$ rpki-client -vvf rpki.apnic.net/member_repository/A91E29CB/1F902B0E05AF11EDA717642BC4F9AE02/oHrwzLKYNcx2QpdLrJ4VArnPgtA.mft File: oHrwzLKYNcx2QpdLrJ4VArnPgtA.mft (raw, json) Hash identifier: /yqlKSAiHnxGeIApfp6iGeViWfHJWL/CYyA+aEE0Bj0= Subject key identifier: 54:B3:F6:B9:15:41:FC:FA:F2:95:8C:D4:E9:CF:90:F9:86:FA:C7:3F Authority key identifier: A0:7A:F0:CC:B2:98:35:CC:76:42:97:4B:AC:9E:15:02:B9:CF:82:D0 Certificate issuer: /CN=A91E29CB/serialNumber=A07AF0CCB29835CC7642974BAC9E1502B9CF82D0 Certificate serial: 02A2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oHrwzLKYNcx2QpdLrJ4VArnPgtA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E29CB/1F902B0E05AF11EDA717642BC4F9AE02/oHrwzLKYNcx2QpdLrJ4VArnPgtA.mft Manifest number: 0296 Signing time: Sat 31 May 2025 01:46:51 +0000 Manifest this update: Sat 31 May 2025 01:46:50 +0000 Manifest next update: Sat 07 Jun 2025 01:46:50 +0000 Files and hashes: 1: oHrwzLKYNcx2QpdLrJ4VArnPgtA.crl (hash: NVW8FXszxcoeimNI4jRp8FxXI+c4CUzbEiVciDvAW+Y=) 2: C08A3ED6E03C11EF991E147AC4F9AE02.roa (hash: Jn6Bcmff+jZyhjqGcyii8YjSmtOYYAInHon2VXcIz3U=) 3: C258B0D0E03C11EF991E147AC4F9AE02.roa (hash: EWbZQVxhL2vlkm+GzLLUuL3B+QzSpuEn2YQAxnXCEkI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E29CB/1F902B0E05AF11EDA717642BC4F9AE02/oHrwzLKYNcx2QpdLrJ4VArnPgtA.crl rsync://rpki.apnic.net/member_repository/A91E29CB/1F902B0E05AF11EDA717642BC4F9AE02/oHrwzLKYNcx2QpdLrJ4VArnPgtA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oHrwzLKYNcx2QpdLrJ4VArnPgtA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 01:46:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 674 (0x2a2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E29CB, serialNumber=A07AF0CCB29835CC7642974BAC9E1502B9CF82D0 Validity Not Before: May 31 01:46:50 2025 GMT Not After : Jun 7 01:46:50 2025 GMT Subject: CN=683a5f8b-fb56 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:d8:53:2a:55:63:91:e9:77:5c:65:e3:c8:33: 95:33:09:35:7d:eb:1a:9c:3c:1f:e6:00:7f:a9:d6: f5:70:36:f8:b1:da:62:4f:3a:6f:26:06:ef:d6:d4: 84:eb:3b:5b:aa:7c:1a:4e:2f:67:b9:a7:95:0a:f2: 12:64:52:c8:08:55:16:87:5b:31:a5:d9:cd:8f:10: 15:d5:70:8f:2c:82:51:6a:38:1e:95:d1:32:db:c3: 30:2c:cd:c3:da:af:f2:49:0c:85:89:79:81:95:d0: 17:86:4c:d5:de:5c:3d:7b:97:67:04:70:c6:da:59: 94:0a:24:3a:24:3c:10:81:bd:13:3b:04:64:b3:40: a7:b2:14:d6:72:90:fb:0b:83:ca:51:c5:c0:a1:20: 38:e9:b4:3b:4e:df:ac:c6:ba:59:26:d0:a5:71:7b: b8:a4:aa:3f:a5:ed:a3:74:0e:07:86:0b:a8:03:dc: 41:a1:de:4f:10:0f:ba:9c:39:3f:e0:0f:3a:c7:81: 84:9d:a5:1d:fb:84:d6:0a:ba:d7:c6:cb:5e:ca:f8: 77:b4:a4:12:15:c9:5d:ca:2c:27:2e:e5:c0:89:a3: 53:72:27:fd:8d:0a:23:5f:86:ba:ec:eb:6b:3d:ff: b6:09:4b:40:54:7a:e4:f0:ec:6a:6c:d9:57:70:38: 73:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:B3:F6:B9:15:41:FC:FA:F2:95:8C:D4:E9:CF:90:F9:86:FA:C7:3F X509v3 Authority Key Identifier: