$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9C03/37D18A1639A311F0BAD72C3CC4F9AE02/ok2WODNZy0lmoVuakGkT61RWZXs.mft File: ok2WODNZy0lmoVuakGkT61RWZXs.mft (raw, json) Hash identifier: co4gy/17oqMtA6OWanIE25bZ5oZC+GvKV6SLRz2KZ30= Subject key identifier: E8:73:DD:87:F2:D4:D7:09:FA:40:44:28:5B:B2:6B:A2:27:60:1D:6C Authority key identifier: A2:4D:96:38:33:59:CB:49:66:A1:5B:9A:90:69:13:EB:54:56:65:7B Certificate issuer: /CN=A91C9C03/serialNumber=A24D96383359CB4966A15B9A906913EB5456657B Certificate serial: 05 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ok2WODNZy0lmoVuakGkT61RWZXs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C9C03/37D18A1639A311F0BAD72C3CC4F9AE02/ok2WODNZy0lmoVuakGkT61RWZXs.mft Manifest number: 04 Signing time: Sat 31 May 2025 07:45:53 +0000 Manifest this update: Sat 31 May 2025 07:45:52 +0000 Manifest next update: Sat 07 Jun 2025 07:45:52 +0000 Files and hashes: 1: ok2WODNZy0lmoVuakGkT61RWZXs.crl (hash: Tr+3yDZaf0ZUwuNYBjSeVHA8tU81QBG3I9I5jg5PdQc=) 2: 7CEC726E39A311F09A62C76CC4F9AE02.roa (hash: 0+1jIDaRCmCPnF7PPKfluUTfN8lTlCGPU+sUbCPXOfQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C9C03/37D18A1639A311F0BAD72C3CC4F9AE02/ok2WODNZy0lmoVuakGkT61RWZXs.crl rsync://rpki.apnic.net/member_repository/A91C9C03/37D18A1639A311F0BAD72C3CC4F9AE02/ok2WODNZy0lmoVuakGkT61RWZXs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ok2WODNZy0lmoVuakGkT61RWZXs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 07:45:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5 (0x5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C9C03, serialNumber=A24D96383359CB4966A15B9A906913EB5456657B Validity Not Before: May 31 07:45:52 2025 GMT Not After : Jun 7 07:45:52 2025 GMT Subject: CN=683ab3b1-61a7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:6e:cb:5e:6c:fe:34:98:92:d6:47:00:da:b7: 70:5e:5e:87:6e:93:e3:d7:6e:13:5a:19:a0:14:dd: 62:6d:8f:70:47:12:fc:47:f9:dd:d0:35:71:80:94: b2:db:80:0e:58:ea:fd:6a:01:c5:e8:45:62:d4:94: 81:84:81:0f:c5:72:66:93:d4:0c:26:3d:b8:80:a6: 2b:33:ef:a5:8f:c8:f2:b1:da:57:c1:86:a0:4c:be: 73:52:53:04:37:91:9b:6c:84:04:71:50:b8:54:9f: 60:96:48:08:26:04:19:f6:8b:7c:c5:3c:ca:43:eb: 0a:14:67:d2:b9:23:ef:14:f4:b5:99:9f:74:6d:b1: c7:0f:5b:76:82:e4:97:23:78:f8:29:36:40:58:d1: 39:d1:3b:5a:92:bf:48:d7:03:81:26:9c:79:79:bb: 12:ef:e3:d0:07:63:4f:18:d4:51:ab:61:29:d4:fd: d6:34:fe:ba:0e:8f:38:d2:5b:9c:ef:b8:b5:39:9d: ae:a2:20:25:a8:5b:62:8c:49:e8:d4:40:92:d2:0f: ac:41:bd:c6:44:12:db:df:f9:c6:d8:0d:82:3c:fc: d5:f4:ab:1b:88:4f:b0:cb:54:7c:56:ac:62:b4:2f: 9b:a6:98:48:62:d9:c6:de:26:3a:27:2c:8c:50:80: c2:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:73:DD:87:F2:D4:D7:09:FA:40:44:28:5B:B2:6B:A2:27:60:1D:6C X509v3 Authority Key Identifier: keyid:A2:4D:96:38:33:59:CB:49:66:A1:5B:9A:90:69:13:EB:54:56:65:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C9C03/37D18A1639A311F0BAD72C3CC4F9AE02/ok2WODNZy0lmoVuakGkT61RWZXs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ok2WODNZy0lmoVuakGkT61RWZXs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9C03/37D18A1639A311F0BAD72C3CC4F9AE02/ok2WODNZy0lmoVuakGkT61RWZXs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 83:64:67:0b:b0:92:b9:95:4d:d1:23:2d:ce:f0:f7:7e:77:fc: 88:f9:c4:b7:1e:23:6d:ba:f0:56:40:a0:b2:9a:0d:59:66:64: b2:b8:5e:ae:c2:8a:82:f1:44:15:8f:0b:f6:53:00:4b:d2:76: 99:86:46:cd:87:ba:83:f1:2b:d2:0d:35:e5:25:53:5d:fc:10: 18:de:14:f7:b8:93:dd:5a:8f:4e:81:0b:f3:6d:02:75:6a:61: 64:9b:13:b7:17:27:6e:77:d7:d4:bf:8f:4c:6c:4d:14:2c:94: 02:7b:88:1b:25:88:dd:c5:52:7b:2b:52:15:2d:10:6b:eb:92: 61:63:01:0b:de:f2:eb:b4:b5:8b:d6:25:00:98:06:44:53:ee: 23:81:30:40:c5:cd:53:fa:19:8e:12:fc:3a:fa:e6:5c:80:cd: 18:05:41:55:88:34:fc:1b:70:05:76:ef:84:e1:b0:e6:8b:11: 14:09:f7:5c:ed:ac:fc:d8:0d:a7:79:90:08:29:26:ce:47:98: 05:bd:4b:06:5a:71:ed:a8:95:35:7c:4d:4b:3a:c4:90:ed:cb: 76:a6:45:77:3c:36:b2:63:0d:f1:5d:54:54:a9:30:01:94:a3: 42:1c:c3:15:bf:bb:46:47:79:90:b6:63:1f:3f:08:48:b2:6a: 87:65:f4:d0 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD OUMwMzExMC8GA1UEBRMoQTI0RDk2MzgzMzU5Q0I0OTY2QTE1QjlBOTA2OTEzRUI1 NDU2NjU3QjAeFw0yNTA1MzEwNzQ1NTJaFw0yNTA2MDcwNzQ1NTJaMBgxFjAUBgNV BAMTDTY4M2FiM2IxLTYxYTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDHbstebP40mJLWRwDat3BeXoduk+PXbhNaGaAU3WJtj3BHEvxH+d3QNXGAlLLb gA5Y6v1qAcXoRWLUlIGEgQ/FcmaT1AwmPbiApisz76WPyPKx2lfBhqBMvnNSUwQ3 kZtshARxULhUn2CWSAgmBBn2i3zFPMpD6woUZ9K5I+8U9LWZn3RtsccPW3aC5Jcj ePgpNkBY0TnRO1qSv0jXA4EmnHl5uxLv49AHY08Y1FGrYSnU/dY0/roOjzjSW5zv uLU5na6iICWoW2KMSejUQJLSD6xBvcZEEtvf+cbYDYI8/NX0qxuIT7DLVHxWrGK0 L5ummEhi2cbeJjonLIxQgMJBAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU6HPdh/LU 1wn6QEQoW7JroidgHWwwHwYDVR0jBBgwFoAUok2WODNZy0lmoVuakGkT61RWZXsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM5QzAzLzM3RDE4QTE2MzlB MzExRjBCQUQ3MkMzQ0M0RjlBRTAyL29rMldPRE5aeTBsbW9WdWFrR2tUNjFSV1pY cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvb2syV09ETlp5MGxtb1Z1YWtHa1Q2MVJXWlhzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM5 QzAzLzM3RDE4QTE2MzlBMzExRjBCQUQ3MkMzQ0M0RjlBRTAyL29rMldPRE5aeTBs bW9WdWFrR2tUNjFSV1pYcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAINkZwuwkrmVTdEjLc7w9353/Ij5xLceI2268FZAoLKaDVlmZLK4Xq7C ioLxRBWPC/ZTAEvSdpmGRs2HuoPxK9INNeUlU138EBjeFPe4k91aj06BC/NtAnVq YWSbE7cXJ25319S/j0xsTRQslAJ7iBsliN3FUnsrUhUtEGvrkmFjAQve8uu0tYvW JQCYBkRT7iOBMEDFzVP6GY4S/Dr65lyAzRgFQVWINPwbcAV274ThsOaLERQJ91zt rPzYDad5kAgpJs5HmAW9SwZace2olTV8TUs6xJDty3amRXc8NrJjDfFdVFSpMAGU o0IcwxW/u0ZHeZC2Yx8/CEiyaodl9NA= -----END CERTIFICATE-----Generated at Sat May 31 16:38:07 2025 by rpki-client