$ rpki-client -vvf rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.mft File: OHvc-OlHoaBOL0OH-99wZUpE0b0.mft (raw, json) Hash identifier: G+g5t7e4Npj1NFEFLEcFfrrxEb5sEA4WP9OVGrPWezw= Subject key identifier: BC:6C:87:D7:46:CF:DE:8E:93:08:F8:16:DE:7F:2C:8C:50:1D:B7:24 Authority key identifier: 38:7B:DC:F8:E9:47:A1:A0:4E:2F:43:87:FB:DF:70:65:4A:44:D1:BD Certificate issuer: /CN=A913ACF4/serialNumber=387BDCF8E947A1A04E2F4387FBDF70654A44D1BD Certificate serial: 0951 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OHvc-OlHoaBOL0OH-99wZUpE0b0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.mft Manifest number: 094A Signing time: Fri 30 May 2025 20:58:18 +0000 Manifest this update: Fri 30 May 2025 20:58:17 +0000 Manifest next update: Fri 06 Jun 2025 20:58:17 +0000 Files and hashes: 1: OHvc-OlHoaBOL0OH-99wZUpE0b0.crl (hash: KE/+YGVlslku0rC/1qdy1/HV2CYSSSRLuLTokE1AqYM=) 2: 25E6E72899FE11EAB3E30513C4F9AE02.roa (hash: Z6vRCcxL1bmdrItPmj7qCyzvetl7oMIALv4P0w4CxB8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.crl rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OHvc-OlHoaBOL0OH-99wZUpE0b0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 20:58:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2385 (0x951) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913ACF4, serialNumber=387BDCF8E947A1A04E2F4387FBDF70654A44D1BD Validity Not Before: May 30 20:58:17 2025 GMT Not After : Jun 6 20:58:17 2025 GMT Subject: CN=683a1bea-c83c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:cf:94:78:80:06:be:04:48:ba:de:2d:c2:e7: b0:18:bd:09:6c:6e:29:25:92:89:3a:ac:ca:97:c0: e0:36:6d:0d:9b:b1:c6:99:41:48:0a:09:a7:5f:47: 03:c6:f0:89:fd:9d:f6:e0:2f:71:2a:43:54:66:fd: 62:f5:36:96:67:97:fc:d2:69:9d:2a:e0:9e:16:99: c2:2c:76:4e:50:bf:30:cb:8f:25:fe:f9:28:41:84: df:dd:c8:89:97:eb:e9:75:15:c6:73:74:3f:ef:cb: 8d:de:35:c2:5b:51:7c:0b:24:02:17:06:42:df:13: 23:30:5b:68:7e:d8:e0:ab:76:fb:de:0b:b5:03:4a: 71:30:1b:1c:71:03:e6:b0:a1:d7:6b:ad:bb:21:76: 4d:4a:bd:57:8c:47:01:95:98:fa:1d:98:85:39:0c: 0a:c7:a6:f3:dc:a8:37:0c:c9:7a:d3:af:32:d3:6e: fc:2b:c8:94:79:6b:82:54:78:70:d7:90:75:98:19: d2:b8:f4:cc:68:e3:08:89:d2:45:28:d0:57:58:00: 57:e0:86:3a:d7:ea:cb:9d:9e:6f:b0:b6:74:1e:19: 5e:ca:da:41:4d:cf:e8:27:7b:d0:f4:61:52:1d:d8: 28:7b:5e:0c:71:15:d1:9a:95:ba:0c:1f:3b:ba:20: 4f:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:6C:87:D7:46:CF:DE:8E:93:08:F8:16:DE:7F:2C:8C:50:1D:B7:24 X509v3 Authority Key Identifier: keyid:38:7B:DC:F8:E9:47:A1:A0:4E:2F:43:87:FB:DF:70:65:4A:44:D1:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OHvc-OlHoaBOL0OH-99wZUpE0b0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ba:2b:10:d2:e4:4b:93:95:f9:e4:db:ca:0d:2f:0c:63:8e:b2: 20:41:34:5a:32:e7:af:66:c3:92:5b:21:88:48:26:b2:82:d7: ef:90:76:82:cc:82:56:f1:f3:38:f3:fe:d0:b0:90:8c:d1:25: 46:ae:3d:90:f2:e1:9e:30:7f:23:f2:3e:64:51:6d:b4:9a:e7: f7:b9:89:f9:7a:e9:69:0c:16:51:13:4d:33:f8:c5:67:fa:df: e6:4a:df:00:cd:e6:05:31:9f:3a:99:c8:bc:29:1c:c7:1a:e2: f1:5c:04:cb:a0:20:fd:db:73:54:ed:ee:ed:d3:06:10:85:37: 83:e2:26:bc:ba:c6:92:bf:4f:3c:ae:16:ed:b8:31:38:45:e5: 66:91:b0:23:71:cb:5b:5b:c8:69:ee:5f:ec:6c:25:94:42:b8: 26:4d:29:a4:c4:8d:ff:9d:54:13:4f:45:1f:cb:1c:79:84:9b: e0:94:2a:7e:51:b5:48:b7:34:b8:63:ba:c2:c2:77:4e:24:8d: da:14:74:fa:f4:b8:5d:39:bf:2e:4d:ba:a6:31:3d:b6:a5:31: eb:88:09:81:16:f7:f9:ef:ed:2e:3f:71:14:1c:5e:e2:cc:e4: 2e:1f:13:80:2b:b0:0d:31:32:33:99:69:36:b1:74:ca:33:0c: 18:1c:a4:1b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCVEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0FDRjQxMTAvBgNVBAUTKDM4N0JEQ0Y4RTk0N0ExQTA0RTJGNDM4N0ZCREY3MDY1 NEE0NEQxQkQwHhcNMjUwNTMwMjA1ODE3WhcNMjUwNjA2MjA1ODE3WjAYMRYwFAYD VQQDEw02ODNhMWJlYS1jODNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAys+UeIAGvgRIut4twuewGL0JbG4pJZKJOqzKl8DgNm0Nm7HGmUFICgmnX0cD xvCJ/Z324C9xKkNUZv1i9TaWZ5f80mmdKuCeFpnCLHZOUL8wy48l/vkoQYTf3ciJ l+vpdRXGc3Q/78uN3jXCW1F8CyQCFwZC3xMjMFtoftjgq3b73gu1A0pxMBsccQPm sKHXa627IXZNSr1XjEcBlZj6HZiFOQwKx6bz3Kg3DMl6068y0278K8iUeWuCVHhw 15B1mBnSuPTMaOMIidJFKNBXWABX4IY61+rLnZ5vsLZ0HhleytpBTc/oJ3vQ9GFS Hdgoe14McRXRmpW6DB87uiBP8wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLxsh9dG z96Okwj4Ft5/LIxQHbckMB8GA1UdIwQYMBaAFDh73PjpR6GgTi9Dh/vfcGVKRNG9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQUNGNC83MEUzMDM2Qzk5 RkMxMUVBOTY1NTQ1MTBDNEY5QUUwMi9PSHZjLU9sSG9hQk9MME9ILTk5d1pVcEUw YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09IdmMtT2xIb2FCT0wwT0gtOTl3WlVwRTBiMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz QUNGNC83MEUzMDM2Qzk5RkMxMUVBOTY1NTQ1MTBDNEY5QUUwMi9PSHZjLU9sSG9h Qk9MME9ILTk5d1pVcEUwYjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC6KxDS5EuTlfnk28oNLwxjjrIgQTRaMuevZsOSWyGISCaygtfvkHaC zIJW8fM48/7QsJCM0SVGrj2Q8uGeMH8j8j5kUW20muf3uYn5eulpDBZRE00z+MVn +t/mSt8AzeYFMZ86mci8KRzHGuLxXATLoCD923NU7e7t0wYQhTeD4ia8usaSv088 rhbtuDE4ReVmkbAjcctbW8hp7l/sbCWUQrgmTSmkxI3/nVQTT0Ufyxx5hJvglCp+ UbVItzS4Y7rCwndOJI3aFHT69LhdOb8uTbqmMT22pTHriAmBFvf57+0uP3EUHF7i zOQuHxOAK7ANMTIzmWk2sXTKMwwYHKQb -----END CERTIFICATE-----Generated at Sat May 31 17:51:32 2025 by rpki-client