$ rpki-client -vvf rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.mft File: Ok9ILhJcCNuDBRbVGkot8eCqiso.mft (raw, json) Hash identifier: 3SuDh1AC7VX+q0eIYeqjwfBg8Ph7rccmSSZJpTIkQXA= Subject key identifier: 37:CE:D7:7F:1B:33:D8:DC:74:B5:02:4F:10:0C:48:37:2A:A6:27:C7 Authority key identifier: 3A:4F:48:2E:12:5C:08:DB:83:05:16:D5:1A:4A:2D:F1:E0:AA:8A:CA Certificate issuer: /CN=A918C158/serialNumber=3A4F482E125C08DB830516D51A4A2DF1E0AA8ACA Certificate serial: 0A50 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ok9ILhJcCNuDBRbVGkot8eCqiso.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.mft Manifest number: 0A4B Signing time: Fri 30 May 2025 19:53:28 +0000 Manifest this update: Fri 30 May 2025 19:53:27 +0000 Manifest next update: Fri 06 Jun 2025 19:53:27 +0000 Files and hashes: 1: Ok9ILhJcCNuDBRbVGkot8eCqiso.crl (hash: Y4LI0L3vXwZ5mwVLLMUVfEmm6kuHqQ2XBAOxCCnc4W0=) 2: F25A6266796A11EB82E0EE24C4F9AE02.roa (hash: aNxxH/k6H9pUK4+Yh6tMJ5W3Dxa/fkGC+OopIVqyBEI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.crl rsync://rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ok9ILhJcCNuDBRbVGkot8eCqiso.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 19:53:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2640 (0xa50) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918C158, serialNumber=3A4F482E125C08DB830516D51A4A2DF1E0AA8ACA Validity Not Before: May 30 19:53:27 2025 GMT Not After : Jun 6 19:53:27 2025 GMT Subject: CN=683a0cb7-1948 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:5e:f9:4a:a0:f7:db:3a:39:76:cb:31:f6:4e: 1d:c2:6b:61:6e:eb:cb:9f:1e:03:49:0e:5f:e4:fc: dc:76:19:6f:b1:42:c8:33:2f:95:6a:62:fa:94:69: 9b:18:9d:a8:d0:b4:59:35:d4:58:6a:15:01:1c:13: c6:b1:70:1b:63:eb:9e:e3:71:d1:9a:08:ce:25:76: bb:a0:c6:6e:87:5f:f7:eb:a4:cf:6e:32:4f:fc:f1: 18:11:fe:e8:f3:7c:31:bf:d9:71:84:74:67:f7:7a: 04:5d:9b:42:49:39:f1:0b:01:57:0e:76:bd:e2:3d: 2d:24:60:e2:3a:73:81:60:d7:71:81:95:aa:e2:24: 6d:99:29:8a:62:84:2f:3f:45:4c:3f:1b:05:aa:77: 5b:e5:01:c8:d1:cc:e4:73:c9:37:28:da:99:1a:f8: 20:4e:3c:28:e5:d6:05:1c:52:c2:f2:21:88:3d:b7: e1:ce:43:67:d2:7f:4d:39:ee:02:2b:14:93:75:41: 7a:f6:54:6e:52:34:00:fc:8c:83:b4:cb:83:a8:e1: 20:7e:19:cb:8b:74:ed:fc:d1:5a:f1:b9:ca:3d:31: 5d:49:d2:e7:cf:c7:24:d3:f1:06:ba:77:ee:e2:f2: 4d:77:35:e9:51:e6:30:c9:05:2c:d5:df:bc:37:f2: db:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:CE:D7:7F:1B:33:D8:DC:74:B5:02:4F:10:0C:48:37:2A:A6:27:C7 X509v3 Authority Key Identifier: keyid:3A:4F:48:2E:12:5C:08:DB:83:05:16:D5:1A:4A:2D:F1:E0:AA:8A:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ok9ILhJcCNuDBRbVGkot8eCqiso.