$ rpki-client -vvf rpki.apnic.net/member_repository/A918377D/9F7C8152B4B111EEB0ADE352C4F9AE02/ofrVQukeAX0lfVGxT_XDW4lCnvU.mft File: ofrVQukeAX0lfVGxT_XDW4lCnvU.mft (raw, json) Hash identifier: DdqodA0c9NTsB8oeMZxbGUAuqlMoO8D0ySEXju4fORI= Subject key identifier: 20:C5:EC:EB:AB:8A:41:A1:05:7D:99:DE:A9:BD:6B:AE:E0:9C:2C:50 Authority key identifier: A1:FA:D5:42:E9:1E:01:7D:25:7D:51:B1:4F:F5:C3:5B:89:42:9E:F5 Certificate issuer: /CN=A918377D/serialNumber=A1FAD542E91E017D257D51B14FF5C35B89429EF5 Certificate serial: F5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ofrVQukeAX0lfVGxT_XDW4lCnvU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918377D/9F7C8152B4B111EEB0ADE352C4F9AE02/ofrVQukeAX0lfVGxT_XDW4lCnvU.mft Manifest number: F5 Signing time: Fri 09 May 2025 04:15:30 +0000 Manifest this update: Fri 09 May 2025 04:15:29 +0000 Manifest next update: Fri 16 May 2025 04:15:29 +0000 Files and hashes: 1: ofrVQukeAX0lfVGxT_XDW4lCnvU.crl (hash: pnADm7Nroh3VI1s4nNYUEgxlcliMSe6wg2LKNT9VWl4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918377D/9F7C8152B4B111EEB0ADE352C4F9AE02/ofrVQukeAX0lfVGxT_XDW4lCnvU.crl rsync://rpki.apnic.net/member_repository/A918377D/9F7C8152B4B111EEB0ADE352C4F9AE02/ofrVQukeAX0lfVGxT_XDW4lCnvU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ofrVQukeAX0lfVGxT_XDW4lCnvU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 16 May 2025 04:15:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 245 (0xf5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918377D, serialNumber=A1FAD542E91E017D257D51B14FF5C35B89429EF5 Validity Not Before: May 9 04:15:29 2025 GMT Not After : May 16 04:15:29 2025 GMT Subject: CN=681d8161-5097 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:95:68:b3:2f:18:93:19:28:81:83:b1:71:1d: 09:15:72:59:43:bf:42:c2:d9:d0:ab:55:86:27:d9: 71:50:d3:1f:c2:1b:21:0b:e4:23:d0:ac:fe:79:dc: 4e:a1:a2:37:49:f4:d1:c9:86:4f:dc:ee:a7:98:5b: 72:b6:ec:98:0c:ac:70:0a:62:c8:25:d9:89:95:9c: 59:ed:eb:64:2c:d0:1a:e2:e2:68:27:f7:23:eb:2f: 0f:72:96:30:14:07:44:03:8f:54:4c:98:45:81:82: fa:f0:d3:a1:57:98:9e:7b:cd:48:43:53:46:3d:7c: 95:74:da:98:0a:26:1d:06:ea:7b:79:e3:c4:0c:8e: 9c:3e:55:6a:12:ac:a9:0f:82:a1:6f:c3:77:f9:69: db:8b:40:20:c7:bc:20:fe:2f:4f:22:fc:e1:2f:5d: 12:8b:c9:1f:4f:3d:3b:b4:4b:46:b8:49:51:fc:8f: 47:a7:cc:94:b3:c4:4e:58:06:57:8a:8c:d7:d0:b2: cf:62:27:ce:80:39:93:75:de:28:9b:db:c3:c3:cb: 47:87:47:87:15:50:d3:9a:a9:8e:22:0e:55:d9:c1: b8:e0:da:99:7f:5d:17:ed:4a:6d:20:62:ef:14:f9: cf:36:cd:97:f6:80:3d:5c:26:9b:33:0c:58:70:b6: b8:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:C5:EC:EB:AB:8A:41:A1:05:7D:99:DE:A9:BD:6B:AE:E0:9C:2C:50 X509v3 Authority Key Identifier: keyid:A1:FA:D5:42:E9:1E:01:7D:25:7D:51:B1:4F:F5:C3:5B:89:42:9E:F5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918377D/9F7C8152B4B111EEB0ADE352C4F9AE02/ofrVQukeAX0lfVGxT_XDW4lCnvU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ofrVQukeAX0lfVGxT_XDW4lCnvU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918377D/9F7C8152B4B111EEB0ADE352C4F9AE02/ofrVQukeAX0lfVGxT_XDW4lCnvU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 26:04:91:cc:37:b7:c7:85:ea:7d:d1:4b:ac:0b:f1:cc:2c:e9: 9d:da:5b:e8:8a:b0:4d:21:c5:e9:a2:9d:8b:83:06:5d:e2:70: 2b:99:69:44:7c:37:0d:41:90:21:49:6f:3e:45:e2:4f:de:ff: a7:96:9a:d9:04:a8:69:a7:60:b3:51:ec:0d:f1:f3:95:ba:18: 40:e8:c7:e4:fb:35:eb:d0:80:69:bc:43:ab:76:f8:27:69:6a: 0c:b1:e5:d4:ec:6c:a8:9f:c4:a6:12:63:60:57:04:7b:2e:98: 38:8c:fb:dc:dd:20:d6:bf:79:75:0f:3b:fe:91:ce:8d:a3:b6: 48:53:be:c0:c5:5e:d0:1f:6b:2b:3f:da:5a:f4:b7:78:df:7a: 97:21:74:24:69:c0:8f:d0:a4:de:eb:a8:b8:57:2d:5e:e1:7f: e3:95:bd:3f:14:13:55:e7:95:ea:a1:97:95:ab:5d:b4:76:02: c4:12:9d:53:69:40:6b:83:36:3f:a6:b0:47:be:d8:e4:5c:26: 3d:b1:b7:ec:4a:7a:2c:da:52:81:2e:87:24:a6:29:8e:5a:d6: 43:0e:2b:77:7d:a2:1c:a9:62:f0:78:6b:09:aa:a4:09:0b:2c: e5:eb:de:9f:d6:f5:7d:e4:81:75:51:b5:8a:dd:7e:3b:50:a8: db:f9:a3:c9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAPUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODM3N0QxMTAvBgNVBAUTKEExRkFENTQyRTkxRTAxN0QyNTdENTFCMTRGRjVDMzVC ODk0MjlFRjUwHhcNMjUwNTA5MDQxNTI5WhcNMjUwNTE2MDQxNTI5WjAYMRYwFAYD VQQDEw02ODFkODE2MS01MDk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu5Vosy8YkxkogYOxcR0JFXJZQ79CwtnQq1WGJ9lxUNMfwhshC+Qj0Kz+edxO oaI3SfTRyYZP3O6nmFtytuyYDKxwCmLIJdmJlZxZ7etkLNAa4uJoJ/cj6y8PcpYw FAdEA49UTJhFgYL68NOhV5iee81IQ1NGPXyVdNqYCiYdBup7eePEDI6cPlVqEqyp D4Khb8N3+Wnbi0Agx7wg/i9PIvzhL10Si8kfTz07tEtGuElR/I9Hp8yUs8ROWAZX iozX0LLPYifOgDmTdd4om9vDw8tHh0eHFVDTmqmOIg5V2cG44NqZf10X7UptIGLv FPnPNs2X9oA9XCabMwxYcLa4NQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCDF7Our ikGhBX2Z3qm9a67gnCxQMB8GA1UdIwQYMBaAFKH61ULpHgF9JX1RsU/1w1uJQp71 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4Mzc3RC85RjdDODE1MkI0 QjExMUVFQjBBREUzNTJDNEY5QUUwMi9vZnJWUXVrZUFYMGxmVkd4VF9YRFc0bENu dlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29mclZRdWtlQVgwbGZWR3hUX1hEVzRsQ252VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 Mzc3RC85RjdDODE1MkI0QjExMUVFQjBBREUzNTJDNEY5QUUwMi9vZnJWUXVrZUFY MGxmVkd4VF9YRFc0bENudlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAmBJHMN7fHhep90UusC/HMLOmd2lvoirBNIcXpop2LgwZd4nArmWlE fDcNQZAhSW8+ReJP3v+nlprZBKhpp2CzUewN8fOVuhhA6Mfk+zXr0IBpvEOrdvgn aWoMseXU7Gyon8SmEmNgVwR7Lpg4jPvc3SDWv3l1Dzv+kc6No7ZIU77AxV7QH2sr P9pa9Ld433qXIXQkacCP0KTe66i4Vy1e4X/jlb0/FBNV55XqoZeVq120dgLEEp1T aUBrgzY/prBHvtjkXCY9sbfsSnos2lKBLockpimOWtZDDit3faIcqWLweGsJqqQJ Cyzl696f1vV95IF1UbWK3X47UKjb+aPJ -----END CERTIFICATE-----Generated at Sun May 11 04:32:11 2025 by rpki-client