$ rpki-client -vvf rpki.apnic.net/member_repository/A91498A4/ECF30A9E905311EB9CA8721DC4F9AE02/OjOl2tw3NyZBfd1W5GeQ_4S7ztE.mft File: OjOl2tw3NyZBfd1W5GeQ_4S7ztE.mft (raw, json) Hash identifier: p4eJLffCDJT1/UoUaMJVPu2VPSIOJP8MYfoQQMnoTRw= Subject key identifier: 0F:4C:51:96:B7:88:4E:CC:25:C5:21:6B:D3:63:AA:7B:30:C8:24:A1 Authority key identifier: 3A:33:A5:DA:DC:37:37:26:41:7D:DD:56:E4:67:90:FF:84:BB:CE:D1 Certificate issuer: /CN=A91498A4/serialNumber=3A33A5DADC373726417DDD56E46790FF84BBCED1 Certificate serial: 0642 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OjOl2tw3NyZBfd1W5GeQ_4S7ztE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91498A4/ECF30A9E905311EB9CA8721DC4F9AE02/OjOl2tw3NyZBfd1W5GeQ_4S7ztE.mft Manifest number: 063D Signing time: Fri 30 May 2025 22:50:05 +0000 Manifest this update: Fri 30 May 2025 22:50:04 +0000 Manifest next update: Fri 06 Jun 2025 22:50:04 +0000 Files and hashes: 1: OjOl2tw3NyZBfd1W5GeQ_4S7ztE.crl (hash: oDmFlqzAAeCZ6Ctyj1pDxMtrhjs0zOSc51ko2Qg3mT8=) 2: A7A77B96911111EBA69D2641C4F9AE02.roa (hash: GeZswpwVwmpN5JkYUADU3m9LKzzMiHleESILy/kILG8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91498A4/ECF30A9E905311EB9CA8721DC4F9AE02/OjOl2tw3NyZBfd1W5GeQ_4S7ztE.crl rsync://rpki.apnic.net/member_repository/A91498A4/ECF30A9E905311EB9CA8721DC4F9AE02/OjOl2tw3NyZBfd1W5GeQ_4S7ztE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OjOl2tw3NyZBfd1W5GeQ_4S7ztE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 22:50:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1602 (0x642) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91498A4, serialNumber=3A33A5DADC373726417DDD56E46790FF84BBCED1 Validity Not Before: May 30 22:50:04 2025 GMT Not After : Jun 6 22:50:04 2025 GMT Subject: CN=683a361d-666a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:f5:fd:c2:a1:60:e6:7a:79:d3:88:1d:43:23: 11:58:50:bb:14:02:a5:12:4c:cb:21:a5:8e:ce:01: 89:f4:67:7e:ef:7d:d8:5e:ce:40:3b:9d:54:28:62: 85:8f:6c:6f:14:98:8a:75:f4:11:86:cb:3a:0c:81: eb:4d:f6:1d:da:bf:06:13:3c:d9:4e:97:3b:1d:62: 9c:b0:08:42:0e:44:18:76:ea:e4:da:1a:11:46:20: d4:49:3e:aa:1b:5b:a7:d8:a7:86:36:e6:3c:bd:ba: 3a:a1:df:2f:71:81:66:db:3a:52:63:83:60:5e:80: f6:3b:56:2d:9f:4c:d5:c6:cd:1f:16:e3:c1:ee:d3: c6:50:ec:71:3a:df:66:1d:ce:6d:08:68:fa:44:6c: d3:f5:9a:87:d8:06:1c:bb:32:c2:41:82:84:81:2e: aa:81:ce:02:88:09:8b:2c:56:79:94:18:7e:81:0f: 9c:77:56:85:2f:84:3e:ae:11:7c:db:62:b6:ea:19: 66:95:b7:a0:ef:c7:27:12:92:19:b7:b9:41:85:a6: ae:83:7e:c0:59:4d:8f:d2:68:9c:d6:cd:ad:a5:12: 91:87:36:ed:75:ba:f4:04:b3:6b:ec:bf:31:b2:e5: 95:cb:01:3b:ba:18:f3:8b:f6:53:4d:85:ee:93:8f: 8e:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:4C:51:96:B7:88:4E:CC:25:C5:21:6B:D3:63:AA:7B:30:C8:24:A1 X509v3 Authority Key Identifier: