$ rpki-client -vvf rpki.apnic.net/member_repository/A919CA18/6D059BBCB1B211ED8D7C2F2BC4F9AE02/OvnsvEXk4pfSm6bEEfGgXIudqeM.mft File: OvnsvEXk4pfSm6bEEfGgXIudqeM.mft (raw, json) Hash identifier: TmkmNWp/FYI8EroQYl2C43wK/JeJ7siSlncCiWEUVqY= Subject key identifier: 8B:CB:49:4D:C5:9F:37:A5:5D:42:6B:EA:DA:B4:38:47:6D:09:5C:87 Authority key identifier: 3A:F9:EC:BC:45:E4:E2:97:D2:9B:A6:C4:11:F1:A0:5C:8B:9D:A9:E3 Certificate issuer: /CN=A919CA18/serialNumber=3AF9ECBC45E4E297D29BA6C411F1A05C8B9DA9E3 Certificate serial: 0191 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OvnsvEXk4pfSm6bEEfGgXIudqeM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919CA18/6D059BBCB1B211ED8D7C2F2BC4F9AE02/OvnsvEXk4pfSm6bEEfGgXIudqeM.mft Manifest number: 018F Signing time: Sat 05 Apr 2025 02:57:13 +0000 Manifest this update: Sat 05 Apr 2025 02:57:12 +0000 Manifest next update: Sat 12 Apr 2025 02:57:12 +0000 Files and hashes: 1: OvnsvEXk4pfSm6bEEfGgXIudqeM.crl (hash: 6PkHiuOnJ0lwkILLzL/XldfOtcFSt6XHYYfZ8cUZjBM=) 2: 82E99F5A10FC11EF95048154C4F9AE02.roa (hash: KiSgunw3k37SA5qIOSFD0yKCbhYgrY4Gzd+tIVRajoM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919CA18/6D059BBCB1B211ED8D7C2F2BC4F9AE02/OvnsvEXk4pfSm6bEEfGgXIudqeM.crl rsync://rpki.apnic.net/member_repository/A919CA18/6D059BBCB1B211ED8D7C2F2BC4F9AE02/OvnsvEXk4pfSm6bEEfGgXIudqeM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OvnsvEXk4pfSm6bEEfGgXIudqeM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 02:57:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 401 (0x191) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919CA18 Validity Not Before: Apr 5 02:57:12 2025 GMT Not After : Apr 12 02:57:12 2025 GMT Subject: CN=67f09c09-19c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:d9:a4:67:63:96:d5:5c:7f:45:74:f2:67:46: 52:dc:63:2a:2e:37:a9:00:4c:58:0c:8b:6a:f9:ea: 35:4f:e0:fb:45:33:2a:cb:47:95:9f:8e:4b:bc:d5: 25:a3:bc:a1:d5:76:fc:b7:b5:d9:7f:78:b6:59:5c: 37:de:ef:64:7e:2c:3f:6a:62:0e:00:24:a1:d7:8e: a5:5c:ef:ca:5f:23:ff:7b:af:05:49:80:6f:74:33: 62:eb:e2:6e:db:3c:09:95:f8:de:19:bd:ac:33:a2: 7a:7b:86:c6:64:ac:07:c9:bf:1c:8f:c3:b1:b5:d8: ea:26:a9:1b:95:24:73:d1:47:ce:c4:85:bf:20:bc: 26:8a:aa:3e:2e:58:19:af:ae:a9:e8:e3:45:0d:f4: d1:28:c3:22:5a:16:d8:95:f6:96:a1:bb:39:f2:08: f0:76:76:9f:04:e9:90:13:73:c8:12:e5:1f:42:e0: be:8e:e9:47:6e:97:11:58:c8:1f:87:aa:08:86:81: df:9a:4b:13:73:86:9d:53:9e:07:25:1b:4e:9e:25: d1:55:ae:c8:29:10:25:b3:86:55:9a:88:8c:dc:5c: d7:ac:88:88:5c:dd:f9:ce:a2:25:4e:69:9d:1c:b5: 05:d4:94:ce:cc:ca:a8:f6:34:4d:79:44:1a:9f:13: 63:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:CB:49:4D:C5:9F:37:A5:5D:42:6B:EA:DA:B4:38:47:6D:09:5C:87 X509v3 Authority Key Identifier: keyid:3A:F9:EC:BC:45:E4:E2:97:D2:9B:A6:C4:11:F1:A0:5C:8B:9D:A9:E3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919CA18/6D059BBCB1B211ED8D7C2F2BC4F9AE02/OvnsvEXk4pfSm6bEEfGgXIudqeM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OvnsvEXk4pfSm6bEEfGgXIudqeM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919CA18/6D059BBCB1B211ED8D7C2F2BC4F9AE02/OvnsvEXk4pfSm6bEEfGgXIudqeM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b0:04:48:1c:46:94:8f:f7:01:74:1e:55:6f:a4:2e:69:09:97: f5:c6:00:d1:60:9d:b7:9c:1a:a2:34:bd:de:bc:dc:d8:fa:e5: 0e:0e:89:08:82:f3:36:de:9d:6f:e3:21:db:31:1f:d2:b0:d6: 35:5a:d0:ca:da:b3:ca:8f:e0:9b:b1:91:2d:42:8a:98:6c:19: b8:35:91:9d:dd:04:b4:a7:f1:8f:ed:ae:99:c1:a3:87:e9:91: a4:ae:80:a7:ab:ce:09:aa:ea:1d:50:27:fd:f8:a6:3d:9d:ce: fa:7e:7f:05:06:55:c1:17:29:d5:fe:f4:ac:7c:b5:21:78:ca: 71:75:53:63:6d:de:b3:6c:8e:23:69:be:f2:4e:80:5a:d0:50: 06:82:f1:25:b5:88:a0:d7:73:48:f5:91:58:22:39:31:95:6d: 8d:fe:cc:4a:c5:5b:04:4e:4d:87:02:bb:56:6a:dc:cb:c0:47: 81:88:10:82:f0:02:94:0c:6a:21:7e:9e:ab:95:93:ad:cb:d7: 60:3e:63:70:0c:30:ee:b5:2f:93:94:e8:f1:10:c9:d2:7a:a1: 5e:05:8b:39:9e:1e:d2:45:b2:bd:bf:bf:6a:f2:a7:e5:77:00: 0a:eb:13:9a:07:3c:50:0a:6b:e5:76:fb:7c:1d:2d:ae:6e:f6: 1f:c5:a2:21 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAZEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUNBMTgxMTAvBgNVBAUTKDNBRjlFQ0JDNDVFNEUyOTdEMjlCQTZDNDExRjFBMDVD OEI5REE5RTMwHhcNMjUwNDA1MDI1NzEyWhcNMjUwNDEyMDI1NzEyWjAYMRYwFAYD VQQDEw02N2YwOWMwOS0xOWM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAndmkZ2OW1Vx/RXTyZ0ZS3GMqLjepAExYDItq+eo1T+D7RTMqy0eVn45LvNUl o7yh1Xb8t7XZf3i2WVw33u9kfiw/amIOACSh146lXO/KXyP/e68FSYBvdDNi6+Ju 2zwJlfjeGb2sM6J6e4bGZKwHyb8cj8OxtdjqJqkblSRz0UfOxIW/ILwmiqo+LlgZ r66p6ONFDfTRKMMiWhbYlfaWobs58gjwdnafBOmQE3PIEuUfQuC+julHbpcRWMgf h6oIhoHfmksTc4adU54HJRtOniXRVa7IKRAls4ZVmoiM3FzXrIiIXN35zqIlTmmd HLUF1JTOzMqo9jRNeUQanxNjHQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIvLSU3F nzelXUJr6tq0OEdtCVyHMB8GA1UdIwQYMBaAFDr57LxF5OKX0pumxBHxoFyLnanj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5Q0ExOC82RDA1OUJCQ0Ix QjIxMUVEOEQ3QzJGMkJDNEY5QUUwMi9Pdm5zdkVYazRwZlNtNmJFRWZHZ1hJdWRx ZU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL092bnN2RVhrNHBmU202YkVFZkdnWEl1ZHFlTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 Q0ExOC82RDA1OUJCQ0IxQjIxMUVEOEQ3QzJGMkJDNEY5QUUwMi9Pdm5zdkVYazRw ZlNtNmJFRWZHZ1hJdWRxZU0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCwBEgcRpSP9wF0HlVvpC5pCZf1xgDRYJ23nBqiNL3evNzY+uUODokI gvM23p1v4yHbMR/SsNY1WtDK2rPKj+CbsZEtQoqYbBm4NZGd3QS0p/GP7a6ZwaOH 6ZGkroCnq84JquodUCf9+KY9nc76fn8FBlXBFynV/vSsfLUheMpxdVNjbd6zbI4j ab7yToBa0FAGgvEltYig13NI9ZFYIjkxlW2N/sxKxVsETk2HArtWatzLwEeBiBCC 8AKUDGohfp6rlZOty9dgPmNwDDDutS+TlOjxEMnSeqFeBYs5nh7SRbK9v79q8qfl dwAK6xOaBzxQCmvldvt8HS2ubvYfxaIh -----END CERTIFICATE-----Generated at Sun Apr 6 16:35:34 2025 by rpki-client