$ rpki-client -vvf rpki.apnic.net/member_repository/A91E953B/C8D039226C9A11EE85BFDF4FC4F9AE02/oiQ2hCI9LCXGrxdqXwL6ArJPaAs.mft File: oiQ2hCI9LCXGrxdqXwL6ArJPaAs.mft (raw, json) Hash identifier: d7Ubw82Z1kC3d0lrv4ISOQt7Q3sqjA+RSChT35ooDvs= Subject key identifier: 6C:0B:7F:1A:A2:19:6B:63:4F:AA:9B:DF:B0:B7:4A:3C:2C:8F:4E:B3 Authority key identifier: A2:24:36:84:22:3D:2C:25:C6:AF:17:6A:5F:02:FA:02:B2:4F:68:0B Certificate issuer: /CN=A91E953B/serialNumber=A2243684223D2C25C6AF176A5F02FA02B24F680B Certificate serial: 0126 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oiQ2hCI9LCXGrxdqXwL6ArJPaAs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E953B/C8D039226C9A11EE85BFDF4FC4F9AE02/oiQ2hCI9LCXGrxdqXwL6ArJPaAs.mft Manifest number: 0124 Signing time: Wed 07 May 2025 03:50:15 +0000 Manifest this update: Wed 07 May 2025 03:50:14 +0000 Manifest next update: Wed 14 May 2025 03:50:14 +0000 Files and hashes: 1: oiQ2hCI9LCXGrxdqXwL6ArJPaAs.crl (hash: yYy3QCe4jgG3YwM2ph8J1U99xu/ekVZsnCCoNCNoNRo=) 2: 12E1FD886C9C11EE9F3C5653C4F9AE02.roa (hash: QQ5QrwGTURdTMG/7o8+lIRwrf/ztbEh4ekM9cA/bz/4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E953B/C8D039226C9A11EE85BFDF4FC4F9AE02/oiQ2hCI9LCXGrxdqXwL6ArJPaAs.crl rsync://rpki.apnic.net/member_repository/A91E953B/C8D039226C9A11EE85BFDF4FC4F9AE02/oiQ2hCI9LCXGrxdqXwL6ArJPaAs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oiQ2hCI9LCXGrxdqXwL6ArJPaAs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 14 May 2025 03:50:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 294 (0x126) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E953B, serialNumber=A2243684223D2C25C6AF176A5F02FA02B24F680B Validity Not Before: May 7 03:50:14 2025 GMT Not After : May 14 03:50:14 2025 GMT Subject: CN=681ad876-7eaa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:3a:ae:f5:4a:78:53:79:8e:ee:90:dc:08:7f: 51:fc:b5:0e:39:5b:c7:e1:b8:c9:24:b3:76:94:d0: 78:25:25:98:d6:e6:c7:50:a2:30:04:1f:c7:b7:88: 40:94:b8:5d:f6:fb:2b:41:94:06:ab:94:36:9b:c3: 5d:db:55:07:bb:29:87:00:4f:16:4c:e1:80:ba:4d: 58:3b:1d:a9:e5:77:3e:94:ad:1a:83:17:d4:1a:4e: 91:35:a9:82:ea:eb:a5:4a:c1:51:c8:e5:41:83:67: 77:d4:d8:8b:2e:6a:a1:46:40:9c:2c:14:71:c2:b3: 02:23:b6:72:03:07:fd:49:dd:8e:84:8b:32:f2:be: 8a:77:83:69:a5:80:0a:20:5d:27:2c:1a:fd:3f:c3: 3c:23:10:3d:71:b4:9f:dc:de:71:52:bd:6d:ed:9f: 91:29:48:47:3a:20:b3:06:2b:12:a4:6d:3d:46:e4: 4a:d1:44:19:ab:a6:1e:ba:9d:54:8e:36:88:9c:9d: 96:ee:75:c1:91:a4:63:64:fa:69:b1:92:25:ec:89: 1f:47:a9:4e:66:65:d2:74:21:a6:39:3d:e4:2f:3b: 90:d7:19:f0:f1:66:9d:e2:76:92:86:91:cb:0e:af: c6:4d:35:b9:17:4c:8c:40:60:4e:3c:55:43:cf:f7: ad:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:0B:7F:1A:A2:19:6B:63:4F:AA:9B:DF:B0:B7:4A:3C:2C:8F:4E:B3 X509v3 Authority Key Identifier: keyid:A2:24:36:84:22:3D:2C:25:C6:AF:17:6A:5F:02:FA:02:B2:4F:68:0B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E953B/C8D039226C9A11EE85BFDF4FC4F9AE02/oiQ2hCI9LCXGrxdqXwL6ArJPaAs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oiQ2hCI9LCXGrxdqXwL6ArJPaAs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E953B/C8D039226C9A11EE85BFDF4FC4F9AE02/oiQ2hCI9LCXGrxdqXwL6ArJPaAs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 97:2c:4f:51:ec:e7:7b:2d:2b:1f:6a:6a:02:d9:3b:8d:90:dc: 2f:cc:d5:81:33:8e:d0:ee:af:b1:ee:b0:16:b7:82:c8:80:dd: e0:46:c2:92:28:4b:26:ff:48:cf:88:58:01:5b:98:00:2d:66: 31:fb:fa:e5:2b:6e:50:5b:09:17:7b:00:16:73:18:f0:6a:6a: 3e:2b:78:6d:18:c1:a4:2c:79:40:8f:1e:ba:c1:48:57:e7:ba: ef:2d:0b:65:3c:7d:bd:ee:68:38:63:ef:33:bf:f1:27:cc:7e: 85:c6:45:d4:0a:a9:b0:87:24:95:91:a8:6e:db:3e:84:78:8d: 52:39:7f:6b:e8:51:50:9d:9c:81:b8:28:d9:6b:c6:03:b7:ed: b3:84:ca:af:89:da:cd:64:1b:a9:58:37:35:43:8e:42:33:f9: 15:5b:ac:e1:4e:02:1f:3c:94:f2:0b:f6:0f:52:5d:9f:bd:be: 78:7c:19:1d:41:4e:bb:81:06:dc:b8:da:5f:c1:6b:92:13:5a: 5c:08:98:a2:14:60:68:fa:44:e5:ee:44:8b:9a:21:79:23:ee: 40:d0:da:f7:ce:08:02:df:bb:ee:32:6c:7a:e5:72:ee:3b:55: be:3b:25:31:34:9d:4e:59:a1:77:ed:55:22:1f:32:e0:7d:b7: 48:9c:95:5b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTk1M0IxMTAvBgNVBAUTKEEyMjQzNjg0MjIzRDJDMjVDNkFGMTc2QTVGMDJGQTAy QjI0RjY4MEIwHhcNMjUwNTA3MDM1MDE0WhcNMjUwNTE0MDM1MDE0WjAYMRYwFAYD VQQDEw02ODFhZDg3Ni03ZWFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAszqu9Up4U3mO7pDcCH9R/LUOOVvH4bjJJLN2lNB4JSWY1ubHUKIwBB/Ht4hA lLhd9vsrQZQGq5Q2m8Nd21UHuymHAE8WTOGAuk1YOx2p5Xc+lK0agxfUGk6RNamC 6uulSsFRyOVBg2d31NiLLmqhRkCcLBRxwrMCI7ZyAwf9Sd2OhIsy8r6Kd4NppYAK IF0nLBr9P8M8IxA9cbSf3N5xUr1t7Z+RKUhHOiCzBisSpG09RuRK0UQZq6Yeup1U jjaInJ2W7nXBkaRjZPppsZIl7IkfR6lOZmXSdCGmOT3kLzuQ1xnw8Wad4naShpHL Dq/GTTW5F0yMQGBOPFVDz/etIwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGwLfxqi GWtjT6qb37C3Sjwsj06zMB8GA1UdIwQYMBaAFKIkNoQiPSwlxq8Xal8C+gKyT2gL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOTUzQi9DOEQwMzkyMjZD OUExMUVFODVCRkRGNEZDNEY5QUUwMi9vaVEyaENJOUxDWEdyeGRxWHdMNkFySlBh QXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29pUTJoQ0k5TENYR3J4ZHFYd0w2QXJKUGFBcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OTUzQi9DOEQwMzkyMjZDOUExMUVFODVCRkRGNEZDNEY5QUUwMi9vaVEyaENJOUxD WEdyeGRxWHdMNkFySlBhQXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCXLE9R7Od7LSsfamoC2TuNkNwvzNWBM47Q7q+x7rAWt4LIgN3gRsKS KEsm/0jPiFgBW5gALWYx+/rlK25QWwkXewAWcxjwamo+K3htGMGkLHlAjx66wUhX 57rvLQtlPH297mg4Y+8zv/EnzH6FxkXUCqmwhySVkahu2z6EeI1SOX9r6FFQnZyB uCjZa8YDt+2zhMqvidrNZBupWDc1Q45CM/kVW6zhTgIfPJTyC/YPUl2fvb54fBkd QU67gQbcuNpfwWuSE1pcCJiiFGBo+kTl7kSLmiF5I+5A0Nr3zggC37vuMmx65XLu O1W+OyUxNJ1OWaF37VUiHzLgfbdInJVb -----END CERTIFICATE-----Generated at Fri May 9 03:33:34 2025 by rpki-client