$ rpki-client -vvf rpki.apnic.net/member_repository/A9187BAC/C6AD3E0AD02C11EFB5584915C4F9AE02/opsbaAnOwakkcMWcbDa_pc84cYY.mft File: opsbaAnOwakkcMWcbDa_pc84cYY.mft (raw, json) Hash identifier: IcaUcXhkx9ZJ5cZZDhZ8ODVWrZMW9AVBkaRZh2redVM= Subject key identifier: 53:D9:B7:6B:B9:84:34:26:FB:06:E5:08:B1:56:AE:E3:F8:6E:35:98 Authority key identifier: A2:9B:1B:68:09:CE:C1:A9:24:70:C5:9C:6C:36:BF:A5:CF:38:71:86 Certificate issuer: /CN=A9187BAC/serialNumber=A29B1B6809CEC1A92470C59C6C36BFA5CF387186 Certificate serial: 4F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/opsbaAnOwakkcMWcbDa_pc84cYY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9187BAC/C6AD3E0AD02C11EFB5584915C4F9AE02/opsbaAnOwakkcMWcbDa_pc84cYY.mft Manifest number: 4D Signing time: Sat 31 May 2025 06:55:51 +0000 Manifest this update: Sat 31 May 2025 06:55:51 +0000 Manifest next update: Sat 07 Jun 2025 06:55:51 +0000 Files and hashes: 1: opsbaAnOwakkcMWcbDa_pc84cYY.crl (hash: zd7pQ8p+V0Z/fqZQUbjA5CBxdkOPkPhnsveHTYNSbfQ=) 2: 7404496836E411F0A95FB239C4F9AE02.roa (hash: WHGMZh9P2RExWIeMMaDkbGi0VRoxW1Iai0A3Zb9yWT4=) 3: 7375238236E411F0A95FB239C4F9AE02.roa (hash: 6GqewoLZaVKTqsSzxgnIGXRwmj2ShKpEerZMfS7j+UE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9187BAC/C6AD3E0AD02C11EFB5584915C4F9AE02/opsbaAnOwakkcMWcbDa_pc84cYY.crl rsync://rpki.apnic.net/member_repository/A9187BAC/C6AD3E0AD02C11EFB5584915C4F9AE02/opsbaAnOwakkcMWcbDa_pc84cYY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/opsbaAnOwakkcMWcbDa_pc84cYY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 06:55:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79 (0x4f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9187BAC, serialNumber=A29B1B6809CEC1A92470C59C6C36BFA5CF387186 Validity Not Before: May 31 06:55:51 2025 GMT Not After : Jun 7 06:55:51 2025 GMT Subject: CN=683aa7f7-77d5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:74:d7:e0:9f:4c:73:d3:24:19:01:05:8f:a4: b3:39:ae:71:08:fc:c5:25:95:e0:a9:4d:c2:ea:98: dd:45:70:35:9b:5a:78:90:26:02:d3:dd:1d:11:75: 74:74:ec:36:f7:58:91:77:56:58:27:82:5a:c7:5e: e8:ea:ff:e2:92:1d:a4:fc:13:aa:c1:c1:32:ad:3f: 97:96:d6:74:42:ed:2d:35:b6:42:af:a7:75:3c:0e: 21:8e:f3:31:4d:fd:c6:59:9c:7c:fe:b9:f2:0e:a7: 94:df:45:58:01:d6:ec:cf:86:cd:90:5f:d1:c1:1a: 4a:22:c7:cc:5f:7f:da:16:d3:3e:de:2c:77:d7:a7: 00:0d:6f:d2:7d:72:ee:e0:1a:77:a9:80:55:28:84: 58:2e:e7:df:02:40:64:49:a8:92:8a:56:53:d8:f1: 57:a6:94:d3:83:3b:df:b6:7c:4a:c0:e9:f2:32:3a: 2e:90:7b:18:ed:a8:8e:4e:87:f8:bc:be:31:de:dd: d7:c0:b0:7e:46:b6:73:f0:b7:2d:87:35:ea:1d:4e: 8d:67:83:9e:82:bd:5a:49:b0:40:b6:d5:80:28:ad: 4c:ec:75:6a:7a:98:23:50:b0:f6:dc:15:47:0f:78: 5e:c4:ae:cc:ca:a5:84:12:ed:ad:8c:94:74:75:46: 33:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:D9:B7:6B:B9:84:34:26:FB:06:E5:08:B1:56:AE:E3:F8:6E:35:98 X509v3 Authority Key Identifier: keyid:A2:9B:1B:68:09:CE:C1:A9:24:70:C5:9C:6C:36:BF:A5:CF:38:71:86 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9187BAC/C6AD3E0AD02C11EFB5584915C4F9AE02/opsbaAnOwakkcMWcbDa_pc84cYY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/opsbaAnOwakkcMWcbDa_pc84cYY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9187BAC/C6AD3E0AD02C11EFB5584915C4F9AE02/opsbaAnOwakkcMWcbDa_pc84cYY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bf:e2:64:81:ce:64:62:11:d6:8e:7f:8d:ed:52:a1:c3:98:df: ed:a1:f5:aa:d5:88:1a:11:23:31:8c:55:c4:61:fa:1e:47:42: bd:06:03:24:8e:40:f9:aa:a6:77:f7:71:b0:11:35:60:4c:70: b4:64:b2:5b:25:2f:8c:85:bb:86:77:e5:f2:20:9c:c7:b9:74: 9b:f2:09:4c:34:0e:00:47:97:f4:de:df:f4:1e:00:f5:83:af: 10:22:40:37:ff:20:1c:47:03:2e:0c:a3:44:de:12:72:d4:0e: 84:50:15:39:79:db:22:02:c8:37:ea:94:0d:8d:c0:90:54:9a: 08:d0:79:8f:30:6a:5b:8b:18:f3:75:5d:53:d3:65:f8:e3:c2: 15:ff:48:e5:62:3a:08:1c:a0:f5:7b:ac:10:36:05:06:78:0e: 61:1b:65:12:25:86:10:11:00:22:f9:f8:97:3c:d7:25:cd:d2: 84:83:56:f5:56:ad:3b:5f:93:29:61:ee:27:f7:cf:bf:7e:6d: 11:30:59:e7:8e:25:70:d6:65:17:f2:f6:54:88:7e:24:26:33: 14:ed:1c:57:02:89:46:09:f6:c0:69:73:45:ab:9e:62:9b:56: 3a:ff:ce:bf:5d:6d:4e:40:f6:5c:46:3c:9f:52:1e:f2:23:6e: df:1f:63:2b -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBTzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4 N0JBQzExMC8GA1UEBRMoQTI5QjFCNjgwOUNFQzFBOTI0NzBDNTlDNkMzNkJGQTVD RjM4NzE4NjAeFw0yNTA1MzEwNjU1NTFaFw0yNTA2MDcwNjU1NTFaMBgxFjAUBgNV BAMTDTY4M2FhN2Y3LTc3ZDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDUdNfgn0xz0yQZAQWPpLM5rnEI/MUlleCpTcLqmN1FcDWbWniQJgLT3R0RdXR0 7Db3WJF3VlgnglrHXujq/+KSHaT8E6rBwTKtP5eW1nRC7S01tkKvp3U8DiGO8zFN /cZZnHz+ufIOp5TfRVgB1uzPhs2QX9HBGkoix8xff9oW0z7eLHfXpwANb9J9cu7g GnepgFUohFgu598CQGRJqJKKVlPY8VemlNODO9+2fErA6fIyOi6QexjtqI5Oh/i8 vjHe3dfAsH5GtnPwty2HNeodTo1ng56CvVpJsEC21YAorUzsdWp6mCNQsPbcFUcP eF7ErszKpYQS7a2MlHR1RjM5AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUU9m3a7mE NCb7BuUIsVau4/huNZgwHwYDVR0jBBgwFoAUopsbaAnOwakkcMWcbDa/pc84cYYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTg3QkFDL0M2QUQzRTBBRDAy QzExRUZCNTU4NDkxNUM0RjlBRTAyL29wc2JhQW5Pd2Fra2NNV2NiRGFfcGM4NGNZ WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvb3BzYmFBbk93YWtrY01XY2JEYV9wYzg0Y1lZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTg3 QkFDL0M2QUQzRTBBRDAyQzExRUZCNTU4NDkxNUM0RjlBRTAyL29wc2JhQW5Pd2Fr a2NNV2NiRGFfcGM4NGNZWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAL/iZIHOZGIR1o5/je1SocOY3+2h9arViBoRIzGMVcRh+h5HQr0GAySO QPmqpnf3cbARNWBMcLRkslslL4yFu4Z35fIgnMe5dJvyCUw0DgBHl/Te3/QeAPWD rxAiQDf/IBxHAy4Mo0TeEnLUDoRQFTl52yICyDfqlA2NwJBUmgjQeY8waluLGPN1 XVPTZfjjwhX/SOViOggcoPV7rBA2BQZ4DmEbZRIlhhARACL5+Jc81yXN0oSDVvVW rTtfkylh7if3z79+bREwWeeOJXDWZRfy9lSIfiQmMxTtHFcCiUYJ9sBpc0WrnmKb Vjr/zr9dbU5A9lxGPJ9SHvIjbt8fYys= -----END CERTIFICATE-----Generated at Sat May 31 16:28:37 2025 by rpki-client