$ rpki-client -vvf rpki.apnic.net/member_repository/A918377D/9F7C8152B4B111EEB0ADE352C4F9AE02/ofrVQukeAX0lfVGxT_XDW4lCnvU.mft File: ofrVQukeAX0lfVGxT_XDW4lCnvU.mft (raw, json) Hash identifier: HOjzWdkTjlHiXW5TxCw21qTW23VX0IJjwC4fItwicTk= Subject key identifier: D5:44:BB:BB:2F:8D:94:BE:F8:DE:7E:7D:81:2B:06:70:B1:DB:DA:AD Authority key identifier: A1:FA:D5:42:E9:1E:01:7D:25:7D:51:B1:4F:F5:C3:5B:89:42:9E:F5 Certificate issuer: /CN=A918377D/serialNumber=A1FAD542E91E017D257D51B14FF5C35B89429EF5 Certificate serial: 010F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ofrVQukeAX0lfVGxT_XDW4lCnvU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918377D/9F7C8152B4B111EEB0ADE352C4F9AE02/ofrVQukeAX0lfVGxT_XDW4lCnvU.mft Manifest number: 010F Signing time: Tue 01 Jul 2025 05:23:42 +0000 Manifest this update: Tue 01 Jul 2025 05:23:41 +0000 Manifest next update: Tue 08 Jul 2025 05:23:41 +0000 Files and hashes: 1: ofrVQukeAX0lfVGxT_XDW4lCnvU.crl (hash: rnCgPuQQPbjYa8mSsU/5lys6qEru0t2KvwYyaiuXgJI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918377D/9F7C8152B4B111EEB0ADE352C4F9AE02/ofrVQukeAX0lfVGxT_XDW4lCnvU.crl rsync://rpki.apnic.net/member_repository/A918377D/9F7C8152B4B111EEB0ADE352C4F9AE02/ofrVQukeAX0lfVGxT_XDW4lCnvU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ofrVQukeAX0lfVGxT_XDW4lCnvU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 05:23:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 271 (0x10f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918377D, serialNumber=A1FAD542E91E017D257D51B14FF5C35B89429EF5 Validity Not Before: Jul 1 05:23:41 2025 GMT Not After : Jul 8 05:23:41 2025 GMT Subject: CN=686370de-a4c7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:73:b9:8d:76:4f:97:77:66:8a:62:a5:21:67: fd:e6:02:78:33:26:3f:33:e7:29:27:3b:2b:33:90: 3d:55:12:c4:9d:1c:50:44:ad:22:99:7f:79:55:f0: b6:2b:06:39:9a:0f:cf:1a:aa:95:28:f1:7d:d5:df: b5:87:17:1b:e6:a1:bf:92:16:d8:a0:1e:91:78:87: 1f:fc:ea:59:3e:a9:42:dc:00:f3:98:d2:0d:3a:b9: e5:87:0f:03:fc:8f:59:83:b0:77:85:88:7b:7c:4d: 5a:a0:0f:80:be:82:87:77:90:d6:f7:7a:55:d2:10: 7c:c5:49:f7:df:38:dd:8e:b6:59:77:67:43:3e:18: 7e:60:55:89:86:41:05:ec:0a:fe:f1:8e:e9:18:6f: 69:14:0b:ad:62:c8:c6:f6:8a:9c:01:5c:58:f0:8b: 60:b9:94:ca:3d:32:41:4f:50:cb:90:e1:6f:cd:2a: 00:52:ca:22:dc:26:aa:b0:6c:09:44:59:13:cc:33: 73:3d:d8:52:2f:ed:5e:a6:7d:1b:80:d7:56:9d:fc: 6b:f2:b4:5d:cf:72:06:93:5d:0a:4d:fe:a4:ab:38: d9:0f:7e:db:3b:08:62:54:c5:53:8a:0e:fe:fb:94: 4b:d1:b9:3d:43:14:04:b5:56:b7:fa:f1:28:4d:86: a5:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:44:BB:BB:2F:8D:94:BE:F8:DE:7E:7D:81:2B:06:70:B1:DB:DA:AD X509v3 Authority Key Identifier: keyid:A1:FA:D5:42:E9:1E:01:7D:25:7D:51:B1:4F:F5:C3:5B:89:42:9E:F5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918377D/9F7C8152B4B111EEB0ADE352C4F9AE02/ofrVQukeAX0lfVGxT_XDW4lCnvU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ofrVQukeAX0lfVGxT_XDW4lCnvU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918377D/9F7C8152B4B111EEB0ADE352C4F9AE02/ofrVQukeAX0lfVGxT_XDW4lCnvU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption df:ed:de:22:b5:9c:27:00:7c:6a:e1:2f:f6:57:31:1e:07:8b: 6f:d8:f6:4e:2b:f9:3d:97:1f:bb:16:54:e0:fd:7b:6c:14:21: 2e:1f:0c:2f:dd:0a:bd:15:71:7d:4e:31:8c:fe:1f:0a:36:a6: d7:5f:0d:fc:5a:9d:49:19:4c:15:36:22:0c:f3:88:c5:a8:9b: 05:9d:ac:5f:83:02:8d:92:20:92:ed:3a:ab:08:00:73:5a:76: 3e:aa:f4:55:5d:23:91:b3:85:42:9a:42:0c:3f:35:0b:43:a1: 82:55:20:ac:e3:42:c9:08:ee:ca:2d:89:53:30:5b:8f:f8:9d: 17:71:b5:41:db:d5:c3:65:69:d2:b3:bc:7f:f3:e1:1d:b6:44: 32:bb:ef:19:a8:4e:8c:e7:32:db:95:2e:45:59:6c:b2:71:25: 20:c9:12:49:be:04:b8:57:b6:78:53:ae:2e:c1:c5:c3:e5:1d: 4c:4c:1d:42:a1:db:e5:9a:e1:52:7a:f7:09:d5:a2:3f:ff:e1: e8:0b:9c:8b:e9:79:29:ed:82:f3:57:12:99:e7:77:66:be:2e: e3:8a:83:12:9c:ba:d3:b9:00:5f:24:c4:44:13:82:f8:a5:35: 0e:41:aa:f3:e8:c7:48:00:22:8b:d9:5d:15:d8:bc:1c:ea:16: 88:a3:1c:e6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAQ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODM3N0QxMTAvBgNVBAUTKEExRkFENTQyRTkxRTAxN0QyNTdENTFCMTRGRjVDMzVC ODk0MjlFRjUwHhcNMjUwNzAxMDUyMzQxWhcNMjUwNzA4MDUyMzQxWjAYMRYwFAYD VQQDEw02ODYzNzBkZS1hNGM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqHO5jXZPl3dmimKlIWf95gJ4MyY/M+cpJzsrM5A9VRLEnRxQRK0imX95VfC2 KwY5mg/PGqqVKPF91d+1hxcb5qG/khbYoB6ReIcf/OpZPqlC3ADzmNINOrnlhw8D /I9Zg7B3hYh7fE1aoA+AvoKHd5DW93pV0hB8xUn33zjdjrZZd2dDPhh+YFWJhkEF 7Ar+8Y7pGG9pFAutYsjG9oqcAVxY8ItguZTKPTJBT1DLkOFvzSoAUsoi3CaqsGwJ RFkTzDNzPdhSL+1epn0bgNdWnfxr8rRdz3IGk10KTf6kqzjZD37bOwhiVMVTig7+ +5RL0bk9QxQEtVa3+vEoTYalwwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNVEu7sv jZS++N5+fYErBnCx29qtMB8GA1UdIwQYMBaAFKH61ULpHgF9JX1RsU/1w1uJQp71 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4Mzc3RC85RjdDODE1MkI0 QjExMUVFQjBBREUzNTJDNEY5QUUwMi9vZnJWUXVrZUFYMGxmVkd4VF9YRFc0bENu dlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29mclZRdWtlQVgwbGZWR3hUX1hEVzRsQ252VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 Mzc3RC85RjdDODE1MkI0QjExMUVFQjBBREUzNTJDNEY5QUUwMi9vZnJWUXVrZUFY MGxmVkd4VF9YRFc0bENudlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDf7d4itZwnAHxq4S/2VzEeB4tv2PZOK/k9lx+7FlTg/XtsFCEuHwwv 3Qq9FXF9TjGM/h8KNqbXXw38Wp1JGUwVNiIM84jFqJsFnaxfgwKNkiCS7TqrCABz WnY+qvRVXSORs4VCmkIMPzULQ6GCVSCs40LJCO7KLYlTMFuP+J0XcbVB29XDZWnS s7x/8+EdtkQyu+8ZqE6M5zLblS5FWWyycSUgyRJJvgS4V7Z4U64uwcXD5R1MTB1C odvlmuFSevcJ1aI//+HoC5yL6Xkp7YLzVxKZ53dmvi7jioMSnLrTuQBfJMREE4L4 pTUOQarz6MdIACKL2V0V2Lwc6haIoxzm -----END CERTIFICATE-----Generated at Tue Jul 1 13:48:32 2025 by rpki-client