$ rpki-client -vvf rpki.apnic.net/member_repository/A91778D4/D9D5693A905111ECA3699615C4F9AE02/OIes3fccvvSnUh2EUe7LrrJRnv0.mft File: OIes3fccvvSnUh2EUe7LrrJRnv0.mft (raw, json) Hash identifier: YrfsQuwgIAIpjUTF/GzCNaAGDO/pdgUVD4cLX3282R0= Subject key identifier: FC:3F:BE:06:84:7E:44:4D:F1:51:9A:C4:32:FD:48:F3:FA:CC:26:87 Authority key identifier: 38:87:AC:DD:F7:1C:BE:F4:A7:52:1D:84:51:EE:CB:AE:B2:51:9E:FD Certificate issuer: /CN=A91778D4/serialNumber=3887ACDDF71CBEF4A7521D8451EECBAEB2519EFD Certificate serial: 03B1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OIes3fccvvSnUh2EUe7LrrJRnv0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91778D4/D9D5693A905111ECA3699615C4F9AE02/OIes3fccvvSnUh2EUe7LrrJRnv0.mft Manifest number: 03AD Signing time: Sun 11 May 2025 00:17:21 +0000 Manifest this update: Sun 11 May 2025 00:17:20 +0000 Manifest next update: Sun 18 May 2025 00:17:20 +0000 Files and hashes: 1: OIes3fccvvSnUh2EUe7LrrJRnv0.crl (hash: 8u4kYbsloSiOVkFBt2gIg/LNeQg5D0LEGETymMRHHm0=) 2: 13F9F650905511EC9A978D19C4F9AE02.roa (hash: CfbtaxsbT8QkNpB+dr8l4I71elKTP/TaO4DWd5BrJjY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91778D4/D9D5693A905111ECA3699615C4F9AE02/OIes3fccvvSnUh2EUe7LrrJRnv0.crl rsync://rpki.apnic.net/member_repository/A91778D4/D9D5693A905111ECA3699615C4F9AE02/OIes3fccvvSnUh2EUe7LrrJRnv0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OIes3fccvvSnUh2EUe7LrrJRnv0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 00:17:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 945 (0x3b1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91778D4, serialNumber=3887ACDDF71CBEF4A7521D8451EECBAEB2519EFD Validity Not Before: May 11 00:17:20 2025 GMT Not After : May 18 00:17:20 2025 GMT Subject: CN=681fec91-e3d6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:fa:76:40:1a:10:bd:1b:13:52:81:68:cb:4c: 6d:91:71:d7:73:c3:c2:15:0b:29:b0:6c:30:15:25: 87:4b:71:8a:83:f8:d7:e9:2e:69:5f:8c:21:c8:a9: df:03:91:82:a7:49:de:00:31:c8:40:96:5a:53:70: 41:ba:1f:0d:06:a4:e5:f6:13:1d:4f:3b:51:00:2e: 27:02:cc:f4:b0:3c:66:95:e4:75:02:d6:29:49:60: f9:8c:a2:04:fd:50:05:b6:89:56:d5:04:b6:1b:cc: 17:f0:59:19:ec:3e:34:fb:de:18:ee:fa:c3:09:75: a2:25:1d:86:18:39:2a:22:ea:72:24:2f:14:97:34: ea:93:d3:36:f1:a9:ab:0c:b7:e0:3b:b0:4e:24:b6: 40:e2:3b:84:f3:5f:7e:81:6f:e1:ef:ae:b1:3c:b6: 00:3c:4f:0e:69:7f:31:a1:b6:ba:9d:d0:30:d5:ba: e1:68:6a:91:f0:e4:5b:a6:21:1a:9f:0d:35:0b:92: 38:fe:dd:3d:03:de:44:27:e9:6c:94:ea:cf:03:31: 72:08:6f:9d:03:aa:99:79:8a:3b:14:a1:d8:35:2c: b6:32:df:4b:d6:db:9b:f6:d0:56:82:8e:8a:a1:e7: 5e:21:ca:43:7c:db:42:fb:a2:98:71:e7:82:c8:22: 9a:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:3F:BE:06:84:7E:44:4D:F1:51:9A:C4:32:FD:48:F3:FA:CC:26:87 X509v3 Authority Key Identifier: