$ rpki-client -vvf rpki.apnic.net/member_repository/A91CF9B0/14C9496E9F3F11EE801B1D62C4F9AE02/oqIX1KQS-1OPXJGjSzbOcYed22U.mft File: oqIX1KQS-1OPXJGjSzbOcYed22U.mft (raw, json) Hash identifier: 7zNfAjfK8WuQzY8AjJlXWu+cXM0o+1srWcwgKfcKXNo= Subject key identifier: 99:41:41:B0:D2:C3:45:2C:8F:51:00:A3:AA:CB:E0:20:33:40:12:25 Authority key identifier: A2:A2:17:D4:A4:12:FB:53:8F:5C:91:A3:4B:36:CE:71:87:9D:DB:65 Certificate issuer: /CN=A91CF9B0/serialNumber=A2A217D4A412FB538F5C91A34B36CE71879DDB65 Certificate serial: 012E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oqIX1KQS-1OPXJGjSzbOcYed22U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CF9B0/14C9496E9F3F11EE801B1D62C4F9AE02/oqIX1KQS-1OPXJGjSzbOcYed22U.mft Manifest number: 011F Signing time: Sat 31 May 2025 04:34:44 +0000 Manifest this update: Sat 31 May 2025 04:34:44 +0000 Manifest next update: Sat 07 Jun 2025 04:34:44 +0000 Files and hashes: 1: oqIX1KQS-1OPXJGjSzbOcYed22U.crl (hash: olbSv29kGMfMtitvM6D6MWejOmKVxNFF6wRA1kzv8kI=) 2: 84D917FC9F4911EEA0C5C856C4F9AE02.roa (hash: NmyQHlBil47JzTSCPQYz/6ZBa9AnAtiDqsHIcZPO3dA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CF9B0/14C9496E9F3F11EE801B1D62C4F9AE02/oqIX1KQS-1OPXJGjSzbOcYed22U.crl rsync://rpki.apnic.net/member_repository/A91CF9B0/14C9496E9F3F11EE801B1D62C4F9AE02/oqIX1KQS-1OPXJGjSzbOcYed22U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oqIX1KQS-1OPXJGjSzbOcYed22U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 04:34:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 302 (0x12e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CF9B0, serialNumber=A2A217D4A412FB538F5C91A34B36CE71879DDB65 Validity Not Before: May 31 04:34:44 2025 GMT Not After : Jun 7 04:34:44 2025 GMT Subject: CN=683a86e4-2a9b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:89:94:29:e6:67:a2:86:ca:6f:b5:92:89:d2: 1c:aa:04:b5:60:a9:df:8f:d2:b8:ad:2d:28:36:65: 89:46:6a:a6:ea:66:7e:03:2c:1d:4d:dc:d2:cc:ee: 85:26:0e:7c:b9:da:e7:82:83:51:4d:7a:04:63:2c: 63:07:98:e0:1d:92:a5:9f:91:31:09:43:32:d7:45: da:3e:4d:8b:76:7e:bb:fd:87:1a:96:08:87:fc:85: 3b:2f:33:1e:3a:01:a2:cb:0f:ca:11:f2:98:a4:8d: db:56:10:18:6b:cc:0a:3a:8b:d6:e7:a8:36:f9:56: 22:fa:5a:a8:37:ab:b9:a4:8d:94:0b:fa:a5:73:3a: e8:41:2a:b4:be:2e:e2:55:8c:e9:bd:3f:c8:ab:64: ab:80:86:d3:2d:0b:b7:df:ca:e1:21:b7:38:ca:c0: dd:8a:87:73:05:67:3f:82:7f:34:21:19:b7:c9:d6: 8a:c1:09:a0:98:f2:9a:e4:dd:15:10:c5:53:39:49: 63:03:73:8d:19:98:ae:12:c1:3d:8b:25:c3:ed:b8: 54:ab:19:e7:70:eb:8b:d9:f0:72:3f:7e:80:63:54: bd:8a:de:6e:20:7f:24:df:84:17:ee:81:7c:20:aa: b8:44:e0:4f:03:82:5a:4d:b5:53:49:09:4f:12:81: c8:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:41:41:B0:D2:C3:45:2C:8F:51:00:A3:AA:CB:E0:20:33:40:12:25 X509v3 Authority Key Identifier: keyid:A2:A2:17:D4:A4:12:FB:53:8F:5C:91:A3:4B:36:CE:71:87:9D:DB:65 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CF9B0/14C9496E9F3F11EE801B1D62C4F9AE02/oqIX1KQS-1OPXJGjSzbOcYed22U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oqIX1KQS-1OPXJGjSzbOcYed22U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CF9B0/14C9496E9F3F11EE801B1D62C4F9AE02/oqIX1KQS-1OPXJGjSzbOcYed22U.