$ rpki-client -vvf rpki.apnic.net/member_repository/A91673ED/4D8FA20E7D4911EBA165737BC4F9AE02/OTVm9EF4bZWNinkRjo71b8hy5cU.mft File: OTVm9EF4bZWNinkRjo71b8hy5cU.mft (raw, json) Hash identifier: WzQaGYV15ntcIE3mJChOKpts5UD/iQVk+TNnbpYE970= Subject key identifier: 59:C8:94:F0:6F:16:A5:8C:34:58:A6:F5:36:B7:88:47:12:CC:52:1C Authority key identifier: 39:35:66:F4:41:78:6D:95:8D:8A:79:11:8E:8E:F5:6F:C8:72:E5:C5 Certificate issuer: /CN=A91673ED/serialNumber=393566F441786D958D8A79118E8EF56FC872E5C5 Certificate serial: 0672 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OTVm9EF4bZWNinkRjo71b8hy5cU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91673ED/4D8FA20E7D4911EBA165737BC4F9AE02/OTVm9EF4bZWNinkRjo71b8hy5cU.mft Manifest number: 0666 Signing time: Sat 10 May 2025 22:00:37 +0000 Manifest this update: Sat 10 May 2025 22:00:36 +0000 Manifest next update: Sat 17 May 2025 22:00:36 +0000 Files and hashes: 1: OTVm9EF4bZWNinkRjo71b8hy5cU.crl (hash: FilZpJHEDtg23sJiS6aaqnB4A4TBPmSVSHCAAlnmWqc=) 2: CD1F0EC07D4D11EBAE81AF83C4F9AE02.roa (hash: 4wWkALarNhzIV0d1ZybqQK8tC375NaVcRuBFdReJXsc=) 3: BDBFFB867D5411EB8CBE5B57C4F9AE02.roa (hash: ST3w5Tj88jMoz75b41w1YKAqx3Mmc8bfoi4qnLujj8E=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91673ED/4D8FA20E7D4911EBA165737BC4F9AE02/OTVm9EF4bZWNinkRjo71b8hy5cU.crl rsync://rpki.apnic.net/member_repository/A91673ED/4D8FA20E7D4911EBA165737BC4F9AE02/OTVm9EF4bZWNinkRjo71b8hy5cU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OTVm9EF4bZWNinkRjo71b8hy5cU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 22:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1650 (0x672) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91673ED, serialNumber=393566F441786D958D8A79118E8EF56FC872E5C5 Validity Not Before: May 10 22:00:36 2025 GMT Not After : May 17 22:00:36 2025 GMT Subject: CN=681fcc84-5d8b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:91:ee:b2:5e:5b:cf:7e:81:75:5e:71:c2:26: ff:49:94:a2:7a:c2:a4:cf:9f:35:fd:64:f4:c3:80: b9:4c:15:a9:b1:21:a8:17:b6:6e:b7:13:79:d4:a9: 01:9a:54:6a:cc:b8:14:4b:5f:2a:43:bc:89:3a:11: 8e:82:5e:96:90:4a:08:eb:e0:8c:51:17:92:11:bf: 01:e1:26:73:71:cb:41:62:18:44:bb:cd:ee:c1:ae: 58:72:a1:2f:56:95:7d:e1:2a:61:f8:ea:38:33:69: 28:a8:c0:a5:67:42:b3:d0:03:52:be:e1:d9:7a:0b: 39:26:99:25:dd:4b:94:20:a1:fe:1f:eb:66:95:89: 5c:ba:58:67:d5:49:39:91:9c:ff:c2:f6:8f:b9:68: cc:52:03:27:d5:cc:e9:7c:f0:45:77:9c:9f:01:52: f6:c6:f4:a6:6a:70:13:79:24:0e:48:29:24:e6:4f: 56:52:2c:a3:02:3e:23:00:ed:b2:ea:c5:b8:77:9b: 3c:35:62:fa:e6:fa:32:17:c9:93:fa:a9:4f:0d:9c: 57:f3:b9:03:bf:af:36:96:d6:4d:c5:71:a4:8a:34: c4:2f:ef:4d:3a:bd:da:00:c9:62:e7:d3:c2:0f:5d: 0d:48:4a:9f:b7:39:0e:c5:27:3c:71:33:b4:64:ca: 1a:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:C8:94:F0:6F:16:A5:8C:34:58:A6:F5:36:B7:88:47:12:CC:52:1C X509v3 Authority Key Identifier: keyid:39:35:66:F4:41:78:6D:95:8D:8A:79:11:8E:8E:F5:6F:C8:72:E5:C5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91673ED/4D8FA20E7D4911EBA165737BC4F9AE02/OTVm9EF4bZWNinkRjo71b8hy5cU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OTVm9EF4bZWNinkRjo71b8hy5cU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91673ED/4D8FA20E7D4911EBA165737BC4F9AE02/OTVm9EF4bZWNinkRjo71b8hy5cU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3c:f7:44:b4:04:13:a4:0f:c0:a9:60:d6:d0:ce:8a:c5:2f:f4: 7b:79:e7:9c:9c:79:e9:e7:31:ec:5e:3e:90:d7:d9:84:47:7e: df:b3:68:87:f8:8b:7a:2b:9a:f1:f7:e4:42:76:7c:40:8a:9a: ff:fd:12:d2:dc:74:ed:da:1e:fc:a6:ac:68:f5:b5:1e:f2:91: b5:84:fc:c7:54:40:a6:e3:d6:98:5b:f9:f7:5e:22:3d:b7:60: 1a:f8:f9:7c:d1:b9:be:e4:d6:0e:9d:13:50:2a:c0:7c:fd:da: 02:15:b1:1d:24:96:78:81:cf:b8:f7:bf:60:3d:bd:ef:c8:2b: 69:16:4f:64:f1:52:78:c2:20:d9:31:4d:41:ce:e0:19:27:f8: 0e:6a:ab:b3:a1:e0:13:8c:42:8d:5c:45:b5:87:4b:36:c9:e5: 97:42:32:8e:fa:aa:54:4b:ef:e2:d9:f3:88:4c:5c:d4:4d:93: b6:df:f9:ed:6a:43:45:4e:ab:f2:03:07:97:66:2c:99:71:04: a1:bc:2b:df:5d:ba:8b:a9:68:16:9e:a4:2e:52:4b:b2:f7:90: 9b:07:56:92:99:ca:84:3e:80:a0:9d:b0:4a:4b:f4:d3:6d:47: 71:37:50:be:c8:e2:cd:e8:e0:a0:26:83:f3:9f:dd:2c:cb:a7: 9e:3c:3d:b9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBnIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjczRUQxMTAvBgNVBAUTKDM5MzU2NkY0NDE3ODZEOTU4RDhBNzkxMThFOEVGNTZG Qzg3MkU1QzUwHhcNMjUwNTEwMjIwMDM2WhcNMjUwNTE3MjIwMDM2WjAYMRYwFAYD VQQDEw02ODFmY2M4NC01ZDhiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv5Husl5bz36BdV5xwib/SZSiesKkz581/WT0w4C5TBWpsSGoF7ZutxN51KkB mlRqzLgUS18qQ7yJOhGOgl6WkEoI6+CMUReSEb8B4SZzcctBYhhEu83uwa5YcqEv VpV94Sph+Oo4M2koqMClZ0Kz0ANSvuHZegs5Jpkl3UuUIKH+H+tmlYlculhn1Uk5 kZz/wvaPuWjMUgMn1czpfPBFd5yfAVL2xvSmanATeSQOSCkk5k9WUiyjAj4jAO2y 6sW4d5s8NWL65voyF8mT+qlPDZxX87kDv682ltZNxXGkijTEL+9NOr3aAMli59PC D10NSEqftzkOxSc8cTO0ZMoaeQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFnIlPBv FqWMNFim9Ta3iEcSzFIcMB8GA1UdIwQYMBaAFDk1ZvRBeG2VjYp5EY6O9W/IcuXF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NzNFRC80RDhGQTIwRTdE NDkxMUVCQTE2NTczN0JDNEY5QUUwMi9PVFZtOUVGNGJaV05pbmtSam83MWI4aHk1 Y1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09UVm05RUY0YlpXTmlua1JqbzcxYjhoeTVjVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 NzNFRC80RDhGQTIwRTdENDkxMUVCQTE2NTczN0JDNEY5QUUwMi9PVFZtOUVGNGJa V05pbmtSam83MWI4aHk1Y1UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA890S0BBOkD8CpYNbQzorFL/R7eeecnHnp5zHsXj6Q19mER37fs2iH +It6K5rx9+RCdnxAipr//RLS3HTt2h78pqxo9bUe8pG1hPzHVECm49aYW/n3XiI9 t2Aa+Pl80bm+5NYOnRNQKsB8/doCFbEdJJZ4gc+4979gPb3vyCtpFk9k8VJ4wiDZ MU1BzuAZJ/gOaquzoeATjEKNXEW1h0s2yeWXQjKO+qpUS+/i2fOITFzUTZO23/nt akNFTqvyAweXZiyZcQShvCvfXbqLqWgWnqQuUkuy95CbB1aSmcqEPoCgnbBKS/TT bUdxN1C+yOLN6OCgJoPzn90sy6eePD25 -----END CERTIFICATE-----Generated at Sun May 11 12:42:04 2025 by rpki-client