$ rpki-client -vvf rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.mft File: oKMiStDIKz-aYvNHrKP5RdsI8rA.mft (raw, json) Hash identifier: bpXryqM/3E6FPSXtPLedKY8PS9h3hLJdBZMcczifVTo= Subject key identifier: B7:D6:FF:C0:2C:4B:E0:BE:1C:FB:B4:8E:5A:F9:62:C3:F0:47:D4:E6 Authority key identifier: A0:A3:22:4A:D0:C8:2B:3F:9A:62:F3:47:AC:A3:F9:45:DB:08:F2:B0 Certificate issuer: /CN=A91B80BD/serialNumber=A0A3224AD0C82B3F9A62F347ACA3F945DB08F2B0 Certificate serial: 3056 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oKMiStDIKz-aYvNHrKP5RdsI8rA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.mft Manifest number: 3028 Signing time: Sat 31 May 2025 15:26:12 +0000 Manifest this update: Sat 31 May 2025 15:26:11 +0000 Manifest next update: Sat 07 Jun 2025 15:26:11 +0000 Files and hashes: 1: oKMiStDIKz-aYvNHrKP5RdsI8rA.crl (hash: xtACRN+U+52r+tF9issM9vmitcy7eMj6LwG4/YfKnhY=) 2: 583C1F6854F611E79DF7E643C4F9AE02.roa (hash: J9SJ4DIJ/7Jqarub1sf8j6PHgZAGlGGdRbRsMiv9apI=) 3: 915E51B8F3BE11ED8B9B1450C4F9AE02.roa (hash: 9deMiuArgkPyt65CV7Ht+L/9JKrWYVcP+qJb8LKGzOI=) 4: 4C72E61CB0EC11E5A6934B42C4F9AE02.roa (hash: 2+WTGnYcaeWw8w6rtvBrYx7uq+JHkK1rDrCVxpG+T+Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.crl rsync://rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oKMiStDIKz-aYvNHrKP5RdsI8rA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 15:23:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12374 (0x3056) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B80BD, serialNumber=A0A3224AD0C82B3F9A62F347ACA3F945DB08F2B0 Validity Not Before: May 31 15:26:11 2025 GMT Not After : Jun 7 15:26:11 2025 GMT Subject: CN=683b1f94-69cf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:fd:e0:9f:9d:4a:ca:2e:00:2c:21:0c:ac:3f: 6b:58:b0:1b:c2:a7:5b:65:fc:80:e4:9e:34:36:31: a1:5c:e4:3d:62:20:49:1c:b4:42:d6:3f:fd:74:af: ca:e6:52:5a:91:37:99:21:55:0b:85:ae:3a:de:b9: c1:f5:a3:ee:3f:bc:fd:f2:c4:75:9b:d4:0a:6c:6c: 21:73:6e:b6:d0:30:e0:0a:ca:a8:96:3f:33:40:c4: 59:bd:d8:3b:32:1d:80:e9:36:a4:ad:04:98:86:04: 9e:ad:b7:dd:11:6f:a1:ce:66:ca:74:38:b8:75:93: 61:d4:71:e6:91:7b:7f:74:1e:0c:6a:39:a4:12:2c: 25:b1:c7:b8:94:5b:15:01:d9:c4:71:e7:e1:c8:05: 17:c9:42:af:25:36:69:e6:de:91:f7:09:40:62:fd: 68:99:39:e8:af:10:47:67:65:a0:fe:5e:47:f8:4d: fa:e4:17:d3:06:95:45:c7:65:21:5e:0d:b0:04:9b: 16:e8:f5:9c:a5:62:9b:d4:50:bb:2b:f0:ac:7d:70: 86:a6:42:68:cb:09:d8:2f:c6:e7:50:3f:ca:5a:f9: bb:7f:ba:ed:46:cf:01:03:99:43:56:44:3d:44:61: 9e:5f:1c:50:bc:b3:bf:3c:11:88:3f:a3:8c:8f:fa: 09:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:D6:FF:C0:2C:4B:E0:BE:1C:FB:B4:8E:5A:F9:62:C3:F0:47:D4:E6 X509v3 Authority Key