$ rpki-client -vvf rpki.apnic.net/member_repository/A918AAA1/8114C79C486E11EEA960942CC4F9AE02/oto2N9MlP4mX2I0L2NqVmPeD-ZE.mft File: oto2N9MlP4mX2I0L2NqVmPeD-ZE.mft (raw, json) Hash identifier: fUOiuzGpO/qWiN7UBpO+KJ0VunUDNV6e2y2xLOvI8po= Subject key identifier: 4C:0A:0F:B7:09:CB:8D:4F:29:DE:23:2E:BB:A8:14:6E:51:97:B5:1F Authority key identifier: A2:DA:36:37:D3:25:3F:89:97:D8:8D:0B:D8:DA:95:98:F7:83:F9:91 Certificate issuer: /CN=A918AAA1/serialNumber=A2DA3637D3253F8997D88D0BD8DA9598F783F991 Certificate serial: 0147 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oto2N9MlP4mX2I0L2NqVmPeD-ZE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918AAA1/8114C79C486E11EEA960942CC4F9AE02/oto2N9MlP4mX2I0L2NqVmPeD-ZE.mft Manifest number: 0145 Signing time: Sat 31 May 2025 03:55:06 +0000 Manifest this update: Sat 31 May 2025 03:55:05 +0000 Manifest next update: Sat 07 Jun 2025 03:55:05 +0000 Files and hashes: 1: oto2N9MlP4mX2I0L2NqVmPeD-ZE.crl (hash: BqdwlE4OFc5MYMhwbnW3QWtAEwKxvjJQ0YfgDw9Ezcc=) 2: E6EB2B10486E11EEB4D5FF2DC4F9AE02.roa (hash: P1qwhAicU6zPENCwTGFasnrb3+NFivcUL5Wq4dABBCM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918AAA1/8114C79C486E11EEA960942CC4F9AE02/oto2N9MlP4mX2I0L2NqVmPeD-ZE.crl rsync://rpki.apnic.net/member_repository/A918AAA1/8114C79C486E11EEA960942CC4F9AE02/oto2N9MlP4mX2I0L2NqVmPeD-ZE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oto2N9MlP4mX2I0L2NqVmPeD-ZE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 03:55:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 327 (0x147) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918AAA1, serialNumber=A2DA3637D3253F8997D88D0BD8DA9598F783F991 Validity Not Before: May 31 03:55:05 2025 GMT Not After : Jun 7 03:55:05 2025 GMT Subject: CN=683a7d9a-5835 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:e3:ce:dc:1c:9a:3d:e0:c9:c4:2f:bd:f8:8c: 71:69:b9:33:ae:40:9d:58:d1:a5:c9:6b:d9:ab:5c: 27:79:b8:c4:97:48:47:23:53:b3:c0:f2:c5:db:ef: 05:a6:4e:52:0b:ed:17:f6:c6:c3:19:e9:30:64:77: 28:2b:a6:8e:52:3f:de:32:48:e4:f2:7d:89:c6:ae: 2e:da:59:8d:58:04:29:d8:99:71:0a:4b:75:d5:d4: 7c:30:93:28:9a:c7:43:29:21:63:3e:cb:5e:81:f4: 4e:90:1d:53:78:27:b6:41:3a:bb:e0:cb:e4:a4:10: 8f:11:17:ad:2d:ad:f0:98:06:d4:b1:e0:81:94:ae: 4a:be:2c:8d:b9:18:c8:7a:71:0b:62:21:d4:22:59: e5:56:a3:cf:d1:2c:66:29:e2:13:c0:33:37:93:c5: d2:d4:cc:2e:33:75:f3:16:44:e0:b0:36:88:c1:cd: 8e:c5:dc:f5:3e:63:93:18:47:df:0c:34:6f:b3:5c: 92:54:26:6d:f9:99:50:e1:a3:e9:25:2c:84:ea:b7: 89:1b:6c:64:f0:ea:df:ca:0a:be:b3:4b:3e:38:a6: 2f:bb:94:05:13:0f:29:d2:77:67:b8:cd:8d:41:e8: c3:fd:28:a3:66:ef:cb:6f:45:9c:d6:20:cd:1a:d9: e8:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:0A:0F:B7:09:CB:8D:4F:29:DE:23:2E:BB:A8:14:6E:51:97:B5:1F X509v3 Authority Key Identifier: keyid:A2:DA:36:37:D3:25:3F:89:97:D8:8D:0B:D8:DA:95:98:F7:83:F9:91 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918AAA1/8114C79C486E11EEA960942CC4F9AE02/oto2N9MlP4mX2I0L2NqVmPeD-ZE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oto2N9MlP4mX2I0L2NqVmPeD-ZE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918AAA1/8114C79C486E11EEA960942CC4F9AE02/oto2N9MlP4mX2I0L2NqVmPeD-ZE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7a:d7:57:90:33:d1:5d:37:c2:af:81:56:75:25:e4:23:5d:0f: a1:d8:cb:2b:7a:c5:fe:9c:9e:97:91:4a:ed:35:f7:86:3c:ef: 55:d2:88:0d:df:ee:dd:5c:ec:b2:ab:5a:ef:67:7e:94:c4:d8: 03:44:a5:e7:f2:8d:47:ca:6c:15:a5:1f:49:5e:fe:37:e0:a7: ce:b4:f0:31:76:ea:76:5c:97:73:0d:04:5e:10:59:e1:7f:47: 54:e3:a2:d3:68:09:bf:7f:73:87:3a:9c:2b:81:27:43:e6:a6: ab:db:e3:89:67:7b:b5:4a:0b:95:9b:0a:cf:da:60:03:c4:b6: e0:26:ec:88:04:98:3e:e7:f4:12:a2:a0:b1:a5:dd:2c:22:98: 43:9c:cc:9f:75:6e:18:1b:04:23:b6:75:52:f0:6e:a7:42:6f: bc:70:0b:8b:62:06:b9:f5:5c:2a:3c:32:c4:42:34:f1:72:74: c2:b2:22:ca:34:aa:87:02:45:17:91:ca:32:ed:3a:1f:bc:99: 4e:27:1f:3b:42:1d:04:32:f4:f4:e2:5a:e2:76:3f:de:d4:ff: 22:b4:a8:af:c9:97:c7:fa:cc:21:db:02:c9:f9:be:4e:a5:c0: 75:fe:3b:16:91:5f:a8:ca:76:81:24:2f:87:32:49:01:22:24: 49:93:54:95 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEFBQTExMTAvBgNVBAUTKEEyREEzNjM3RDMyNTNGODk5N0Q4OEQwQkQ4REE5NTk4 Rjc4M0Y5OTEwHhcNMjUwNTMxMDM1NTA1WhcNMjUwNjA3MDM1NTA1WjAYMRYwFAYD VQQDEw02ODNhN2Q5YS01ODM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv+PO3ByaPeDJxC+9+IxxabkzrkCdWNGlyWvZq1wnebjEl0hHI1OzwPLF2+8F pk5SC+0X9sbDGekwZHcoK6aOUj/eMkjk8n2Jxq4u2lmNWAQp2JlxCkt11dR8MJMo msdDKSFjPstegfROkB1TeCe2QTq74MvkpBCPERetLa3wmAbUseCBlK5KviyNuRjI enELYiHUIlnlVqPP0SxmKeITwDM3k8XS1MwuM3XzFkTgsDaIwc2Oxdz1PmOTGEff DDRvs1ySVCZt+ZlQ4aPpJSyE6reJG2xk8Orfygq+s0s+OKYvu5QFEw8p0ndnuM2N QejD/SijZu/Lb0Wc1iDNGtnozQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEwKD7cJ y41PKd4jLruoFG5Rl7UfMB8GA1UdIwQYMBaAFKLaNjfTJT+Jl9iNC9jalZj3g/mR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QUFBMS84MTE0Qzc5QzQ4 NkUxMUVFQTk2MDk0MkNDNEY5QUUwMi9vdG8yTjlNbFA0bVgySTBMMk5xVm1QZUQt WkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL290bzJOOU1sUDRtWDJJMEwyTnFWbVBlRC1aRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 QUFBMS84MTE0Qzc5QzQ4NkUxMUVFQTk2MDk0MkNDNEY5QUUwMi9vdG8yTjlNbFA0 bVgySTBMMk5xVm1QZUQtWkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB611eQM9FdN8KvgVZ1JeQjXQ+h2MsresX+nJ6XkUrtNfeGPO9V0ogN 3+7dXOyyq1rvZ36UxNgDRKXn8o1HymwVpR9JXv434KfOtPAxdup2XJdzDQReEFnh f0dU46LTaAm/f3OHOpwrgSdD5qar2+OJZ3u1SguVmwrP2mADxLbgJuyIBJg+5/QS oqCxpd0sIphDnMyfdW4YGwQjtnVS8G6nQm+8cAuLYga59VwqPDLEQjTxcnTCsiLK NKqHAkUXkcoy7TofvJlOJx87Qh0EMvT04lridj/e1P8itKivyZfH+swh2wLJ+b5O pcB1/jsWkV+oynaBJC+HMkkBIiRJk1SV -----END CERTIFICATE-----Generated at Sat May 31 17:26:13 2025 by rpki-client