$ rpki-client -vvf rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/oktqYgRLcAZfBQY4hGDkry8X8_8.mft File: oktqYgRLcAZfBQY4hGDkry8X8_8.mft (raw, json) Hash identifier: WGkkrXgsZFYwyKyAKTupCnYgv1RUmsWnu/5dm5Sleps= Subject key identifier: 12:72:8B:8B:DF:CF:1D:06:2C:F7:37:72:34:C4:A8:B7:60:0F:54:A8 Authority key identifier: A2:4B:6A:62:04:4B:70:06:5F:05:06:38:84:60:E4:AF:2F:17:F3:FF Certificate issuer: /CN=A918F550/serialNumber=A24B6A62044B70065F0506388460E4AF2F17F3FF Certificate serial: 3521 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oktqYgRLcAZfBQY4hGDkry8X8_8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/oktqYgRLcAZfBQY4hGDkry8X8_8.mft Manifest number: 34C3 Signing time: Sun 20 Apr 2025 14:25:45 +0000 Manifest this update: Sun 20 Apr 2025 14:25:45 +0000 Manifest next update: Sun 27 Apr 2025 14:25:45 +0000 Files and hashes: 1: oktqYgRLcAZfBQY4hGDkry8X8_8.crl (hash: 8vLdR4WKLQhsA5EXW/o2JesxXrAvUFxFbydWOzYCJ/w=) 2: A99B7B0A7CC211EFAF770811C4F9AE02.roa (hash: LRgBeS95TqQozF5AqWzaZUqlsD5uzo2WC7dIoNj8drc=) 3: 8A7456C47CBE11EFB9BF7074C4F9AE02.roa (hash: HcKEOonzAu+z0GPSseUC7go/+PDERZEFfa5gQQU6r04=) 4: 190AC86A33FF11EDB747A054C4F9AE02.roa (hash: yTZANzjfsTRDW4TWvk7jnlYG+mHu3NNnkszMyxSn7bY=) 5: 203B2B7A1C9811EE995E057EC4F9AE02.roa (hash: 4zPuCRb6jQp/WONx/+B920AnQZg5YD/rNNquB0manEQ=) 6: CF50CAEE7CC211EFA0514511C4F9AE02.roa (hash: lLOS6iIX9XnjW5mqGMyIzeegwe8mQOfFKlRYkQHEw4g=) 7: E52789DCE39E11EAAAE0622CC4F9AE02.roa (hash: QHmNlvHkZ1UVpicdTwIncttCEG27hNKbZKwKjK3XZ7Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/oktqYgRLcAZfBQY4hGDkry8X8_8.crl rsync://rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/oktqYgRLcAZfBQY4hGDkry8X8_8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oktqYgRLcAZfBQY4hGDkry8X8_8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 14:25:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13601 (0x3521) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918F550, serialNumber=A24B6A62044B70065F0506388460E4AF2F17F3FF Validity Not Before: Apr 20 14:25:45 2025 GMT Not After : Apr 27 14:25:45 2025 GMT Subject: CN=680503e9-c770 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:53:f2:72:6f:03:66:f2:99:4e:aa:4e:f1:38: 6e:58:3c:92:fa:b8:aa:dc:af:f8:c9:ef:7a:05:db: 29:ed:c7:2f:ab:06:7c:5f:6a:22:15:c9:f6:f4:49: 34:4e:d8:0b:95:f5:48:8d:4b:9e:b4:00:04:f5:0a: 31:84:ad:55:70:02:2f:a0:1a:d8:42:54:2a:c3:df: ab:06:0e:43:74:41:d4:8f:f5:52:36:b5:06:c3:07: bc:f9:e0:55:30:7c:ff:e2:4f:67:da:a0:1c:a0:ed: ed:5c:ec:65:97:5d:38:43:56:09:59:3a:6d:36:e5: d6:53:f4:8d:0e:30:1f:7e:f2:6f:ad:aa:9d:37:38: 6b:7e:d8:2a:82:6a:be:b7:49:a8:55:16:ed:4e:72: 82:da:81:e5:81:7e:74:63:33:d1:9a:78:18:b4:0e: f4:28:71:8e:8f:60:3a:1d:28:15:19:78:d5:b9:5e: 97:df:79:27:06:65:40:53:73:11:ef:88:3a:ff:9a: 72:0e:d4:ec:93:d7:44:e0:1f:7e:5e:d5:b7:34:fc: 7d:78:70:e0:5f:4a:84:20:4d:4f:62:2c:1a:79:37: 96:b5:ba:df:ea:64:5a:18:6b:2d:12:17:ff:3b:b1: 7a:b4:ae:c4:18:be:65:32:2b:5d:3a:45:f7:05:45: 97:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:72:8B:8B:DF:CF:1D:06:2C:F7:37:72:34:C4:A8:B7:60:0F:54:A8 X509v3 Authority Key Identifier: keyid:A2:4B:6A:62:04:4B:70:06:5F:05:06:38:84:60:E4:AF:2F:17:F3:FF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/oktqYgRLcAZfBQY4hGDkry8X8_8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oktqYgRLcAZfBQY4hGDkry8X8_8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F550/8B9BD2021D8511E2B41230DC08B02CD2/oktqYgRLcAZfBQY4hGDkry8X8_8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0c:07:91:80:bb:4d:07:33:1f:00:57:7b:45:d2:74:4c:f8:eb: 60:b6:c6:6d:17:7c:08:0d:36:fb:f5:5b:2f:ee:ae:94:00:93: 50:c1:c7:47:f9:c3:e8:c1:23:69:e7:c0:18:00:4c:04:43:b1: cb:7a:bc:e8:81:ca:bc:0c:f3:aa:41:44:a7:dc:05:e9:ba:cd: f0:d7:bd:61:f9:c3:78:27:00:1e:01:bb:b2:94:30:a6:5b:12: d7:76:1a:4f:2b:33:74:6a:8e:23:0a:0b:48:bd:79:b0:c7:67: 9e:5e:eb:82:cd:4d:3a:40:3f:15:db:1e:2f:f5:1b:d5:f6:01: 0e:f4:c4:74:15:b8:7c:a3:19:0f:f2:7d:cb:49:23:05:60:62: b2:0d:40:21:0e:21:e2:64:00:8c:40:e2:c4:ce:9c:ec:8b:35: 73:49:46:73:7b:48:1e:40:4e:82:76:d9:9c:47:75:1f:4c:25: 2d:78:8a:f2:e5:6e:3b:55:5c:ac:63:04:de:ef:d3:4a:03:fb: fb:fd:72:31:e5:f6:77:6e:fd:d1:9d:76:2f:50:84:ef:a2:8a: cc:7c:bb:f2:48:e1:db:34:45:ce:63:fd:eb:19:9f:98:5e:c3: 1e:8f:59:7f:84:e7:12:28:cb:71:c3:24:4b:6c:2e:4e:2d:f5: 24:e3:03:60 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNSEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEY1NTAxMTAvBgNVBAUTKEEyNEI2QTYyMDQ0QjcwMDY1RjA1MDYzODg0NjBFNEFG MkYxN0YzRkYwHhcNMjUwNDIwMTQyNTQ1WhcNMjUwNDI3MTQyNTQ1WjAYMRYwFAYD VQQDEw02ODA1MDNlOS1jNzcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA11Pycm8DZvKZTqpO8ThuWDyS+riq3K/4ye96Bdsp7ccvqwZ8X2oiFcn29Ek0 TtgLlfVIjUuetAAE9QoxhK1VcAIvoBrYQlQqw9+rBg5DdEHUj/VSNrUGwwe8+eBV MHz/4k9n2qAcoO3tXOxll104Q1YJWTptNuXWU/SNDjAffvJvraqdNzhrftgqgmq+ t0moVRbtTnKC2oHlgX50YzPRmngYtA70KHGOj2A6HSgVGXjVuV6X33knBmVAU3MR 74g6/5pyDtTsk9dE4B9+XtW3NPx9eHDgX0qEIE1PYiwaeTeWtbrf6mRaGGstEhf/ O7F6tK7EGL5lMitdOkX3BUWXRQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBJyi4vf zx0GLPc3cjTEqLdgD1SoMB8GA1UdIwQYMBaAFKJLamIES3AGXwUGOIRg5K8vF/P/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RjU1MC84QjlCRDIwMjFE ODUxMUUyQjQxMjMwREMwOEIwMkNEMi9va3RxWWdSTGNBWmZCUVk0aEdEa3J5OFg4 XzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29rdHFZZ1JMY0FaZkJRWTRoR0Rrcnk4WDhfOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 RjU1MC84QjlCRDIwMjFEODUxMUUyQjQxMjMwREMwOEIwMkNEMi9va3RxWWdSTGNB WmZCUVk0aEdEa3J5OFg4XzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAMB5GAu00HMx8AV3tF0nRM+OtgtsZtF3wIDTb79Vsv7q6UAJNQwcdH +cPowSNp58AYAEwEQ7HLerzogcq8DPOqQUSn3AXpus3w171h+cN4JwAeAbuylDCm WxLXdhpPKzN0ao4jCgtIvXmwx2eeXuuCzU06QD8V2x4v9RvV9gEO9MR0Fbh8oxkP 8n3LSSMFYGKyDUAhDiHiZACMQOLEzpzsizVzSUZze0geQE6CdtmcR3UfTCUteIry 5W47VVysYwTe79NKA/v7/XIx5fZ3bv3RnXYvUITvoorMfLvySOHbNEXOY/3rGZ+Y XsMej1l/hOcSKMtxwyRLbC5OLfUk4wNg -----END CERTIFICATE-----Generated at Mon Apr 21 03:37:13 2025 by rpki-client