk1nczNMQzhkRnhQNUczUUpsYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QUE5MS85NDIwRDIxMDBBNUExMUVFQTNGNUI0NDFDNEY5QUUwMi9vTWdNN2dZOG5N Z3MzTEM4ZEZ4UDVHM1FKbGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAEkUGoDIQppKN3x+yP5SvV9HmvquwtgZaRI2MEn7BGlPwbrsQdAyxS dCB3NC+k6UN7PBCVYPyNVrCTmWbEp6FlEm7JIs5b77Xs1n0adCxfLUgzfnWz/f6v XLzNN2ArR6I2T5Ma4Ls90IkZE4BCgKAQbOLI0B+2zX5R67a83iUi40k1bS9mWgA0 SS+cJ8JCXseD7kQINaGO1gQqjdlxzBlXYk8fb02B8yIR8bqphJ/5iLKEig6IYca2 z3SnyA+ruS7Omk0FthsAdCiMuVv99mx6RYio4+ud1Vv1p0MPaEylRUMByl59WTTa wZSor5fY/y+dSarHGcCYYZJv+86QBL3k -----END CERTIFICATE-----Generated at Sat Apr 26 13:08:35 2025 by rpki-client