$ rpki-client -vvf rpki.apnic.net/member_repository/A91C2AAE/57537D5E704511EA8A941D1AC4F9AE02/o7CyBZyzB2t17aMkt2UH08KVUoM.mft File: o7CyBZyzB2t17aMkt2UH08KVUoM.mft (raw, json) Hash identifier: 8koMzR7EWNIMJ1dSXaMHUcmn8XMbT1/vHvTvIRp/HrM= Subject key identifier: 3C:C0:20:BF:40:24:0F:30:0B:04:AB:23:1D:95:6C:BE:44:4B:18:20 Authority key identifier: A3:B0:B2:05:9C:B3:07:6B:75:ED:A3:24:B7:65:07:D3:C2:95:52:83 Certificate issuer: /CN=A91C2AAE/serialNumber=A3B0B2059CB3076B75EDA324B76507D3C2955283 Certificate serial: 0A1C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o7CyBZyzB2t17aMkt2UH08KVUoM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C2AAE/57537D5E704511EA8A941D1AC4F9AE02/o7CyBZyzB2t17aMkt2UH08KVUoM.mft Manifest number: 0A15 Signing time: Sat 10 May 2025 19:33:14 +0000 Manifest this update: Sat 10 May 2025 19:33:14 +0000 Manifest next update: Sat 17 May 2025 19:33:14 +0000 Files and hashes: 1: o7CyBZyzB2t17aMkt2UH08KVUoM.crl (hash: KGzJz7n1DB4BKbMCEskuej7v9Pmq01uepvehn8SpwxU=) 2: 11502BAC719111EAAC505266C4F9AE02.roa (hash: 88XJabgqaxcByEwqNaBfgRLdg8FbkNPUbRQuluXcClA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C2AAE/57537D5E704511EA8A941D1AC4F9AE02/o7CyBZyzB2t17aMkt2UH08KVUoM.crl rsync://rpki.apnic.net/member_repository/A91C2AAE/57537D5E704511EA8A941D1AC4F9AE02/o7CyBZyzB2t17aMkt2UH08KVUoM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o7CyBZyzB2t17aMkt2UH08KVUoM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 19:33:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2588 (0xa1c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C2AAE, serialNumber=A3B0B2059CB3076B75EDA324B76507D3C2955283 Validity Not Before: May 10 19:33:14 2025 GMT Not After : May 17 19:33:14 2025 GMT Subject: CN=681fa9fa-ed73 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:3e:c3:55:47:13:5a:12:85:66:bc:aa:03:e8: 12:ba:16:20:0a:be:bd:75:c4:df:57:6b:83:bc:d6: 39:e5:83:7e:43:c9:1e:41:e5:b5:98:45:b1:c9:77: fe:e0:56:8d:8b:a4:f8:7a:a3:a3:e0:0b:a5:2d:d3: e8:92:13:47:4e:4d:6c:81:40:bf:04:dd:40:f3:69: 5e:c7:5c:2a:aa:d8:5d:29:a9:69:ff:c4:ab:5f:51: f6:f5:fd:c3:1a:e6:44:d2:99:18:3d:db:3c:61:7d: 7c:8a:41:37:8a:8b:6a:47:43:bf:cd:db:67:c7:20: d8:63:82:42:27:34:17:4c:f5:2c:77:a0:84:c8:c8: 4f:54:1f:67:12:1d:e5:de:c7:41:8a:61:d8:1e:55: ba:f1:e8:54:67:f2:d3:c8:38:b8:ae:71:9c:0e:5c: af:75:e6:4e:f6:d1:a0:9a:77:95:d0:21:cb:17:ff: ce:ab:f9:41:16:4b:8a:70:a0:3b:45:da:e2:54:dc: 83:01:25:cb:fa:28:99:f5:42:29:47:7a:6e:17:5b: a1:2b:a4:03:d3:18:c4:4c:e5:94:07:23:a4:41:a4: 6a:db:c5:5f:b5:df:9e:47:9e:06:a7:f4:69:69:c5: d7:59:cd:51:f6:ce:04:ec:99:5a:ff:df:46:5f:1e: 61:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:C0:20:BF:40:24:0F:30:0B:04:AB:23:1D:95:6C:BE:44:4B:18:20 X509v3 Authority Key Identifier: keyid:A3:B0:B2:05:9C:B3:07:6B:75:ED:A3:24:B7:65:07:D3:C2:95:52:83 