$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC0F2/7F33EE24FD7E11EEA1B3535CC4F9AE02/oAM_SUNjDclOLd9fKmuI6GZGGuc.mft File: oAM_SUNjDclOLd9fKmuI6GZGGuc.mft (raw, json) Hash identifier: 3rutVMFdRaNIb0rhJiWEh5z2e2FvV+dlQ6xku8da/2k= Subject key identifier: 4E:6D:2A:4A:EA:24:23:D4:D3:AC:3B:B3:B0:3E:38:03:7E:FE:DC:05 Authority key identifier: A0:03:3F:49:43:63:0D:C9:4E:2D:DF:5F:2A:6B:88:E8:66:46:1A:E7 Certificate issuer: /CN=A91DC0F2/serialNumber=A0033F4943630DC94E2DDF5F2A6B88E866461AE7 Certificate serial: D8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oAM_SUNjDclOLd9fKmuI6GZGGuc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC0F2/7F33EE24FD7E11EEA1B3535CC4F9AE02/oAM_SUNjDclOLd9fKmuI6GZGGuc.mft Manifest number: D4 Signing time: Sat 31 May 2025 05:15:41 +0000 Manifest this update: Sat 31 May 2025 05:15:40 +0000 Manifest next update: Sat 07 Jun 2025 05:15:40 +0000 Files and hashes: 1: oAM_SUNjDclOLd9fKmuI6GZGGuc.crl (hash: 35SrO8HTLO2XYq4DBWS5mLM2NimBH3OIQVnfBpeyqiY=) 2: EE647C1418A411EFBA690F60C4F9AE02.roa (hash: 1sKQhDe4XE+z/iEwFOdjuVVtLfzSNo7ytvziBnxPEOc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC0F2/7F33EE24FD7E11EEA1B3535CC4F9AE02/oAM_SUNjDclOLd9fKmuI6GZGGuc.crl rsync://rpki.apnic.net/member_repository/A91DC0F2/7F33EE24FD7E11EEA1B3535CC4F9AE02/oAM_SUNjDclOLd9fKmuI6GZGGuc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oAM_SUNjDclOLd9fKmuI6GZGGuc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 05:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 216 (0xd8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC0F2, serialNumber=A0033F4943630DC94E2DDF5F2A6B88E866461AE7 Validity Not Before: May 31 05:15:40 2025 GMT Not After : Jun 7 05:15:40 2025 GMT Subject: CN=683a907d-6791 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:8c:75:d8:2c:19:0b:6d:fe:ab:08:bc:7c:d9: 4a:6d:20:2d:bb:51:47:00:84:99:c9:96:3d:7b:97: d2:94:99:d9:2d:af:d9:13:71:34:18:5a:60:ab:3e: 79:71:d1:1a:98:24:2a:28:0d:57:a8:37:d6:a1:2c: 28:04:65:05:10:cb:47:cc:6a:91:00:14:b4:7b:3a: 7d:ac:a7:4f:73:db:5d:95:dd:e5:a7:a8:3b:6c:6f: 9e:1d:e6:bc:7d:34:d4:97:76:83:04:e8:2a:fd:37: c2:6b:af:7c:b3:5b:85:3e:24:25:95:bc:e5:b4:39: 0f:a0:35:cb:24:5d:13:97:90:03:e4:ae:0a:1f:34: 03:93:4c:58:bb:1b:c7:4d:0f:87:2b:66:c9:ef:1d: 62:06:99:88:56:9b:cb:f2:c7:97:70:a1:3b:02:47: 3c:fc:fa:6a:7e:d7:fe:40:f1:6d:41:a2:a1:18:76: 82:02:30:a1:e6:af:49:fd:66:54:95:78:73:ec:f6: 2b:28:8e:d4:b5:20:28:db:f4:63:29:78:6a:87:31: 41:ac:26:51:9b:b9:c6:3e:33:6f:08:aa:5d:58:46: d1:c5:a0:8c:cc:06:98:60:6f:84:6d:e2:2d:c7:a2: 16:c1:98:69:c2:67:20:59:ff:f1:02:65:18:bc:1d: 20:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:6D:2A:4A:EA:24:23:D4:D3:AC:3B:B3:B0:3E:38:03:7E:FE:DC:05 X509v3 Authority Key Identifier: keyid:A0:03:3F:49:43:63:0D:C9:4E:2D:DF:5F:2A:6B:88:E8:66:46:1A:E7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC0F2/7F33EE24FD7E11EEA1B3535CC4F9AE02/oAM_SUNjDclOLd9fKmuI6GZGGuc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oAM_SUNjDclOLd9fKmuI6GZGGuc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC0F2/7F33EE24FD7E11EEA1B3535CC4F9AE02/oAM_SUNjDclOLd9fKmuI6GZGGuc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bd:df:4f:05:80:9d:10:d8:e2:59:b4:bc:00:2c:3f:4d:5f:7f: b7:06:f4:62:95:d7:1b:eb:11:6e:e1:0a:0e:ed:26:e3:6d:fc: 41:99:e6:e9:4a:8b:0b:f7:75:15:04:3a:93:73:9b:e4:be:59: e2:1d:b1:7f:9a:28:05:e3:80:c8:b1:2a:c2:1f:c6:0b:49:98: da:d7:53:30:39:2e:e2:c3:6b:9f:48:1d:1e:ac:d0:e5:2c:68: 5a:11:7d:6f:85:11:b4:d4:a3:16:2b:86:a6:dc:3a:ac:55:3c: 50:39:b9:e4:20:b9:94:9b:e8:d8:e0:36:ed:d8:a1:f3:71:8d: a8:a6:10:c5:a3:51:3e:90:45:1d:ba:7d:d0:1d:72:8f:ee:01: 77:07:70:45:74:6f:c0:f7:7d:03:1b:13:e4:41:e4:98:8f:56: 37:a5:94:5f:cd:13:54:30:c3:a0:32:2c:61:9a:f6:7f:f5:79: ca:b9:98:54:6e:f4:9f:1f:bd:1a:3d:84:29:b6:07:6c:05:e3: 43:66:35:97:ca:76:b8:6b:95:ac:45:cb:d7:23:49:fc:b2:b2: 77:e2:5d:14:10:8e:e7:6f:6e:06:08:84:bb:70:53:5a:9d:52: bf:9d:3b:6f:d6:f3:81:98:07:89:63:25:7a:b5:f4:aa:68:61: 0e:74:83:f5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REMwRjIxMTAvBgNVBAUTKEEwMDMzRjQ5NDM2MzBEQzk0RTJEREY1RjJBNkI4OEU4 NjY0NjFBRTcwHhcNMjUwNTMxMDUxNTQwWhcNMjUwNjA3MDUxNTQwWjAYMRYwFAYD VQQDEw02ODNhOTA3ZC02NzkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA64x12CwZC23+qwi8fNlKbSAtu1FHAISZyZY9e5fSlJnZLa/ZE3E0GFpgqz55 cdEamCQqKA1XqDfWoSwoBGUFEMtHzGqRABS0ezp9rKdPc9tdld3lp6g7bG+eHea8 fTTUl3aDBOgq/TfCa698s1uFPiQllbzltDkPoDXLJF0Tl5AD5K4KHzQDk0xYuxvH TQ+HK2bJ7x1iBpmIVpvL8seXcKE7Akc8/Ppqftf+QPFtQaKhGHaCAjCh5q9J/WZU lXhz7PYrKI7UtSAo2/RjKXhqhzFBrCZRm7nGPjNvCKpdWEbRxaCMzAaYYG+EbeIt x6IWwZhpwmcgWf/xAmUYvB0gXQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE5tKkrq JCPU06w7s7A+OAN+/twFMB8GA1UdIwQYMBaAFKADP0lDYw3JTi3fXypriOhmRhrn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzBGMi83RjMzRUUyNEZE N0UxMUVFQTFCMzUzNUNDNEY5QUUwMi9vQU1fU1VOakRjbE9MZDlmS211STZHWkdH dWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29BTV9TVU5qRGNsT0xkOWZLbXVJNkdaR0d1Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QzBGMi83RjMzRUUyNEZEN0UxMUVFQTFCMzUzNUNDNEY5QUUwMi9vQU1fU1VOakRj bE9MZDlmS211STZHWkdHdWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC9308FgJ0Q2OJZtLwALD9NX3+3BvRildcb6xFu4QoO7SbjbfxBmebp SosL93UVBDqTc5vkvlniHbF/migF44DIsSrCH8YLSZja11MwOS7iw2ufSB0erNDl LGhaEX1vhRG01KMWK4am3DqsVTxQObnkILmUm+jY4Dbt2KHzcY2ophDFo1E+kEUd un3QHXKP7gF3B3BFdG/A930DGxPkQeSYj1Y3pZRfzRNUMMOgMixhmvZ/9XnKuZhU bvSfH70aPYQptgdsBeNDZjWXyna4a5WsRcvXI0n8srJ34l0UEI7nb24GCIS7cFNa nVK/nTtv1vOBmAeJYyV6tfSqaGEOdIP1 -----END CERTIFICATE-----Generated at Sat May 31 16:33:10 2025 by rpki-client