$ rpki-client -vvf rpki.apnic.net/member_repository/A9194C0D/A470785E575411EE940CD954C4F9AE02/os0QpH7XI-HEi19Q1oDPT2f8sdM.mft File: os0QpH7XI-HEi19Q1oDPT2f8sdM.mft (raw, json) Hash identifier: 41wlYPU1LMnRDc34znlfIxf27DIvk6R++yk55tHKPpg= Subject key identifier: C4:68:FD:7C:39:BE:13:34:0D:2F:E1:E2:9D:47:FE:C9:CA:F2:BD:04 Authority key identifier: A2:CD:10:A4:7E:D7:23:E1:C4:8B:5F:50:D6:80:CF:4F:67:FC:B1:D3 Certificate issuer: /CN=A9194C0D/serialNumber=A2CD10A47ED723E1C48B5F50D680CF4F67FCB1D3 Certificate serial: 013E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/os0QpH7XI-HEi19Q1oDPT2f8sdM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9194C0D/A470785E575411EE940CD954C4F9AE02/os0QpH7XI-HEi19Q1oDPT2f8sdM.mft Manifest number: 013A Signing time: Tue 13 May 2025 03:40:41 +0000 Manifest this update: Tue 13 May 2025 03:40:41 +0000 Manifest next update: Tue 20 May 2025 03:40:41 +0000 Files and hashes: 1: os0QpH7XI-HEi19Q1oDPT2f8sdM.crl (hash: i1pz2FFX9wLwXmHcH5AGW6bUsWP7r198lvhXQPOtPhg=) 2: 9D5E6AF8600F11EE98AFFB11C4F9AE02.roa (hash: S579X7Eg58aEG3SPKUs0UURwjN76vzCVTAQS2DSPcNI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9194C0D/A470785E575411EE940CD954C4F9AE02/os0QpH7XI-HEi19Q1oDPT2f8sdM.crl rsync://rpki.apnic.net/member_repository/A9194C0D/A470785E575411EE940CD954C4F9AE02/os0QpH7XI-HEi19Q1oDPT2f8sdM.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/os0QpH7XI-HEi19Q1oDPT2f8sdM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 03:40:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 318 (0x13e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9194C0D, serialNumber=A2CD10A47ED723E1C48B5F50D680CF4F67FCB1D3 Validity Not Before: May 13 03:40:41 2025 GMT Not After : May 20 03:40:41 2025 GMT Subject: CN=6822bf39-add9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:2d:a5:96:3f:16:2b:fd:11:a6:d7:a7:0a:46: 78:8d:2f:06:35:37:86:f4:d0:8f:2a:ed:8e:91:92: 6d:b6:a3:a9:1d:97:47:2c:23:6a:7b:c0:d6:b1:b2: 33:e1:06:37:00:39:69:a8:23:00:a4:8d:2b:86:ac: cb:42:2e:fa:95:c9:fe:c0:7f:37:f4:8e:4c:a8:19: 94:4c:0d:4a:67:e8:47:25:f9:04:b4:b1:55:89:c9: 2d:8e:3a:2e:19:e1:af:47:75:75:00:ac:77:ce:10: 80:e1:4b:cb:58:3c:20:b0:53:95:bb:f3:e2:8b:5e: 94:35:72:e0:9d:08:fc:bb:95:fa:8d:a6:3f:38:ed: c2:06:d3:a2:c2:3d:35:6f:a5:65:f7:f6:7f:e1:11: 66:21:a7:82:a1:e2:9f:27:2a:75:a1:91:49:1a:cd: ca:f3:82:82:13:da:40:8a:a4:fa:30:f7:81:cf:ad: 38:f1:5b:86:18:12:41:79:c5:3d:e7:8c:ab:c5:7e: 0d:b8:6a:33:cb:5c:fb:60:83:11:a9:4f:6a:96:f4: 00:94:1c:3b:80:4c:ab:49:85:dc:7c:7f:be:b8:fe: 85:15:10:b2:52:cd:81:0c:b9:b6:90:bb:49:4b:f6: 42:72:07:55:41:c3:9b:ec:0b:95:f4:df:c8:35:1d: cd:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:68:FD:7C:39:BE:13:34:0D:2F:E1:E2:9D:47:FE:C9:CA:F2:BD:04 X509v3 Authority Key Identifier: keyid:A2:CD:10:A4:7E:D7:23:E1:C4:8B:5F:50:D6:80:CF:4F:67:FC:B1:D3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9194C0D/A470785E575411EE940CD954C4F9AE02/os0QpH7XI-HEi19Q1oDPT2f8sdM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/os0QpH7XI-HEi19Q1oDPT2f8sdM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9194C0D/A470785E575411EE940CD954C4F9AE02/os0QpH7XI-HEi19Q1oDPT2f8sdM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 65:c3:93:fa:06:2d:6e:94:e6:cd:3c:6e:89:ed:46:bf:02:8e: 36:59:da:d6:4d:d8:11:aa:c1:fd:03:ea:9c:66:6a:67:e7:bd: c6:c7:7f:ab:25:0e:53:47:a4:e4:e8:45:c7:84:42:56:36:f2: 62:4b:7a:38:b5:5f:29:85:98:15:a9:45:7a:f6:98:e6:e1:c0: 83:a5:ba:da:27:7c:d2:80:1c:fe:ed:ed:35:8f:0f:54:32:37: 00:38:57:39:b9:07:ab:0a:8c:42:ee:c5:c7:76:51:17:a4:16: 57:a8:72:d6:0c:fe:25:02:03:a4:0c:0b:b3:b0:e3:3d:66:2c: b9:25:1a:ea:4d:ec:fc:80:a1:9a:f8:a6:61:17:42:53:0b:7b: 7d:97:12:42:e1:cf:5e:fe:57:ef:f1:e7:ac:ba:df:6d:61:cb: 37:8f:7a:f8:90:64:f2:33:c5:a5:29:89:2a:e2:03:c3:fd:0b: f1:86:51:be:c9:3d:2f:b2:a7:e1:cb:69:e3:bf:87:06:93:e4: c0:d5:6d:03:c3:91:35:f4:e3:09:43:76:ef:cb:93:0d:da:ff: e8:ed:22:40:8f:74:9e:20:74:29:86:f0:21:85:0c:b3:bd:6a: 05:f7:a2:f5:26:56:a4:02:57:98:1c:f0:50:ed:94:3c:2f:94: 1b:95:67:4e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAT4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTRDMEQxMTAvBgNVBAUTKEEyQ0QxMEE0N0VENzIzRTFDNDhCNUY1MEQ2ODBDRjRG NjdGQ0IxRDMwHhcNMjUwNTEzMDM0MDQxWhcNMjUwNTIwMDM0MDQxWjAYMRYwFAYD VQQDEw02ODIyYmYzOS1hZGQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtS2llj8WK/0RptenCkZ4jS8GNTeG9NCPKu2OkZJttqOpHZdHLCNqe8DWsbIz 4QY3ADlpqCMApI0rhqzLQi76lcn+wH839I5MqBmUTA1KZ+hHJfkEtLFVicktjjou GeGvR3V1AKx3zhCA4UvLWDwgsFOVu/Pii16UNXLgnQj8u5X6jaY/OO3CBtOiwj01 b6Vl9/Z/4RFmIaeCoeKfJyp1oZFJGs3K84KCE9pAiqT6MPeBz6048VuGGBJBecU9 54yrxX4NuGozy1z7YIMRqU9qlvQAlBw7gEyrSYXcfH++uP6FFRCyUs2BDLm2kLtJ S/ZCcgdVQcOb7AuV9N/INR3N4wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMRo/Xw5 vhM0DS/h4p1H/snK8r0EMB8GA1UdIwQYMBaAFKLNEKR+1yPhxItfUNaAz09n/LHT MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NEMwRC9BNDcwNzg1RTU3 NTQxMUVFOTQwQ0Q5NTRDNEY5QUUwMi9vczBRcEg3WEktSEVpMTlRMW9EUFQyZjhz ZE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL29zMFFwSDdYSS1IRWkxOVExb0RQVDJmOHNkTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NEMwRC9BNDcwNzg1RTU3NTQxMUVFOTQwQ0Q5NTRDNEY5QUUwMi9vczBRcEg3WEkt SEVpMTlRMW9EUFQyZjhzZE0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBlw5P6Bi1ulObNPG6J7Ua/Ao42WdrWTdgRqsH9A+qcZmpn573Gx3+r JQ5TR6Tk6EXHhEJWNvJiS3o4tV8phZgVqUV69pjm4cCDpbraJ3zSgBz+7e01jw9U MjcAOFc5uQerCoxC7sXHdlEXpBZXqHLWDP4lAgOkDAuzsOM9Ziy5JRrqTez8gKGa +KZhF0JTC3t9lxJC4c9e/lfv8eesut9tYcs3j3r4kGTyM8WlKYkq4gPD/QvxhlG+ yT0vsqfhy2njv4cGk+TA1W0Dw5E19OMJQ3bvy5MN2v/o7SJAj3SeIHQphvAhhQyz vWoF96L1JlakAleYHPBQ7ZQ8L5QblWdO -----END CERTIFICATE-----Generated at Wed May 14 07:58:29 2025 by rpki-client