$ rpki-client -vvf rpki.apnic.net/member_repository/A9151638/12711732476C11EC89EF6239C4F9AE02/OFkvBW-DzNQKYq4RYCkmlChaLPQ.mft File: OFkvBW-DzNQKYq4RYCkmlChaLPQ.mft (raw, json) Hash identifier: k48jmdmg/+ow4Z2J/lSWFmAvMxG6wCZrAIKxd7x50Kc= Subject key identifier: A4:06:0E:DA:AB:78:24:C0:57:BD:C5:58:C7:74:8A:16:43:FB:C7:DC Authority key identifier: 38:59:2F:05:6F:83:CC:D4:0A:62:AE:11:60:29:26:94:28:5A:2C:F4 Certificate issuer: /CN=A9151638/serialNumber=38592F056F83CCD40A62AE1160292694285A2CF4 Certificate serial: 045E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OFkvBW-DzNQKYq4RYCkmlChaLPQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9151638/12711732476C11EC89EF6239C4F9AE02/OFkvBW-DzNQKYq4RYCkmlChaLPQ.mft Manifest number: 0459 Signing time: Sun 06 Apr 2025 23:48:32 +0000 Manifest this update: Sun 06 Apr 2025 23:48:32 +0000 Manifest next update: Sun 13 Apr 2025 23:48:32 +0000 Files and hashes: 1: OFkvBW-DzNQKYq4RYCkmlChaLPQ.crl (hash: tVAm62/BeEQjfD7gKNDoR8ljuEFomD02yI6ceuaFJ/Y=) 2: 2404BA68477011EC8A31B762C4F9AE02.roa (hash: w9FaGj3sY61MFEZzIunRrfWZ3OYXoXaJ/HX3XZ5M44M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9151638/12711732476C11EC89EF6239C4F9AE02/OFkvBW-DzNQKYq4RYCkmlChaLPQ.crl rsync://rpki.apnic.net/member_repository/A9151638/12711732476C11EC89EF6239C4F9AE02/OFkvBW-DzNQKYq4RYCkmlChaLPQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OFkvBW-DzNQKYq4RYCkmlChaLPQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 13 Apr 2025 23:48:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1118 (0x45e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9151638 Validity Not Before: Apr 6 23:48:32 2025 GMT Not After : Apr 13 23:48:32 2025 GMT Subject: CN=67f312d0-3111 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:8c:d1:92:a9:ba:41:37:ba:82:75:20:1f:f3: 21:12:c6:1c:85:d7:d1:34:b9:6a:86:ce:54:0e:aa: f5:5e:20:e3:07:52:3b:15:2f:58:06:3c:41:31:56: c7:c8:18:96:7c:c8:91:76:7e:7c:e3:08:b8:6a:4e: 12:22:b1:3d:3a:9f:1c:f4:90:a3:10:1a:b9:ed:1b: 26:70:ff:1b:3d:b0:14:2f:ad:45:73:95:16:68:a1: 46:ea:da:18:b2:50:93:94:25:d3:93:3e:cd:8d:5f: 69:ac:ab:c0:be:61:f5:06:f7:4a:08:f4:c3:3e:2a: 9c:e7:b3:bd:da:15:66:c4:ad:b5:c1:82:03:46:72: 05:29:c4:61:11:ce:14:ec:13:69:26:53:83:16:6f: 1c:25:f0:21:7d:6b:ca:b7:72:9a:24:8c:cc:15:39: bd:22:9e:3e:58:a1:45:0c:33:03:10:b2:20:43:e5: 4e:6e:0a:e2:1e:2b:56:4c:eb:4c:a3:b5:55:92:c8: a4:a3:9c:d7:a3:e1:61:02:f9:38:db:35:b1:7f:ee: 7b:e1:66:91:53:8e:09:93:ff:a9:64:43:6b:68:69: 98:af:66:68:9a:07:27:db:86:95:9a:ad:9c:d1:89: 11:e7:1f:d5:0e:46:0e:82:0d:d8:09:40:90:ff:85: 1e:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:06:0E:DA:AB:78:24:C0:57:BD:C5:58:C7:74:8A:16:43:FB:C7:DC X509v3 Authority Key Identifier: keyid:38:59:2F:05:6F:83:CC:D4:0A:62:AE:11:60:29:26:94:28:5A:2C:F4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9151638/12711732476C11EC89EF6239C4F9AE02/OFkvBW-DzNQKYq4RYCkmlChaLPQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OFkvBW-DzNQKYq4RYCkmlChaLPQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9151638/12711732476C11EC89EF6239C4F9AE02/OFkvBW-DzNQKYq4RYCkmlChaLPQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2c:b4:97:90:52:69:55:60:30:19:1d:a3:08:30:f2:aa:c1:6f: b1:81:33:5a:8c:9d:ac:a9:15:02:ef:d5:9e:82:4f:e4:85:f0: 04:a9:35:47:fc:de:c0:ec:ad:99:eb:a9:ef:89:3f:90:60:e3: 99:36:40:9f:f2:4b:25:fc:5f:22:03:0b:92:3f:90:ea:fc:cf: 2b:50:f3:23:9d:ff:69:45:98:70:79:89:76:55:a7:9e:64:06: c0:a4:28:db:81:17:fc:65:4b:50:78:72:f6:00:b0:1d:aa:4d: 65:e9:7c:3e:f3:65:91:f1:9d:bb:8d:04:98:57:33:25:7b:be: 1b:4e:32:6a:a4:69:18:14:ef:2d:c4:24:0d:7a:47:8d:2b:28: 04:12:77:e8:aa:7a:7a:9a:b8:88:79:0b:48:70:25:7c:1b:22: 7c:c7:3e:40:25:8a:f7:6e:18:d3:3d:7a:8c:f6:9e:21:e1:8d: bb:ce:22:12:4e:98:ee:f7:20:a0:a7:c7:70:81:0b:d2:ad:3a: a5:d5:17:67:a6:e7:97:be:00:55:1b:4b:f7:af:fc:39:d2:de: 75:13:0e:90:30:54:35:fa:f2:f5:65:fd:d0:c2:6e:32:13:4e: 56:34:dd:cd:aa:88:4d:ed:46:f8:df:61:d8:6d:c0:16:65:70: 47:7c:0c:5e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBF4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTE2MzgxMTAvBgNVBAUTKDM4NTkyRjA1NkY4M0NDRDQwQTYyQUUxMTYwMjkyNjk0 Mjg1QTJDRjQwHhcNMjUwNDA2MjM0ODMyWhcNMjUwNDEzMjM0ODMyWjAYMRYwFAYD VQQDEw02N2YzMTJkMC0zMTExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw4zRkqm6QTe6gnUgH/MhEsYchdfRNLlqhs5UDqr1XiDjB1I7FS9YBjxBMVbH yBiWfMiRdn584wi4ak4SIrE9Op8c9JCjEBq57RsmcP8bPbAUL61Fc5UWaKFG6toY slCTlCXTkz7NjV9prKvAvmH1BvdKCPTDPiqc57O92hVmxK21wYIDRnIFKcRhEc4U 7BNpJlODFm8cJfAhfWvKt3KaJIzMFTm9Ip4+WKFFDDMDELIgQ+VObgriHitWTOtM o7VVksiko5zXo+FhAvk42zWxf+574WaRU44Jk/+pZENraGmYr2Zomgcn24aVmq2c 0YkR5x/VDkYOgg3YCUCQ/4UerQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKQGDtqr eCTAV73FWMd0ihZD+8fcMB8GA1UdIwQYMBaAFDhZLwVvg8zUCmKuEWApJpQoWiz0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTYzOC8xMjcxMTczMjQ3 NkMxMUVDODlFRjYyMzlDNEY5QUUwMi9PRmt2QlctRHpOUUtZcTRSWUNrbWxDaGFM UFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09Ga3ZCVy1Eek5RS1lxNFJZQ2ttbENoYUxQUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 MTYzOC8xMjcxMTczMjQ3NkMxMUVDODlFRjYyMzlDNEY5QUUwMi9PRmt2QlctRHpO UUtZcTRSWUNrbWxDaGFMUFEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAstJeQUmlVYDAZHaMIMPKqwW+xgTNajJ2sqRUC79Wegk/khfAEqTVH /N7A7K2Z66nviT+QYOOZNkCf8ksl/F8iAwuSP5Dq/M8rUPMjnf9pRZhweYl2Vaee ZAbApCjbgRf8ZUtQeHL2ALAdqk1l6Xw+82WR8Z27jQSYVzMle74bTjJqpGkYFO8t xCQNekeNKygEEnfoqnp6mriIeQtIcCV8GyJ8xz5AJYr3bhjTPXqM9p4h4Y27ziIS Tpju9yCgp8dwgQvSrTql1RdnpueXvgBVG0v3r/w50t51Ew6QMFQ1+vL1Zf3Qwm4y E05WNN3NqohN7Ub432HYbcAWZXBHfAxe -----END CERTIFICATE-----Generated at Mon Apr 7 13:26:57 2025 by rpki-client