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C2AAE/57537D5E704511EA8A941D1AC4F9AE02/o7CyBZyzB2t17aMkt2UH08KVUoM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o7CyBZyzB2t17aMkt2UH08KVUoM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C2AAE/57537D5E704511EA8A941D1AC4F9AE02/o7CyBZyzB2t17aMkt2UH08KVUoM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b4:3a:19:b6:f4:bc:7f:c2:8d:9c:99:9d:3e:32:09:cc:c2:8e: 1c:87:4b:dc:88:35:7f:f8:72:92:96:ee:d2:d8:c7:df:ba:0d: 96:17:9d:cf:ef:02:fc:b9:fa:04:2a:8f:b7:e4:ab:02:b6:2d: 0e:4b:59:eb:82:f1:4a:eb:69:d3:4b:c5:e5:9b:d3:87:02:39: 24:95:54:47:9b:2c:4d:0b:d2:bf:55:c1:15:98:88:d1:7b:9e: ce:c3:95:66:81:f6:7c:0a:06:0e:c6:02:a6:3f:11:7f:38:39: 27:36:72:29:e4:4a:f8:12:31:b7:a4:11:f8:3d:6a:0b:6a:a7: 37:59:fb:ba:e0:5b:97:95:6e:92:f2:2a:01:11:6f:7a:2e:e9: cc:6e:af:53:26:67:3c:e6:4e:fa:75:4b:cf:09:f3:61:ad:0f: 6f:79:ff:2f:3c:6f:84:68:6e:30:86:f7:64:0e:9e:c4:3c:89: 03:60:6b:f4:27:b1:d7:20:7f:0b:bb:45:c2:5b:4e:14:40:fd: d4:84:99:5d:87:f5:fd:cd:5d:f7:73:44:86:1f:85:64:23:1c: 34:60:fd:4c:5f:79:82:44:be:97:cf:7a:c2:54:2c:6e:9d:a7: 76:5d:db:ff:23:01:d0:ff:a1:73:6d:27:d9:d8:ed:bc:63:b1: 95:eb:34:53 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICChwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzJBQUUxMTAvBgNVBAUTKEEzQjBCMjA1OUNCMzA3NkI3NUVEQTMyNEI3NjUwN0Qz QzI5NTUyODMwHhcNMjUwNTEwMTkzMzE0WhcNMjUwNTE3MTkzMzE0WjAYMRYwFAYD VQQDEw02ODFmYTlmYS1lZDczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuD7DVUcTWhKFZryqA+gSuhYgCr69dcTfV2uDvNY55YN+Q8keQeW1mEWxyXf+ 4FaNi6T4eqOj4AulLdPokhNHTk1sgUC/BN1A82lex1wqqthdKalp/8SrX1H29f3D GuZE0pkYPds8YX18ikE3iotqR0O/zdtnxyDYY4JCJzQXTPUsd6CEyMhPVB9nEh3l 3sdBimHYHlW68ehUZ/LTyDi4rnGcDlyvdeZO9tGgmneV0CHLF//Oq/lBFkuKcKA7 RdriVNyDASXL+iiZ9UIpR3puF1uhK6QD0xjETOWUByOkQaRq28Vftd+eR54Gp/Rp acXXWc1R9s4E7Jla/99GXx5hcwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDzAIL9A JA8wCwSrIx2VbL5ESxggMB8GA1UdIwQYMBaAFKOwsgWcswdrde2jJLdlB9PClVKD MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMkFBRS81NzUzN0Q1RTcw NDUxMUVBOEE5NDFEMUFDNEY5QUUwMi9vN0N5Qlp5ekIydDE3YU1rdDJVSDA4S1ZV b00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL283Q3lCWnl6QjJ0MTdhTWt0MlVIMDhLVlVvTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD MkFBRS81NzUzN0Q1RTcwNDUxMUVBOEE5NDFEMUFDNEY5QUUwMi9vN0N5Qlp5ekIy dDE3YU1rdDJVSDA4S1ZVb00ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC0Ohm29Lx/wo2cmZ0+MgnMwo4ch0vciDV/+HKSlu7S2Mffug2WF53P 7wL8ufoEKo+35KsCti0OS1nrgvFK62nTS8Xlm9OHAjkklVRHmyxNC9K/VcEVmIjR e57Ow5VmgfZ8CgYOxgKmPxF/ODknNnIp5Er4EjG3pBH4PWoLaqc3Wfu64FuXlW6S 8ioBEW96LunMbq9TJmc85k76dUvPCfNhrQ9vef8vPG+EaG4whvdkDp7EPIkDYGv0 J7HXIH8Lu0XCW04UQP3UhJldh/X9zV33c0SGH4VkIxw0YP1MX3mCRL6Xz3rCVCxu nad2Xdv/IwHQ/6FzbSfZ2O28Y7GV6zRT -----END CERTIFICATE-----Generated at Mon May 12 19:24:59 2025 by rpki-client