keyid:3A:33:A5:DA:DC:37:37:26:41:7D:DD:56:E4:67:90:FF:84:BB:CE:D1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91498A4/ECF30A9E905311EB9CA8721DC4F9AE02/OjOl2tw3NyZBfd1W5GeQ_4S7ztE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OjOl2tw3NyZBfd1W5GeQ_4S7ztE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91498A4/ECF30A9E905311EB9CA8721DC4F9AE02/OjOl2tw3NyZBfd1W5GeQ_4S7ztE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption af:5c:fe:ba:05:90:f5:a9:e1:ce:ae:7b:6b:36:86:0d:43:e8: 43:8d:2a:8b:c9:a4:11:7c:7b:4b:62:c5:c1:93:13:3c:c7:40: 5d:7c:26:43:34:45:ab:6a:bc:51:4f:c7:61:15:a0:41:f2:69: b2:53:b2:4d:27:40:96:8b:d1:88:a9:36:e3:85:f6:66:77:c5: 27:9b:56:6d:78:5a:ff:1f:9c:77:0a:72:8e:f5:ac:a1:21:e6: ae:d1:42:49:e0:7d:e9:bd:8d:5c:ed:da:88:3e:eb:5c:12:ae: 9d:fd:e7:ae:c4:fd:7d:16:74:63:fa:9c:0e:4d:8c:a3:13:19: 47:ad:30:35:9f:84:22:37:5d:a3:dd:c1:1a:ce:0e:39:0a:c8: b7:c8:d4:11:d2:9b:f8:9b:59:53:ac:18:6c:ad:0d:ae:28:ab: c3:c5:38:18:98:c3:15:77:c1:48:7f:b3:96:95:cd:86:32:42: 42:8b:aa:29:0c:f4:e9:89:34:a3:1d:1c:0c:fc:88:64:20:ad: 39:18:fa:71:72:2b:cf:d1:04:a2:68:a7:a6:b5:4c:a6:06:44: 63:f5:28:17:0a:29:08:44:b4:cf:4b:95:e1:ba:f3:a3:32:80: db:3f:f8:2b:cd:38:7e:ed:e6:9c:ad:d8:e9:27:3e:b5:84:b1: df:68:6b:01 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBkIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDk4QTQxMTAvBgNVBAUTKDNBMzNBNURBREMzNzM3MjY0MTdEREQ1NkU0Njc5MEZG ODRCQkNFRDEwHhcNMjUwNTMwMjI1MDA0WhcNMjUwNjA2MjI1MDA0WjAYMRYwFAYD VQQDEw02ODNhMzYxZC02NjZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8/X9wqFg5np504gdQyMRWFC7FAKlEkzLIaWOzgGJ9Gd+733YXs5AO51UKGKF j2xvFJiKdfQRhss6DIHrTfYd2r8GEzzZTpc7HWKcsAhCDkQYdurk2hoRRiDUST6q G1un2KeGNuY8vbo6od8vcYFm2zpSY4NgXoD2O1Ytn0zVxs0fFuPB7tPGUOxxOt9m Hc5tCGj6RGzT9ZqH2AYcuzLCQYKEgS6qgc4CiAmLLFZ5lBh+gQ+cd1aFL4Q+rhF8 22K26hlmlbeg78cnEpIZt7lBhaaug37AWU2P0mic1s2tpRKRhzbtdbr0BLNr7L8x suWVywE7uhjzi/ZTTYXuk4+OpQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA9MUZa3 iE7MJcUha9NjqnswyCShMB8GA1UdIwQYMBaAFDozpdrcNzcmQX3dVuRnkP+Eu87R MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OThBNC9FQ0YzMEE5RTkw NTMxMUVCOUNBODcyMURDNEY5QUUwMi9Pak9sMnR3M055WkJmZDFXNUdlUV80Uzd6 dEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09qT2wydHczTnlaQmZkMVc1R2VRXzRTN3p0RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 OThBNC9FQ0YzMEE5RTkwNTMxMUVCOUNBODcyMURDNEY5QUUwMi9Pak9sMnR3M055 WkJmZDFXNUdlUV80Uzd6dEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCvXP66BZD1qeHOrntrNoYNQ+hDjSqLyaQRfHtLYsXBkxM8x0BdfCZD NEWrarxRT8dhFaBB8mmyU7JNJ0CWi9GIqTbjhfZmd8Unm1ZteFr/H5x3CnKO9ayh Ieau0UJJ4H3pvY1c7dqIPutcEq6d/eeuxP19FnRj+pwOTYyjExlHrTA1n4QiN12j 3cEazg45Csi3yNQR0pv4m1lTrBhsrQ2uKKvDxTgYmMMVd8FIf7OWlc2GMkJCi6op DPTpiTSjHRwM/IhkIK05GPpxcivP0QSiaKemtUymBkRj9SgXCikIRLTPS5XhuvOj MoDbP/grzTh+7eacrdjpJz61hLHfaGsB -----END CERTIFICATE-----Generated at Sat May 31 17:03:27 2025 by rpki-client