$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.mft File: ovb2YTEslb8FoLUjCxNx1GIv1ic.mft (raw, json) Hash identifier: 4aTiWXJPFwT4L1VoXs4PG16zKkLFcKnhA7L0pRJQDkc= Subject key identifier: 9B:71:C3:79:21:6E:3F:B0:51:D8:C0:22:B7:C3:7D:EE:F7:1D:77:F9 Authority key identifier: A2:F6:F6:61:31:2C:95:BF:05:A0:B5:23:0B:13:71:D4:62:2F:D6:27 Certificate issuer: /CN=A91E7BC4/serialNumber=A2F6F661312C95BF05A0B5230B1371D4622FD627 Certificate serial: 0D39 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ovb2YTEslb8FoLUjCxNx1GIv1ic.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.mft Manifest number: 0D31 Signing time: Mon 12 May 2025 17:54:44 +0000 Manifest this update: Mon 12 May 2025 17:54:44 +0000 Manifest next update: Mon 19 May 2025 17:54:44 +0000 Files and hashes: 1: ovb2YTEslb8FoLUjCxNx1GIv1ic.crl (hash: j24RFXXt4esCsjQEFmqzyfNXEJ62pl5yPf4rd69Kbu0=) 2: 05054224D8E411E9BEB7986DC4F9AE02.roa (hash: C8YUnzVpdG1ic9MCuW7celmXkhXkYeCvagfWnZShYbQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.crl rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ovb2YTEslb8FoLUjCxNx1GIv1ic.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 17:54:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3385 (0xd39) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E7BC4, serialNumber=A2F6F661312C95BF05A0B5230B1371D4622FD627 Validity Not Before: May 12 17:54:44 2025 GMT Not After : May 19 17:54:44 2025 GMT Subject: CN=682235e4-2941 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:b4:28:57:7c:67:3c:15:0d:28:ef:e3:0c:64: 96:f8:69:1f:da:38:a4:f4:1a:d4:79:b8:78:9b:2a: 25:3f:3f:1d:21:17:81:1a:16:2b:01:84:db:73:4f: eb:85:5f:95:49:d2:fe:f8:f9:d9:4d:95:10:0b:9c: 62:fb:23:75:d2:88:f6:35:12:73:91:38:36:b2:1b: 92:b4:bb:c9:a7:81:66:25:4e:50:fb:a5:9f:29:93: e6:74:77:c1:e3:49:ff:44:f2:59:fa:c9:8d:a1:4c: 7f:25:a3:13:a9:f3:0f:cb:63:49:56:38:72:77:33: 92:2e:86:4c:9b:32:74:26:5c:ee:4d:42:ee:6b:49: e9:5e:c0:0a:a4:8f:93:ae:ae:5d:ba:ab:1e:66:c9: 84:1b:ab:1d:39:f6:a0:7b:a2:27:09:bc:1e:03:2a: 08:3a:13:60:67:a9:9d:eb:65:aa:f4:9e:09:56:75: 55:83:0e:c5:93:23:2b:21:fc:0f:11:76:40:f5:a4: 30:c3:88:30:17:8b:f8:ab:66:80:3b:98:2c:e8:18: 98:83:a3:9f:fb:4e:d7:db:dc:9e:22:e8:82:d3:0c: 6d:ac:81:4b:2a:61:48:82:28:52:93:8a:55:1f:a5: 86:62:92:c3:c8:80:bd:69:c1:9e:a7:74:0c:cf:e6: fc:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:71:C3:79:21:6E:3F:B0:51:D8:C0:22:B7:C3:7D:EE:F7:1D:77:F9 X509v3 Authority Key Identifier: keyid:A2:F6:F6:61:31:2C:95:BF:05:A0:B5:23:0B:13:71:D4:62:2F:D6:27 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ovb2YTEslb8FoLUjCxNx1GIv1ic.