$ rpki-client -vvf rpki.apnic.net/member_repository/A91D318A/ECFF2AF887E611EE97E6C746C4F9AE02/OhVDvfN3KpjSlOuQAjgD3d3xHmI.mft File: OhVDvfN3KpjSlOuQAjgD3d3xHmI.mft (raw, json) Hash identifier: cZVEzN+QXkO/4Anwxb1JyChFzcbUu9jMLWhCeOPOroM= Subject key identifier: 70:F0:AD:C6:BC:25:0B:F8:F2:60:6C:62:80:C3:82:2F:19:F8:5B:49 Authority key identifier: 3A:15:43:BD:F3:77:2A:98:D2:94:EB:90:02:38:03:DD:DD:F1:1E:62 Certificate issuer: /CN=A91D318A/serialNumber=3A1543BDF3772A98D294EB90023803DDDDF11E62 Certificate serial: 0138 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OhVDvfN3KpjSlOuQAjgD3d3xHmI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D318A/ECFF2AF887E611EE97E6C746C4F9AE02/OhVDvfN3KpjSlOuQAjgD3d3xHmI.mft Manifest number: 012F Signing time: Sun 29 Jun 2025 03:40:20 +0000 Manifest this update: Sun 29 Jun 2025 03:40:20 +0000 Manifest next update: Sun 06 Jul 2025 03:40:20 +0000 Files and hashes: 1: OhVDvfN3KpjSlOuQAjgD3d3xHmI.crl (hash: W5gbqsH/MhhvOR0JPN3aokqQ5FwXg1N0vwqZdBr3LJI=) 2: 67CB8C7287E711EEAC6C0B48C4F9AE02.roa (hash: F1mmz33PgwMDoRRZC6GtV9seLtgQSAErXHweDotrVWA=) 3: C1BECCFC68ED11EF85713047C4F9AE02.roa (hash: Sezt6J9wGq2uA81TOBF7C4CUuNihzkNfNyFAuKq+xQc=) 4: 675EE9DC87E711EEAC6C0B48C4F9AE02.roa (hash: drw42sYp0Yh/VWP9xaFHuMDcqO3Tii4R1NV32pLiPSM=) 5: 08310D28339011EFA4FD915FC4F9AE02.roa (hash: SpJu5nU/KENpOPLXjRvExSZV1G2bbDwfeZ2+Dj1X+E8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D318A/ECFF2AF887E611EE97E6C746C4F9AE02/OhVDvfN3KpjSlOuQAjgD3d3xHmI.crl rsync://rpki.apnic.net/member_repository/A91D318A/ECFF2AF887E611EE97E6C746C4F9AE02/OhVDvfN3KpjSlOuQAjgD3d3xHmI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OhVDvfN3KpjSlOuQAjgD3d3xHmI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 06 Jul 2025 03:40:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 312 (0x138) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D318A, serialNumber=3A1543BDF3772A98D294EB90023803DDDDF11E62 Validity Not Before: Jun 29 03:40:20 2025 GMT Not After : Jul 6 03:40:20 2025 GMT Subject: CN=6860b5a4-b366 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:f1:0e:7c:6e:68:ff:46:02:06:8b:c5:61:3f: a9:69:5e:ad:dc:bc:d5:bb:cb:56:0d:f4:1b:7c:a9: 97:a7:2e:67:da:1e:eb:85:36:85:6c:40:6c:87:18: 8b:d9:1b:17:f1:99:b7:46:2f:a6:7e:8b:ca:be:1b: a8:36:4d:e6:cf:60:07:c8:2d:78:89:e6:54:fb:fe: ce:99:03:e4:89:a8:41:23:3a:f8:b6:98:3c:1e:0e: 2d:4d:3d:6b:43:6e:d7:dc:8f:5e:f7:68:bb:6f:ac: 12:2c:2f:d9:7f:08:2b:ac:04:09:5c:76:04:12:06: 1d:10:53:26:b6:9a:e3:ae:7a:4f:4c:63:08:c5:0c: ef:85:d4:85:bb:7e:30:47:24:78:14:e0:bb:53:04: 72:8c:15:5d:a0:25:28:bc:be:83:85:4f:4e:13:ae: 3e:7b:26:c8:9c:93:f8:5c:df:d0:85:7e:e7:c8:07: 4c:1c:a5:51:2b:51:6f:8e:2d:1e:5d:fa:03:91:7c: 28:7e:bd:27:cd:68:2d:a1:55:ce:76:79:41:2b:f6: d9:d2:d0:0b:65:fb:75:e1:a6:49:e9:45:dd:53:e5: cc:37:f4:03:70:92:b4:17:c8:f2:4e:81:4d:48:55: 20:84:9e:5f:9f:19:92:e9:4d:5c:08:d7:da:f7:8c: 2a:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:F0:AD:C6:BC:25:0B:F8:F2:60:6C:62:80:C3:82:2F:19:F8:5B:49 