$ rpki-client -vvf rpki.apnic.net/member_repository/A91D318A/ECFF2AF887E611EE97E6C746C4F9AE02/OhVDvfN3KpjSlOuQAjgD3d3xHmI.mft File: OhVDvfN3KpjSlOuQAjgD3d3xHmI.mft (raw, json) Hash identifier: e4058oDaA+W+dPAfkvo0lkH9F4qCe7eEs8k0ayb3HB4= Subject key identifier: F7:4B:4F:49:3C:F3:75:61:58:A9:9A:8B:FF:22:ED:E8:58:32:AD:9C Authority key identifier: 3A:15:43:BD:F3:77:2A:98:D2:94:EB:90:02:38:03:DD:DD:F1:1E:62 Certificate issuer: /CN=A91D318A/serialNumber=3A1543BDF3772A98D294EB90023803DDDDF11E62 Certificate serial: 011E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OhVDvfN3KpjSlOuQAjgD3d3xHmI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D318A/ECFF2AF887E611EE97E6C746C4F9AE02/OhVDvfN3KpjSlOuQAjgD3d3xHmI.mft Manifest number: 0115 Signing time: Wed 07 May 2025 04:02:27 +0000 Manifest this update: Wed 07 May 2025 04:02:27 +0000 Manifest next update: Wed 14 May 2025 04:02:27 +0000 Files and hashes: 1: OhVDvfN3KpjSlOuQAjgD3d3xHmI.crl (hash: 3DIS9SkkRjRGLNtx3pzukz3+BJFmv3ZAAyG2SmAYCig=) 2: 67CB8C7287E711EEAC6C0B48C4F9AE02.roa (hash: F1mmz33PgwMDoRRZC6GtV9seLtgQSAErXHweDotrVWA=) 3: C1BECCFC68ED11EF85713047C4F9AE02.roa (hash: Sezt6J9wGq2uA81TOBF7C4CUuNihzkNfNyFAuKq+xQc=) 4: 675EE9DC87E711EEAC6C0B48C4F9AE02.roa (hash: drw42sYp0Yh/VWP9xaFHuMDcqO3Tii4R1NV32pLiPSM=) 5: 08310D28339011EFA4FD915FC4F9AE02.roa (hash: SpJu5nU/KENpOPLXjRvExSZV1G2bbDwfeZ2+Dj1X+E8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D318A/ECFF2AF887E611EE97E6C746C4F9AE02/OhVDvfN3KpjSlOuQAjgD3d3xHmI.crl rsync://rpki.apnic.net/member_repository/A91D318A/ECFF2AF887E611EE97E6C746C4F9AE02/OhVDvfN3KpjSlOuQAjgD3d3xHmI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OhVDvfN3KpjSlOuQAjgD3d3xHmI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 13 May 2025 23:16:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 286 (0x11e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D318A, serialNumber=3A1543BDF3772A98D294EB90023803DDDDF11E62 Validity Not Before: May 7 04:02:27 2025 GMT Not After : May 14 04:02:27 2025 GMT Subject: CN=681adb53-857e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:ad:bb:a8:49:52:7a:a1:d6:1e:48:02:e3:11: d2:f0:81:e7:6f:ec:06:46:80:2f:43:a5:d4:35:ea: ac:bc:ee:f3:42:b8:2f:f5:53:aa:5b:92:fa:02:63: c2:77:56:42:18:3d:e0:d1:82:9b:6a:ed:40:53:d3: 8e:1f:74:4f:8e:4f:55:9d:c4:71:f2:cc:4d:86:e7: 8c:58:7f:a2:24:67:cf:2f:45:b8:25:ac:65:b4:9a: 3a:ba:c7:c4:40:4e:16:5b:0f:af:57:6f:02:ba:0e: d9:3f:25:26:3c:f3:2e:99:87:d7:c5:71:03:de:b7: 5f:89:50:cb:1a:4e:b9:77:f0:89:c3:f5:a3:5e:c1: ad:9e:c0:22:76:54:41:61:21:7e:ed:e5:a0:05:65: b9:be:c2:0c:c0:11:df:c3:ee:9b:04:9c:07:28:05: e2:de:80:06:08:a5:3d:00:03:5c:2b:b9:45:ea:e3: 20:14:b4:ad:25:82:6f:b6:71:c7:53:61:a8:ff:4c: 57:4a:07:7b:12:e2:b7:07:7c:5b:c0:13:e1:ab:1d: 4d:bb:ba:40:9d:b6:95:7e:93:64:9b:f1:70:1d:a4: 5c:7f:e9:aa:dd:a0:4b:67:9b:f0:bf:18:16:a0:5e: 1e:17:89:12:a7:8f:44:01:10:8f:4a:0a:76:df:a5: a0:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:4B:4F:49:3C:F3:75:61:58:A9:9A:8B:FF:22:ED:E8:58:32:AD:9C