$ rpki-client -vvf rpki.apnic.net/member_repository/A911E502/87C3FD0AFB2911EFB766DC76C4F9AE02/OGwwDtcvErkFR4ozzvJ3mSVKaRw.mft File: OGwwDtcvErkFR4ozzvJ3mSVKaRw.mft (raw, json) Hash identifier: lH/POPNIyWo/pTM91EELMj4zawe+A0WyhIGiSkKTbPA= Subject key identifier: BC:C2:5F:FE:42:18:EC:11:C9:66:69:EF:0C:D4:67:26:18:78:A6:0D Authority key identifier: 38:6C:30:0E:D7:2F:12:B9:05:47:8A:33:CE:F2:77:99:25:4A:69:1C Certificate issuer: /CN=A911E502/serialNumber=386C300ED72F12B905478A33CEF27799254A691C Certificate serial: 17 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OGwwDtcvErkFR4ozzvJ3mSVKaRw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911E502/87C3FD0AFB2911EFB766DC76C4F9AE02/OGwwDtcvErkFR4ozzvJ3mSVKaRw.mft Manifest number: 13 Signing time: Mon 07 Apr 2025 06:56:12 +0000 Manifest this update: Mon 07 Apr 2025 06:56:11 +0000 Manifest next update: Mon 14 Apr 2025 06:56:11 +0000 Files and hashes: 1: OGwwDtcvErkFR4ozzvJ3mSVKaRw.crl (hash: /5TeEqEbEcAPZJodtF+LY5e/tJAkL7PFJR6bMCo4Coc=) 2: 54DA33D2FB2E11EFB488A95EC4F9AE02.roa (hash: L/7VzM2fbo0IdE808LBeTzf3z0geWQ0SpeUJCZmWPBg=) 3: 53E9C44CFB2E11EFB488A95EC4F9AE02.roa (hash: hzaK0MTBJLVrmr0hWnuGmH3SdcFclIxCzlQUZOQabQ8=) 4: 5460E9C8FB2E11EFB488A95EC4F9AE02.roa (hash: bkhjgOMD/IEHS+ly/VrsRugL9cN6Yu5sgUx5f40TuYM=) 5: 553798E2FB2E11EFB488A95EC4F9AE02.roa (hash: p8161Irka1RhOlKGL72R+iegNNjEoBL5dnyvjeUTVQY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911E502/87C3FD0AFB2911EFB766DC76C4F9AE02/OGwwDtcvErkFR4ozzvJ3mSVKaRw.crl rsync://rpki.apnic.net/member_repository/A911E502/87C3FD0AFB2911EFB766DC76C4F9AE02/OGwwDtcvErkFR4ozzvJ3mSVKaRw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OGwwDtcvErkFR4ozzvJ3mSVKaRw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 14 Apr 2025 06:56:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23 (0x17) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911E502 Validity Not Before: Apr 7 06:56:11 2025 GMT Not After : Apr 14 06:56:11 2025 GMT Subject: CN=67f3770c-1204 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:77:e6:f2:17:21:a9:25:19:f6:94:55:54:59: f7:58:89:e0:87:7c:c4:25:1f:ba:34:e3:4f:e2:55: dd:64:83:3d:85:12:2d:e5:3d:72:67:57:54:10:ba: 5a:53:51:41:20:10:f7:0d:61:c2:24:06:07:2f:97: e8:9b:67:a9:8b:68:07:91:8b:5d:31:6d:00:16:b5: 4d:3e:fc:af:9e:84:c4:5c:e4:d1:dc:ff:83:07:9b: b9:d1:04:0b:46:69:98:8f:b1:8e:83:7e:4a:dc:0c: 03:ac:2d:25:92:c8:c3:70:c9:5f:39:e0:9c:72:9b: 6d:f0:ba:fe:33:bf:eb:ba:f5:4d:93:82:d4:e3:33: 1d:a1:9e:ef:f5:e2:31:81:24:e1:c7:74:2c:08:c3: f2:66:e9:cd:f6:3e:e6:60:58:67:f0:be:dd:f5:c9: d7:45:ed:d2:aa:94:bd:e1:f5:9f:bd:12:5c:21:8a: 04:16:b5:72:d4:77:81:37:a6:b1:1a:4f:b0:33:80: 50:92:ca:16:61:10:17:f6:11:00:fb:e9:c3:34:52: 55:23:8d:50:40:f7:b2:89:40:0b:dd:a1:b5:50:fe: f9:63:d8:17:82:e7:50:a0:81:83:f7:a6:f8:69:26: c4:58:9c:ea:f1:61:df:e9:06:33:61:87:c3:08:32: 27:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:C2:5F:FE:42:18:EC:11:C9:66:69:EF:0C:D4:67:26:18:78:A6:0D