$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft File: OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft (raw, json) Hash identifier: l7yCnNpSlEAQBFZBqmX5aLc3aJcFgJh00eAozw0MhK4= Subject key identifier: D3:1F:74:26:B6:8B:6A:FD:29:A7:03:18:45:2B:42:2B:61:FD:4A:70 Authority key identifier: 3A:68:23:A1:0F:03:BF:AC:A4:06:8D:33:98:44:4F:36:41:08:54:85 Certificate issuer: /CN=A91E6856/serialNumber=3A6823A10F03BFACA4068D3398444F3641085485 Certificate serial: 014F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft Manifest number: 014C Signing time: Mon 02 Jun 2025 17:55:22 +0000 Manifest this update: Mon 02 Jun 2025 17:55:22 +0000 Manifest next update: Mon 09 Jun 2025 17:55:22 +0000 Files and hashes: 1: OmgjoQ8Dv6ykBo0zmERPNkEIVIU.crl (hash: 4csOEDZXGYqhOWpZJk5f8CGBF38Pr++BfzJwvvWucO8=) 2: B2C9B10A881311EE8CFB5C43C4F9AE02.roa (hash: 6Te+3VLS/O5qxRt8jv/bM33nUlqEem+47I9pmRS4Z7o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.crl rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 05:53:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 335 (0x14f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E6856, serialNumber=3A6823A10F03BFACA4068D3398444F3641085485 Validity Not Before: Jun 2 17:55:22 2025 GMT Not After : Jun 9 17:55:22 2025 GMT Subject: CN=683de58a-41aa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:c8:98:47:4d:af:06:b3:ce:5f:33:b4:8b:4e: 9d:8d:33:87:f7:2b:32:cb:e6:1e:71:e4:34:22:d1: ad:03:f1:1e:72:c0:b0:80:48:7c:e3:8f:00:cb:83: ef:d2:dd:d9:44:a7:83:25:c4:31:fd:8f:55:e4:e1: 74:6b:ad:60:10:8c:13:12:70:eb:4b:3c:30:06:c7: 5c:71:07:4f:40:7d:41:cc:47:44:74:82:e0:b0:77: cc:b4:ef:fa:c8:ad:23:3c:08:ad:87:98:5c:f0:73: 7d:61:dc:c7:77:9a:cb:9d:13:3d:9e:88:ef:94:f4: 5c:85:fa:a5:2b:ba:23:4b:d9:36:6d:a2:ce:72:9d: 00:e7:08:49:2e:00:57:de:0c:04:a6:39:05:04:50: 2f:44:ea:51:97:29:fd:8f:c9:5e:5d:84:93:7a:a6: 29:b6:01:17:ea:60:02:bf:05:3b:61:74:11:d9:bb: a6:66:8b:41:a3:a1:a2:88:a6:62:0f:ce:f2:68:2e: 52:57:33:89:b1:9a:0a:2d:ce:9f:12:55:bf:4e:6a: 66:05:15:26:53:0c:63:aa:83:cd:cb:19:4f:b1:56: 86:0e:21:23:23:7f:48:68:4f:2d:42:07:2f:35:99: 9c:36:12:fe:5e:87:51:f6:b1:89:4f:ce:70:15:a2: fd:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:1F:74:26:B6:8B:6A:FD:29:A7:03:18:45:2B:42:2B:61:FD:4A:70 X509v3 Authority Key Identifier: keyid:3A:68:23:A1:0F:03:BF:AC:A4:06:8D:33:98:44:4F:36:41:08:54:85 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a9:86:de:56:b3:2c:12:07:fe:d7:da:82:32:28:28:ca:ab:cb: