$ rpki-client -vvf rpki.apnic.net/member_repository/A91B2D29/F71E7166552111E5ADB2092AC4F9AE02/uOlsag2VSKKgQMvnGZdFun2x7Sg.mft File: uOlsag2VSKKgQMvnGZdFun2x7Sg.mft (raw, json) Hash identifier: a3mEGV9N6nimK0k32STRqSeFOloB0UetfBVNVOtNSnM= Subject key identifier: 73:0E:7C:02:B1:AA:C2:1C:08:6B:E1:A4:18:DF:37:58:17:5B:EE:A1 Authority key identifier: B8:E9:6C:6A:0D:95:48:A2:A0:40:CB:E7:19:97:45:BA:7D:B1:ED:28 Certificate issuer: /CN=A91B2D29/serialNumber=B8E96C6A0D9548A2A040CBE7199745BA7DB1ED28 Certificate serial: 09B2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uOlsag2VSKKgQMvnGZdFun2x7Sg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B2D29/F71E7166552111E5ADB2092AC4F9AE02/uOlsag2VSKKgQMvnGZdFun2x7Sg.mft Manifest number: 4679 Signing time: Fri 30 May 2025 15:59:09 +0000 Manifest this update: Fri 30 May 2025 15:59:08 +0000 Manifest next update: Fri 06 Jun 2025 15:59:08 +0000 Files and hashes: 1: uOlsag2VSKKgQMvnGZdFun2x7Sg.crl (hash: vrMoYMwf5TTwsS6Y0/GEVDYyy75AVlV379NNMVSqzfM=) 2: 7CEC1452E17E11ECAB421316C4F9AE02.roa (hash: HQMuxFH+p0cd5TxCsDJ5OnEAYnLT5yZN5O7uVIpfgdA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B2D29/F71E7166552111E5ADB2092AC4F9AE02/uOlsag2VSKKgQMvnGZdFun2x7Sg.crl rsync://rpki.apnic.net/member_repository/A91B2D29/F71E7166552111E5ADB2092AC4F9AE02/uOlsag2VSKKgQMvnGZdFun2x7Sg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uOlsag2VSKKgQMvnGZdFun2x7Sg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 15:59:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2482 (0x9b2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B2D29, serialNumber=B8E96C6A0D9548A2A040CBE7199745BA7DB1ED28 Validity Not Before: May 30 15:59:08 2025 GMT Not After : Jun 6 15:59:08 2025 GMT Subject: CN=6839d5cc-d932 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:ee:38:e7:66:cf:f8:3e:a2:29:a7:0c:52:2e: e2:91:48:69:45:a7:59:a8:6e:21:63:69:7b:bf:d8: e5:c4:1b:4e:e2:2a:d8:b4:ae:fc:f9:52:1b:ff:c2: a6:11:c4:e6:76:8a:e0:41:e6:b6:b3:b8:8f:af:38: e4:be:4b:aa:c7:dc:c3:ab:87:c8:d2:f6:83:07:d8: 04:2b:72:50:ca:8e:f5:7c:51:af:72:1e:4a:b6:39: c0:92:95:e0:df:00:11:9b:e6:7c:9a:e0:72:c0:38: 81:6c:ba:70:e4:a0:ea:96:1c:04:50:4e:6a:95:57: 69:76:2a:41:14:d6:05:23:a7:bd:48:8e:59:a2:50: c4:b6:31:82:39:78:51:87:43:e2:c4:4d:4e:66:9b: fb:e8:60:8b:4d:8c:98:b3:f6:13:94:b7:9f:b4:13: cb:b7:3b:7e:45:a9:58:c5:4f:5d:01:49:af:1e:67: 77:14:8a:91:b0:d0:a4:d4:04:c8:f5:7a:d3:03:e2: 41:57:91:64:14:7b:45:c7:3f:a3:e6:de:00:c9:50: 8c:f3:45:51:da:e6:1d:d7:5e:86:fa:29:23:0e:9d: ea:ba:50:2b:39:f0:b0:b2:0d:4a:8a:21:6f:91:58: 16:49:5e:12:1e:67:65:88:2a:db:47:0a:99:b4:65: bf:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:0E:7C:02:B1:AA:C2:1C:08:6B:E1:A4:18:DF:37:58:17:5B:EE:A1 X509v3 Authority Key Identifier: keyid:B8:E9:6C:6A:0D:95:48:A2:A0:40:CB:E7:19:97:45:BA:7D:B1:ED:28 