X509v3 Authority Key Identifier: keyid:38:6C:30:0E:D7:2F:12:B9:05:47:8A:33:CE:F2:77:99:25:4A:69:1C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911E502/87C3FD0AFB2911EFB766DC76C4F9AE02/OGwwDtcvErkFR4ozzvJ3mSVKaRw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OGwwDtcvErkFR4ozzvJ3mSVKaRw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911E502/87C3FD0AFB2911EFB766DC76C4F9AE02/OGwwDtcvErkFR4ozzvJ3mSVKaRw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 58:94:7b:b4:42:6c:3d:8d:e9:3d:40:29:62:f8:04:5c:9f:6d: 64:d4:df:a2:fc:78:66:97:78:79:1d:4f:72:22:f1:e6:59:49: 34:02:ee:d9:c4:43:2b:42:69:21:1b:86:4f:9d:9e:3e:0e:1d: bd:59:ce:92:e5:81:e3:a9:97:c5:0f:53:0e:be:a9:fd:a2:3e: bc:af:b0:31:09:54:d6:c8:50:5d:7c:6c:d3:8c:17:b0:65:54: 7d:38:48:99:b5:dd:11:35:fa:48:8c:da:40:4e:d1:96:3b:06: b0:57:38:c7:29:db:75:df:f6:a8:e5:96:92:7c:0f:89:ac:f0: 88:d7:db:e1:3b:e0:4f:89:8c:d8:f3:e3:4a:70:76:22:e0:ee: c6:e5:09:a5:a5:fd:9c:3e:33:34:a1:48:d8:c0:fb:d1:f2:c0: f1:1e:b2:4d:50:da:91:a1:5e:5a:9d:88:b9:23:58:f1:97:88: 8f:a0:25:f0:1f:3a:ab:a1:c5:9e:ef:03:f2:01:cf:81:60:98: e3:85:82:62:01:05:50:ff:95:d4:2c:e6:4d:00:0c:b8:10:9f: 7c:c0:5c:0a:65:cc:7a:af:3f:0c:56:45:23:39:dd:ea:ca:3a: e1:42:85:22:73:3d:79:7d:f7:4c:75:0c:b4:ac:b5:59:11:1f: f8:2b:81:c2 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBFzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx RTUwMjExMC8GA1UEBRMoMzg2QzMwMEVENzJGMTJCOTA1NDc4QTMzQ0VGMjc3OTky NTRBNjkxQzAeFw0yNTA0MDcwNjU2MTFaFw0yNTA0MTQwNjU2MTFaMBgxFjAUBgNV BAMTDTY3ZjM3NzBjLTEyMDQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDHd+byFyGpJRn2lFVUWfdYieCHfMQlH7o040/iVd1kgz2FEi3lPXJnV1QQulpT UUEgEPcNYcIkBgcvl+ibZ6mLaAeRi10xbQAWtU0+/K+ehMRc5NHc/4MHm7nRBAtG aZiPsY6DfkrcDAOsLSWSyMNwyV854Jxym23wuv4zv+u69U2TgtTjMx2hnu/14jGB JOHHdCwIw/Jm6c32PuZgWGfwvt31yddF7dKqlL3h9Z+9ElwhigQWtXLUd4E3prEa T7AzgFCSyhZhEBf2EQD76cM0UlUjjVBA97KJQAvdobVQ/vlj2BeC51CggYP3pvhp JsRYnOrxYd/pBjNhh8MIMievAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUvMJf/kIY 7BHJZmnvDNRnJhh4pg0wHwYDVR0jBBgwFoAUOGwwDtcvErkFR4ozzvJ3mSVKaRww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFFNTAyLzg3QzNGRDBBRkIy OTExRUZCNzY2REM3NkM0RjlBRTAyL09Hd3dEdGN2RXJrRlI0b3p6dkozbVNWS2FS dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvT0d3d0R0Y3ZFcmtGUjRvenp2SjNtU1ZLYVJ3LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFF NTAyLzg3QzNGRDBBRkIyOTExRUZCNzY2REM3NkM0RjlBRTAyL09Hd3dEdGN2RXJr RlI0b3p6dkozbVNWS2FSdy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAFiUe7RCbD2N6T1AKWL4BFyfbWTU36L8eGaXeHkdT3Ii8eZZSTQC7tnE QytCaSEbhk+dnj4OHb1ZzpLlgeOpl8UPUw6+qf2iPryvsDEJVNbIUF18bNOMF7Bl VH04SJm13RE1+kiM2kBO0ZY7BrBXOMcp23Xf9qjllpJ8D4ms8IjX2+E74E+JjNjz 40pwdiLg7sblCaWl/Zw+MzShSNjA+9HywPEesk1Q2pGhXlqdiLkjWPGXiI+gJfAf OquhxZ7vA/IBz4FgmOOFgmIBBVD/ldQs5k0ADLgQn3zAXAplzHqvPwxWRSM53erK OuFChSJzPXl990x1DLSstVkRH/grgcI= -----END CERTIFICATE-----Generated at Mon Apr 7 12:14:05 2025 by rpki-client