fa:06:39:e2:b9:6e:2d:ea:78:ec:64:5b:8f:cc:24:0d:d3:d7: 2f:5c:b3:16:da:2c:d8:dc:06:bc:3f:f7:04:27:cd:a9:93:5f: 09:07:d8:0c:c8:b6:f8:10:d9:c6:80:57:75:29:9c:e6:5e:48: fa:ce:30:0d:ea:ba:b6:dc:e7:c3:e1:9e:d8:d3:a3:e6:19:57: 64:57:46:8f:c0:7d:72:b9:48:65:ea:16:02:66:41:1f:51:52: 40:fa:42:37:fe:42:84:84:43:31:da:39:b0:6a:b8:cb:03:b4: e9:71:9e:a3:e5:34:61:b5:e1:e3:2d:b9:3e:54:e9:2b:9e:c5: db:12:b5:9c:90:95:d8:46:7b:e7:8e:49:ba:f8:0a:93:a1:29: 66:bd:56:d7:d5:53:24:ae:87:1a:6f:d9:7a:14:78:c6:12:e3: 06:b3:5d:c4:99:87:fc:95:4b:c9:20:bb:6f:15:11:4b:7c:78: 97:da:88:db:98:d8:82:46:d3:71:4e:92:9f:2e:ee:f6:3c:9a: 8f:86:4f:3b:dd:1d:4e:e6:21:b6:b6:50:0b:16:e7:cc:b9:5a: e9:15:dc:f2:00:ae:fd:11:ea:a8:3b:88:9b:a0:4a:f8:09:76: b2:31:f3:8c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAU8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTY4NTYxMTAvBgNVBAUTKDNBNjgyM0ExMEYwM0JGQUNBNDA2OEQzMzk4NDQ0RjM2 NDEwODU0ODUwHhcNMjUwNjAyMTc1NTIyWhcNMjUwNjA5MTc1NTIyWjAYMRYwFAYD VQQDEw02ODNkZTU4YS00MWFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvciYR02vBrPOXzO0i06djTOH9ysyy+YeceQ0ItGtA/EecsCwgEh8448Ay4Pv 0t3ZRKeDJcQx/Y9V5OF0a61gEIwTEnDrSzwwBsdccQdPQH1BzEdEdILgsHfMtO/6 yK0jPAith5hc8HN9YdzHd5rLnRM9nojvlPRchfqlK7ojS9k2baLOcp0A5whJLgBX 3gwEpjkFBFAvROpRlyn9j8leXYSTeqYptgEX6mACvwU7YXQR2bumZotBo6GiiKZi D87yaC5SVzOJsZoKLc6fElW/TmpmBRUmUwxjqoPNyxlPsVaGDiEjI39IaE8tQgcv NZmcNhL+XodR9rGJT85wFaL9cQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNMfdCa2 i2r9KacDGEUrQith/UpwMB8GA1UdIwQYMBaAFDpoI6EPA7+spAaNM5hETzZBCFSF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjg1Ni8yRERCNDI2RTQ4 NjMxMUVFQkMwQkQyMTNDNEY5QUUwMi9PbWdqb1E4RHY2eWtCbzB6bUVSUE5rRUlW SVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL09tZ2pvUThEdjZ5a0JvMHptRVJQTmtFSVZJVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF Njg1Ni8yRERCNDI2RTQ4NjMxMUVFQkMwQkQyMTNDNEY5QUUwMi9PbWdqb1E4RHY2 eWtCbzB6bUVSUE5rRUlWSVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCpht5WsywSB/7X2oIyKCjKq8v6BjniuW4t6njsZFuPzCQN09cvXLMW 2izY3Aa8P/cEJ82pk18JB9gMyLb4ENnGgFd1KZzmXkj6zjAN6rq23OfD4Z7Y06Pm GVdkV0aPwH1yuUhl6hYCZkEfUVJA+kI3/kKEhEMx2jmwarjLA7TpcZ6j5TRhteHj Lbk+VOkrnsXbErWckJXYRnvnjkm6+AqToSlmvVbX1VMkrocab9l6FHjGEuMGs13E mYf8lUvJILtvFRFLfHiX2ojbmNiCRtNxTpKfLu72PJqPhk873R1O5iG2tlALFufM uVrpFdzyAK79EeqoO4iboEr4CXayMfOM -----END CERTIFICATE-----Generated at Mon Jun 2 20:21:27 2025 by rpki-client