$ rpki-client -vvf rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.mft File: OhbEBL_tNHJEowpa__ZuSZKqKCE.mft (raw, json) Hash identifier: 1uWYSyFeJ7vSjcgvyUg2RNeWFfl66e1/ZLTk+KKwLQQ= Subject key identifier: F4:19:2F:2A:3F:57:DE:C0:D4:66:C5:8C:35:2E:98:4E:E5:2D:E2:38 Authority key identifier: 3A:16:C4:04:BF:ED:34:72:44:A3:0A:5A:FF:F6:6E:49:92:AA:28:21 Certificate issuer: /CN=A91A65C4/serialNumber=3A16C404BFED347244A30A5AFFF66E4992AA2821 Certificate serial: 0449 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhbEBL_tNHJEowpa__ZuSZKqKCE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.mft Manifest number: 0443 Signing time: Sat 31 May 2025 00:28:32 +0000 Manifest this update: Sat 31 May 2025 00:28:31 +0000 Manifest next update: Sat 07 Jun 2025 00:28:31 +0000 Files and hashes: 1: OhbEBL_tNHJEowpa__ZuSZKqKCE.crl (hash: r8Ri9e7fJIwo8VPvjT7a6Y01XCMNpjBHDKJPHzD3UJ8=) 2: 9D77DCA4599A11ECA574BF52C4F9AE02.roa (hash: /fF1tdSaYFH2w1w+0HXHgYqEthaF4A0sGCD2uCBxpiY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.crl rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhbEBL_tNHJEowpa__ZuSZKqKCE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 00:28:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1097 (0x449) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A65C4, serialNumber=3A16C404BFED347244A30A5AFFF66E4992AA2821 Validity Not Before: May 31 00:28:31 2025 GMT Not After : Jun 7 00:28:31 2025 GMT Subject: CN=683a4d2f-7dd2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:f6:2d:30:82:85:e1:ea:93:e4:29:a3:b4:ac: 2a:26:f7:cb:df:52:d9:1c:49:4d:4f:35:8f:24:c8: 14:e1:ab:90:68:48:66:51:1f:92:f9:ff:c7:08:ae: 60:e3:ce:f9:c8:c8:b4:b9:11:23:d7:03:35:f4:1d: 13:35:b9:35:7b:3a:32:d7:85:42:31:cf:2d:0f:0d: 6b:dd:60:b3:78:f0:5e:1e:7c:52:2f:82:d9:a1:eb: cd:99:ab:9e:c8:01:6a:af:ae:7c:a5:0c:2d:76:8a: 99:b7:e6:1c:bf:0f:ca:9d:fd:b0:bb:80:a4:eb:81: 35:34:56:d1:82:38:67:7d:94:d8:b6:f9:c3:82:38: 92:99:d0:4b:18:73:5b:ef:03:cb:1b:23:41:3d:98: 7c:8d:27:44:a2:e3:e0:ec:2a:96:56:3e:e8:2c:b9: a9:6e:5c:d2:67:eb:6b:a7:a3:51:03:1e:9d:74:33: ba:3c:83:36:48:08:46:fa:a1:92:67:eb:cf:ae:ec: 7e:66:12:ae:24:1e:6a:f3:43:8b:4d:cc:08:31:a2: 71:dd:5b:c7:f2:3e:25:15:7a:d3:73:70:f1:c6:d2: 6b:e0:dd:e3:a1:d8:0f:cc:b0:c0:7f:45:45:f7:c3: 34:42:52:d1:a3:04:a9:8a:44:58:7c:c6:12:54:15: 42:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:19:2F:2A:3F:57:DE:C0:D4:66:C5:8C:35:2E:98:4E:E5:2D:E2:38 X509v3 Authority Key Identifier: keyid:3A:16:C4:04:BF:ED:34:72:44:A3:0A:5A:FF:F6:6E:49:92:AA:28:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhbEBL_tNHJEowpa__ZuSZKqKCE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 76:5f:43:36:db:99:e3:d8:87:83:70:9c:61:b7:05:47:96:f7: 66:69:63:34:99:f1:85:42:3e:15:25:e7:3b:1a:45:dc:88:79: 0c:e5:1b:03:1d:d3:a2:df:ab:45:6c:59:ba:b3:fe:a6:b7:79: e6:60:16:a7:77:01:26:4b:03:65:cc:c5:3e:8e:4e:15:55:f3: 65:45:91:a2:79:1b:41:5d:8d:94:b0:f8:f8:89:c9:c4:23:76: b9:f7:b9:9c:42:6b:24:d2:06:a0:4d:3f:84:09:f9:e3:e2:07: f2:b8:59:39:62:d0:3e:a4:81:0e:49:f0:16:ea:8d:8f:4d:69: 8b:bf:9e:1b:a4:03:f5:76:83:1c:e2:22:a7:39:83:db:14:ca: 78:2e:43:01:94:2f:7c:24:7f:35:8a:40:2f:36:fa:a8:1d:05: c2:7a:5c:1f:57:65:6b:05:46:dc:84:3a:f7:bc:bb:7f:00:93: 32:df:c4:1a:6f:58:a8:6c:b5:ec:38:5f:a1:6a:6e:67:48:06: 82:c0:79:9a:db:31:10:91:da:b3:4e:32:29:58:bc:b6:ab:6f: a7:c9:c0:d5:8d:83:0f:1b:27:94:8e:58:0d:4e:9e:2d:6f:fc: 5c:6e:a9:1b:36:3f:da:dc:76:dc:06:8e:1d:90:13:12:b0:6b: 02:7b:45:fd -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBEkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTY1QzQxMTAvBgNVBAUTKDNBMTZDNDA0QkZFRDM0NzI0NEEzMEE1QUZGRjY2RTQ5 OTJBQTI4MjEwHhcNMjUwNTMxMDAyODMxWhcNMjUwNjA3MDAyODMxWjAYMRYwFAYD VQQDEw02ODNhNGQyZi03ZGQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvvYtMIKF4eqT5CmjtKwqJvfL31LZHElNTzWPJMgU4auQaEhmUR+S+f/HCK5g 4875yMi0uREj1wM19B0TNbk1ezoy14VCMc8tDw1r3WCzePBeHnxSL4LZoevNmaue yAFqr658pQwtdoqZt+Ycvw/Knf2wu4Ck64E1NFbRgjhnfZTYtvnDgjiSmdBLGHNb 7wPLGyNBPZh8jSdEouPg7CqWVj7oLLmpblzSZ+trp6NRAx6ddDO6PIM2SAhG+qGS Z+vPrux+ZhKuJB5q80OLTcwIMaJx3VvH8j4lFXrTc3DxxtJr4N3jodgPzLDAf0VF 98M0QlLRowSpikRYfMYSVBVC5QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPQZLyo/ V97A1GbFjDUumE7lLeI4MB8GA1UdIwQYMBaAFDoWxAS/7TRyRKMKWv/2bkmSqigh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNjVDNC8zRTNBNTUwMjU5 OTgxMUVDOTM5MUQ1NTBDNEY5QUUwMi9PaGJFQkxfdE5ISkVvd3BhX19adVNaS3FL Q0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09oYkVCTF90TkhKRW93cGFfX1p1U1pLcUtDRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NjVDNC8zRTNBNTUwMjU5OTgxMUVDOTM5MUQ1NTBDNEY5QUUwMi9PaGJFQkxfdE5I SkVvd3BhX19adVNaS3FLQ0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB2X0M225nj2IeDcJxhtwVHlvdmaWM0mfGFQj4VJec7GkXciHkM5RsD HdOi36tFbFm6s/6mt3nmYBandwEmSwNlzMU+jk4VVfNlRZGieRtBXY2UsPj4icnE I3a597mcQmsk0gagTT+ECfnj4gfyuFk5YtA+pIEOSfAW6o2PTWmLv54bpAP1doMc 4iKnOYPbFMp4LkMBlC98JH81ikAvNvqoHQXCelwfV2VrBUbchDr3vLt/AJMy38Qa b1iobLXsOF+ham5nSAaCwHma2zEQkdqzTjIpWLy2q2+nycDVjYMPGyeUjlgNTp4t b/xcbqkbNj/a3HbcBo4dkBMSsGsCe0X9 -----END CERTIFICATE-----Generated at Sat May 31 17:03:30 2025 by rpki-client