$ rpki-client -vvf rpki.apnic.net/member_repository/A91CF9B0/14C9496E9F3F11EE801B1D62C4F9AE02/oqIX1KQS-1OPXJGjSzbOcYed22U.mft File: oqIX1KQS-1OPXJGjSzbOcYed22U.mft (raw, json) Hash identifier: Mausl/jTHK0EUIogw+oKqlv3qc/otXK8tWmwpO6baIs= Subject key identifier: F3:4D:75:BD:6C:89:06:41:C2:41:57:86:21:8A:2B:7A:54:33:D8:F4 Authority key identifier: A2:A2:17:D4:A4:12:FB:53:8F:5C:91:A3:4B:36:CE:71:87:9D:DB:65 Certificate issuer: /CN=A91CF9B0/serialNumber=A2A217D4A412FB538F5C91A34B36CE71879DDB65 Certificate serial: FC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oqIX1KQS-1OPXJGjSzbOcYed22U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CF9B0/14C9496E9F3F11EE801B1D62C4F9AE02/oqIX1KQS-1OPXJGjSzbOcYed22U.mft Manifest number: ED Signing time: Wed 19 Feb 2025 06:56:28 +0000 Manifest this update: Wed 19 Feb 2025 06:56:28 +0000 Manifest next update: Wed 26 Feb 2025 06:56:28 +0000 Files and hashes: 1: oqIX1KQS-1OPXJGjSzbOcYed22U.crl (hash: 4VG1yO5RxFlnSycR38Z7RETVfksc7Ox6HtVAYYKxbs4=) 2: 84D917FC9F4911EEA0C5C856C4F9AE02.roa (hash: NmyQHlBil47JzTSCPQYz/6ZBa9AnAtiDqsHIcZPO3dA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CF9B0/14C9496E9F3F11EE801B1D62C4F9AE02/oqIX1KQS-1OPXJGjSzbOcYed22U.crl rsync://rpki.apnic.net/member_repository/A91CF9B0/14C9496E9F3F11EE801B1D62C4F9AE02/oqIX1KQS-1OPXJGjSzbOcYed22U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oqIX1KQS-1OPXJGjSzbOcYed22U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 26 Feb 2025 06:56:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 252 (0xfc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CF9B0 Validity Not Before: Feb 19 06:56:28 2025 GMT Not After : Feb 26 06:56:28 2025 GMT Subject: CN=67b5809c-0690 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:2d:67:fa:7a:9e:31:6f:3c:b8:cc:02:3a:3c: e2:17:c7:91:b1:d5:e3:ca:4c:b5:bd:c9:fd:e8:01: 51:d9:4f:97:fa:96:54:59:59:84:d4:d4:5f:96:89: 4f:87:54:bc:37:d8:7b:e5:c5:11:9f:fe:d8:cb:67: 6f:3c:88:94:a4:25:3f:c4:c6:e0:2e:b4:65:30:17: ff:78:ba:dc:aa:60:9d:13:cf:77:29:a7:8a:b4:eb: da:68:ab:d1:cb:c5:f7:4e:09:22:cc:1c:d3:39:9a: 22:5c:15:14:c3:3f:f9:8d:0c:a5:ab:c5:c3:ce:d3: a2:89:38:a2:90:5f:f5:e8:e3:02:68:2d:08:a5:1e: 42:0f:71:20:2b:51:a6:66:80:63:48:af:5d:dc:8e: 33:82:69:fc:c8:44:9e:ad:25:d5:63:95:c0:8e:24: 5a:c0:75:59:89:b3:36:ec:54:cb:a0:ec:9a:6b:2b: fc:27:8a:ea:ab:54:92:1d:24:cf:16:38:cd:b2:bd: 17:79:2f:94:61:3c:6d:f4:80:87:c5:3e:02:89:52: b2:0b:4a:34:30:84:4c:b5:e2:a6:cc:85:0f:f8:67: 65:2a:88:dd:05:07:4f:c8:3d:3b:7e:42:15:cb:2c: 08:fe:57:fe:ab:e9:da:bf:06:9b:4e:bb:c4:e9:41: 1d:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:4D:75:BD:6C:89:06:41:C2:41:57:86:21:8A:2B:7A:54:33:D8:F4 X509v3 Authority Key Identifier: keyid:A2:A2:17:D4:A4:12:FB:53:8F:5C:91:A3:4B:36:CE:71:87:9D:DB:65 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CF9B0/14C9496E9F3F11EE801B1D62C4F9AE02/oqIX1KQS-1OPXJGjSzbOcYed22U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oqIX1KQS-1OPXJGjSzbOcYed22U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CF9B0/14C9496E9F3F11EE801B1D62C4F9AE02/oqIX1KQS-1OPXJGjSzbOcYed22U.