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B2D29/F71E7166552111E5ADB2092AC4F9AE02/uOlsag2VSKKgQMvnGZdFun2x7Sg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uOlsag2VSKKgQMvnGZdFun2x7Sg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B2D29/F71E7166552111E5ADB2092AC4F9AE02/uOlsag2VSKKgQMvnGZdFun2x7Sg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3b:e1:3c:5c:ed:0d:47:5d:00:4b:2d:1c:c0:20:96:b7:76:ee: 03:3f:a6:e7:48:ff:46:62:db:07:92:c2:74:9e:9f:1a:ba:2d: 5d:9f:17:3a:25:67:d3:f3:b4:04:dd:9d:97:da:29:4b:2d:b7: eb:a2:03:b6:59:b0:b5:46:80:bf:3b:5b:38:84:3a:25:7f:f1: 24:ad:0a:6f:45:22:45:78:57:8b:c9:8f:21:ea:b7:0b:91:4a: 80:51:c4:31:9e:1e:7e:1d:74:6f:52:b7:28:4a:64:98:96:8d: 9a:54:fb:bd:d6:7c:dc:57:ae:8d:fa:03:cf:e5:f8:49:b3:e3: 8f:00:eb:4a:40:dd:ae:4d:c7:5d:63:39:a9:4a:0a:ba:12:21: f4:1f:d8:a6:6a:46:ee:ce:ac:0c:d4:27:0c:d4:44:34:77:4b: 65:c2:58:1f:77:36:47:5f:5b:72:d6:8d:a5:51:a2:ec:a8:b3: 9d:2d:72:45:62:2b:70:4d:41:0e:15:24:5e:fc:92:bb:5c:d5: b4:8d:9e:6f:73:ea:37:37:24:f6:68:4d:12:cd:da:19:37:3e: d7:47:f7:6a:34:77:eb:0f:66:5b:66:f7:b1:9b:69:6d:d5:6b: eb:4d:3b:77:bd:19:c9:5e:ba:c5:b2:75:54:62:57:5a:c1:82: 09:67:87:06 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCbIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjJEMjkxMTAvBgNVBAUTKEI4RTk2QzZBMEQ5NTQ4QTJBMDQwQ0JFNzE5OTc0NUJB N0RCMUVEMjgwHhcNMjUwNTMwMTU1OTA4WhcNMjUwNjA2MTU1OTA4WjAYMRYwFAYD VQQDEw02ODM5ZDVjYy1kOTMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvu4452bP+D6iKacMUi7ikUhpRadZqG4hY2l7v9jlxBtO4irYtK78+VIb/8Km EcTmdorgQea2s7iPrzjkvkuqx9zDq4fI0vaDB9gEK3JQyo71fFGvch5KtjnAkpXg 3wARm+Z8muBywDiBbLpw5KDqlhwEUE5qlVdpdipBFNYFI6e9SI5ZolDEtjGCOXhR h0PixE1OZpv76GCLTYyYs/YTlLeftBPLtzt+RalYxU9dAUmvHmd3FIqRsNCk1ATI 9XrTA+JBV5FkFHtFxz+j5t4AyVCM80VR2uYd116G+ikjDp3qulArOfCwsg1KiiFv kVgWSV4SHmdliCrbRwqZtGW/MwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHMOfAKx qsIcCGvhpBjfN1gXW+6hMB8GA1UdIwQYMBaAFLjpbGoNlUiioEDL5xmXRbp9se0o MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMkQyOS9GNzFFNzE2NjU1 MjExMUU1QURCMjA5MkFDNEY5QUUwMi91T2xzYWcyVlNLS2dRTXZuR1pkRnVuMng3 U2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3VPbHNhZzJWU0tLZ1FNdm5HWmRGdW4yeDdTZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MkQyOS9GNzFFNzE2NjU1MjExMUU1QURCMjA5MkFDNEY5QUUwMi91T2xzYWcyVlNL S2dRTXZuR1pkRnVuMng3U2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA74Txc7Q1HXQBLLRzAIJa3du4DP6bnSP9GYtsHksJ0np8aui1dnxc6 JWfT87QE3Z2X2ilLLbfrogO2WbC1RoC/O1s4hDolf/EkrQpvRSJFeFeLyY8h6rcL kUqAUcQxnh5+HXRvUrcoSmSYlo2aVPu91nzcV66N+gPP5fhJs+OPAOtKQN2uTcdd YzmpSgq6EiH0H9imakbuzqwM1CcM1EQ0d0tlwlgfdzZHX1ty1o2lUaLsqLOdLXJF YitwTUEOFSRe/JK7XNW0jZ5vc+o3NyT2aE0SzdoZNz7XR/dqNHfrD2ZbZvexm2lt 1WvrTTt3vRnJXrrFsnVUYldawYIJZ4cG -----END CERTIFICATE-----Generated at Sat May 31 14:35:10 2025 by rpki-client