$ rpki-client -vvf rpki.apnic.net/member_repository/A9144CB7/8C93F76CE17611EFB7981B19C4F9AE02/opgFnwZTffjAi4klX3lZQaMcGAA.mft File: opgFnwZTffjAi4klX3lZQaMcGAA.mft (raw, json) Hash identifier: qgZ7+k0Zrmc86WB+Y8sKhli/wCBDLmytzMs8SXifUBI= Subject key identifier: FE:EB:2F:1A:53:95:7D:ED:B5:CA:45:29:06:62:7D:6A:DB:FF:DC:E2 Authority key identifier: A2:98:05:9F:06:53:7D:F8:C0:8B:89:25:5F:79:59:41:A3:1C:18:00 Certificate issuer: /CN=A9144CB7/serialNumber=A298059F06537DF8C08B89255F795941A31C1800 Certificate serial: 3E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/opgFnwZTffjAi4klX3lZQaMcGAA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9144CB7/8C93F76CE17611EFB7981B19C4F9AE02/opgFnwZTffjAi4klX3lZQaMcGAA.mft Manifest number: 3D Signing time: Sat 31 May 2025 07:04:27 +0000 Manifest this update: Sat 31 May 2025 07:04:27 +0000 Manifest next update: Sat 07 Jun 2025 07:04:26 +0000 Files and hashes: 1: opgFnwZTffjAi4klX3lZQaMcGAA.crl (hash: u98mvgSPyxlzVdBUWCPDh9yxogbLBpJPPEXEJy+LxGg=) 2: E8716FD4EA3511EF89116C52C4F9AE02.roa (hash: /ib2O66BEz/+EIpjbYLfsm9ZEc6Tr2GDRN2PvAJwp9o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9144CB7/8C93F76CE17611EFB7981B19C4F9AE02/opgFnwZTffjAi4klX3lZQaMcGAA.crl rsync://rpki.apnic.net/member_repository/A9144CB7/8C93F76CE17611EFB7981B19C4F9AE02/opgFnwZTffjAi4klX3lZQaMcGAA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/opgFnwZTffjAi4klX3lZQaMcGAA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 07:04:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62 (0x3e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9144CB7, serialNumber=A298059F06537DF8C08B89255F795941A31C1800 Validity Not Before: May 31 07:04:27 2025 GMT Not After : Jun 7 07:04:26 2025 GMT Subject: CN=683aa9fb-c421 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:11:6f:22:48:34:45:64:1a:ba:a2:93:d5:51: 8a:8d:f2:3b:73:55:9b:df:85:89:18:92:b9:aa:ed: 41:f2:ab:cf:e3:72:84:37:b9:f1:39:e3:58:57:6d: 97:76:0d:9f:ac:10:82:3b:bf:a8:fb:50:83:40:8d: 9b:5a:9d:a4:31:14:d6:13:d4:5f:05:b5:6a:4b:ac: e6:81:49:84:41:45:f9:dd:37:75:78:fc:83:5f:85: 7b:85:43:30:0c:91:b9:d8:7c:df:d6:ab:f4:fd:a2: 5e:53:cf:c6:54:30:89:43:77:cd:67:13:f0:be:09: ca:08:db:ff:a5:5a:b9:0a:30:0e:5f:d9:ce:dc:4d: 23:9c:51:5c:67:28:26:d8:ff:79:85:5d:d1:b1:c2: 81:04:cc:f6:db:8d:51:32:d0:59:05:95:4f:41:f9: 65:1b:70:1b:20:4e:17:b2:e1:77:bd:9d:32:d0:3d: b1:b9:35:43:65:e4:23:84:5b:1a:bb:d2:5e:f1:08: 9f:44:a3:d7:3a:48:cb:6b:76:11:f3:11:82:b8:60: c6:2c:cc:37:f1:56:62:fb:ed:ae:e4:ce:72:0f:32: 11:e5:3b:17:93:06:2b:f8:96:43:77:ac:16:18:e0: 7a:3d:db:b2:d9:c9:18:c9:aa:7e:18:76:ab:f8:41: b8:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:EB:2F:1A:53:95:7D:ED:B5:CA:45:29:06:62:7D:6A:DB:FF:DC:E2 X509v3 Authority Key Identifier: keyid:A2:98:05:9F:06:53:7D:F8:C0:8B:89:25:5F:79:59:41:A3:1C:18:00 