$ rpki-client -vvf rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.mft File: Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.mft (raw, json) Hash identifier: Mxr4Kj1IAJ3ySeFbPvEePZqHS8L/i3lGF9SXAd1wMnM= Subject key identifier: 64:CB:BF:A3:CF:8F:10:46:84:EB:EA:73:D8:5E:59:18:23:CA:11:1E Authority key identifier: 3A:CC:B6:95:39:AC:9F:42:88:BC:D0:F0:A5:42:50:D5:92:F5:40:D4 Certificate issuer: /CN=A91F0EBF/serialNumber=3ACCB69539AC9F4288BCD0F0A54250D592F540D4 Certificate serial: 21CF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.mft Manifest number: 218D Signing time: Mon 12 May 2025 15:52:20 +0000 Manifest this update: Mon 12 May 2025 15:52:19 +0000 Manifest next update: Mon 19 May 2025 15:52:19 +0000 Files and hashes: 1: Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.crl (hash: iFPp1U4YpV9r99iZNtPQrjVlcJs3ueix4WPdEhwapp4=) 2: 5F649D88F27E11EE8704D12FC4F9AE02.roa (hash: 1ES+epsnD/DNY/mamto14c9DZbko73ok/bvGYlpnZRA=) 3: 5EDC2B56F27E11EE8704D12FC4F9AE02.roa (hash: RV1/DDfUdeMeAI1f60SGG8y1uSkd4aEtHJsKEOkYdXA=) 4: 586B33AEF44611EBA78C117AC4F9AE02.roa (hash: xubGUlPUlNCBLJe5+NADMrf4YV/wbfCmoqj7rhjCN20=) 5: 5480D316764D11EA8CB5C039C4F9AE02.roa (hash: ftobPRBcc8wlVTCOH3GxCPMFHQM9ebuoV2KFpLluNR4=) 6: 11DE1CDA467611EC988CDC09C4F9AE02.roa (hash: RArCcLO/kSE5acBXMMlQcl8HS4RV4DSQfZAIgouxT+4=) 7: A73C0BF6D93511E6B2617F7BC4F9AE02.roa (hash: 8McChURwVN9JYUVHRVTAHRcHa/Hxc6L3gNtxVyOyx0g=) 8: 63BFE4C0292811EEAF894530C4F9AE02.roa (hash: 4gXXPKgdGkdsiTu4Fh+U84K4r4ojzbdg0Z4yEj+nXpA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.crl rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 15:52:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8655 (0x21cf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F0EBF, serialNumber=3ACCB69539AC9F4288BCD0F0A54250D592F540D4 Validity Not Before: May 12 15:52:19 2025 GMT Not After : May 19 15:52:19 2025 GMT Subject: CN=68221933-ce49 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:47:db:43:48:dd:7c:9c:83:df:f7:0c:db:04: d5:b8:f5:7c:91:24:69:e0:98:3a:2c:31:5e:2f:0d: ae:ce:64:05:9b:4f:95:f2:72:e2:61:a6:3d:6f:fa: 19:f1:dd:8a:ab:64:11:34:1c:16:fd:df:84:64:45: d9:d0:47:a4:f0:a4:17:5d:53:c0:9f:1a:f8:fa:bd: 3b:05:54:3c:86:58:61:64:a8:94:c8:5c:22:dc:95: d6:c9:38:73:dc:44:28:bf:aa:d2:fe:cc:98:5c:ec: 6a:a7:76:25:f4:0e:3e:f0:61:11:b1:72:c0:b8:c0: 3b:fe:64:f8:0e:47:32:1e:19:ab:b4:9a:2a:c1:5a: 31:f1:d4:ba:ae:4b:b7:01:9c:65:ca:0e:ef:ed:a6: c1:64:e1:6b:ea:40:1f:a6:d5:c5:6c:01:d5:dc:ba: 83:61:66:b9:be:9c:8d:94:fc:22:f9:6d:98:d6:2f: 80:77:45:55:9d:d7:a0:67:62:1e:2b:89:72:4e:ca: 1e:3c:93:99:34:9a:fe:8c:b0:75:c8:02:be:7f:09: 46:96:08:e6:7f:66:b7:79:95:f3:80:35:e4:69:c6: 9d:a6:7f:94:6c:c9:23:56:4a:9f:52:0d:c2:2c:0f: 