$ rpki-client -vvf rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft File: O-7kvaWgSxBLHXLmAcMJONuktkQ.mft (raw, json) Hash identifier: jahXMUc9W7jlUmOdLOrSNS3BIiO8Tu5SF5ctmmNTXnk= Subject key identifier: 79:CE:48:41:58:60:B3:7E:43:D7:75:40:09:10:49:F4:C7:E5:14:0F Authority key identifier: 3B:EE:E4:BD:A5:A0:4B:10:4B:1D:72:E6:01:C3:09:38:DB:A4:B6:44 Certificate issuer: /CN=A911D2A3/serialNumber=3BEEE4BDA5A04B104B1D72E601C30938DBA4B644 Certificate serial: 14FE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O-7kvaWgSxBLHXLmAcMJONuktkQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft Manifest number: 14F4 Signing time: Fri 16 May 2025 17:04:14 +0000 Manifest this update: Fri 16 May 2025 17:04:13 +0000 Manifest next update: Fri 23 May 2025 17:04:13 +0000 Files and hashes: 1: O-7kvaWgSxBLHXLmAcMJONuktkQ.crl (hash: xtUHaCGjkrmODxL4vfYBfdAJ7FrDZlS4UnmPqYqLY3Q=) 2: D9EDB272C44C11ECA07C2D77C4F9AE02.roa (hash: wyU9pinjd2UbUaW4sVOJH2OwbvM9u93WKqi90XHcaFI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.crl rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O-7kvaWgSxBLHXLmAcMJONuktkQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 23 May 2025 17:04:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5374 (0x14fe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911D2A3, serialNumber=3BEEE4BDA5A04B104B1D72E601C30938DBA4B644 Validity Not Before: May 16 17:04:13 2025 GMT Not After : May 23 17:04:13 2025 GMT Subject: CN=6827700e-1594 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:24:e8:d5:78:da:a0:1d:84:13:d2:b1:67:2f: 15:54:af:1c:58:41:b9:17:b3:77:07:6c:fb:a8:39: 20:95:36:84:e5:66:fc:5e:e2:8e:8f:74:4a:5e:0a: d1:b6:5c:61:1f:5c:95:b8:2f:7d:3a:e3:87:0e:0e: 40:41:63:b2:ce:93:e8:01:4d:04:4b:06:49:d9:5c: 45:5c:70:85:9c:47:ed:99:11:32:cc:17:cf:c2:8b: 0c:6e:35:9e:cd:29:a3:56:9f:72:9c:3e:a1:2e:4b: b0:7a:28:28:5e:5b:0e:cb:42:d0:fb:31:99:02:34: 10:b4:ff:fb:ae:2a:4c:55:ce:81:58:ac:d4:6e:ba: af:1e:20:40:1d:4d:23:c4:2f:a5:11:d7:32:68:db: 84:0a:d1:e0:b3:8a:43:26:4b:86:18:04:70:e7:39: 14:42:1a:06:0e:a7:29:60:08:f1:e4:fc:cf:37:df: 70:04:b4:50:ea:68:fe:86:2a:e4:d7:07:09:6b:57: 57:12:58:93:fb:35:27:69:6b:15:05:e9:3f:54:e1: ba:38:5c:ce:c8:94:e8:25:98:28:f9:8f:02:a1:68: 56:19:9b:68:1b:e5:55:ed:3e:78:3a:60:85:5d:99: 09:e1:7a:95:79:bf:bf:11:bd:b8:bc:f4:49:37:88: 46:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:CE:48:41:58:60:B3:7E:43:D7:75:40:09:10:49:F4:C7:E5:14:0F X509v3 Authority Key Identifier: keyid:3B:EE:E4:BD:A5:A0:4B:10:4B:1D:72:E6:01:C3:09:38:DB:A4:B6:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O-7kvaWgSxBLHXLmAcMJONuktkQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4c:28:44:df:81:95:48:74:9c:5c:a7:aa:1c:e7:40:2d:92:a6: 4c:d3:d8:b4:5c:3d:62:e4:c0:d7:ef:ec:0a:75:69:81:ae:f6: 6d:ce:92:20:78:ba:9a:7b:d2:71:b4:36:f7:a1:0d:60:c4:94: 50:40:37:4b:03:43:f0:7b:b2:47:48:ab:85:3f:a6:fa:fd:b5: 20:8a:7e:44:17:23:49:4d:0f:c7:c4:8b:fe:41:9b:10:cc:9f: 89:19:b4:e3:ae:2c:5d:1d:7a:ca:82:87:9a:08:35:8d:0f:43: 8c:60:f2:fc:32:f2:86:bf:12:25:7e:5b:a6:96:fd:f4:10:7d: 8c:84:66:ef:f6:8a:53:8e:cd:19:60:20:4d:af:bc:52:23:3e: cf:fa:9b:c9:68:35:5a:25:56:cd:ad:0d:1a:9c:4b:4f:8c:48: 4b:2b:2c:43:67:38:6d:1d:d3:66:70:6f:42:21:f3:be:19:51: 5e:e1:49:55:5c:0c:3c:56:5c:de:fc:c3:78:5b:89:6b:a2:82: 16:4a:03:30:b2:fe:12:d7:cb:ef:8b:b2:39:c6:73:2a:bc:b2: 0b:10:49:ee:42:29:f3:a0:70:1a:ec:47:67:a8:16:e8:94:ad: 2c:b6:42:e1:e7:c0:4d:eb:41:f1:12:50:e7:cc:c4:3c:c2:86: 23:5c:39:e8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFP4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUQyQTMxMTAvBgNVBAUTKDNCRUVFNEJEQTVBMDRCMTA0QjFENzJFNjAxQzMwOTM4 REJBNEI2NDQwHhcNMjUwNTE2MTcwNDEzWhcNMjUwNTIzMTcwNDEzWjAYMRYwFAYD VQQDEw02ODI3NzAwZS0xNTk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwSTo1XjaoB2EE9KxZy8VVK8cWEG5F7N3B2z7qDkglTaE5Wb8XuKOj3RKXgrR tlxhH1yVuC99OuOHDg5AQWOyzpPoAU0ESwZJ2VxFXHCFnEftmREyzBfPwosMbjWe zSmjVp9ynD6hLkuweigoXlsOy0LQ+zGZAjQQtP/7ripMVc6BWKzUbrqvHiBAHU0j xC+lEdcyaNuECtHgs4pDJkuGGARw5zkUQhoGDqcpYAjx5PzPN99wBLRQ6mj+hirk 1wcJa1dXEliT+zUnaWsVBek/VOG6OFzOyJToJZgo+Y8CoWhWGZtoG+VV7T54OmCF XZkJ4XqVeb+/Eb24vPRJN4hGrwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHnOSEFY YLN+Q9d1QAkQSfTH5RQPMB8GA1UdIwQYMBaAFDvu5L2loEsQSx1y5gHDCTjbpLZE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDJBMy9GNkFDNjM4NjRF RkQxMUU4ODkyQjg2ODNDNEY5QUUwMi9PLTdrdmFXZ1N4QkxIWExtQWNNSk9OdWt0 a1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL08tN2t2YVdnU3hCTEhYTG1BY01KT051a3RrUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx RDJBMy9GNkFDNjM4NjRFRkQxMUU4ODkyQjg2ODNDNEY5QUUwMi9PLTdrdmFXZ1N4 QkxIWExtQWNNSk9OdWt0a1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBMKETfgZVIdJxcp6oc50AtkqZM09i0XD1i5MDX7+wKdWmBrvZtzpIg eLqae9JxtDb3oQ1gxJRQQDdLA0Pwe7JHSKuFP6b6/bUgin5EFyNJTQ/HxIv+QZsQ zJ+JGbTjrixdHXrKgoeaCDWND0OMYPL8MvKGvxIlflumlv30EH2MhGbv9opTjs0Z YCBNr7xSIz7P+pvJaDVaJVbNrQ0anEtPjEhLKyxDZzhtHdNmcG9CIfO+GVFe4UlV XAw8Vlze/MN4W4lrooIWSgMwsv4S18vvi7I5xnMqvLILEEnuQinzoHAa7EdnqBbo lK0stkLh58BN60HxElDnzMQ8woYjXDno -----END CERTIFICATE-----Generated at Sat May 17 13:26:11 2025 by rpki-client