$ rpki-client -vvf rpki.apnic.net/member_repository/A91435F3/9B5DB5EA50A811EEB6DE093FC4F9AE02/khO1BHpA8jx8YASA5tqnoc9_oug.mft File: khO1BHpA8jx8YASA5tqnoc9_oug.mft (raw, json) Hash identifier: qEABUZXgMM0hyo2fvJjBkaxcy70MwBK9Qh9ZLYXbIvk= Subject key identifier: B1:B3:F8:7E:6C:0E:65:CF:8C:C2:64:18:F0:84:CE:0C:C7:2F:20:30 Authority key identifier: 92:13:B5:04:7A:40:F2:3C:7C:60:04:80:E6:DA:A7:A1:CF:7F:A2:E8 Certificate issuer: /CN=A91435F3/serialNumber=9213B5047A40F23C7C600480E6DAA7A1CF7FA2E8 Certificate serial: 0142 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/khO1BHpA8jx8YASA5tqnoc9_oug.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91435F3/9B5DB5EA50A811EEB6DE093FC4F9AE02/khO1BHpA8jx8YASA5tqnoc9_oug.mft Manifest number: 0140 Signing time: Sat 31 May 2025 03:57:56 +0000 Manifest this update: Sat 31 May 2025 03:57:55 +0000 Manifest next update: Sat 07 Jun 2025 03:57:55 +0000 Files and hashes: 1: khO1BHpA8jx8YASA5tqnoc9_oug.crl (hash: XC0PwksvA4ENtInTx9zKc8+fTwYi5M5jEk14xqSbSxA=) 2: 4E18682450A911EEA39AAE41C4F9AE02.roa (hash: z3jylC3bOFS/QeMNqO6FEMdonfOGPmCY4+yy8XOk4xo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91435F3/9B5DB5EA50A811EEB6DE093FC4F9AE02/khO1BHpA8jx8YASA5tqnoc9_oug.crl rsync://rpki.apnic.net/member_repository/A91435F3/9B5DB5EA50A811EEB6DE093FC4F9AE02/khO1BHpA8jx8YASA5tqnoc9_oug.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/khO1BHpA8jx8YASA5tqnoc9_oug.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 03:57:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 322 (0x142) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91435F3, serialNumber=9213B5047A40F23C7C600480E6DAA7A1CF7FA2E8 Validity Not Before: May 31 03:57:55 2025 GMT Not After : Jun 7 03:57:55 2025 GMT Subject: CN=683a7e43-a003 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:19:33:95:c1:43:d8:ff:62:ba:3f:bc:2a:f3: b5:5a:d7:11:a8:da:e9:09:9b:dd:6e:77:90:fc:93: 1c:d6:d7:16:31:91:c4:7a:6a:d9:f1:44:d3:52:52: 1e:5a:7b:c7:c9:72:fa:68:8e:6f:93:ea:5f:ab:93: d3:c2:83:94:67:eb:e0:2b:32:7d:6e:d7:70:ed:58: b3:9a:63:90:1d:37:9f:64:74:37:6e:ff:57:44:13: 19:da:5e:c6:e5:98:cc:16:81:18:f5:51:4d:a7:10: 5e:45:f7:ed:ae:85:95:f0:88:c8:cd:34:8a:75:24: f2:8a:c0:d0:46:8d:e3:eb:06:1f:e4:97:a6:83:48: c6:24:4f:8e:7e:02:20:87:1e:08:57:1d:80:8d:8c: 34:ba:fa:a8:08:fd:08:ac:85:bc:90:57:d0:74:9c: 1c:19:64:33:21:39:15:61:17:0a:4f:66:a1:63:8d: 02:72:78:05:de:c4:d3:c3:cb:74:6e:4b:0b:5e:5f: f0:f8:43:68:6e:ff:ce:bd:05:71:b4:c4:f5:42:11: 25:81:92:04:6d:c4:77:cc:3a:b6:3c:0c:7e:37:0c: a1:d8:33:a2:ce:2b:e5:20:44:37:c5:fc:3d:de:81: 8f:7a:be:df:5a:49:4d:5c:c0:e5:c7:7b:6b:85:a9: 6f:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:B3:F8:7E:6C:0E:65:CF:8C:C2:64:18:F0:84:CE:0C:C7:2F:20:30 X509v3 Authority Key Identifier: keyid:92:13:B5:04:7A:40:F2:3C:7C:60:04:80:E6:DA:A7:A1:CF:7F:A2:E8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91435F3/9B5DB5EA50A811EEB6DE093FC4F9AE02/khO1BHpA8jx8YASA5tqnoc9_oug.