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a7:c5:d3:a9:b7:6a:be:9d:79:50:26:2e:8b:14:1d:dd:3f:d1: 42:2d:1d:ab:97:ba:90:41:8a:02:50:38:68:36:3b:d2:9b:cf: ad:39:ff:52:d2:d6:cd:5d:41:7a:30:bd:1a:36:53:48:10:bb: 18:e0:f8:09:42:ba:be:09:65:c6:40:9e:1e:e9:8f:f1:40:83: 76:a4:4a:48:17:d6:5a:61:1c:c3:7c:f3:62:1c:e9:34:00:b1: cf:d8:f5:d9:32:ff:4d:29:80:c9:25:f6:f6:ad:bd:95:15:e0: ac:cc:7a:44:ff:3e:c7:84:70:1b:39:5b:c2:12:2f:b5:fb:6e: 91:9d:e0:f3:e7:09:c0:22:bb:30:15:11:66:cc:03:c0:0c:39: 74:9d:d8:9c:08:c6:e9:eb:30:db:3d:36:b3:c5:d2:79:63:7e: 47:e5:59:11:46:c3:39:39:3c:87:2c:0e:0a:83:5c:57:78:dd: 11:f2:18:f1:66:08:96:c1:2d:0f:1c:07:ad:b4:fe:b6:61:ed: bc:27:2c:ff:6a:8a:b1:2a:51:61:d6:23:51:cf:50:22:46:36: 46:8a:50:bd:2a:7f:ca:bd:18:aa:4a:91:37:d0:67:c3:4a:f4: 6c:f6:a6:f5:51:46:91:98:23:39:94:96:d0:80:23:ca:00:ed: 64:17:79:7b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDTkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTdCQzQxMTAvBgNVBAUTKEEyRjZGNjYxMzEyQzk1QkYwNUEwQjUyMzBCMTM3MUQ0 NjIyRkQ2MjcwHhcNMjUwNTEyMTc1NDQ0WhcNMjUwNTE5MTc1NDQ0WjAYMRYwFAYD VQQDEw02ODIyMzVlNC0yOTQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx7QoV3xnPBUNKO/jDGSW+Gkf2jik9BrUebh4myolPz8dIReBGhYrAYTbc0/r hV+VSdL++PnZTZUQC5xi+yN10oj2NRJzkTg2shuStLvJp4FmJU5Q+6WfKZPmdHfB 40n/RPJZ+smNoUx/JaMTqfMPy2NJVjhydzOSLoZMmzJ0JlzuTULua0npXsAKpI+T rq5duqseZsmEG6sdOfage6InCbweAyoIOhNgZ6md62Wq9J4JVnVVgw7FkyMrIfwP EXZA9aQww4gwF4v4q2aAO5gs6BiYg6Of+07X29yeIuiC0wxtrIFLKmFIgihSk4pV H6WGYpLDyIC9acGep3QMz+b8AQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJtxw3kh bj+wUdjAIrfDfe73HXf5MB8GA1UdIwQYMBaAFKL29mExLJW/BaC1IwsTcdRiL9Yn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFN0JDNC8yNjFEMjgzMEQ1 MEQxMUU5QkFENkMyMjZDNEY5QUUwMi9vdmIyWVRFc2xiOEZvTFVqQ3hOeDFHSXYx aWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL292YjJZVEVzbGI4Rm9MVWpDeE54MUdJdjFpYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF N0JDNC8yNjFEMjgzMEQ1MEQxMUU5QkFENkMyMjZDNEY5QUUwMi9vdmIyWVRFc2xi OEZvTFVqQ3hOeDFHSXYxaWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCnxdOpt2q+nXlQJi6LFB3dP9FCLR2rl7qQQYoCUDhoNjvSm8+tOf9S 0tbNXUF6ML0aNlNIELsY4PgJQrq+CWXGQJ4e6Y/xQIN2pEpIF9ZaYRzDfPNiHOk0 ALHP2PXZMv9NKYDJJfb2rb2VFeCszHpE/z7HhHAbOVvCEi+1+26RneDz5wnAIrsw FRFmzAPADDl0ndicCMbp6zDbPTazxdJ5Y35H5VkRRsM5OTyHLA4Kg1xXeN0R8hjx ZgiWwS0PHAettP62Ye28Jyz/aoqxKlFh1iNRz1AiRjZGilC9Kn/KvRiqSpE30GfD SvRs9qb1UUaRmCM5lJbQgCPKAO1kF3l7 -----END CERTIFICATE-----Generated at Wed May 14 15:24:47 2025 by rpki-client