$ rpki-client -vvf rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft File: OxaIpfe3JKr754IKLGPZey6o5SI.mft (raw, json) Hash identifier: eZKPgRCDEHY6PZjQbGGBIF2UFOlhpPs86tdI3WcQEok= Subject key identifier: 52:29:01:27:48:39:01:8E:D6:AC:52:5B:FD:13:B6:36:2C:18:14:BA Authority key identifier: 3B:16:88:A5:F7:B7:24:AA:FB:E7:82:0A:2C:63:D9:7B:2E:A8:E5:22 Certificate issuer: /CN=A91772FA/serialNumber=3B1688A5F7B724AAFBE7820A2C63D97B2EA8E522 Certificate serial: 030C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OxaIpfe3JKr754IKLGPZey6o5SI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft Manifest number: 0306 Signing time: Mon 21 Apr 2025 00:51:08 +0000 Manifest this update: Mon 21 Apr 2025 00:51:08 +0000 Manifest next update: Mon 28 Apr 2025 00:51:08 +0000 Files and hashes: 1: OxaIpfe3JKr754IKLGPZey6o5SI.crl (hash: TYc5H8QOiEkmGSNVCjFyXMXM0fhGGkK/bSxjrlnO8hw=) 2: 2D613294CD7611EC83259862C4F9AE02.roa (hash: eiU7ZSeORX7Nfv/I101YymEKed9tnUaeLJmxcj6rlLI=) 3: EF8CB49CD78F11EC91680D49C4F9AE02.roa (hash: lJKugMMEeA6hotCUmsieh3f9JUtmDi6Rwayct/vX1UY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.crl rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OxaIpfe3JKr754IKLGPZey6o5SI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 00:51:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 780 (0x30c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91772FA, serialNumber=3B1688A5F7B724AAFBE7820A2C63D97B2EA8E522 Validity Not Before: Apr 21 00:51:08 2025 GMT Not After : Apr 28 00:51:08 2025 GMT Subject: CN=6805967c-170f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:1d:7e:c0:5b:53:23:a6:c1:35:56:c9:c2:69: e0:a6:58:9e:75:ca:e0:d4:72:a3:78:48:eb:1a:2e: a5:94:0f:f8:83:c5:7d:ff:e0:3b:3d:ea:be:11:1a: f0:b1:c7:34:e5:13:b2:a6:9b:a5:be:81:ef:2b:3a: 34:12:ba:1a:da:36:a8:81:7f:de:54:9f:27:1a:ff: d5:e8:0a:33:bb:fc:66:eb:6c:38:f1:48:f9:7d:ae: 64:e1:5e:87:b6:6f:9e:71:86:24:52:08:fa:f8:be: bc:fb:44:cd:e3:e2:d3:ba:9d:1e:2b:e4:7c:87:fd: e3:02:d6:09:2b:28:2a:59:e4:a9:2f:f3:be:38:c4: 86:6b:38:e5:16:56:6b:65:8e:0e:dd:39:ff:41:ec: c3:ad:0b:d5:af:00:b3:a9:34:fd:44:60:8c:df:f8: 13:15:b0:c1:f2:05:d2:96:6e:93:81:09:a9:e1:a5: b4:7e:87:2b:fd:46:a3:a8:91:47:3d:59:ea:0d:63: a9:04:5e:47:1e:b0:14:b3:5c:32:90:d5:f7:87:ae: eb:3d:38:f7:b4:f5:bc:c6:a6:ba:41:19:28:7b:44: 23:1c:02:c3:df:e7:d1:03:bd:5d:ec:9c:50:73:9e: 06:89:3d:c1:5b:cd:cf:be:46:c8:5a:55:a4:4b:aa: f8:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:29:01:27:48:39:01:8E:D6:AC:52:5B:FD:13:B6:36:2C:18:14:BA X509v3 Authority Key Identifier: keyid:3B:16:88:A5:F7:B7:24:AA:FB:E7:82:0A:2C:63:D9:7B:2E:A8:E5:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OxaIpfe3JKr754IKLGPZey6o5SI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6f:d1:1b:85:4f:83:f8:0e:4b:f2:78:c3:ea:9e:e4:3e:17:98: fb:ac:c3:4f:57:78:ea:e5:38:29:60:45:ab:f7:b9:2c:4b:b4: 1b:26:cd:37:d5:57:13:b0:88:84:e3:fb:50:8c:14:1e:36:8f: 39:35:e0:bb:cc:9f:b9:77:4f:0b:cd:65:82:9e:6e:0b:f6:14: 78:8a:b2:19:b3:36:ea:bf:a9:98:50:8b:68:8c:11:d7:db:58: 6e:65:6e:63:3d:10:cf:48:5c:6c:03:2d:a7:41:4e:1b:a0:88: 97:a8:72:bf:0a:9f:b6:f3:d0:6b:da:95:f2:1f:91:7f:1e:62: 48:2f:8c:2d:91:e4:81:4d:d1:6a:4b:d8:ef:70:f8:58:fd:c4: 90:ff:50:25:a4:64:95:46:86:e3:84:42:b1:e2:6e:db:d4:39: e8:31:e8:a4:ea:7e:f1:05:f3:0c:7a:80:31:d4:32:2e:26:32: 5f:5e:b1:bc:62:43:2e:df:d5:af:3c:2b:36:c8:af:9b:6c:aa: b9:e9:34:09:32:e3:f8:19:6a:e7:8c:69:c8:39:b2:e5:d3:24: 4d:39:8f:fd:75:ee:3f:9b:ad:ec:7f:8a:ef:66:49:32:11:ef: 19:1c:01:f4:55:b6:42:82:3f:48:da:b9:6e:20:99:47:e1:4b: cb:99:40:11 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAwwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzcyRkExMTAvBgNVBAUTKDNCMTY4OEE1RjdCNzI0QUFGQkU3ODIwQTJDNjNEOTdC MkVBOEU1MjIwHhcNMjUwNDIxMDA1MTA4WhcNMjUwNDI4MDA1MTA4WjAYMRYwFAYD VQQDEw02ODA1OTY3Yy0xNzBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyR1+wFtTI6bBNVbJwmngpliedcrg1HKjeEjrGi6llA/4g8V9/+A7Peq+ERrw scc05ROyppulvoHvKzo0Eroa2jaogX/eVJ8nGv/V6Aozu/xm62w48Uj5fa5k4V6H tm+ecYYkUgj6+L68+0TN4+LTup0eK+R8h/3jAtYJKygqWeSpL/O+OMSGazjlFlZr ZY4O3Tn/QezDrQvVrwCzqTT9RGCM3/gTFbDB8gXSlm6TgQmp4aW0focr/UajqJFH PVnqDWOpBF5HHrAUs1wykNX3h67rPTj3tPW8xqa6QRkoe0QjHALD3+fRA71d7JxQ c54GiT3BW83PvkbIWlWkS6r4+wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFIpASdI OQGO1qxSW/0TtjYsGBS6MB8GA1UdIwQYMBaAFDsWiKX3tySq++eCCixj2XsuqOUi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NzJGQS9ENzI0NDU2MkNE NzMxMUVDQTBBQTgwNjFDNEY5QUUwMi9PeGFJcGZlM0pLcjc1NElLTEdQWmV5Nm81 U0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL094YUlwZmUzSktyNzU0SUtMR1BaZXk2bzVTSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 NzJGQS9ENzI0NDU2MkNENzMxMUVDQTBBQTgwNjFDNEY5QUUwMi9PeGFJcGZlM0pL cjc1NElLTEdQWmV5Nm81U0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBv0RuFT4P4DkvyeMPqnuQ+F5j7rMNPV3jq5TgpYEWr97ksS7QbJs03 1VcTsIiE4/tQjBQeNo85NeC7zJ+5d08LzWWCnm4L9hR4irIZszbqv6mYUItojBHX 21huZW5jPRDPSFxsAy2nQU4boIiXqHK/Cp+289Br2pXyH5F/HmJIL4wtkeSBTdFq S9jvcPhY/cSQ/1AlpGSVRobjhEKx4m7b1DnoMeik6n7xBfMMeoAx1DIuJjJfXrG8 YkMu39WvPCs2yK+bbKq56TQJMuP4GWrnjGnIObLl0yRNOY/9de4/m63sf4rvZkky Ee8ZHAH0VbZCgj9I2rluIJlH4UvLmUAR -----END CERTIFICATE-----Generated at Mon Apr 21 21:24:32 2025 by rpki-client