$ rpki-client -vvf rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.mft File: OhbEBL_tNHJEowpa__ZuSZKqKCE.mft (raw, json) Hash identifier: d+VOwr7d8pY8J+iNrh0WPg/MZYWRLEhiO8sH84BDXKE= Subject key identifier: 31:2C:42:84:AF:B5:E7:06:7C:05:02:BD:5C:DC:1B:2D:D3:01:5C:1D Authority key identifier: 3A:16:C4:04:BF:ED:34:72:44:A3:0A:5A:FF:F6:6E:49:92:AA:28:21 Certificate issuer: /CN=A91A65C4/serialNumber=3A16C404BFED347244A30A5AFFF66E4992AA2821 Certificate serial: 0441 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhbEBL_tNHJEowpa__ZuSZKqKCE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.mft Manifest number: 043B Signing time: Tue 13 May 2025 00:05:52 +0000 Manifest this update: Tue 13 May 2025 00:05:52 +0000 Manifest next update: Tue 20 May 2025 00:05:52 +0000 Files and hashes: 1: OhbEBL_tNHJEowpa__ZuSZKqKCE.crl (hash: beRcdZXF3OafyWcSuMrQIPkHWejeQuArq1wpq/u0lCM=) 2: 9D77DCA4599A11ECA574BF52C4F9AE02.roa (hash: /fF1tdSaYFH2w1w+0HXHgYqEthaF4A0sGCD2uCBxpiY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.crl rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhbEBL_tNHJEowpa__ZuSZKqKCE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 00:05:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1089 (0x441) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A65C4, serialNumber=3A16C404BFED347244A30A5AFFF66E4992AA2821 Validity Not Before: May 13 00:05:52 2025 GMT Not After : May 20 00:05:52 2025 GMT Subject: CN=68228ce0-e185 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:2a:a2:f0:0b:fb:7d:45:cf:b7:fd:bd:01:0e: 0e:72:2e:1c:2b:83:3f:b8:8d:f6:77:c3:13:35:9b: dc:eb:6d:06:de:16:6f:73:8b:1a:71:d1:57:46:76: 16:24:fd:3a:0d:09:46:6a:3a:93:0f:2b:ed:4e:84: 40:32:61:ec:02:8a:85:66:69:74:dd:65:fd:06:7c: 19:d8:4a:4b:41:11:7d:09:71:87:14:5a:a4:ab:ee: 88:04:8d:72:cc:26:f3:10:5a:ee:84:99:55:f2:37: 0d:96:6f:a0:29:02:f5:2e:a6:c8:0c:30:3b:95:68: 12:0c:ed:9e:c8:86:67:00:e5:62:b0:ec:6d:af:f3: db:26:e8:60:68:3e:d7:44:27:9b:62:17:01:f3:2c: bd:d5:f8:ea:a4:49:3c:8a:c2:6d:39:a7:7f:5e:e5: 90:c3:da:30:b7:e9:58:08:0d:4a:57:75:d1:ca:09: 66:25:bb:3d:c8:bc:af:fb:7a:47:99:cf:1e:00:09: af:5d:81:cb:84:af:75:2f:4b:70:59:d9:5f:d7:e8: bb:db:80:c8:9f:83:70:10:e3:25:1d:59:4e:ea:06: 5f:ec:d0:cc:58:f9:8c:4c:92:1d:6a:d0:a8:56:25: 71:f5:d3:58:6e:f0:cc:5b:6a:f6:77:68:e2:85:30: b4:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:2C:42:84:AF:B5:E7:06:7C:05:02:BD:5C:DC:1B:2D:D3:01:5C:1D X509v3 Authority Key Identifier: keyid:3A:16:C4:04:BF:ED:34:72:44:A3:0A:5A:FF:F6:6E:49:92:AA:28:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhbEBL_tNHJEowpa__ZuSZKqKCE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 91:06:be:32:61:1b:f2:6d:eb:cc:55:90:9e:e0:68:1b:94:df: bf:5e:96:2f:44:84:8e:1b:7a:a9:40:df:ef:5f:ce:f3:93:eb: 2e:74:1e:51:8c:4e:ae:69:b2:90:5d:7d:91:02:65:1d:38:8e: f9:d1:24:99:3e:f2:bd:52:a4:12:de:89:c8:cd:66:9a:cc:98: 49:09:18:85:83:55:28:7b:fd:a9:56:fe:59:26:c3:ba:ba:7b: 50:62:49:ba:04:e3:0c:76:55:55:ad:e5:66:37:c9:bb:b0:34: d4:9b:b4:a5:22:9a:3d:07:d0:bb:de:f3:36:bf:a2:13:08:bd: 57:2f:60:45:c1:3a:b0:17:c0:4d:76:38:54:8d:2e:2b:e9:ae: 10:63:ea:5e:11:25:8c:e4:54:95:0b:d5:09:e1:eb:ba:00:66: d7:85:94:ff:75:90:bd:73:4c:8a:0f:9f:a8:e6:20:f5:b6:99: c0:27:4a:eb:6a:a6:73:66:5b:f3:dd:bb:9d:e9:f1:6a:e4:b9: f8:f5:f8:66:8e:a1:5e:b5:81:3c:92:ee:b6:3f:5c:71:14:b2: 6d:f7:7e:31:4e:60:d0:74:0a:fd:83:ec:10:0a:8d:6f:8b:24: 03:b7:cc:d4:29:4f:8e:76:ea:bc:4c:5e:19:7a:54:c6:2b:92: d5:61:e1:c7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBEEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTY1QzQxMTAvBgNVBAUTKDNBMTZDNDA0QkZFRDM0NzI0NEEzMEE1QUZGRjY2RTQ5 OTJBQTI4MjEwHhcNMjUwNTEzMDAwNTUyWhcNMjUwNTIwMDAwNTUyWjAYMRYwFAYD VQQDEw02ODIyOGNlMC1lMTg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1iqi8Av7fUXPt/29AQ4Oci4cK4M/uI32d8MTNZvc620G3hZvc4sacdFXRnYW JP06DQlGajqTDyvtToRAMmHsAoqFZml03WX9BnwZ2EpLQRF9CXGHFFqkq+6IBI1y zCbzEFruhJlV8jcNlm+gKQL1LqbIDDA7lWgSDO2eyIZnAOVisOxtr/PbJuhgaD7X RCebYhcB8yy91fjqpEk8isJtOad/XuWQw9owt+lYCA1KV3XRyglmJbs9yLyv+3pH mc8eAAmvXYHLhK91L0twWdlf1+i724DIn4NwEOMlHVlO6gZf7NDMWPmMTJIdatCo ViVx9dNYbvDMW2r2d2jihTC0bwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDEsQoSv tecGfAUCvVzcGy3TAVwdMB8GA1UdIwQYMBaAFDoWxAS/7TRyRKMKWv/2bkmSqigh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNjVDNC8zRTNBNTUwMjU5 OTgxMUVDOTM5MUQ1NTBDNEY5QUUwMi9PaGJFQkxfdE5ISkVvd3BhX19adVNaS3FL Q0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09oYkVCTF90TkhKRW93cGFfX1p1U1pLcUtDRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NjVDNC8zRTNBNTUwMjU5OTgxMUVDOTM5MUQ1NTBDNEY5QUUwMi9PaGJFQkxfdE5I SkVvd3BhX19adVNaS3FLQ0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCRBr4yYRvybevMVZCe4GgblN+/XpYvRISOG3qpQN/vX87zk+sudB5R jE6uabKQXX2RAmUdOI750SSZPvK9UqQS3onIzWaazJhJCRiFg1Uoe/2pVv5ZJsO6 untQYkm6BOMMdlVVreVmN8m7sDTUm7SlIpo9B9C73vM2v6ITCL1XL2BFwTqwF8BN djhUjS4r6a4QY+peESWM5FSVC9UJ4eu6AGbXhZT/dZC9c0yKD5+o5iD1tpnAJ0rr aqZzZlvz3bud6fFq5Ln49fhmjqFetYE8ku62P1xxFLJt934xTmDQdAr9g+wQCo1v iyQDt8zUKU+Oduq8TF4ZelTGK5LVYeHH -----END CERTIFICATE-----Generated at Tue May 13 10:43:43 2025 by rpki-client