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C158/AE51D802673B11EA99B2E556C4F9AE02/Ok9ILhJcCNuDBRbVGkot8eCqiso.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 74:16:17:f6:22:27:47:3c:e4:0e:11:f8:ff:4b:31:8f:31:93: be:31:0c:25:1f:48:09:9c:c9:79:5d:6e:a1:00:84:13:90:1b: ed:39:18:a0:bf:0c:3f:d6:86:f7:2a:16:f8:6e:9d:eb:14:62: 69:92:f4:ac:d5:d1:3f:7f:2e:93:a4:ec:7b:6e:c5:c2:9d:92: ab:b3:c8:bb:55:d3:e2:5e:40:e9:1e:53:df:24:36:57:38:53: 89:31:19:b0:38:50:80:12:31:a3:36:0b:5d:50:59:20:61:51: 6a:15:a4:e9:e5:8f:7b:32:85:5c:7d:fc:f1:6f:d8:6d:a9:f5: 2a:da:f2:97:36:02:d7:e9:46:75:9a:83:bf:37:be:f4:1e:44: 88:43:c1:3c:b0:65:db:d2:ba:2f:b3:e0:b2:f3:44:93:e9:18: 67:93:ff:d2:14:0d:58:b0:17:56:01:f0:30:e6:3b:3a:43:05: 4c:92:26:de:f9:2f:8c:79:f6:fe:9e:c3:4e:85:1a:f5:9f:46: d6:3d:fa:1b:a2:eb:65:5e:35:70:f8:23:a1:13:d4:83:4e:42: 2a:b6:49:5d:6b:6e:01:4e:4f:ec:05:85:d3:c6:eb:0d:a5:51: 34:89:4b:49:8e:3c:89:49:3d:56:5b:ba:54:50:e9:02:18:50: 1f:e6:b4:4e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICClAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEMxNTgxMTAvBgNVBAUTKDNBNEY0ODJFMTI1QzA4REI4MzA1MTZENTFBNEEyREYx RTBBQThBQ0EwHhcNMjUwNTMwMTk1MzI3WhcNMjUwNjA2MTk1MzI3WjAYMRYwFAYD VQQDEw02ODNhMGNiNy0xOTQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx175SqD32zo5dssx9k4dwmthbuvLnx4DSQ5f5PzcdhlvsULIMy+VamL6lGmb GJ2o0LRZNdRYahUBHBPGsXAbY+ue43HRmgjOJXa7oMZuh1/366TPbjJP/PEYEf7o 83wxv9lxhHRn93oEXZtCSTnxCwFXDna94j0tJGDiOnOBYNdxgZWq4iRtmSmKYoQv P0VMPxsFqndb5QHI0czkc8k3KNqZGvggTjwo5dYFHFLC8iGIPbfhzkNn0n9NOe4C KxSTdUF69lRuUjQA/IyDtMuDqOEgfhnLi3Tt/NFa8bnKPTFdSdLnz8ck0/EGunfu 4vJNdzXpUeYwyQUs1d+8N/LbIQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDfO138b M9jcdLUCTxAMSDcqpifHMB8GA1UdIwQYMBaAFDpPSC4SXAjbgwUW1RpKLfHgqorK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QzE1OC9BRTUxRDgwMjY3 M0IxMUVBOTlCMkU1NTZDNEY5QUUwMi9PazlJTGhKY0NOdURCUmJWR2tvdDhlQ3Fp c28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09rOUlMaEpjQ051REJSYlZHa290OGVDcWlzby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 QzE1OC9BRTUxRDgwMjY3M0IxMUVBOTlCMkU1NTZDNEY5QUUwMi9PazlJTGhKY0NO dURCUmJWR2tvdDhlQ3Fpc28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB0Fhf2IidHPOQOEfj/SzGPMZO+MQwlH0gJnMl5XW6hAIQTkBvtORig vww/1ob3Khb4bp3rFGJpkvSs1dE/fy6TpOx7bsXCnZKrs8i7VdPiXkDpHlPfJDZX OFOJMRmwOFCAEjGjNgtdUFkgYVFqFaTp5Y97MoVcffzxb9htqfUq2vKXNgLX6UZ1 moO/N770HkSIQ8E8sGXb0rovs+Cy80ST6Rhnk//SFA1YsBdWAfAw5js6QwVMkibe +S+Mefb+nsNOhRr1n0bWPfoboutlXjVw+COhE9SDTkIqtklda24BTk/sBYXTxusN pVE0iUtJjjyJST1WW7pUUOkCGFAf5rRO -----END CERTIFICATE-----Generated at Sat May 31 17:46:28 2025 by rpki-client