$ rpki-client -vvf rpki.apnic.net/member_repository/A918377D/9F7C8152B4B111EEB0ADE352C4F9AE02/ofrVQukeAX0lfVGxT_XDW4lCnvU.mft File: ofrVQukeAX0lfVGxT_XDW4lCnvU.mft (raw, json) Hash identifier: 2wd9Dk2/TgSeZVCeK3b0iifu43y58A61sy4pDCwpr5M= Subject key identifier: 73:C3:41:D2:BE:AD:B5:F6:94:5F:E4:2E:5E:1A:27:BC:B0:62:78:C2 Authority key identifier: A1:FA:D5:42:E9:1E:01:7D:25:7D:51:B1:4F:F5:C3:5B:89:42:9E:F5 Certificate issuer: /CN=A918377D/serialNumber=A1FAD542E91E017D257D51B14FF5C35B89429EF5 Certificate serial: FF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ofrVQukeAX0lfVGxT_XDW4lCnvU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918377D/9F7C8152B4B111EEB0ADE352C4F9AE02/ofrVQukeAX0lfVGxT_XDW4lCnvU.mft Manifest number: FF Signing time: Sat 31 May 2025 04:42:42 +0000 Manifest this update: Sat 31 May 2025 04:42:41 +0000 Manifest next update: Sat 07 Jun 2025 04:42:41 +0000 Files and hashes: 1: ofrVQukeAX0lfVGxT_XDW4lCnvU.crl (hash: N+WYI+w42g/P5ghtNcO7gnHp+Su0LlWsYfZl0E1yQLc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918377D/9F7C8152B4B111EEB0ADE352C4F9AE02/ofrVQukeAX0lfVGxT_XDW4lCnvU.crl rsync://rpki.apnic.net/member_repository/A918377D/9F7C8152B4B111EEB0ADE352C4F9AE02/ofrVQukeAX0lfVGxT_XDW4lCnvU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ofrVQukeAX0lfVGxT_XDW4lCnvU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 04:42:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 255 (0xff) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918377D, serialNumber=A1FAD542E91E017D257D51B14FF5C35B89429EF5 Validity Not Before: May 31 04:42:41 2025 GMT Not After : Jun 7 04:42:41 2025 GMT Subject: CN=683a88c1-650d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:94:d4:ca:9b:40:4b:31:08:52:0e:d7:d6:bb: 67:81:82:1e:65:d2:26:2b:94:a4:e9:c1:37:10:c6: 0b:25:d7:ab:c9:97:44:e3:02:e8:45:70:89:03:03: 56:ab:63:a5:d3:dc:9a:9c:be:0a:8e:df:83:d5:eb: 9d:a4:6a:3a:a0:96:d4:a9:10:e2:e2:12:d2:04:2d: 9a:9e:1a:bf:23:0d:a0:18:5c:dd:fd:f6:33:53:0d: 85:6e:8a:fb:d4:c5:6e:d5:c0:db:61:fa:44:40:6e: be:20:de:4f:f2:28:08:3d:cc:a7:8b:83:fc:c8:62: 42:0e:66:92:16:bf:67:10:b4:c0:a7:c5:e9:ce:79: 5d:a6:7b:89:94:0a:8c:28:12:9a:46:55:31:e3:5a: ce:0a:24:4c:9f:a6:ce:10:d2:31:d7:a0:13:4f:f5: 8e:a0:97:e6:08:bf:ec:e5:ee:f1:95:f0:49:f0:67: 98:fa:6a:cf:b5:03:a0:a2:5f:e0:cf:a7:6e:9b:b5: a1:73:89:e6:8a:33:01:65:67:ac:9a:56:cf:7b:61: ed:35:c9:27:31:74:c2:91:46:d5:4e:9e:2e:b7:41: 05:4b:64:53:21:9b:22:fb:c0:76:6a:6f:f2:4b:48: a1:ba:78:ca:dd:81:01:bc:64:62:c0:5e:3f:87:6b: 3f:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:C3:41:D2:BE:AD:B5:F6:94:5F:E4:2E:5E:1A:27:BC:B0:62:78:C2 X509v3 Authority Key Identifier: