$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7B23/7545F03A97D311EEA23C660BC4F9AE02/OhpAdHHRvxyhUl8h997PWmoqZNg.mft File: OhpAdHHRvxyhUl8h997PWmoqZNg.mft (raw, json) Hash identifier: H08KSNEv1vpExfUVRJehXc/rnkKWMZoZ9UQeyJ2ZkYc= Subject key identifier: 95:CE:DF:DD:A6:C8:C5:46:D1:D8:55:BA:69:0A:53:54:09:C0:46:DA Authority key identifier: 3A:1A:40:74:71:D1:BF:1C:A1:52:5F:21:F7:DE:CF:5A:6A:2A:64:D8 Certificate issuer: /CN=A91B7B23/serialNumber=3A1A407471D1BF1CA1525F21F7DECF5A6A2A64D8 Certificate serial: 011E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhpAdHHRvxyhUl8h997PWmoqZNg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B7B23/7545F03A97D311EEA23C660BC4F9AE02/OhpAdHHRvxyhUl8h997PWmoqZNg.mft Manifest number: 0118 Signing time: Sat 31 May 2025 04:31:43 +0000 Manifest this update: Sat 31 May 2025 04:31:42 +0000 Manifest next update: Sat 07 Jun 2025 04:31:42 +0000 Files and hashes: 1: OhpAdHHRvxyhUl8h997PWmoqZNg.crl (hash: MiiDwsl6H9+rQHh4bN2XYvQuPkW+sqOrj1GF9Es04qQ=) 2: C10CE08C97D311EE9299330CC4F9AE02.roa (hash: gJAOPk4iFoIW/KqNitxUF3g+S02/W0OUx3yJyNEqzJI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B7B23/7545F03A97D311EEA23C660BC4F9AE02/OhpAdHHRvxyhUl8h997PWmoqZNg.crl rsync://rpki.apnic.net/member_repository/A91B7B23/7545F03A97D311EEA23C660BC4F9AE02/OhpAdHHRvxyhUl8h997PWmoqZNg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhpAdHHRvxyhUl8h997PWmoqZNg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 04:31:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 286 (0x11e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B7B23, serialNumber=3A1A407471D1BF1CA1525F21F7DECF5A6A2A64D8 Validity Not Before: May 31 04:31:42 2025 GMT Not After : Jun 7 04:31:42 2025 GMT Subject: CN=683a862f-51f2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:bd:e8:48:de:6f:2c:b0:02:40:da:d6:2e:0e: d4:2a:72:cf:79:cc:14:ea:87:26:ee:d2:c4:b9:f8: 07:6d:f7:ed:88:c1:0c:5b:23:0b:35:d3:51:64:86: 79:ea:17:aa:d9:82:41:93:27:ab:1e:5a:5d:9c:a4: 5f:ce:e9:2b:4a:78:20:1d:78:9a:69:53:ea:03:26: d6:6b:46:db:de:13:d3:55:54:fd:5c:82:51:4c:d1: b1:6f:05:d4:0f:2b:02:de:3c:39:82:25:35:83:91: bc:ac:49:29:14:00:83:c0:be:83:62:d3:ec:e7:ac: 6a:f0:c5:fa:d7:9a:6f:58:f1:a7:1c:c3:67:ad:47: d6:1a:eb:80:63:c1:62:bb:ba:02:80:df:c7:ca:64: ba:2b:e4:45:84:50:9c:54:14:03:9a:ee:67:83:6f: 62:f5:2b:07:2e:f5:8b:42:50:f9:01:b4:63:9d:c9: 62:d2:e0:6d:70:f5:7e:6e:ec:91:55:a4:e2:c3:29: 14:be:b2:1a:81:53:be:99:ab:3d:6f:d6:cb:24:ca: 9c:8d:08:f1:a4:58:77:0a:39:a3:e8:ae:f8:d4:07: b4:04:ec:b9:e6:de:e5:16:4a:ac:f0:f2:e0:cc:b7: 4c:32:86:94:3c:53:27:71:cf:0b:2e:66:2d:6d:5d: 05:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:CE:DF:DD:A6:C8:C5:46:D1:D8:55:BA:69:0A:53:54:09:C0:46:DA X509v3 Authority Key Identifier: keyid:3A:1A:40:74:71:D1:BF:1C:A1:52:5F:21:F7:DE:CF:5A:6A:2A:64:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B7B23/7545F03A97D311EEA23C660BC4F9AE02/OhpAdHHRvxyhUl8h997PWmoqZNg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhpAdHHRvxyhUl8h997PWmoqZNg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7B23/7545F03A97D311EEA23C660BC4F9AE02/OhpAdHHRvxyhUl8h997PWmoqZNg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 74:94:3f:78:01:56:ce:41:27:09:59:5a:2d:9d:f6:e9:e6:46: bd:ab:b3:ea:4f:76:ac:71:66:14:45:11:ee:75:66:93:0f:18: 13:eb:ed:43:b1:80:96:19:e6:78:d4:9c:d7:99:b2:45:6b:0e: 6f:26:73:11:39:34:46:d0:46:0c:b2:cb:6c:44:35:8e:05:fa: 79:76:22:b9:e0:d0:54:58:f5:dc:73:dc:08:9a:e5:55:13:9a: ed:5b:6b:0c:27:7c:29:f9:ce:56:62:31:6b:9a:31:0f:c3:5f: 81:ba:53:85:ba:6c:bc:88:84:12:07:a1:dc:d8:04:49:02:9b: 76:12:4e:e2:97:55:58:85:b5:7b:be:24:95:96:7c:7d:b6:e0: 35:01:ea:53:01:44:f0:06:ea:36:c0:ad:3b:35:c2:ee:aa:d2: 19:a9:2b:30:b4:e7:a1:5a:db:8f:7a:72:cb:f4:3f:0e:3e:69: c4:db:a6:42:d9:78:95:17:80:72:37:31:09:e6:c3:e9:3f:27: 30:93:d3:8c:e0:84:09:f6:bc:6e:e3:00:da:58:cf:03:46:5b: a8:8d:e3:cb:c5:ed:f3:f9:08:56:ea:b9:57:d1:a1:ce:1d:72: 48:16:9c:92:1a:9c:54:86:81:d0:6b:72:c9:70:e1:a9:31:6f: d6:70:e6:b2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAR4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjdCMjMxMTAvBgNVBAUTKDNBMUE0MDc0NzFEMUJGMUNBMTUyNUYyMUY3REVDRjVB NkEyQTY0RDgwHhcNMjUwNTMxMDQzMTQyWhcNMjUwNjA3MDQzMTQyWjAYMRYwFAYD VQQDEw02ODNhODYyZi01MWYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtL3oSN5vLLACQNrWLg7UKnLPecwU6ocm7tLEufgHbfftiMEMWyMLNdNRZIZ5 6heq2YJBkyerHlpdnKRfzukrSnggHXiaaVPqAybWa0bb3hPTVVT9XIJRTNGxbwXU DysC3jw5giU1g5G8rEkpFACDwL6DYtPs56xq8MX615pvWPGnHMNnrUfWGuuAY8Fi u7oCgN/HymS6K+RFhFCcVBQDmu5ng29i9SsHLvWLQlD5AbRjncli0uBtcPV+buyR VaTiwykUvrIagVO+mas9b9bLJMqcjQjxpFh3Cjmj6K741Ae0BOy55t7lFkqs8PLg zLdMMoaUPFMncc8LLmYtbV0FLQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJXO392m yMVG0dhVumkKU1QJwEbaMB8GA1UdIwQYMBaAFDoaQHRx0b8coVJfIffez1pqKmTY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCN0IyMy83NTQ1RjAzQTk3 RDMxMUVFQTIzQzY2MEJDNEY5QUUwMi9PaHBBZEhIUnZ4eWhVbDhoOTk3UFdtb3Fa TmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09ocEFkSEhSdnh5aFVsOGg5OTdQV21vcVpOZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC N0IyMy83NTQ1RjAzQTk3RDMxMUVFQTIzQzY2MEJDNEY5QUUwMi9PaHBBZEhIUnZ4 eWhVbDhoOTk3UFdtb3FaTmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB0lD94AVbOQScJWVotnfbp5ka9q7PqT3ascWYURRHudWaTDxgT6+1D sYCWGeZ41JzXmbJFaw5vJnMROTRG0EYMsstsRDWOBfp5diK54NBUWPXcc9wImuVV E5rtW2sMJ3wp+c5WYjFrmjEPw1+BulOFumy8iIQSB6Hc2ARJApt2Ek7il1VYhbV7 viSVlnx9tuA1AepTAUTwBuo2wK07NcLuqtIZqSswtOehWtuPenLL9D8OPmnE26ZC 2XiVF4ByNzEJ5sPpPycwk9OM4IQJ9rxu4wDaWM8DRluojePLxe3z+QhW6rlX0aHO HXJIFpySGpxUhoHQa3LJcOGpMW/WcOay -----END CERTIFICATE-----Generated at Sat May 31 16:36:51 2025 by rpki-client