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9144CB7/8C93F76CE17611EFB7981B19C4F9AE02/opgFnwZTffjAi4klX3lZQaMcGAA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/opgFnwZTffjAi4klX3lZQaMcGAA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9144CB7/8C93F76CE17611EFB7981B19C4F9AE02/opgFnwZTffjAi4klX3lZQaMcGAA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6b:24:88:e2:44:f3:ca:15:78:37:32:cf:03:7c:e6:0a:24:8b: 44:b4:f2:d4:5c:40:99:2d:2c:2e:e1:4c:46:00:64:25:9b:ce: f8:db:f4:27:ac:13:f5:f4:74:c9:2a:9b:48:22:6e:eb:ca:ef: b6:da:0b:56:3f:b3:f0:b6:b6:c7:29:b5:fa:8b:7f:22:39:65: 19:4f:2c:a6:78:ae:db:98:5c:e6:22:74:19:c8:45:ab:68:e0: 6f:e1:32:49:04:c7:90:66:eb:0c:27:bd:7c:c9:c0:05:d9:1a: 6f:02:cb:6b:85:79:6c:57:22:03:53:59:7f:01:9e:92:cf:36: 68:cb:54:bb:f6:9b:37:6d:e6:1d:c2:7e:04:c1:73:7d:71:9b: c7:38:32:30:f3:c1:24:5c:28:28:36:04:84:72:91:0d:cd:6b: eb:9d:7d:29:77:bd:29:fb:c5:fa:a1:0c:9d:40:be:d4:01:e1: 68:20:4c:1d:b5:ab:9c:22:e8:54:77:71:83:fe:3a:23:16:40: 30:37:d0:14:74:e0:71:06:af:45:7d:30:61:88:66:05:0e:79: f2:96:95:51:d3:da:7f:a0:91:dc:ba:5a:46:0b:6e:85:0d:c0: c9:fd:1e:f0:b5:79:ae:2f:ea:b0:b9:3c:c2:e5:84:1d:60:56: eb:ae:7e:2d -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBPjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 NENCNzExMC8GA1UEBRMoQTI5ODA1OUYwNjUzN0RGOEMwOEI4OTI1NUY3OTU5NDFB MzFDMTgwMDAeFw0yNTA1MzEwNzA0MjdaFw0yNTA2MDcwNzA0MjZaMBgxFjAUBgNV BAMTDTY4M2FhOWZiLWM0MjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCvEW8iSDRFZBq6opPVUYqN8jtzVZvfhYkYkrmq7UHyq8/jcoQ3ufE541hXbZd2 DZ+sEII7v6j7UINAjZtanaQxFNYT1F8FtWpLrOaBSYRBRfndN3V4/INfhXuFQzAM kbnYfN/Wq/T9ol5Tz8ZUMIlDd81nE/C+CcoI2/+lWrkKMA5f2c7cTSOcUVxnKCbY /3mFXdGxwoEEzPbbjVEy0FkFlU9B+WUbcBsgThey4Xe9nTLQPbG5NUNl5COEWxq7 0l7xCJ9Eo9c6SMtrdhHzEYK4YMYszDfxVmL77a7kznIPMhHlOxeTBiv4lkN3rBYY 4Ho927LZyRjJqn4Ydqv4QbirAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU/usvGlOV fe21ykUpBmJ9atv/3OIwHwYDVR0jBBgwFoAUopgFnwZTffjAi4klX3lZQaMcGAAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ0Q0I3LzhDOTNGNzZDRTE3 NjExRUZCNzk4MUIxOUM0RjlBRTAyL29wZ0Zud1pUZmZqQWk0a2xYM2xaUWFNY0dB QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvb3BnRm53WlRmZmpBaTRrbFgzbFpRYU1jR0FBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ0 Q0I3LzhDOTNGNzZDRTE3NjExRUZCNzk4MUIxOUM0RjlBRTAyL29wZ0Zud1pUZmZq QWk0a2xYM2xaUWFNY0dBQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGskiOJE88oVeDcyzwN85goki0S08tRcQJktLC7hTEYAZCWbzvjb9Ces E/X0dMkqm0gibuvK77baC1Y/s/C2tscptfqLfyI5ZRlPLKZ4rtuYXOYidBnIRato 4G/hMkkEx5Bm6wwnvXzJwAXZGm8Cy2uFeWxXIgNTWX8BnpLPNmjLVLv2mzdt5h3C fgTBc31xm8c4MjDzwSRcKCg2BIRykQ3Na+udfSl3vSn7xfqhDJ1AvtQB4WggTB21 q5wi6FR3cYP+OiMWQDA30BR04HEGr0V9MGGIZgUOefKWlVHT2n+gkdy6WkYLboUN wMn9HvC1ea4v6rC5PMLlhB1gVuuufi0= -----END CERTIFICATE-----Generated at Sat May 31 17:48:42 2025 by rpki-client