X509v3 Authority Key Identifier: keyid:3A:15:43:BD:F3:77:2A:98:D2:94:EB:90:02:38:03:DD:DD:F1:1E:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D318A/ECFF2AF887E611EE97E6C746C4F9AE02/OhVDvfN3KpjSlOuQAjgD3d3xHmI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OhVDvfN3KpjSlOuQAjgD3d3xHmI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D318A/ECFF2AF887E611EE97E6C746C4F9AE02/OhVDvfN3KpjSlOuQAjgD3d3xHmI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0e:97:24:a1:8a:dc:4b:46:2d:5d:6b:5c:5c:69:a0:30:7f:47: 93:2e:24:97:92:47:90:73:ed:24:a9:97:c2:e9:c6:a3:b5:db: c0:07:01:7e:8f:82:d3:df:59:f4:f4:af:5b:96:19:d2:8a:e3: 2f:c1:93:89:8a:c1:98:bd:88:b0:9c:59:45:12:20:e5:0e:5e: d7:40:10:10:bf:1a:eb:f9:05:8a:1a:03:17:9d:1c:07:c9:d6: 28:0d:e9:e4:f0:0b:b7:34:7a:50:7c:72:a0:99:35:cc:f0:e3: bc:55:98:9d:ef:83:36:40:30:c6:f8:92:b4:e2:f4:1a:c6:e8: dd:09:30:e6:d8:fa:eb:7b:2b:4a:57:eb:fd:bb:0b:2b:c3:26: c2:b9:7e:55:6f:7a:ae:75:5d:76:a2:65:25:5f:0a:81:83:af: d3:f0:3e:5e:08:f6:32:24:14:71:71:75:b9:60:8e:3b:17:16: 12:5d:76:da:b6:67:e8:eb:e7:2b:0c:ae:66:b0:da:c2:5c:9e: 79:7e:1a:ec:14:81:63:a3:d1:af:49:1f:f3:23:85:f5:b6:da: 47:bb:7f:5e:cd:f7:84:61:1b:2f:e4:27:d9:05:aa:e0:89:3d: 64:30:65:b5:f1:1d:c5:08:6a:49:ae:95:b4:d9:b2:9f:8e:cb: dc:f4:3a:e5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICATgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDMxOEExMTAvBgNVBAUTKDNBMTU0M0JERjM3NzJBOThEMjk0RUI5MDAyMzgwM0RE RERGMTFFNjIwHhcNMjUwNjI5MDM0MDIwWhcNMjUwNzA2MDM0MDIwWjAYMRYwFAYD VQQDEw02ODYwYjVhNC1iMzY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvfEOfG5o/0YCBovFYT+paV6t3LzVu8tWDfQbfKmXpy5n2h7rhTaFbEBshxiL 2RsX8Zm3Ri+mfovKvhuoNk3mz2AHyC14ieZU+/7OmQPkiahBIzr4tpg8Hg4tTT1r Q27X3I9e92i7b6wSLC/ZfwgrrAQJXHYEEgYdEFMmtprjrnpPTGMIxQzvhdSFu34w RyR4FOC7UwRyjBVdoCUovL6DhU9OE64+eybInJP4XN/QhX7nyAdMHKVRK1Fvji0e XfoDkXwofr0nzWgtoVXOdnlBK/bZ0tALZft14aZJ6UXdU+XMN/QDcJK0F8jyToFN SFUghJ5fnxmS6U1cCNfa94wqmQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHDwrca8 JQv48mBsYoDDgi8Z+FtJMB8GA1UdIwQYMBaAFDoVQ73zdyqY0pTrkAI4A93d8R5i MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMzE4QS9FQ0ZGMkFGODg3 RTYxMUVFOTdFNkM3NDZDNEY5QUUwMi9PaFZEdmZOM0twalNsT3VRQWpnRDNkM3hI bUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL09oVkR2Zk4zS3BqU2xPdVFBamdEM2QzeEhtSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MzE4QS9FQ0ZGMkFGODg3RTYxMUVFOTdFNkM3NDZDNEY5QUUwMi9PaFZEdmZOM0tw alNsT3VRQWpnRDNkM3hIbUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAOlyShitxLRi1da1xcaaAwf0eTLiSXkkeQc+0kqZfC6cajtdvABwF+ j4LT31n09K9blhnSiuMvwZOJisGYvYiwnFlFEiDlDl7XQBAQvxrr+QWKGgMXnRwH ydYoDenk8Au3NHpQfHKgmTXM8OO8VZid74M2QDDG+JK04vQaxujdCTDm2PrreytK V+v9uwsrwybCuX5Vb3qudV12omUlXwqBg6/T8D5eCPYyJBRxcXW5YI47FxYSXXba tmfo6+crDK5msNrCXJ55fhrsFIFjo9GvSR/zI4X1ttpHu39ezfeEYRsv5CfZBarg iT1kMGW18R3FCGpJrpW02bKfjsvc9Drl -----END CERTIFICATE-----Generated at Mon Jun 30 16:31:09 2025 by rpki-client