$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft File: OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft (raw, json) Hash identifier: vSaSdf8mCEeqcthXPNrG4Jn7qrcaXQ/Jm7fJvTSOem8= Subject key identifier: 3D:A0:75:D3:79:C5:60:D9:CD:E5:BA:39:E8:FA:07:58:11:92:B5:70 Authority key identifier: 39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD Certificate issuer: /CN=A9157D67/serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD Certificate serial: 0AFB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft Manifest number: 0957 Signing time: Fri 04 Apr 2025 22:09:22 +0000 Manifest this update: Fri 04 Apr 2025 22:09:22 +0000 Manifest next update: Fri 11 Apr 2025 22:09:22 +0000 Files and hashes: 1: OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl (hash: lW4er16j322H0pVRAkfRXrJBbV9P1MZA+L857qTYisw=) 2: 93EE047E4BB511EE9309AA4EC4F9AE02.roa (hash: cKLqzBD3UNEjua94H34t+S8hZV/aOFg8bXhQVhmFTLs=) 3: 72C9BE36950211EFAC892C5EC4F9AE02.roa (hash: Bpq9dhCpjI1cT2kel0jPo45D0NBWXD/qIfwghmBzSyI=) 4: 263DB02C4BB611EE9B959267C4F9AE02.roa (hash: Sc37SATsVjDUvoeuant9XpguxSfk6BLAFRWRVkPZh+Q=) 5: B803EDC45E9711EF8BA65030C4F9AE02.roa (hash: qf5NB+ztGO047leVo2PXRKVTSjGsBtoThqvuiJ+BpyM=) 6: 183EB332F56911EFA13C606AC4F9AE02.roa (hash: RHdkajliCNX590KzhZDUzxq0eBEsrjjkgCabjfQhV+0=) 7: AB96EF3852CD11ECAB209C5FC4F9AE02.roa (hash: PTN3D9DukvxulJCnZfplXeEJi7h63+XDY8ZJvEz9E/c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 22:09:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2811 (0xafb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157D67 Validity Not Before: Apr 4 22:09:22 2025 GMT Not After : Apr 11 22:09:22 2025 GMT Subject: CN=67f05892-5f27 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:0d:85:c7:34:a5:c4:98:a0:59:86:e4:1a:c0: f8:b6:6c:4f:a0:63:0e:c8:a1:19:4d:8e:8a:2b:58: 78:77:07:10:9b:52:06:0a:49:7a:c1:9c:47:d1:61: e5:a6:3a:66:4c:fb:e9:0c:ca:a6:4f:91:16:a5:eb: 44:20:ea:23:b2:36:04:03:93:54:fb:1e:8e:b0:e7: 90:fb:18:d4:03:26:75:c8:e5:f5:dc:c7:a0:eb:54: 97:cb:72:a2:0d:a4:f8:df:67:33:6f:d3:38:4a:9e: 2c:fc:69:44:47:95:6e:43:6d:d6:84:43:ac:96:8e: 20:76:a5:82:f2:66:41:d3:e3:11:3c:a8:d5:25:54: 6e:79:59:a7:bb:a1:a2:7a:3c:47:6b:4c:77:d7:3d: 86:95:33:32:e5:0d:18:df:ca:c2:b0:2e:04:40:3a: 6e:f3:28:b8:e5:e5:e4:ff:30:7e:0c:7f:d1:a0:76: 04:2f:71:f0:3c:85:a6:c3:04:11:e9:3d:8f:1a:ef: 96:59:d8:15:48:b0:45:e4:94:11:a4:80:98:4d:3b: 4b:04:1b:48:03:2b:f3:89:13:b8:6a:2e:53:a9:92: d9:fe:f0:8a:4d:67:4a:ca:42:bb:f8:0d:ae:c9:24: 2c:54:ee:50:33:e5:9b:82:ed:17:d5:74:d0:0a:24: c3:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:A0:75:D3:79:C5:60:D9:CD:E5:BA:39:E8:FA:07:58:11:92:B5:70 X509v3 Authority Key Identifier: keyid:39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 77:70:93:d1:ea:76:27:93:7b:dd:47:90:c5:d1:66:5b:77:45: 95:8e:f8:e9:18:6c:93:a3:d2:d1:76:62:b9:d7:85:ba:ca:d8: a7:6e:f9:28:e0:4d:3c:f1:77:61:33:30:a0:37:90:56:44:3b: 8c:e3:49:eb:8f:5f:be:a3:b8:da:27:8e:c9:29:61:48:e3:9e: 1c:12:9b:e2:49:ce:d3:47:2b:a8:af:09:8b:21:e2:17:04:15: 53:60:13:27:a3:d7:5a:59:83:4d:8a:b0:25:28:6a:e3:6c:36: e9:69:5c:99:1b:a6:85:b5:89:d8:3e:c4:7e:20:84:74:ba:a5: 10:17:eb:0e:9b:6e:27:c3:71:a6:e0:0c:71:b0:83:b0:7f:9f: 83:a3:06:5e:43:37:96:05:c3:83:78:02:65:f9:79:0d:d2:82: 18:2a:ff:07:96:3f:67:6c:1f:75:61:79:d5:60:e7:cd:61:26: 7c:11:bd:db:cf:4e:39:39:b4:9e:59:9f:f9:c0:e4:78:cf:98: 67:9a:1b:57:58:c2:72:93:d2:4d:d2:2e:e0:d8:48:d2:33:29: 33:cf:29:37:5f:68:83:a9:19:d5:48:30:9d:3e:9e:3f:bb:ba: 0b:92:71:b5:3e:7f:a2:2a:ff:d3:de:2d:54:9f:aa:c8:82:b2: 38:44:40:57 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCvswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdENjcxMTAvBgNVBAUTKDM5QzQzOTY3NTcwMDg3RjU4M0U0MjVBOUZFOUI2OUI5 NTA2QTU5QkQwHhcNMjUwNDA0MjIwOTIyWhcNMjUwNDExMjIwOTIyWjAYMRYwFAYD VQQDEw02N2YwNTg5Mi01ZjI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzg2FxzSlxJigWYbkGsD4tmxPoGMOyKEZTY6KK1h4dwcQm1IGCkl6wZxH0WHl pjpmTPvpDMqmT5EWpetEIOojsjYEA5NU+x6OsOeQ+xjUAyZ1yOX13Meg61SXy3Ki DaT432czb9M4Sp4s/GlER5VuQ23WhEOslo4gdqWC8mZB0+MRPKjVJVRueVmnu6Gi ejxHa0x31z2GlTMy5Q0Y38rCsC4EQDpu8yi45eXk/zB+DH/RoHYEL3HwPIWmwwQR 6T2PGu+WWdgVSLBF5JQRpICYTTtLBBtIAyvziRO4ai5TqZLZ/vCKTWdKykK7+A2u ySQsVO5QM+Wbgu0X1XTQCiTD2wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD2gddN5 xWDZzeW6Oej6B1gRkrVwMB8GA1UdIwQYMBaAFDnEOWdXAIf1g+Qlqf6bablQalm9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q2Ny82OUU2QzE2QTQ0 MkExMUVCOTU5OUFEMzhDNEY5QUUwMi9PY1E1WjFjQWhfV0Q1Q1dwX3B0cHVWQnFX YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09jUTVaMWNBaF9XRDVDV3BfcHRwdVZCcVdiMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 N0Q2Ny82OUU2QzE2QTQ0MkExMUVCOTU5OUFEMzhDNEY5QUUwMi9PY1E1WjFjQWhf V0Q1Q1dwX3B0cHVWQnFXYjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB3cJPR6nYnk3vdR5DF0WZbd0WVjvjpGGyTo9LRdmK514W6ytinbvko 4E088XdhMzCgN5BWRDuM40nrj1++o7jaJ47JKWFI454cEpviSc7TRyuorwmLIeIX BBVTYBMno9daWYNNirAlKGrjbDbpaVyZG6aFtYnYPsR+IIR0uqUQF+sOm24nw3Gm 4AxxsIOwf5+DowZeQzeWBcODeAJl+XkN0oIYKv8Hlj9nbB91YXnVYOfNYSZ8Eb3b z045ObSeWZ/5wOR4z5hnmhtXWMJyk9JN0i7g2EjSMykzzyk3X2iDqRnVSDCdPp4/ u7oLknG1Pn+iKv/T3i1Un6rIgrI4REBX -----END CERTIFICATE-----Generated at Sat Apr 5 03:54:04 2025 by rpki-client