$ rpki-client -vvf rpki.apnic.net/member_repository/A91FB68C/17D103A8EAB211EF846F1337C4F9AE02/oiiPiWTWFpqHlfL07wXg1ebhOwk.mft File: oiiPiWTWFpqHlfL07wXg1ebhOwk.mft (raw, json) Hash identifier: 0N1VdDceIQo889DTjUqT+sulPfYsWM445NKiAJ7X9Wo= Subject key identifier: B0:D0:D8:CD:2B:47:C6:DF:8B:75:E9:29:FB:D4:2F:8D:A7:AF:21:E8 Authority key identifier: A2:28:8F:89:64:D6:16:9A:87:95:F2:F4:EF:05:E0:D5:E6:E1:3B:09 Certificate issuer: /CN=A91FB68C/serialNumber=A2288F8964D6169A8795F2F4EF05E0D5E6E13B09 Certificate serial: 2A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oiiPiWTWFpqHlfL07wXg1ebhOwk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FB68C/17D103A8EAB211EF846F1337C4F9AE02/oiiPiWTWFpqHlfL07wXg1ebhOwk.mft Manifest number: 28 Signing time: Fri 25 Apr 2025 06:46:54 +0000 Manifest this update: Fri 25 Apr 2025 06:46:53 +0000 Manifest next update: Fri 02 May 2025 06:46:53 +0000 Files and hashes: 1: oiiPiWTWFpqHlfL07wXg1ebhOwk.crl (hash: VnzTSk5ufA2E5hhW9ehqUljaBLIV+MRQNs0thanmRUE=) 2: 72294810EAB211EF902A7E27C4F9AE02.roa (hash: FSFReYDaeQFvJdY+hyjPH64a3aCnAjTrkrMSrqHp11w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FB68C/17D103A8EAB211EF846F1337C4F9AE02/oiiPiWTWFpqHlfL07wXg1ebhOwk.crl rsync://rpki.apnic.net/member_repository/A91FB68C/17D103A8EAB211EF846F1337C4F9AE02/oiiPiWTWFpqHlfL07wXg1ebhOwk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oiiPiWTWFpqHlfL07wXg1ebhOwk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:46:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42 (0x2a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FB68C, serialNumber=A2288F8964D6169A8795F2F4EF05E0D5E6E13B09 Validity Not Before: Apr 25 06:46:53 2025 GMT Not After : May 2 06:46:53 2025 GMT Subject: CN=680b2fde-8b2b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:c8:f2:de:f7:f1:93:b1:56:73:48:fd:1c:5d: 6a:2b:55:35:fc:7b:e6:0b:2b:b1:09:13:74:7c:93: c7:6d:6a:16:4b:71:65:ad:dd:25:1e:1a:5b:dd:45: 96:8b:9b:30:c0:12:02:8b:a4:74:a7:b1:23:2f:f7: f0:4b:50:b5:70:12:57:ca:a5:36:1c:4b:bb:ac:c9: 43:e1:88:a2:56:70:b3:e1:f3:72:0e:30:ef:87:9c: 2e:f1:51:ba:38:bc:a1:a2:16:f8:88:52:49:ea:8b: 80:15:22:4b:86:65:cc:7e:1e:c2:2a:ae:48:bf:03: 04:03:17:d8:5a:ed:18:2d:97:b1:b9:80:5b:49:cf: 5d:cc:08:96:1c:60:36:98:e9:51:36:b2:a3:68:dd: 5f:ea:f9:e9:4a:40:76:fe:c1:6a:e4:0f:df:50:bf: 72:6e:94:81:46:37:3c:d4:3b:3c:fa:5d:ca:f4:5d: 63:3a:6f:51:08:81:15:6d:b4:b3:42:2b:77:c4:7e: 99:e4:27:66:f7:b4:92:95:9f:00:d5:35:c7:f5:9f: af:a1:87:b9:1c:b1:3e:73:ff:bb:8a:a2:a6:2d:64: ba:b0:a6:d7:6c:c3:ac:7f:c7:d2:57:83:06:27:de: b9:85:77:8e:e8:15:f8:b5:4d:31:3c:f0:ba:42:ef: b2:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:D0:D8:CD:2B:47:C6:DF:8B:75:E9:29:FB:D4:2F:8D:A7:AF:21:E8 X509v3 Authority Key Identifier: keyid:A2:28:8F:89:64:D6:16:9A:87:95:F2:F4:EF:05:E0:D5:E6:E1:3B:09 