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/khO1BHpA8jx8YASA5tqnoc9_oug.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91435F3/9B5DB5EA50A811EEB6DE093FC4F9AE02/khO1BHpA8jx8YASA5tqnoc9_oug.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 26:a1:d6:4b:80:f9:39:41:a4:fd:26:f8:32:d3:70:85:35:23: 1f:68:ac:2a:2a:2b:78:cd:f7:5a:6f:54:4c:a1:2a:2e:a7:90: 0a:ee:7d:a7:f1:f3:b9:ef:4a:6a:6b:f2:31:eb:59:d3:9a:28: 31:6a:a6:cb:4d:c1:d9:7a:a7:69:85:86:93:ee:22:6c:c2:3a: 16:6e:cb:8f:c6:b3:20:e2:4d:d0:2f:a4:a4:f8:f0:e3:42:fc: 68:1a:e3:1f:8d:f2:4c:32:86:89:27:98:5a:65:c3:46:c9:30: 7a:6a:05:8b:c7:d7:35:c1:6d:45:e1:cf:a5:9b:95:b1:54:36: 55:d1:45:09:9f:a0:58:fd:dd:e6:be:0a:a0:84:97:31:91:51: 3c:e3:7a:96:39:1a:ca:66:ec:c9:8f:40:9f:0d:e9:8b:6a:40: b4:5b:c5:ba:03:73:8d:dd:c4:02:eb:8d:e8:c8:59:d1:4f:b0: 59:92:2d:ee:d2:67:69:25:33:5e:c4:8f:8b:8a:37:a6:b8:75: af:57:5c:99:be:9a:38:dc:8e:84:c0:6b:c7:0c:b1:4f:77:3f: 5c:ed:8c:a1:60:1e:fd:ca:b4:67:77:83:da:70:f1:b1:56:2b: 73:c7:9d:21:f2:4a:38:cb:71:eb:7b:72:c9:56:e7:89:be:22: 7f:76:4f:81 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDM1RjMxMTAvBgNVBAUTKDkyMTNCNTA0N0E0MEYyM0M3QzYwMDQ4MEU2REFBN0Ex Q0Y3RkEyRTgwHhcNMjUwNTMxMDM1NzU1WhcNMjUwNjA3MDM1NzU1WjAYMRYwFAYD VQQDEw02ODNhN2U0My1hMDAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzRkzlcFD2P9iuj+8KvO1WtcRqNrpCZvdbneQ/JMc1tcWMZHEemrZ8UTTUlIe WnvHyXL6aI5vk+pfq5PTwoOUZ+vgKzJ9btdw7VizmmOQHTefZHQ3bv9XRBMZ2l7G 5ZjMFoEY9VFNpxBeRfftroWV8IjIzTSKdSTyisDQRo3j6wYf5Jemg0jGJE+OfgIg hx4IVx2AjYw0uvqoCP0IrIW8kFfQdJwcGWQzITkVYRcKT2ahY40CcngF3sTTw8t0 bksLXl/w+ENobv/OvQVxtMT1QhElgZIEbcR3zDq2PAx+Nwyh2DOizivlIEQ3xfw9 3oGPer7fWklNXMDlx3trhalvYwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLGz+H5s DmXPjMJkGPCEzgzHLyAwMB8GA1UdIwQYMBaAFJITtQR6QPI8fGAEgObap6HPf6Lo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MzVGMy85QjVEQjVFQTUw QTgxMUVFQjZERTA5M0ZDNEY5QUUwMi9raE8xQkhwQThqeDhZQVNBNXRxbm9jOV9v dWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2toTzFCSHBBOGp4OFlBU0E1dHFub2M5X291Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 MzVGMy85QjVEQjVFQTUwQTgxMUVFQjZERTA5M0ZDNEY5QUUwMi9raE8xQkhwQThq eDhZQVNBNXRxbm9jOV9vdWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAmodZLgPk5QaT9Jvgy03CFNSMfaKwqKit4zfdab1RMoSoup5AK7n2n 8fO570pqa/Ix61nTmigxaqbLTcHZeqdphYaT7iJswjoWbsuPxrMg4k3QL6Sk+PDj QvxoGuMfjfJMMoaJJ5haZcNGyTB6agWLx9c1wW1F4c+lm5WxVDZV0UUJn6BY/d3m vgqghJcxkVE843qWORrKZuzJj0CfDemLakC0W8W6A3ON3cQC643oyFnRT7BZki3u 0mdpJTNexI+LijemuHWvV1yZvpo43I6EwGvHDLFPdz9c7YyhYB79yrRnd4PacPGx Vitzx50h8ko4y3Hre3LJVueJviJ/dk+B -----END CERTIFICATE-----Generated at Sat May 31 16:46:54 2025 by rpki-client