04:63:1c:e2:11:80:c8:ab:c8:f1:37:2b:64:d8:54: 22:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:CB:BF:A3:CF:8F:10:46:84:EB:EA:73:D8:5E:59:18:23:CA:11:1E X509v3 Authority Key Identifier: keyid:3A:CC:B6:95:39:AC:9F:42:88:BC:D0:F0:A5:42:50:D5:92:F5:40:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1a:17:dc:18:dc:b6:78:5c:76:90:ca:ec:d7:9e:de:49:e0:b3: a5:23:ce:5d:76:b1:7f:c3:85:8a:ba:f8:01:1f:7d:4e:48:d3: 00:c7:39:7a:2c:71:76:b8:f5:a2:53:f8:7d:8e:99:86:51:81: b0:18:7a:1a:7e:09:c2:b5:0e:05:c9:b3:c8:bf:84:ea:9e:6e: 3a:61:d9:94:14:5c:f6:ac:fd:fc:20:c0:92:f3:44:dc:77:d9: 16:1f:76:1c:91:f6:bd:75:3e:2a:4b:70:63:7f:49:ca:cb:78: fb:45:59:a8:a0:36:bb:97:67:7c:a8:1b:63:40:33:46:e9:81: ac:2f:a5:47:97:b2:e8:7d:ba:9e:86:49:d8:b8:a1:04:e3:90: 5f:d2:68:de:53:59:53:7a:76:a1:c9:fd:6b:e8:11:f7:ca:c7: 25:a6:6f:b5:e8:94:44:81:bf:8f:c4:b1:73:a1:96:48:0f:f7: 4d:a3:d3:79:9c:c3:fb:08:46:7f:7d:c1:81:df:dd:75:cb:af: 86:73:09:fc:48:7c:45:92:60:5d:8e:1f:4d:d7:b1:6f:2e:a5: 1c:98:32:c0:87:1b:7c:81:4c:f5:58:11:ec:41:55:27:a3:43: 23:5a:c6:98:b3:df:88:54:9e:5e:3f:69:46:1c:0e:72:e3:8f: 93:4e:2b:91 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICIc8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjBFQkYxMTAvBgNVBAUTKDNBQ0NCNjk1MzlBQzlGNDI4OEJDRDBGMEE1NDI1MEQ1 OTJGNTQwRDQwHhcNMjUwNTEyMTU1MjE5WhcNMjUwNTE5MTU1MjE5WjAYMRYwFAYD VQQDEw02ODIyMTkzMy1jZTQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz0fbQ0jdfJyD3/cM2wTVuPV8kSRp4Jg6LDFeLw2uzmQFm0+V8nLiYaY9b/oZ 8d2Kq2QRNBwW/d+EZEXZ0Eek8KQXXVPAnxr4+r07BVQ8hlhhZKiUyFwi3JXWyThz 3EQov6rS/syYXOxqp3Yl9A4+8GERsXLAuMA7/mT4DkcyHhmrtJoqwVox8dS6rku3 AZxlyg7v7abBZOFr6kAfptXFbAHV3LqDYWa5vpyNlPwi+W2Y1i+Ad0VVndegZ2Ie K4lyTsoePJOZNJr+jLB1yAK+fwlGlgjmf2a3eZXzgDXkacadpn+UbMkjVkqfUg3C LA8EYxziEYDIq8jxNytk2FQitwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGTLv6PP jxBGhOvqc9heWRgjyhEeMB8GA1UdIwQYMBaAFDrMtpU5rJ9CiLzQ8KVCUNWS9UDU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMEVCRi81Rjg0RDdEOERC ODAxMUU1OUFCN0VEMUVDNEY5QUUwMi9Pc3kybFRtc24wS0l2TkR3cFVKUTFaTDFR TlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09zeTJsVG1zbjBLSXZORHdwVUpRMVpMMVFOUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MEVCRi81Rjg0RDdEOERCODAxMUU1OUFCN0VEMUVDNEY5QUUwMi9Pc3kybFRtc24w S0l2TkR3cFVKUTFaTDFRTlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAaF9wY3LZ4XHaQyuzXnt5J4LOlI85ddrF/w4WKuvgBH31OSNMAxzl6 LHF2uPWiU/h9jpmGUYGwGHoafgnCtQ4FybPIv4Tqnm46YdmUFFz2rP38IMCS80Tc d9kWH3Yckfa9dT4qS3Bjf0nKy3j7RVmooDa7l2d8qBtjQDNG6YGsL6VHl7Lofbqe hknYuKEE45Bf0mjeU1lTenahyf1r6BH3ysclpm+16JREgb+PxLFzoZZID/dNo9N5 nMP7CEZ/fcGB3911y6+Gcwn8SHxFkmBdjh9N17FvLqUcmDLAhxt8gUz1WBHsQVUn o0MjWsaYs9+IVJ5eP2lGHA5y44+TTiuR -----END CERTIFICATE-----Generated at Mon May 12 18:58:42 2025 by rpki-client