$ rpki-client -vvf rpki.apnic.net/member_repository/A91FB68C/17D103A8EAB211EF846F1337C4F9AE02/oiiPiWTWFpqHlfL07wXg1ebhOwk.mft File: oiiPiWTWFpqHlfL07wXg1ebhOwk.mft (raw, json) Hash identifier: O81oFVlBHniEotOzROVv0Bcuvsh+GEm+UpW7Tc3Dl3I= Subject key identifier: 45:A9:D3:5E:4B:7E:F6:F2:FB:21:2B:65:20:6B:79:EC:D1:39:34:58 Authority key identifier: A2:28:8F:89:64:D6:16:9A:87:95:F2:F4:EF:05:E0:D5:E6:E1:3B:09 Certificate issuer: /CN=A91FB68C/serialNumber=A2288F8964D6169A8795F2F4EF05E0D5E6E13B09 Certificate serial: 43 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oiiPiWTWFpqHlfL07wXg1ebhOwk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FB68C/17D103A8EAB211EF846F1337C4F9AE02/oiiPiWTWFpqHlfL07wXg1ebhOwk.mft Manifest number: 3A Signing time: Fri 09 May 2025 06:43:57 +0000 Manifest this update: Fri 09 May 2025 06:43:57 +0000 Manifest next update: Fri 16 May 2025 06:43:56 +0000 Files and hashes: 1: oiiPiWTWFpqHlfL07wXg1ebhOwk.crl (hash: xCQ9CH49ZpkOVITIP690zUAUoxtLR8sjpE2IUb65bXc=) 2: 7F9864BC278511F08A309E80C4F9AE02.roa (hash: Qmy+i9C5Rc4mKmMkW3mFXP5ni+MgnYfnd/vlrjppwOw=) 3: 965254F8278811F09217002CC4F9AE02.roa (hash: 43x78k+dzhsv7ZCDVrgKApUESFB1ajmPRMXQlcEBmxQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FB68C/17D103A8EAB211EF846F1337C4F9AE02/oiiPiWTWFpqHlfL07wXg1ebhOwk.crl rsync://rpki.apnic.net/member_repository/A91FB68C/17D103A8EAB211EF846F1337C4F9AE02/oiiPiWTWFpqHlfL07wXg1ebhOwk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oiiPiWTWFpqHlfL07wXg1ebhOwk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 16 May 2025 06:43:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67 (0x43) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FB68C, serialNumber=A2288F8964D6169A8795F2F4EF05E0D5E6E13B09 Validity Not Before: May 9 06:43:57 2025 GMT Not After : May 16 06:43:56 2025 GMT Subject: CN=681da42d-2afb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:a7:05:10:ab:8d:ec:33:b3:83:a7:14:54:2a: f4:08:23:d4:d6:ba:08:73:52:b2:85:c2:eb:3f:20: 17:a6:41:50:a1:3a:e8:91:62:13:18:61:01:64:11: 3b:3b:f4:74:a0:8b:51:55:71:6d:2c:8a:a7:e9:b4: 85:96:bb:63:5f:bb:80:8a:4e:18:95:1d:95:52:94: 65:50:41:b3:b0:f0:e3:f3:fa:67:de:92:3a:7d:45: fb:df:9d:28:8f:28:9c:33:d9:f2:00:a3:86:ed:81: 1a:b6:ce:ff:28:80:0a:d7:8f:8a:ef:58:1f:92:a1: f3:15:71:96:78:7c:77:96:c4:3c:ce:74:7f:25:e3: c0:d7:27:7d:b8:26:d2:19:32:26:f7:10:11:7a:84: d3:a5:24:46:6a:60:2a:5c:e6:a2:66:8e:ea:2a:e2: 30:12:9b:2e:21:14:13:ac:53:e6:12:11:82:3a:c7: 8d:a1:7b:e9:71:75:02:28:28:ec:38:08:d8:79:24: d1:6a:60:88:4e:6c:c5:1c:1b:f9:24:46:6b:51:c5: 3c:05:ac:16:ea:e2:31:bd:58:37:90:60:b2:74:59: cf:7c:94:02:92:1d:bc:69:ba:77:d6:69:8a:bf:8f: d9:7d:f6:a1:3c:dc:a2:73:7e:7b:ee:2b:47:0b:ba: 6b:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:A9:D3:5E:4B:7E:F6:F2:FB:21:2B:65:20:6B:79:EC:D1:39:34:58 X509v3 Authority Key Identifier: keyid:A2:28:8F:89:64:D6:16:9A:87:95:F2:F4:EF:05:E0:D5:E6:E1:3B:09 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FB68C/17D103A8EAB211EF846F1337C4F9AE02/oiiPiWTWFpqHlfL07wXg1ebhOwk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oiiPiWTWFpqHlfL07wXg1ebhOwk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FB68C/17D103A8EAB211EF846F1337C4F9AE02/oiiPiWTWFpqHlfL07wXg1ebhOwk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2e:d1:d2:32:81:46:61:44:9c:d1:a6:d6:18:e9:15:aa:8d:83: e5:00:ca:92:ef:bd:ff:05:4e:6d:df:65:59:22:6c:ab:8a:90: d5:b5:a2:ce:d8:bb:a1:cb:7c:61:99:10:c5:74:5b:0f:14:f3: 08:c2:fd:b1:32:04:13:36:16:f5:4b:21:94:6b:a7:1e:52:bf: 8d:19:db:5a:bd:74:46:12:22:65:48:2d:e6:f3:0b:44:77:d8: 85:48:ec:a6:1d:ec:f5:e8:72:9c:e7:cf:1e:38:3b:65:a0:25: f5:15:c9:c5:e9:db:05:53:0b:15:73:22:1d:e3:83:a0:b8:a2: 35:4c:89:e8:5b:f3:9e:e9:04:61:83:ee:00:bf:b5:b7:c8:e2: 32:2c:0a:27:ad:f3:eb:04:71:e9:a6:85:64:eb:ce:76:d5:f3: a5:f6:a8:45:03:b6:a1:2e:99:b7:be:fb:00:05:3f:25:e3:1b: 06:43:cb:06:93:23:0f:c4:31:35:11:8d:be:d6:aa:f6:6c:a3: e5:65:a7:bb:79:78:64:29:06:82:c0:7a:63:da:03:36:13:b7: 26:0c:5f:8e:33:94:05:0a:f9:1e:c5:e7:a2:b2:a2:13:2d:65: 5e:e9:43:ff:10:ba:38:9e:3d:3f:d7:b1:90:d0:c9:e4:55:71: 52:01:49:65 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBQzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG QjY4QzExMC8GA1UEBRMoQTIyODhGODk2NEQ2MTY5QTg3OTVGMkY0RUYwNUUwRDVF NkUxM0IwOTAeFw0yNTA1MDkwNjQzNTdaFw0yNTA1MTYwNjQzNTZaMBgxFjAUBgNV BAMTDTY4MWRhNDJkLTJhZmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCbpwUQq43sM7ODpxRUKvQII9TWughzUrKFwus/IBemQVChOuiRYhMYYQFkETs7 9HSgi1FVcW0siqfptIWWu2Nfu4CKThiVHZVSlGVQQbOw8OPz+mfekjp9RfvfnSiP KJwz2fIAo4btgRq2zv8ogArXj4rvWB+SofMVcZZ4fHeWxDzOdH8l48DXJ324JtIZ Mib3EBF6hNOlJEZqYCpc5qJmjuoq4jASmy4hFBOsU+YSEYI6x42he+lxdQIoKOw4 CNh5JNFqYIhObMUcG/kkRmtRxTwFrBbq4jG9WDeQYLJ0Wc98lAKSHbxpunfWaYq/ j9l99qE83KJzfnvuK0cLumtzAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQURanTXkt+ 9vL7IStlIGt57NE5NFgwHwYDVR0jBBgwFoAUoiiPiWTWFpqHlfL07wXg1ebhOwkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZCNjhDLzE3RDEwM0E4RUFC MjExRUY4NDZGMTMzN0M0RjlBRTAyL29paVBpV1RXRnBxSGxmTDA3d1hnMWViaE93 ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvb2lpUGlXVFdGcHFIbGZMMDd3WGcxZWJoT3drLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZC NjhDLzE3RDEwM0E4RUFCMjExRUY4NDZGMTMzN0M0RjlBRTAyL29paVBpV1RXRnBx SGxmTDA3d1hnMWViaE93ay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAC7R0jKBRmFEnNGm1hjpFaqNg+UAypLvvf8FTm3fZVkibKuKkNW1os7Y u6HLfGGZEMV0Ww8U8wjC/bEyBBM2FvVLIZRrpx5Sv40Z21q9dEYSImVILebzC0R3 2IVI7KYd7PXocpznzx44O2WgJfUVycXp2wVTCxVzIh3jg6C4ojVMiehb857pBGGD 7gC/tbfI4jIsCiet8+sEcemmhWTrznbV86X2qEUDtqEumbe++wAFPyXjGwZDywaT Iw/EMTURjb7WqvZso+Vlp7t5eGQpBoLAemPaAzYTtyYMX44zlAUK+R7F56KyohMt ZV7pQ/8QujiePT/XsZDQyeRVcVIBSWU= -----END CERTIFICATE-----Generated at Sat May 10 07:56:22 2025 by rpki-client