$ rpki-client -vvf rpki.apnic.net/member_repository/A91A3873/112EC196FDB811EC8E386913C4F9AE02/O0eqDQMgkZXwVVxgreMpTy03oqE.mft File: O0eqDQMgkZXwVVxgreMpTy03oqE.mft (raw, json) Hash identifier: VVXM9aCuWDTiUL7nMV9P57mJ+XJCsi6hfrv9MsTSOtc= Subject key identifier: BD:92:36:F1:88:B6:F3:0B:CB:01:0E:B9:53:82:BC:4F:ED:F1:CE:DC Authority key identifier: 3B:47:AA:0D:03:20:91:95:F0:55:5C:60:AD:E3:29:4F:2D:37:A2:A1 Certificate issuer: /CN=A91A3873/serialNumber=3B47AA0D03209195F0555C60ADE3294F2D37A2A1 Certificate serial: 02AE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O0eqDQMgkZXwVVxgreMpTy03oqE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A3873/112EC196FDB811EC8E386913C4F9AE02/O0eqDQMgkZXwVVxgreMpTy03oqE.mft Manifest number: 02A8 Signing time: Sat 31 May 2025 01:42:17 +0000 Manifest this update: Sat 31 May 2025 01:42:16 +0000 Manifest next update: Sat 07 Jun 2025 01:42:16 +0000 Files and hashes: 1: O0eqDQMgkZXwVVxgreMpTy03oqE.crl (hash: zcpgVDClQCbNOaJ4+51RkBJmfEQl4971uDyGxYGo2os=) 2: C78C216A070211EDB5178252C4F9AE02.roa (hash: SRhZlpn7+MBKLxOuK/LxQ3OpeiTq/ZO5FLcjac1mcNc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A3873/112EC196FDB811EC8E386913C4F9AE02/O0eqDQMgkZXwVVxgreMpTy03oqE.crl rsync://rpki.apnic.net/member_repository/A91A3873/112EC196FDB811EC8E386913C4F9AE02/O0eqDQMgkZXwVVxgreMpTy03oqE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O0eqDQMgkZXwVVxgreMpTy03oqE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 01:42:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 686 (0x2ae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A3873, serialNumber=3B47AA0D03209195F0555C60ADE3294F2D37A2A1 Validity Not Before: May 31 01:42:16 2025 GMT Not After : Jun 7 01:42:16 2025 GMT Subject: CN=683a5e79-458a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:d5:a4:e3:3f:bb:f3:e7:bb:c3:80:c1:07:8c: ec:8b:96:74:66:53:ea:73:7a:de:a8:9c:b9:5e:fe: 75:3c:56:d6:2e:93:33:b9:c7:a3:7b:d1:66:60:46: 38:69:9e:fe:ab:36:63:6d:31:e4:f1:09:dd:9d:ec: 84:a9:05:ba:50:41:d8:17:62:15:59:45:b5:62:5e: 8b:fc:94:6b:72:5b:90:e5:7e:80:e3:e5:00:cc:81: 5b:6b:83:89:81:f4:62:e4:17:50:43:73:f5:49:94: fe:ce:2d:9e:c5:a0:2c:c8:ba:c9:fa:b6:a8:1f:b2: 8b:70:49:e0:be:08:6a:ce:47:fd:38:3e:56:62:11: 1e:6b:03:0d:c7:91:98:72:e9:c8:96:2b:2b:d2:5e: df:66:0c:e7:06:4c:65:22:32:d3:53:4c:25:2f:b6: c6:a0:69:20:1e:2d:0d:bc:e5:44:4f:0b:40:c7:c3: c8:bc:e1:6d:f8:9d:71:c4:a9:55:19:fa:d0:c5:a7: 17:4e:97:19:10:02:9f:47:44:52:86:18:85:42:93: 9c:04:de:30:f9:4b:b8:a7:aa:4e:dc:60:34:9f:2c: 3e:32:a5:a4:ee:e6:8d:44:69:d6:69:cc:d8:6b:87: ab:73:c0:9d:57:60:81:ba:5a:f9:33:d3:d0:67:93: ab:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:92:36:F1:88:B6:F3:0B:CB:01:0E:B9:53:82:BC:4F:ED:F1:CE:DC X509v3 Authority Key Identifier: keyid:3B:47:AA:0D:03:20:91:95:F0:55:5C:60:AD:E3:29:4F:2D:37:A2:A1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A3873/112EC196FDB811EC8E386913C4F9AE02/O0eqDQMgkZXwVVxgreMpTy03oqE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O0eqDQMgkZXwVVxgreMpTy03oqE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A3873/112EC196FDB811EC8E386913C4F9AE02/O0eqDQMgkZXwVVxgreMpTy03oqE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0b:fa:e7:9a:f8:d6:d2:1a:51:1c:c9:6a:d9:a8:fb:32:c8:e1: cc:07:4d:a3:30:b8:9f:bd:52:2c:14:de:9e:51:bc:f0:e3:85: 6d:e2:3d:57:71:bf:00:f3:b1:b0:14:9a:4f:e5:d9:fb:6d:fa: 8d:4c:31:1f:59:31:a6:cc:db:2f:89:eb:1f:3b:73:d9:b8:20: 85:91:24:d8:44:54:ba:0b:96:10:a6:b5:6a:a3:eb:67:3a:70: 16:7d:8b:02:7d:35:2e:b8:9a:70:4f:05:93:5e:23:94:6b:7e: 63:c2:7e:a9:ee:fc:bb:b0:9d:4a:17:15:44:7d:4d:93:a8:f2: 9c:dc:3d:9f:dd:f4:0c:5b:1e:a1:33:66:3f:c8:26:e6:30:5c: 8f:15:24:ec:7a:63:d3:f1:2d:6b:51:24:6e:04:be:c3:cd:bb: d8:ff:a6:c5:dc:03:64:73:85:0a:c0:a8:64:ef:78:7a:1d:9d: a6:52:c5:4a:de:d4:a8:a7:25:d5:da:81:70:33:bd:ac:ef:eb: 32:aa:de:4d:09:11:0a:a5:44:af:e5:0c:fb:24:35:85:80:b5: a7:10:92:47:d2:cd:04:69:1e:e7:bf:c8:0b:5a:d5:1e:f7:ba: 6a:a6:f3:dd:ce:ad:ae:99:b3:35:cd:f8:78:c5:f7:d2:ef:e7: e6:49:e7:88 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAq4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTM4NzMxMTAvBgNVBAUTKDNCNDdBQTBEMDMyMDkxOTVGMDU1NUM2MEFERTMyOTRG MkQzN0EyQTEwHhcNMjUwNTMxMDE0MjE2WhcNMjUwNjA3MDE0MjE2WjAYMRYwFAYD VQQDEw02ODNhNWU3OS00NThhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxNWk4z+78+e7w4DBB4zsi5Z0ZlPqc3reqJy5Xv51PFbWLpMzuceje9FmYEY4 aZ7+qzZjbTHk8QndneyEqQW6UEHYF2IVWUW1Yl6L/JRrcluQ5X6A4+UAzIFba4OJ gfRi5BdQQ3P1SZT+zi2exaAsyLrJ+raoH7KLcEngvghqzkf9OD5WYhEeawMNx5GY cunIlisr0l7fZgznBkxlIjLTU0wlL7bGoGkgHi0NvOVETwtAx8PIvOFt+J1xxKlV GfrQxacXTpcZEAKfR0RShhiFQpOcBN4w+Uu4p6pO3GA0nyw+MqWk7uaNRGnWaczY a4erc8CdV2CBulr5M9PQZ5OrrQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL2SNvGI tvMLywEOuVOCvE/t8c7cMB8GA1UdIwQYMBaAFDtHqg0DIJGV8FVcYK3jKU8tN6Kh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMzg3My8xMTJFQzE5NkZE QjgxMUVDOEUzODY5MTNDNEY5QUUwMi9PMGVxRFFNZ2taWHdWVnhncmVNcFR5MDNv cUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL08wZXFEUU1na1pYd1ZWeGdyZU1wVHkwM29xRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB Mzg3My8xMTJFQzE5NkZEQjgxMUVDOEUzODY5MTNDNEY5QUUwMi9PMGVxRFFNZ2ta WHdWVnhncmVNcFR5MDNvcUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAL+uea+NbSGlEcyWrZqPsyyOHMB02jMLifvVIsFN6eUbzw44Vt4j1X cb8A87GwFJpP5dn7bfqNTDEfWTGmzNsviesfO3PZuCCFkSTYRFS6C5YQprVqo+tn OnAWfYsCfTUuuJpwTwWTXiOUa35jwn6p7vy7sJ1KFxVEfU2TqPKc3D2f3fQMWx6h M2Y/yCbmMFyPFSTsemPT8S1rUSRuBL7DzbvY/6bF3ANkc4UKwKhk73h6HZ2mUsVK 3tSopyXV2oFwM72s7+syqt5NCREKpUSv5Qz7JDWFgLWnEJJH0s0EaR7nv8gLWtUe 97pqpvPdzq2umbM1zfh4xffS7+fmSeeI -----END CERTIFICATE-----Generated at Sat May 31 17:44:01 2025 by rpki-client