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FB68C/17D103A8EAB211EF846F1337C4F9AE02/oiiPiWTWFpqHlfL07wXg1ebhOwk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oiiPiWTWFpqHlfL07wXg1ebhOwk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FB68C/17D103A8EAB211EF846F1337C4F9AE02/oiiPiWTWFpqHlfL07wXg1ebhOwk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7a:f4:44:24:07:ca:b0:7f:5e:ad:3f:5d:8b:db:78:67:61:eb: b0:c7:f0:13:b2:30:87:85:4c:ea:b3:e0:36:e6:da:49:d5:fc: e4:6d:20:a6:2e:59:9a:40:0e:5b:57:41:e1:47:dc:98:46:bb: 23:55:ad:36:2f:7a:96:0b:ad:23:88:e6:df:5a:6b:a7:c5:83: 93:b7:db:29:96:83:fc:16:76:44:f7:51:97:41:41:52:c7:fb: 0d:1e:ad:57:57:a9:f4:81:25:32:8f:00:7f:aa:1e:3a:3b:32: ca:fd:37:3c:5a:e7:f6:2f:60:d6:1a:12:65:40:a8:40:21:80: cc:45:1a:90:00:f8:e2:02:22:c6:dd:ed:36:17:04:7b:b5:d1: 74:ff:a0:84:09:94:8b:12:37:8a:17:04:da:35:b8:cf:1a:8f: 31:eb:f4:39:28:23:ad:b7:a8:3c:63:e9:27:75:d4:60:25:de: 8b:7f:76:6c:62:41:7b:df:36:1d:00:52:54:f3:fc:e5:7f:b7: 5d:5f:a0:9f:cf:68:a7:1f:76:34:f9:e3:de:05:c6:47:2d:79: 85:68:a9:e2:8d:14:f6:c4:06:87:70:35:be:de:65:4a:b6:4c: 85:09:e2:59:35:02:ac:a0:e6:8c:9c:49:b6:1b:3d:fd:05:9c: 14:ce:f8:57 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBKjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG QjY4QzExMC8GA1UEBRMoQTIyODhGODk2NEQ2MTY5QTg3OTVGMkY0RUYwNUUwRDVF NkUxM0IwOTAeFw0yNTA0MjUwNjQ2NTNaFw0yNTA1MDIwNjQ2NTNaMBgxFjAUBgNV BAMTDTY4MGIyZmRlLThiMmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCzyPLe9/GTsVZzSP0cXWorVTX8e+YLK7EJE3R8k8dtahZLcWWt3SUeGlvdRZaL mzDAEgKLpHSnsSMv9/BLULVwElfKpTYcS7usyUPhiKJWcLPh83IOMO+HnC7xUbo4 vKGiFviIUknqi4AVIkuGZcx+HsIqrki/AwQDF9ha7Rgtl7G5gFtJz13MCJYcYDaY 6VE2sqNo3V/q+elKQHb+wWrkD99Qv3JulIFGNzzUOzz6Xcr0XWM6b1EIgRVttLNC K3fEfpnkJ2b3tJKVnwDVNcf1n6+hh7kcsT5z/7uKoqYtZLqwptdsw6x/x9JXgwYn 3rmFd47oFfi1TTE88LpC77IPAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUsNDYzStH xt+Ldekp+9QvjaevIegwHwYDVR0jBBgwFoAUoiiPiWTWFpqHlfL07wXg1ebhOwkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZCNjhDLzE3RDEwM0E4RUFC MjExRUY4NDZGMTMzN0M0RjlBRTAyL29paVBpV1RXRnBxSGxmTDA3d1hnMWViaE93 ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvb2lpUGlXVFdGcHFIbGZMMDd3WGcxZWJoT3drLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZC NjhDLzE3RDEwM0E4RUFCMjExRUY4NDZGMTMzN0M0RjlBRTAyL29paVBpV1RXRnBx SGxmTDA3d1hnMWViaE93ay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHr0RCQHyrB/Xq0/XYvbeGdh67DH8BOyMIeFTOqz4Dbm2knV/ORtIKYu WZpADltXQeFH3JhGuyNVrTYvepYLrSOI5t9aa6fFg5O32ymWg/wWdkT3UZdBQVLH +w0erVdXqfSBJTKPAH+qHjo7Msr9Nzxa5/YvYNYaEmVAqEAhgMxFGpAA+OICIsbd 7TYXBHu10XT/oIQJlIsSN4oXBNo1uM8ajzHr9DkoI623qDxj6Sd11GAl3ot/dmxi QXvfNh0AUlTz/OV/t11foJ/PaKcfdjT5494FxkcteYVoqeKNFPbEBodwNb7eZUq2 TIUJ4lk1Aqyg5oycSbYbPf0FnBTO+Fc= -----END CERTIFICATE-----Generated at Sat Apr 26 03:26:51 2025 by rpki-client