$ rpki-client -vvf rpki.apnic.net/member_repository/A912AC83/20A6137ECC9911EF87437E09C4F9AE02/0omLrZJnkc4JM8CSed-XmNfetpQ.mft File: 0omLrZJnkc4JM8CSed-XmNfetpQ.mft (raw, json) Hash identifier: BvBp1P4YdrRNk7etnOGLrFpIMSE7bnxqLn9bJGAjADQ= Subject key identifier: 35:C2:C3:D9:05:9E:6C:6D:B8:ED:F8:7B:08:15:EE:8D:AE:4C:39:4F Authority key identifier: D2:89:8B:AD:92:67:91:CE:09:33:C0:92:79:DF:97:98:D7:DE:B6:94 Certificate issuer: /CN=A912AC83/serialNumber=D2898BAD926791CE0933C09279DF9798D7DEB694 Certificate serial: 3A Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0omLrZJnkc4JM8CSed-XmNfetpQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912AC83/20A6137ECC9911EF87437E09C4F9AE02/0omLrZJnkc4JM8CSed-XmNfetpQ.mft Manifest number: 39 Signing time: Sun 20 Apr 2025 23:10:40 +0000 Manifest this update: Sun 20 Apr 2025 23:10:39 +0000 Manifest next update: Sun 27 Apr 2025 23:10:39 +0000 Files and hashes: 1: 0omLrZJnkc4JM8CSed-XmNfetpQ.crl (hash: ujTRAxF8RQ9H3cEARTjmj8lgfNsvMoLWYM7Y93nD9Oo=) 2: CEE70E84DDFB11EFB680E25BC4F9AE02.roa (hash: EsoL4WhYxfJHLQra6Hh/TOtCsHiKFt2d6Rdo7ihnLOo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912AC83/20A6137ECC9911EF87437E09C4F9AE02/0omLrZJnkc4JM8CSed-XmNfetpQ.crl rsync://rpki.apnic.net/member_repository/A912AC83/20A6137ECC9911EF87437E09C4F9AE02/0omLrZJnkc4JM8CSed-XmNfetpQ.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0omLrZJnkc4JM8CSed-XmNfetpQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 23:10:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58 (0x3a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912AC83, serialNumber=D2898BAD926791CE0933C09279DF9798D7DEB694 Validity Not Before: Apr 20 23:10:39 2025 GMT Not After : Apr 27 23:10:39 2025 GMT Subject: CN=68057ef0-e2fb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:df:38:f5:48:4f:76:83:01:04:53:63:d4:f7: d4:b0:e4:a2:a2:f0:e1:57:7c:0e:0f:31:15:f7:8b: 4c:48:ab:04:b2:95:3e:32:59:12:2f:c0:f9:87:6d: b9:47:b8:83:c1:fa:eb:56:12:38:d7:e6:20:6c:2e: 09:9c:d4:79:e4:39:cd:02:5a:a9:ec:0a:3b:ca:46: 9e:77:9a:6d:66:a9:31:3b:bc:f8:ee:5a:08:83:a4: da:1a:44:fb:fe:78:47:00:53:f2:18:3d:66:c6:4c: ec:23:d7:41:63:35:34:82:e5:b7:b9:ea:2a:70:c7: 17:76:53:82:c1:4a:e1:e2:8c:a4:ad:d8:69:aa:9e: 87:b2:6b:df:ea:2e:3c:65:2a:e9:33:48:70:31:da: 50:7d:0d:10:5a:60:08:88:20:77:51:92:76:fa:ef: bb:e0:06:16:55:34:62:6e:83:43:96:87:14:c4:31: ea:b9:04:c7:23:f1:f0:91:04:2b:84:e1:c8:f3:f9: 80:9c:63:ad:0e:49:e9:7b:5e:1c:a4:1c:60:42:46: d1:68:2d:b1:bc:bc:f4:bc:9b:24:d4:8f:11:05:4f: 6d:42:09:8f:b6:76:7f:f7:13:ac:e6:1c:c3:c4:22: be:d4:d8:7d:46:48:1c:b9:23:fb:d2:1d:13:8a:26: 2d:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:C2:C3:D9:05:9E:6C:6D:B8:ED:F8:7B:08:15:EE:8D:AE:4C:39:4F X509v3 Authority Key Identifier: keyid:D2:89:8B:AD:92:67:91:CE:09:33:C0:92:79:DF:97:98:D7:DE:B6:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912AC83/20A6137ECC9911EF87437E09C4F9AE02/0omLrZJnkc4JM8CSed-XmNfetpQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0omLrZJnkc4JM8CSed-XmNfetpQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912AC83/20A6137ECC9911EF87437E09C4F9AE02/0omLrZJnkc4JM8CSed-XmNfetpQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 24:fa:c4:15:e1:2f:b2:68:ff:c6:b6:23:fb:3f:24:de:c0:b1: a3:ab:36:45:7f:48:80:8a:6a:de:34:56:c7:ed:c9:af:83:97: 3f:db:6e:e4:32:df:ad:34:63:8d:b4:c1:06:96:79:bc:8c:31: 8c:6d:d5:2d:b3:87:dc:85:c8:25:78:77:2f:1f:27:99:76:a7: fe:ab:2f:8b:57:a2:04:a0:b9:0b:20:10:6b:bc:9c:00:5e:a7: 36:d4:e9:57:f5:fb:a9:03:87:60:67:63:f0:30:bc:44:f5:51: 05:97:b2:d4:8b:7f:90:05:3d:45:bf:e2:c2:34:36:38:8a:7a: a7:c4:2e:fc:f0:a8:3b:c8:df:4f:31:03:05:59:7f:6a:a7:b6: fb:5d:d4:14:d1:0f:78:48:21:c1:5a:c6:3b:b7:06:82:eb:ca: eb:11:04:3d:33:66:79:ad:c8:21:52:33:44:66:5c:52:42:3e: b8:46:dc:9b:76:fd:9b:4f:95:81:1e:0d:53:65:28:00:4f:42: 19:31:cf:8d:fa:a5:3c:78:d4:c6:d4:6a:f2:f9:e1:b8:e2:a9: 17:47:38:43:85:03:6a:33:32:43:83:e2:d0:80:e4:b5:8c:36: 22:67:20:98:98:bd:dd:00:14:52:36:6b:99:7c:24:a9:53:8a: 68:48:c5:2e -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBOjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy QUM4MzExMC8GA1UEBRMoRDI4OThCQUQ5MjY3OTFDRTA5MzNDMDkyNzlERjk3OThE N0RFQjY5NDAeFw0yNTA0MjAyMzEwMzlaFw0yNTA0MjcyMzEwMzlaMBgxFjAUBgNV BAMTDTY4MDU3ZWYwLWUyZmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCy3zj1SE92gwEEU2PU99Sw5KKi8OFXfA4PMRX3i0xIqwSylT4yWRIvwPmHbblH uIPB+utWEjjX5iBsLgmc1HnkOc0CWqnsCjvKRp53mm1mqTE7vPjuWgiDpNoaRPv+ eEcAU/IYPWbGTOwj10FjNTSC5be56ipwxxd2U4LBSuHijKSt2Gmqnoeya9/qLjxl KukzSHAx2lB9DRBaYAiIIHdRknb677vgBhZVNGJug0OWhxTEMeq5BMcj8fCRBCuE 4cjz+YCcY60OSel7XhykHGBCRtFoLbG8vPS8myTUjxEFT21CCY+2dn/3E6zmHMPE Ir7U2H1GSBy5I/vSHROKJi05AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUNcLD2QWe bG247fh7CBXuja5MOU8wHwYDVR0jBBgwFoAU0omLrZJnkc4JM8CSed+XmNfetpQw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJBQzgzLzIwQTYxMzdFQ0M5 OTExRUY4NzQzN0UwOUM0RjlBRTAyLzBvbUxyWkpua2M0Sk04Q1NlZC1YbU5mZXRw US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvMG9tTHJaSm5rYzRKTThDU2VkLVhtTmZldHBRLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJB QzgzLzIwQTYxMzdFQ0M5OTExRUY4NzQzN0UwOUM0RjlBRTAyLzBvbUxyWkpua2M0 Sk04Q1NlZC1YbU5mZXRwUS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBACT6xBXhL7Jo/8a2I/s/JN7AsaOrNkV/SICKat40Vsftya+Dlz/bbuQy 3600Y420wQaWebyMMYxt1S2zh9yFyCV4dy8fJ5l2p/6rL4tXogSguQsgEGu8nABe pzbU6Vf1+6kDh2BnY/AwvET1UQWXstSLf5AFPUW/4sI0NjiKeqfELvzwqDvI308x AwVZf2qntvtd1BTRD3hIIcFaxju3BoLryusRBD0zZnmtyCFSM0RmXFJCPrhG3Jt2 /ZtPlYEeDVNlKABPQhkxz436pTx41MbUavL54bjiqRdHOEOFA2ozMkOD4tCA5LWM NiJnIJiYvd0AFFI2a5l8JKlTimhIxS4= -----END CERTIFICATE-----Generated at Tue Apr 22 23:22:34 2025 by rpki-client