keyid:38:87:AC:DD:F7:1C:BE:F4:A7:52:1D:84:51:EE:CB:AE:B2:51:9E:FD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91778D4/D9D5693A905111ECA3699615C4F9AE02/OIes3fccvvSnUh2EUe7LrrJRnv0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OIes3fccvvSnUh2EUe7LrrJRnv0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91778D4/D9D5693A905111ECA3699615C4F9AE02/OIes3fccvvSnUh2EUe7LrrJRnv0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 74:bf:1b:cc:90:10:2e:26:9b:0c:bb:24:a6:e3:cf:52:fa:9e: 06:94:1a:09:99:f0:0c:78:c3:9a:7a:55:61:d1:33:8e:01:a0: c3:96:8d:f3:44:7d:d6:4b:d4:ae:9a:29:02:78:87:03:02:8d: 87:5a:2a:c9:0d:d0:90:b9:af:5d:31:42:30:fc:1e:34:0d:48: 2d:fb:5c:56:73:0e:f6:d8:6e:b3:fb:45:76:8f:e3:3c:d0:05: e9:f5:79:c7:b5:1f:e4:ed:aa:b8:df:27:cb:d8:e8:b4:fe:6f: 27:66:84:f2:cb:fb:5a:3e:60:e2:0d:43:2e:c9:74:5e:5d:37: f9:4c:3c:fd:5d:cd:df:16:f8:19:2a:e7:2d:92:1f:10:b4:2c: d6:45:74:d3:99:5f:84:3f:9d:7e:e9:84:c5:ac:e1:0f:55:b9: 86:bd:63:b9:f1:d3:61:d5:21:61:bb:91:3f:9b:78:7e:f4:01: a1:b1:3a:ec:76:c9:60:21:4e:34:db:50:dc:59:71:59:09:68: 62:4e:a8:de:70:5c:56:29:7f:84:f0:9d:80:f5:6f:9e:e2:c3: 95:c6:01:b4:ec:e0:be:83:bd:fa:c4:04:43:0c:53:ed:cc:c6: a4:40:1c:f1:30:ce:e3:a9:8d:ec:60:72:2a:ab:e3:ca:72:cf: cf:ed:ae:bd -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA7EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Nzc4RDQxMTAvBgNVBAUTKDM4ODdBQ0RERjcxQ0JFRjRBNzUyMUQ4NDUxRUVDQkFF QjI1MTlFRkQwHhcNMjUwNTExMDAxNzIwWhcNMjUwNTE4MDAxNzIwWjAYMRYwFAYD VQQDEw02ODFmZWM5MS1lM2Q2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwvp2QBoQvRsTUoFoy0xtkXHXc8PCFQspsGwwFSWHS3GKg/jX6S5pX4whyKnf A5GCp0neADHIQJZaU3BBuh8NBqTl9hMdTztRAC4nAsz0sDxmleR1AtYpSWD5jKIE /VAFtolW1QS2G8wX8FkZ7D40+94Y7vrDCXWiJR2GGDkqIupyJC8UlzTqk9M28amr DLfgO7BOJLZA4juE819+gW/h766xPLYAPE8OaX8xoba6ndAw1brhaGqR8ORbpiEa nw01C5I4/t09A95EJ+lslOrPAzFyCG+dA6qZeYo7FKHYNSy2Mt9L1tub9tBWgo6K oedeIcpDfNtC+6KYceeCyCKajQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPw/vgaE fkRN8VGaxDL9SPP6zCaHMB8GA1UdIwQYMBaAFDiHrN33HL70p1IdhFHuy66yUZ79 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NzhENC9EOUQ1NjkzQTkw NTExMUVDQTM2OTk2MTVDNEY5QUUwMi9PSWVzM2ZjY3Z2U25VaDJFVWU3THJySlJu djAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09JZXMzZmNjdnZTblVoMkVVZTdMcnJKUm52MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 NzhENC9EOUQ1NjkzQTkwNTExMUVDQTM2OTk2MTVDNEY5QUUwMi9PSWVzM2ZjY3Z2 U25VaDJFVWU3THJySlJudjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB0vxvMkBAuJpsMuySm489S+p4GlBoJmfAMeMOaelVh0TOOAaDDlo3z RH3WS9SumikCeIcDAo2HWirJDdCQua9dMUIw/B40DUgt+1xWcw722G6z+0V2j+M8 0AXp9XnHtR/k7aq43yfL2Oi0/m8nZoTyy/taPmDiDUMuyXReXTf5TDz9Xc3fFvgZ Kuctkh8QtCzWRXTTmV+EP51+6YTFrOEPVbmGvWO58dNh1SFhu5E/m3h+9AGhsTrs dslgIU4021DcWXFZCWhiTqjecFxWKX+E8J2A9W+e4sOVxgG07OC+g736xARDDFPt zMakQBzxMM7jqY3sYHIqq+PKcs/P7a69 -----END CERTIFICATE-----Generated at Sun May 11 09:39:40 2025 by rpki-client