keyid:A1:FA:D5:42:E9:1E:01:7D:25:7D:51:B1:4F:F5:C3:5B:89:42:9E:F5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918377D/9F7C8152B4B111EEB0ADE352C4F9AE02/ofrVQukeAX0lfVGxT_XDW4lCnvU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ofrVQukeAX0lfVGxT_XDW4lCnvU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918377D/9F7C8152B4B111EEB0ADE352C4F9AE02/ofrVQukeAX0lfVGxT_XDW4lCnvU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 87:93:00:a6:19:0f:65:93:a9:59:9e:6d:c4:64:42:20:2d:c7: b4:7f:6b:00:6c:ab:05:bc:78:f9:f3:c5:6c:1c:c5:5f:32:f5: 7b:07:02:45:32:c4:1e:17:fb:57:4e:87:69:8e:54:c0:0c:05: a7:e7:9e:17:2a:2f:45:36:b0:81:f1:b0:e6:8f:87:bf:65:d8: 43:e5:49:87:6e:ec:69:1a:37:fc:75:4c:03:1a:c3:c2:8d:93: dd:41:5c:b5:73:d9:fb:bc:43:8e:18:52:f1:ed:59:a5:37:41: 45:94:e7:3b:03:1a:d2:51:5f:23:1a:8a:a5:10:c9:31:f1:c8: bb:92:08:e2:b4:2d:0d:9a:f9:be:d8:2b:56:ed:e0:6f:a7:9c: 8d:09:2b:79:c7:98:e9:2c:03:ed:34:6c:1f:11:d3:72:90:a1: 21:e9:74:07:d7:61:b3:6f:9c:57:bb:90:7e:af:74:26:1b:89: b3:8a:4e:96:39:9e:e6:bc:ff:8d:84:40:11:c4:4a:b3:7b:df: b1:28:ac:db:4f:f4:54:06:69:0b:7f:51:1b:51:e1:a7:5c:21: e8:b0:34:cb:ca:fe:db:00:a4:53:29:76:ac:ac:b8:25:80:ea: c8:f9:d1:79:2e:b7:8a:d9:20:74:7c:4e:6d:a7:e2:57:09:f0: 4f:ee:cf:c9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAP8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODM3N0QxMTAvBgNVBAUTKEExRkFENTQyRTkxRTAxN0QyNTdENTFCMTRGRjVDMzVC ODk0MjlFRjUwHhcNMjUwNTMxMDQ0MjQxWhcNMjUwNjA3MDQ0MjQxWjAYMRYwFAYD VQQDEw02ODNhODhjMS02NTBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvpTUyptASzEIUg7X1rtngYIeZdImK5Sk6cE3EMYLJderyZdE4wLoRXCJAwNW q2Ol09yanL4Kjt+D1eudpGo6oJbUqRDi4hLSBC2anhq/Iw2gGFzd/fYzUw2Fbor7 1MVu1cDbYfpEQG6+IN5P8igIPcyni4P8yGJCDmaSFr9nELTAp8XpznldpnuJlAqM KBKaRlUx41rOCiRMn6bOENIx16ATT/WOoJfmCL/s5e7xlfBJ8GeY+mrPtQOgol/g z6dum7Whc4nmijMBZWesmlbPe2HtNcknMXTCkUbVTp4ut0EFS2RTIZsi+8B2am/y S0ihunjK3YEBvGRiwF4/h2s/qwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHPDQdK+ rbX2lF/kLl4aJ7ywYnjCMB8GA1UdIwQYMBaAFKH61ULpHgF9JX1RsU/1w1uJQp71 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4Mzc3RC85RjdDODE1MkI0 QjExMUVFQjBBREUzNTJDNEY5QUUwMi9vZnJWUXVrZUFYMGxmVkd4VF9YRFc0bENu dlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29mclZRdWtlQVgwbGZWR3hUX1hEVzRsQ252VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 Mzc3RC85RjdDODE1MkI0QjExMUVFQjBBREUzNTJDNEY5QUUwMi9vZnJWUXVrZUFY MGxmVkd4VF9YRFc0bENudlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCHkwCmGQ9lk6lZnm3EZEIgLce0f2sAbKsFvHj588VsHMVfMvV7BwJF MsQeF/tXTodpjlTADAWn554XKi9FNrCB8bDmj4e/ZdhD5UmHbuxpGjf8dUwDGsPC jZPdQVy1c9n7vEOOGFLx7VmlN0FFlOc7AxrSUV8jGoqlEMkx8ci7kgjitC0Nmvm+ 2CtW7eBvp5yNCSt5x5jpLAPtNGwfEdNykKEh6XQH12Gzb5xXu5B+r3QmG4mzik6W OZ7mvP+NhEARxEqze9+xKKzbT/RUBmkLf1EbUeGnXCHosDTLyv7bAKRTKXasrLgl gOrI+dF5LreK2SB0fE5tp+JXCfBP7s/J -----END CERTIFICATE-----Generated at Sat May 31 16:38:56 2025 by rpki-client