$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/Okb7D0D2nV4dt10oUfBAwZ9m8iw.mft File: Okb7D0D2nV4dt10oUfBAwZ9m8iw.mft (raw, json) Hash identifier: t8jVqPTKs5po3/FJ+Jo/1yyA5EzjEzjFuhvWtQ3ycSc= Subject key identifier: DC:71:E1:14:FA:10:0A:D0:5D:C5:F4:10:E0:84:12:76:D2:5F:30:63 Authority key identifier: 3A:46:FB:0F:40:F6:9D:5E:1D:B7:5D:28:51:F0:40:C1:9F:66:F2:2C Certificate issuer: /CN=A91ACD4D/serialNumber=3A46FB0F40F69D5E1DB75D2851F040C19F66F22C Certificate serial: 1629 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Okb7D0D2nV4dt10oUfBAwZ9m8iw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/Okb7D0D2nV4dt10oUfBAwZ9m8iw.mft Manifest number: 1619 Signing time: Mon 12 May 2025 16:39:45 +0000 Manifest this update: Mon 12 May 2025 16:39:45 +0000 Manifest next update: Mon 19 May 2025 16:39:45 +0000 Files and hashes: 1: Okb7D0D2nV4dt10oUfBAwZ9m8iw.crl (hash: mDfM6qSS5RCAU6K4HpzzIwEftc/fAe8KX5XHReaswG0=) 2: 268ECB3ED5BD11E894FFC250C4F9AE02.roa (hash: w3oachy62b9vS7wqwD6D3HohJubENRLKhLvYOw/CqsQ=) 3: 3DE1DBC4D81011EC892E8A79C4F9AE02.roa (hash: P/jVLVKJm35tcLY3WNaJuQCIeip3WppGMETv/Tz90FE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/Okb7D0D2nV4dt10oUfBAwZ9m8iw.crl rsync://rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/Okb7D0D2nV4dt10oUfBAwZ9m8iw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Okb7D0D2nV4dt10oUfBAwZ9m8iw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 16:39:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5673 (0x1629) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ACD4D, serialNumber=3A46FB0F40F69D5E1DB75D2851F040C19F66F22C Validity Not Before: May 12 16:39:45 2025 GMT Not After : May 19 16:39:45 2025 GMT Subject: CN=68222451-1427 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:1d:17:45:e8:a3:ed:d0:8c:0e:18:7a:e7:09: 1a:f4:ba:11:c0:ee:b3:9d:f6:f7:83:a1:fd:27:bd: cc:4e:ca:04:4d:4d:ba:07:12:7f:82:f1:14:b9:1b: 25:a3:7a:f0:7a:f6:71:1c:a7:7e:c4:92:ca:34:94: 1e:8e:27:f2:c4:1d:c2:b0:28:fe:be:d4:48:00:68: 0e:aa:8f:aa:96:0b:93:ec:9a:73:87:e4:63:72:f9: 90:25:c7:b8:97:ab:b6:fb:fa:07:ce:ce:40:ac:d5: 1e:f8:2b:45:0f:72:ba:34:e8:21:97:32:51:c0:29: 37:c7:5e:b7:f6:11:1c:b2:06:79:3e:3d:ae:b0:06: 3b:49:32:37:8f:68:2f:df:4f:b9:3a:8b:be:f9:b1: bc:b8:93:f2:d6:ec:d2:eb:8e:be:de:37:88:6d:81: 57:a3:13:93:fd:52:cf:51:8e:24:5c:dd:4c:ac:a4: fd:c7:0c:01:a8:9b:83:7d:74:14:61:6a:bb:51:d4: 15:f3:8d:94:96:e8:ed:a1:f0:9a:0c:6a:ba:27:31: c0:bb:61:6f:4f:40:ee:71:93:45:6d:31:f1:8f:06: 4d:ee:a3:25:05:20:cf:62:6d:d6:5b:7d:a7:c0:a4: 2f:85:c9:ed:89:01:b6:03:e5:b7:3e:85:6b:e2:12: a5:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:71:E1:14:FA:10:0A:D0:5D:C5:F4:10:E0:84:12:76:D2:5F:30:63 X509v3 Authority Key Identifier: keyid:3A:46:FB:0F:40:F6:9D:5E:1D:B7:5D:28:51:F0:40:C1:9F:66:F2:2C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/Okb7D0D2nV4dt10oUfBAwZ9m8iw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Okb7D0D2nV4dt10oUfBAwZ9m8iw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/Okb7D0D2nV4dt10oUfBAwZ9m8iw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 42:e5:18:3e:5e:f1:d3:f4:38:a1:b8:98:0f:eb:d5:3c:f6:0c: f0:c1:1f:3a:6c:ae:e3:17:89:20:ba:4c:30:76:88:e1:fe:c8: 09:b6:a0:5c:7a:80:3d:5f:ce:4e:cc:99:f5:2f:20:b1:23:93: cd:14:3c:e5:48:de:ef:57:6e:36:b9:8c:8a:3b:61:0a:17:b9: 71:20:22:77:98:d0:33:d3:40:0a:fe:b9:63:75:75:27:4a:eb: f0:6c:ee:59:ec:aa:93:9b:80:1c:e9:b9:f1:42:a0:c6:e5:89: f6:76:48:fa:88:4c:7d:9a:e1:b0:d5:ba:1c:9f:3b:25:9b:13: 13:5a:e8:d2:8f:71:a2:6f:f6:0e:85:64:2b:71:5c:29:3e:cd: 7f:b8:18:28:55:7b:36:6a:1d:36:86:0c:70:7e:d1:37:0b:d3: a6:93:b1:29:05:a0:4b:d6:b6:34:bf:ea:56:15:53:d2:51:b5: 3f:fb:c6:39:9c:55:a3:f6:86:21:0b:d3:3a:aa:f7:b2:aa:d1: b3:b7:f0:ed:09:f4:e5:39:0f:79:50:95:ac:7a:6d:ee:13:79: 11:c7:22:e6:5b:0d:b3:a4:c8:5c:77:38:99:f0:bb:5f:eb:ee: 43:3c:c6:ec:93:25:27:11:70:03:fc:8d:ee:5e:48:3c:bd:c6: 14:67:f6:28 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFikwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUNENEQxMTAvBgNVBAUTKDNBNDZGQjBGNDBGNjlENUUxREI3NUQyODUxRjA0MEMx OUY2NkYyMkMwHhcNMjUwNTEyMTYzOTQ1WhcNMjUwNTE5MTYzOTQ1WjAYMRYwFAYD VQQDEw02ODIyMjQ1MS0xNDI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsR0XReij7dCMDhh65wka9LoRwO6znfb3g6H9J73MTsoETU26BxJ/gvEUuRsl o3rwevZxHKd+xJLKNJQejifyxB3CsCj+vtRIAGgOqo+qlguT7Jpzh+RjcvmQJce4 l6u2+/oHzs5ArNUe+CtFD3K6NOghlzJRwCk3x1639hEcsgZ5Pj2usAY7STI3j2gv 30+5Oou++bG8uJPy1uzS646+3jeIbYFXoxOT/VLPUY4kXN1MrKT9xwwBqJuDfXQU YWq7UdQV842UlujtofCaDGq6JzHAu2FvT0DucZNFbTHxjwZN7qMlBSDPYm3WW32n wKQvhcntiQG2A+W3PoVr4hKlKQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNxx4RT6 EArQXcX0EOCEEnbSXzBjMB8GA1UdIwQYMBaAFDpG+w9A9p1eHbddKFHwQMGfZvIs MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0Q0RC8xMzdEMDBENDE2 MEUxMUU4ODUyQzQzN0VDNEY5QUUwMi9Pa2I3RDBEMm5WNGR0MTBvVWZCQXdaOW04 aXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09rYjdEMEQyblY0ZHQxMG9VZkJBd1o5bThpdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB Q0Q0RC8xMzdEMDBENDE2MEUxMUU4ODUyQzQzN0VDNEY5QUUwMi9Pa2I3RDBEMm5W NGR0MTBvVWZCQXdaOW04aXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBC5Rg+XvHT9DihuJgP69U89gzwwR86bK7jF4kgukwwdojh/sgJtqBc eoA9X85OzJn1LyCxI5PNFDzlSN7vV242uYyKO2EKF7lxICJ3mNAz00AK/rljdXUn SuvwbO5Z7KqTm4Ac6bnxQqDG5Yn2dkj6iEx9muGw1bocnzslmxMTWujSj3Gib/YO hWQrcVwpPs1/uBgoVXs2ah02hgxwftE3C9Omk7EpBaBL1rY0v+pWFVPSUbU/+8Y5 nFWj9oYhC9M6qveyqtGzt/DtCfTlOQ95UJWsem3uE3kRxyLmWw2zpMhcdziZ8Ltf 6+5DPMbskyUnEXAD/I3uXkg8vcYUZ/Yo -----END CERTIFICATE-----Generated at Wed May 14 01:40:03 2025 by rpki-client