$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1DB8/0D9931BAA11E11E89E636710C4F9AE02/oRHoHEs-J72m4nEkl_bbugz7CCY.mft File: oRHoHEs-J72m4nEkl_bbugz7CCY.mft (raw, json) Hash identifier: 9sFEserIse3TAPRS0ZsOoWNXFLV11hqIYKHj81XIXrU= Subject key identifier: D4:02:D0:93:7C:95:AD:2C:02:DF:24:04:17:88:DC:E7:1E:0F:00:AE Authority key identifier: A1:11:E8:1C:4B:3E:27:BD:A6:E2:71:24:97:F6:DB:BA:0C:FB:08:26 Certificate issuer: /CN=A91C1DB8/serialNumber=A111E81C4B3E27BDA6E2712497F6DBBA0CFB0826 Certificate serial: 135E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oRHoHEs-J72m4nEkl_bbugz7CCY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C1DB8/0D9931BAA11E11E89E636710C4F9AE02/oRHoHEs-J72m4nEkl_bbugz7CCY.mft Manifest number: 1352 Signing time: Wed 14 May 2025 17:05:06 +0000 Manifest this update: Wed 14 May 2025 17:05:06 +0000 Manifest next update: Wed 21 May 2025 17:05:06 +0000 Files and hashes: 1: oRHoHEs-J72m4nEkl_bbugz7CCY.crl (hash: cIqzq3OLaFXch9w7d4uu+wOncgScOaeTlitXUzHxoPg=) 2: 6D6692CAAA0211EEAADA3D32C4F9AE02.roa (hash: Lfw4Pf1U5kN1CyHW4zjiGH94Ozpr6hL2Iw69vgHFnZ4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C1DB8/0D9931BAA11E11E89E636710C4F9AE02/oRHoHEs-J72m4nEkl_bbugz7CCY.crl rsync://rpki.apnic.net/member_repository/A91C1DB8/0D9931BAA11E11E89E636710C4F9AE02/oRHoHEs-J72m4nEkl_bbugz7CCY.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oRHoHEs-J72m4nEkl_bbugz7CCY.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 21 May 2025 17:05:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4958 (0x135e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C1DB8, serialNumber=A111E81C4B3E27BDA6E2712497F6DBBA0CFB0826 Validity Not Before: May 14 17:05:06 2025 GMT Not After : May 21 17:05:06 2025 GMT Subject: CN=6824cd42-03a2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:83:09:dd:99:6e:67:f1:aa:81:e4:4a:a6:cf: 6e:b9:4f:94:86:78:19:bc:86:4a:6a:4f:81:74:a6: 7f:47:3b:6d:fe:57:a3:a8:e6:50:93:d8:50:64:07: 35:3c:97:65:1b:bb:58:28:e3:e5:a9:e3:80:7e:a6: 9c:04:f4:47:4b:9f:30:1e:7c:8b:2e:19:61:61:a8: 05:b0:6a:a5:3b:4b:82:4b:d4:4c:1e:59:22:f4:47: f0:12:c8:02:4e:22:5e:19:49:3b:56:d4:74:3a:57: 81:78:e8:b5:5b:e5:1f:d3:d7:bb:5d:a7:f7:8e:61: c7:19:53:f5:27:8a:f7:5c:9c:0d:b2:2c:65:96:7f: 93:b1:59:7e:a2:6f:78:4e:2b:8f:a2:95:10:30:fd: 27:b3:65:0e:6d:74:d7:49:62:d7:e9:a3:eb:06:5a: 2c:c4:42:31:42:7f:8b:f7:41:2a:bd:2a:3b:cb:fb: b1:1e:96:e9:ef:c7:de:86:c2:e1:4c:3e:80:db:d7: 53:11:40:4b:90:37:0e:b5:ed:02:65:29:a6:f3:fa: 71:7f:ef:fb:e3:ea:59:f6:62:2a:a1:87:68:16:24: ed:0e:c1:5f:ee:ed:90:e4:5c:d9:de:da:ce:f9:6e: 41:75:74:9c:f1:66:21:b2:f0:1a:c7:8c:22:bc:46: 59:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:02:D0:93:7C:95:AD:2C:02:DF:24:04:17:88:DC:E7:1E:0F:00:AE X509v3 Authority Key Identifier: keyid:A1:11:E8:1C:4B:3E:27:BD:A6:E2:71:24:97:F6:DB:BA:0C:FB:08:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C1DB8/0D9931BAA11E11E89E636710C4F9AE02/oRHoHEs-J72m4nEkl_bbugz7CCY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oRHoHEs-J72m4nEkl_bbugz7CCY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1DB8/0D9931BAA11E11E89E636710C4F9AE02/oRHoHEs-J72m4nEkl_bbugz7CCY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8d:08:bb:87:c6:a0:7b:fa:8c:4d:4b:e1:34:f3:98:b0:10:d9: be:8c:9d:74:75:c7:2a:e6:a4:07:32:65:82:67:89:83:2f:d3: 1f:e5:e8:51:2b:ce:ac:f3:86:2e:a5:34:91:1d:04:d3:fd:11: b7:df:5d:07:a7:39:c0:5f:dd:06:34:84:ea:a4:65:17:79:06: e8:e0:79:45:e2:ec:e2:63:da:2e:1f:ca:90:bc:d4:d0:9f:d0: 8a:29:c2:fa:79:a6:1b:76:34:93:ff:09:2e:9c:86:66:26:3c: ad:fd:d6:12:52:1f:f9:8a:be:d0:59:2e:ee:eb:47:a0:b3:7e: ce:ee:30:2d:af:79:f8:83:93:d6:d5:b5:5f:dc:ce:30:0d:36: 91:b5:db:d6:23:4b:7f:94:51:45:92:0f:f9:2e:7d:e0:5e:fc: c1:e3:18:27:7a:2f:71:16:da:ab:84:d3:a3:d6:9e:8c:80:c8: 3b:80:71:f8:e3:94:b6:bb:3d:ea:fa:5c:66:27:a7:ab:1e:e1: 9f:08:dd:08:9b:3a:45:8d:52:3e:30:1e:26:97:89:ca:2e:33: 76:85:62:a5:fd:7d:f9:09:9d:3b:58:21:24:20:a3:4f:1e:37: e6:8a:ec:5a:9e:8f:bc:11:e0:b4:3b:f0:b5:88:73:ba:bd:2b: 79:d1:8a:d0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICE14wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzFEQjgxMTAvBgNVBAUTKEExMTFFODFDNEIzRTI3QkRBNkUyNzEyNDk3RjZEQkJB MENGQjA4MjYwHhcNMjUwNTE0MTcwNTA2WhcNMjUwNTIxMTcwNTA2WjAYMRYwFAYD VQQDEw02ODI0Y2Q0Mi0wM2EyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw4MJ3ZluZ/GqgeRKps9uuU+UhngZvIZKak+BdKZ/Rztt/lejqOZQk9hQZAc1 PJdlG7tYKOPlqeOAfqacBPRHS58wHnyLLhlhYagFsGqlO0uCS9RMHlki9EfwEsgC TiJeGUk7VtR0OleBeOi1W+Uf09e7Xaf3jmHHGVP1J4r3XJwNsixlln+TsVl+om94 TiuPopUQMP0ns2UObXTXSWLX6aPrBlosxEIxQn+L90EqvSo7y/uxHpbp78fehsLh TD6A29dTEUBLkDcOte0CZSmm8/pxf+/74+pZ9mIqoYdoFiTtDsFf7u2Q5FzZ3trO +W5BdXSc8WYhsvAax4wivEZZRQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNQC0JN8 la0sAt8kBBeI3OceDwCuMB8GA1UdIwQYMBaAFKER6BxLPie9puJxJJf227oM+wgm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMURCOC8wRDk5MzFCQUEx MUUxMUU4OUU2MzY3MTBDNEY5QUUwMi9vUkhvSEVzLUo3Mm00bkVrbF9iYnVnejdD Q1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL29SSG9IRXMtSjcybTRuRWtsX2JidWd6N0NDWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD MURCOC8wRDk5MzFCQUExMUUxMUU4OUU2MzY3MTBDNEY5QUUwMi9vUkhvSEVzLUo3 Mm00bkVrbF9iYnVnejdDQ1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCNCLuHxqB7+oxNS+E085iwENm+jJ10dccq5qQHMmWCZ4mDL9Mf5ehR K86s84YupTSRHQTT/RG3310HpznAX90GNITqpGUXeQbo4HlF4uziY9ouH8qQvNTQ n9CKKcL6eaYbdjST/wkunIZmJjyt/dYSUh/5ir7QWS7u60egs37O7jAtr3n4g5PW 1bVf3M4wDTaRtdvWI0t/lFFFkg/5Ln3gXvzB4xgnei9xFtqrhNOj1p6MgMg7gHH4 45S2uz3q+lxmJ6erHuGfCN0ImzpFjVI+MB4ml4nKLjN2hWKl/X35CZ07WCEkIKNP Hjfmiuxano+8EeC0O/C1iHO6vSt50YrQ -----END CERTIFICATE-----Generated at Fri May 16 09:54:17 2025 by rpki-client