Identifier: keyid:A0:A3:22:4A:D0:C8:2B:3F:9A:62:F3:47:AC:A3:F9:45:DB:08:F2:B0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oKMiStDIKz-aYvNHrKP5RdsI8rA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 77:fb:d8:e6:5d:b3:3f:f9:c2:f7:ab:5a:92:fb:66:f3:ac:18: 64:48:90:68:51:ff:ac:c5:8f:45:e3:89:10:5c:b2:fa:3c:1e: ca:38:e7:e7:07:b2:88:81:6b:e1:8e:4a:26:e4:88:aa:70:ed: 36:21:dd:3b:77:73:71:24:13:93:61:cf:84:8a:d3:b6:c2:84: 53:78:94:7b:d0:98:f9:a5:51:2d:f4:ec:03:18:18:ec:e5:8e: 28:12:b6:1a:35:41:70:06:dd:48:59:c3:c1:a3:14:ed:5d:b4: c5:74:46:db:72:7e:8b:19:02:e8:a0:f8:82:4b:62:b8:ac:53: d0:62:4c:6d:cd:ee:48:1c:5f:60:fb:63:b3:8c:23:1b:9d:92: b6:3b:a4:39:9b:24:36:1a:7f:8b:49:93:7c:ac:06:38:df:a1: 7b:39:6e:15:74:c8:8e:a0:ea:68:a5:a1:d2:41:70:66:f4:30: 33:22:c8:7f:f9:a2:83:67:1d:47:92:c2:56:0b:27:8a:cc:5e: d2:bd:0e:dc:4c:9c:17:0a:86:05:b1:f8:e2:95:0a:19:52:72: 22:2e:94:94:ee:1a:75:46:71:47:3d:f2:fd:2f:95:cd:6d:3d: d7:5d:a3:1c:7f:90:ce:31:97:2a:b0:47:7a:81:7a:7f:46:71: ef:bf:dc:da -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICMFYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjgwQkQxMTAvBgNVBAUTKEEwQTMyMjRBRDBDODJCM0Y5QTYyRjM0N0FDQTNGOTQ1 REIwOEYyQjAwHhcNMjUwNTMxMTUyNjExWhcNMjUwNjA3MTUyNjExWjAYMRYwFAYD VQQDEw02ODNiMWY5NC02OWNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuf3gn51Kyi4ALCEMrD9rWLAbwqdbZfyA5J40NjGhXOQ9YiBJHLRC1j/9dK/K 5lJakTeZIVULha463rnB9aPuP7z98sR1m9QKbGwhc2620DDgCsqolj8zQMRZvdg7 Mh2A6TakrQSYhgSerbfdEW+hzmbKdDi4dZNh1HHmkXt/dB4MajmkEiwlsce4lFsV AdnEcefhyAUXyUKvJTZp5t6R9wlAYv1omTnorxBHZ2Wg/l5H+E365BfTBpVFx2Uh Xg2wBJsW6PWcpWKb1FC7K/CsfXCGpkJoywnYL8bnUD/KWvm7f7rtRs8BA5lDVkQ9 RGGeXxxQvLO/PBGIP6OMj/oJqwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLfW/8As S+C+HPu0jlr5YsPwR9TmMB8GA1UdIwQYMBaAFKCjIkrQyCs/mmLzR6yj+UXbCPKw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCODBCRC9CNUE2MzZEOEZF NUMxMUUyQUVDMDQyNTA1OTExRUEzMi9vS01pU3RESUt6LWFZdk5IcktQNVJkc0k4 ckEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29LTWlTdERJS3otYVl2TkhyS1A1UmRzSThyQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC ODBCRC9CNUE2MzZEOEZFNUMxMUUyQUVDMDQyNTA1OTExRUEzMi9vS01pU3RESUt6 LWFZdk5IcktQNVJkc0k4ckEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB3+9jmXbM/+cL3q1qS+2bzrBhkSJBoUf+sxY9F44kQXLL6PB7KOOfn B7KIgWvhjkom5IiqcO02Id07d3NxJBOTYc+EitO2woRTeJR70Jj5pVEt9OwDGBjs 5Y4oErYaNUFwBt1IWcPBoxTtXbTFdEbbcn6LGQLooPiCS2K4rFPQYkxtze5IHF9g +2OzjCMbnZK2O6Q5myQ2Gn+LSZN8rAY436F7OW4VdMiOoOpopaHSQXBm9DAzIsh/ +aKDZx1HksJWCyeKzF7SvQ7cTJwXCoYFsfjilQoZUnIiLpSU7hp1RnFHPfL9L5XN bT3XXaMcf5DOMZcqsEd6gXp/RnHvv9za -----END CERTIFICATE-----Generated at Sat May 31 17:24:41 2025 by rpki-client