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8b:7a:f4:c3:7c:bc:8e:b2:4d:82:d1:c0:4f:35:f5:a7:f4:05: f3:19:c2:65:d4:21:55:00:0e:c2:2d:22:9d:bd:b8:ee:37:e2: 1f:f4:1b:c8:d6:e1:35:cd:eb:58:37:dc:74:35:83:57:71:cf: cc:9c:44:67:84:df:7a:3e:87:1a:45:e7:e7:4a:cf:56:da:da: 99:b5:8b:bf:be:8a:93:15:72:3f:ee:ba:34:e8:d0:c9:37:0f: f9:ef:a3:7b:1d:64:48:f2:41:8a:3c:07:c4:6f:01:8f:f2:c0: 36:5f:6a:3c:52:56:dd:3b:7a:cc:10:ae:62:34:73:10:08:fb: b7:e1:88:a4:e1:62:02:06:68:fe:52:6c:a7:2b:76:cd:58:ed: be:55:a1:73:57:d6:aa:0f:30:fa:f9:0a:31:87:dc:6b:c6:eb: 3c:b2:27:67:ed:56:60:a5:7f:24:92:84:6d:08:a7:c7:de:a3: 0a:f3:6d:db:89:4c:f7:9f:6a:b6:57:30:bc:83:7a:42:5a:1e: 15:a9:39:b8:62:a3:58:49:a6:88:73:7b:28:a9:d3:5e:37:43: a8:b6:53:2d:4c:ad:28:9d:ab:9e:8a:bd:5f:ee:eb:ca:48:5b: e3:ea:fa:ac:a9:54:d0:30:79:0e:a5:05:02:3a:10:41:85:a5: c9:d2:7d:6a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAS4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0Y5QjAxMTAvBgNVBAUTKEEyQTIxN0Q0QTQxMkZCNTM4RjVDOTFBMzRCMzZDRTcx ODc5RERCNjUwHhcNMjUwNTMxMDQzNDQ0WhcNMjUwNjA3MDQzNDQ0WjAYMRYwFAYD VQQDEw02ODNhODZlNC0yYTliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoImUKeZnoobKb7WSidIcqgS1YKnfj9K4rS0oNmWJRmqm6mZ+AywdTdzSzO6F Jg58udrngoNRTXoEYyxjB5jgHZKln5ExCUMy10XaPk2Ldn67/YcalgiH/IU7LzMe OgGiyw/KEfKYpI3bVhAYa8wKOovW56g2+VYi+lqoN6u5pI2UC/qlczroQSq0vi7i VYzpvT/Iq2SrgIbTLQu338rhIbc4ysDdiodzBWc/gn80IRm3ydaKwQmgmPKa5N0V EMVTOUljA3ONGZiuEsE9iyXD7bhUqxnncOuL2fByP36AY1S9it5uIH8k34QX7oF8 IKq4ROBPA4JaTbVTSQlPEoHImQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJlBQbDS w0Usj1EAo6rL4CAzQBIlMB8GA1UdIwQYMBaAFKKiF9SkEvtTj1yRo0s2znGHndtl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRjlCMC8xNEM5NDk2RTlG M0YxMUVFODAxQjFENjJDNEY5QUUwMi9vcUlYMUtRUy0xT1BYSkdqU3piT2NZZWQy MlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29xSVgxS1FTLTFPUFhKR2pTemJPY1llZDIyVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RjlCMC8xNEM5NDk2RTlGM0YxMUVFODAxQjFENjJDNEY5QUUwMi9vcUlYMUtRUy0x T1BYSkdqU3piT2NZZWQyMlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCLevTDfLyOsk2C0cBPNfWn9AXzGcJl1CFVAA7CLSKdvbjuN+If9BvI 1uE1zetYN9x0NYNXcc/MnERnhN96PocaRefnSs9W2tqZtYu/voqTFXI/7ro06NDJ Nw/576N7HWRI8kGKPAfEbwGP8sA2X2o8UlbdO3rMEK5iNHMQCPu34Yik4WICBmj+ UmynK3bNWO2+VaFzV9aqDzD6+Qoxh9xrxus8sidn7VZgpX8kkoRtCKfH3qMK823b iUz3n2q2VzC8g3pCWh4VqTm4YqNYSaaIc3soqdNeN0OotlMtTK0onaueir1f7uvK SFvj6vqsqVTQMHkOpQUCOhBBhaXJ0n1q -----END CERTIFICATE-----Generated at Sat May 31 17:37:47 2025 by rpki-client