keyid:A0:7A:F0:CC:B2:98:35:CC:76:42:97:4B:AC:9E:15:02:B9:CF:82:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E29CB/1F902B0E05AF11EDA717642BC4F9AE02/oHrwzLKYNcx2QpdLrJ4VArnPgtA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oHrwzLKYNcx2QpdLrJ4VArnPgtA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E29CB/1F902B0E05AF11EDA717642BC4F9AE02/oHrwzLKYNcx2QpdLrJ4VArnPgtA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 80:5a:e0:f3:6b:5c:0d:32:e8:4b:dc:ab:2d:58:0f:9f:c2:26: cf:ca:9f:3d:eb:39:e6:a2:05:2b:92:bc:db:81:66:18:32:0d: 41:ac:a9:5c:f2:83:3d:4d:45:a4:cb:5d:54:d7:b9:e4:b5:45: e8:ed:a1:b0:88:5a:48:2c:b7:fa:bc:9a:5a:14:63:d0:4d:39: 08:fe:71:de:07:cb:85:95:28:1e:c6:f7:cf:09:26:b4:72:36: 19:37:39:5c:7b:3b:91:1d:a6:c2:bc:bb:9b:28:bc:0a:31:80: 1c:c8:89:70:bc:3d:f7:e2:fa:21:0c:06:4d:b9:5a:83:4c:c4: 16:e3:57:12:43:5b:f9:58:c9:c8:56:02:c6:11:0e:61:b4:15: c9:45:e6:6e:b3:7d:4a:52:cf:26:c4:7a:03:f3:c3:ce:43:75: 43:12:c9:3e:07:4b:9d:8f:e0:fb:1b:38:af:19:c0:da:25:71: 7b:b5:eb:20:a5:1d:08:02:18:24:ad:ee:da:fb:e7:41:1f:38: d8:2b:67:bf:e6:34:51:9b:e0:1e:fa:e1:b1:1e:8f:8f:56:8f: 24:4c:05:ec:a9:c2:6a:74:c8:71:41:1e:13:01:c3:ea:ea:56: 59:25:07:33:e5:1d:24:da:67:03:b4:43:3b:7c:ee:5f:1d:22: ad:bd:02:8e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAqIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTI5Q0IxMTAvBgNVBAUTKEEwN0FGMENDQjI5ODM1Q0M3NjQyOTc0QkFDOUUxNTAy QjlDRjgyRDAwHhcNMjUwNTMxMDE0NjUwWhcNMjUwNjA3MDE0NjUwWjAYMRYwFAYD VQQDEw02ODNhNWY4Yi1mYjU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwNhTKlVjkel3XGXjyDOVMwk1fesanDwf5gB/qdb1cDb4sdpiTzpvJgbv1tSE 6ztbqnwaTi9nuaeVCvISZFLICFUWh1sxpdnNjxAV1XCPLIJRajgeldEy28MwLM3D 2q/ySQyFiXmBldAXhkzV3lw9e5dnBHDG2lmUCiQ6JDwQgb0TOwRks0CnshTWcpD7 C4PKUcXAoSA46bQ7Tt+sxrpZJtClcXu4pKo/pe2jdA4HhguoA9xBod5PEA+6nDk/ 4A86x4GEnaUd+4TWCrrXxsteyvh3tKQSFcldyiwnLuXAiaNTcif9jQojX4a67Otr Pf+2CUtAVHrk8OxqbNlXcDhzvwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFSz9rkV Qfz68pWM1OnPkPmG+sc/MB8GA1UdIwQYMBaAFKB68MyymDXMdkKXS6yeFQK5z4LQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMjlDQi8xRjkwMkIwRTA1 QUYxMUVEQTcxNzY0MkJDNEY5QUUwMi9vSHJ3ekxLWU5jeDJRcGRMcko0VkFyblBn dEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29Icnd6TEtZTmN4MlFwZExySjRWQXJuUGd0QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MjlDQi8xRjkwMkIwRTA1QUYxMUVEQTcxNzY0MkJDNEY5QUUwMi9vSHJ3ekxLWU5j eDJRcGRMcko0VkFyblBndEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCAWuDza1wNMuhL3KstWA+fwibPyp896znmogUrkrzbgWYYMg1BrKlc 8oM9TUWky11U17nktUXo7aGwiFpILLf6vJpaFGPQTTkI/nHeB8uFlSgexvfPCSa0 cjYZNzlcezuRHabCvLubKLwKMYAcyIlwvD334vohDAZNuVqDTMQW41cSQ1v5WMnI VgLGEQ5htBXJReZus31KUs8mxHoD88POQ3VDEsk+B0udj+D7GzivGcDaJXF7tesg pR0IAhgkre7a++dBHzjYK2e/5jRRm+Ae+uGxHo+PVo8kTAXsqcJqdMhxQR4TAcPq 6lZZJQcz5R0k2mcDtEM7fO5fHSKtvQKO -----END CERTIFICATE-----Generated at Sat May 31 17:24:45 2025 by rpki-client