X509v3 Authority Key Identifier: keyid:3A:15:43:BD:F3:77:2A:98:D2:94:EB:90:02:38:03:DD:DD:F1:1E:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D318A/ECFF2AF887E611EE97E6C746C4F9AE02/OhVDvfN3KpjSlOuQAjgD3d3xHmI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OhVDvfN3KpjSlOuQAjgD3d3xHmI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D318A/ECFF2AF887E611EE97E6C746C4F9AE02/OhVDvfN3KpjSlOuQAjgD3d3xHmI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5c:2f:7b:7f:84:54:69:2f:f8:c1:d7:a1:cd:ab:49:d7:81:eb: 4f:10:69:83:fc:4e:4a:5d:48:a2:7b:e8:87:11:30:83:f3:28: 09:37:25:9b:a3:08:82:e1:52:23:55:fe:a7:21:75:0e:44:a0: c1:a3:f2:89:c5:b3:71:82:b1:15:3b:c3:5d:cd:ca:2a:6a:5d: 5b:d8:3f:78:12:6d:e6:4d:01:9b:35:d4:bb:7d:75:c4:de:f2: 2b:5a:be:27:e9:8f:07:24:35:7d:dc:cb:b6:fd:24:fb:11:16: 22:0f:c3:f1:d9:36:14:d1:0e:cb:1d:b6:7d:b7:e7:ee:07:5d: ec:68:fc:b7:ca:46:94:a9:e3:c8:68:53:d1:a6:da:b9:7f:62: 39:1c:e6:52:22:31:47:f7:52:f2:ab:af:7e:04:67:30:3e:21: fd:ba:b3:0f:84:2a:d4:c3:68:78:f1:d8:eb:ec:2f:30:76:aa: e6:f9:cd:7c:de:3e:cc:2e:3a:66:fd:ab:e6:cc:02:3e:3c:3e: 90:f5:e5:a8:de:54:7b:6b:a4:11:d8:35:0c:0b:ea:10:68:96: 74:0b:b0:a0:f1:21:36:17:7a:fc:4e:8f:2a:35:f1:f0:50:cf: a7:66:9f:7a:d6:73:fc:25:40:a3:fc:79:76:18:74:c7:8f:bd: dd:40:f1:e0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAR4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDMxOEExMTAvBgNVBAUTKDNBMTU0M0JERjM3NzJBOThEMjk0RUI5MDAyMzgwM0RE RERGMTFFNjIwHhcNMjUwNTA3MDQwMjI3WhcNMjUwNTE0MDQwMjI3WjAYMRYwFAYD VQQDEw02ODFhZGI1My04NTdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyK27qElSeqHWHkgC4xHS8IHnb+wGRoAvQ6XUNeqsvO7zQrgv9VOqW5L6AmPC d1ZCGD3g0YKbau1AU9OOH3RPjk9VncRx8sxNhueMWH+iJGfPL0W4JaxltJo6usfE QE4WWw+vV28Cug7ZPyUmPPMumYfXxXED3rdfiVDLGk65d/CJw/WjXsGtnsAidlRB YSF+7eWgBWW5vsIMwBHfw+6bBJwHKAXi3oAGCKU9AANcK7lF6uMgFLStJYJvtnHH U2Go/0xXSgd7EuK3B3xbwBPhqx1Nu7pAnbaVfpNkm/FwHaRcf+mq3aBLZ5vwvxgW oF4eF4kSp49EARCPSgp236WgfQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPdLT0k8 83VhWKmai/8i7ehYMq2cMB8GA1UdIwQYMBaAFDoVQ73zdyqY0pTrkAI4A93d8R5i MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMzE4QS9FQ0ZGMkFGODg3 RTYxMUVFOTdFNkM3NDZDNEY5QUUwMi9PaFZEdmZOM0twalNsT3VRQWpnRDNkM3hI bUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL09oVkR2Zk4zS3BqU2xPdVFBamdEM2QzeEhtSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MzE4QS9FQ0ZGMkFGODg3RTYxMUVFOTdFNkM3NDZDNEY5QUUwMi9PaFZEdmZOM0tw alNsT3VRQWpnRDNkM3hIbUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBcL3t/hFRpL/jB16HNq0nXgetPEGmD/E5KXUiie+iHETCD8ygJNyWb owiC4VIjVf6nIXUORKDBo/KJxbNxgrEVO8Ndzcoqal1b2D94Em3mTQGbNdS7fXXE 3vIrWr4n6Y8HJDV93Mu2/ST7ERYiD8Px2TYU0Q7LHbZ9t+fuB13saPy3ykaUqePI aFPRptq5f2I5HOZSIjFH91Lyq69+BGcwPiH9urMPhCrUw2h48djr7C8wdqrm+c18 3j7MLjpm/avmzAI+PD6Q9eWo3lR7a6QR2DUMC+oQaJZ0C7Cg8SE2F3r8To8qNfHw UM+nZp961nP8JUCj/Hl2GHTHj73dQPHg -----END CERTIFICATE-----Generated at Wed May 7 15:44:41 2025 by rpki-client