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 49:58:40:03:7a:4e:33:12:5f:3a:b1:31:02:69:14:0d:0c:87: 4a:5c:62:b8:b8:51:e8:3a:63:47:05:de:e9:c8:97:5a:e2:a2: 2b:9e:0f:11:50:8c:78:87:5a:78:5b:72:d9:07:a9:d1:d6:ed: bc:e6:9f:a0:62:34:65:47:ed:49:f4:43:a7:05:61:91:db:78: dd:bc:21:99:7b:37:47:4e:4c:ac:3e:39:46:75:0f:78:fb:5b: ff:97:b3:21:15:7c:b8:15:51:8d:ec:91:b1:71:7d:33:2b:c4: 29:46:f0:98:31:e0:51:74:2a:a0:46:49:66:2d:21:2b:1b:6d: c3:0c:0b:f1:91:19:e9:ba:ac:2c:15:49:19:a1:bc:12:1a:ac: e3:72:d7:22:1e:78:e6:9b:6f:74:00:fd:19:c3:b1:4c:25:fc: 60:eb:1f:f0:87:ea:e7:e1:bb:76:c4:66:3b:31:fa:d6:7e:55: 3c:e9:e4:34:53:47:7e:3f:7f:1e:8c:97:7f:9e:f3:a8:42:2e: ac:47:4c:ee:dd:7b:3d:7a:11:73:05:eb:73:49:ba:cd:6b:01: 28:d8:cf:0a:17:c7:c2:8a:ff:90:30:4b:30:d0:38:7a:1e:06: e5:1c:1f:79:b9:ae:0f:29:a7:51:fd:03:b4:07:5a:14:c7:dc: 62:71:16:52 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAPwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0Y5QjAxMTAvBgNVBAUTKEEyQTIxN0Q0QTQxMkZCNTM4RjVDOTFBMzRCMzZDRTcx ODc5RERCNjUwHhcNMjUwMjE5MDY1NjI4WhcNMjUwMjI2MDY1NjI4WjAYMRYwFAYD VQQDEw02N2I1ODA5Yy0wNjkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwi1n+nqeMW88uMwCOjziF8eRsdXjyky1vcn96AFR2U+X+pZUWVmE1NRflolP h1S8N9h75cURn/7Yy2dvPIiUpCU/xMbgLrRlMBf/eLrcqmCdE893KaeKtOvaaKvR y8X3TgkizBzTOZoiXBUUwz/5jQylq8XDztOiiTiikF/16OMCaC0IpR5CD3EgK1Gm ZoBjSK9d3I4zgmn8yESerSXVY5XAjiRawHVZibM27FTLoOyaayv8J4rqq1SSHSTP FjjNsr0XeS+UYTxt9ICHxT4CiVKyC0o0MIRMteKmzIUP+GdlKojdBQdPyD07fkIV yywI/lf+q+navwabTrvE6UEdtwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPNNdb1s iQZBwkFXhiGKK3pUM9j0MB8GA1UdIwQYMBaAFKKiF9SkEvtTj1yRo0s2znGHndtl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRjlCMC8xNEM5NDk2RTlG M0YxMUVFODAxQjFENjJDNEY5QUUwMi9vcUlYMUtRUy0xT1BYSkdqU3piT2NZZWQy MlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29xSVgxS1FTLTFPUFhKR2pTemJPY1llZDIyVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RjlCMC8xNEM5NDk2RTlGM0YxMUVFODAxQjFENjJDNEY5QUUwMi9vcUlYMUtRUy0x T1BYSkdqU3piT2NZZWQyMlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBJWEADek4zEl86sTECaRQNDIdKXGK4uFHoOmNHBd7pyJda4qIrng8R UIx4h1p4W3LZB6nR1u285p+gYjRlR+1J9EOnBWGR23jdvCGZezdHTkysPjlGdQ94 +1v/l7MhFXy4FVGN7JGxcX0zK8QpRvCYMeBRdCqgRklmLSErG23DDAvxkRnpuqws FUkZobwSGqzjctciHnjmm290AP0Zw7FMJfxg6x/wh+rn4bt2xGY7MfrWflU86eQ0 U0d+P38ejJd/nvOoQi6sR0zu3Xs9ehFzBetzSbrNawEo2M8KF8fCiv+QMEsw0Dh6 HgblHB95ua4PKadR/QO0B1oUx9xicRZS -----END CERTIFICATE-----Generated at Wed Feb 19 20:10:36 2025 by rpki-client