$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.mft File: ovb2YTEslb8FoLUjCxNx1GIv1ic.mft (raw, json) Hash identifier: RDYsGsAeDkCIVvr1lzdOXYeHz4zofpKKnQKhIdo9StI= Subject key identifier: D1:F9:61:6F:E6:0C:81:27:51:4D:F5:8D:90:0C:D6:88:FA:85:1F:0F Authority key identifier: A2:F6:F6:61:31:2C:95:BF:05:A0:B5:23:0B:13:71:D4:62:2F:D6:27 Certificate issuer: /CN=A91E7BC4/serialNumber=A2F6F661312C95BF05A0B5230B1371D4622FD627 Certificate serial: 0D42 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ovb2YTEslb8FoLUjCxNx1GIv1ic.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.mft Manifest number: 0D3A Signing time: Sat 31 May 2025 18:03:56 +0000 Manifest this update: Sat 31 May 2025 18:03:56 +0000 Manifest next update: Sat 07 Jun 2025 18:03:56 +0000 Files and hashes: 1: ovb2YTEslb8FoLUjCxNx1GIv1ic.crl (hash: aNduKB03fRbUa+hPxTT6LFEEvV7Tqg1saaK6gveTJqg=) 2: 05054224D8E411E9BEB7986DC4F9AE02.roa (hash: C8YUnzVpdG1ic9MCuW7celmXkhXkYeCvagfWnZShYbQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.crl rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ovb2YTEslb8FoLUjCxNx1GIv1ic.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 18:03:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3394 (0xd42) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E7BC4, serialNumber=A2F6F661312C95BF05A0B5230B1371D4622FD627 Validity Not Before: May 31 18:03:56 2025 GMT Not After : Jun 7 18:03:56 2025 GMT Subject: CN=683b448c-f887 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:d3:4c:c1:af:0d:ab:a6:77:13:ab:21:27:86: 28:d4:95:c7:13:90:46:bb:47:1f:a4:21:d5:e8:db: f0:1c:f5:fb:cb:7c:d6:a9:7e:09:d9:e3:81:ec:61: 0a:f5:5f:c5:ca:21:b7:11:c3:f0:ef:b4:b0:4b:28: f0:c9:5a:3b:d5:92:e5:92:35:ba:81:bb:69:e3:1e: 26:ae:39:cc:5b:06:de:47:72:7d:39:ba:90:2c:1b: 05:93:f4:17:54:df:1a:1d:0e:46:20:8f:41:8f:b6: dc:9f:56:23:56:5d:8c:73:31:8f:62:3d:24:46:24: 37:41:b6:c9:00:b0:b5:09:0f:62:09:c3:c1:9d:2b: 4e:30:55:55:f6:8e:37:4e:46:ee:57:2a:36:71:1a: 9e:a4:f9:b7:fa:05:12:df:5c:10:00:19:e8:9e:c6: e5:31:33:b5:9b:2b:71:b5:3f:00:41:53:77:a1:17: fd:f0:80:fe:3c:2b:1b:af:45:63:6d:09:4d:11:7f: 41:69:64:6d:28:51:33:0e:59:e6:67:65:0f:d5:d8: 98:67:02:67:c4:b8:68:e9:40:e5:1a:6a:fe:3c:3a: 0d:6b:5d:10:c3:40:2c:84:cf:76:8d:46:b5:68:91: 4e:f4:1c:60:9c:85:77:a9:54:b5:b2:ef:96:91:f5: 40:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:F9:61:6F:E6:0C:81:27:51:4D:F5:8D:90:0C:D6:88:FA:85:1F:0F X509v3 Authority Key Identifier: keyid:A2:F6:F6:61:31:2C:95:BF:05:A0:B5:23:0B:13:71:D4:62:2F:D6:27 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ovb2YTEslb8FoLUjCxNx1GIv1ic.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0b:8c:12:f0:63:0b:78:94:f6:34:13:aa:00:96:88:1b:c2:d9: a7:fe:f7:9b:48:83:75:6a:3d:66:2b:c7:02:e2:56:03:7d:c7: 33:32:ed:88:42:86:89:7f:0b:51:ec:a9:40:ff:29:52:35:8d: e6:f8:5d:4d:dd:ed:58:40:5b:91:ac:6e:2e:24:fc:a8:63:c2: 63:84:04:c6:5c:9c:fc:a3:c5:cf:19:b4:4a:2b:6e:b4:d0:d0: bb:1b:16:2f:ad:95:56:97:86:68:c7:bd:43:a6:e0:ab:58:c8: 81:da:bd:e4:28:d8:5f:7c:7d:5a:10:5b:5f:a3:58:19:ef:37: 0e:dd:85:6a:84:b7:b9:64:6d:3f:e7:c7:66:85:5f:fe:b5:48: ef:26:a5:a0:d8:33:98:22:d9:a2:84:06:02:f0:f4:be:5c:c3: f0:32:65:97:dc:f5:93:fd:59:07:93:8c:9c:44:72:82:75:ee: bb:65:b6:0a:92:76:91:0c:7d:0c:a9:be:82:0b:3a:55:ce:a4: bc:09:5a:d0:c3:70:e4:8b:ef:1b:12:a2:c6:c5:4b:da:06:ad: ec:01:94:69:30:dd:ba:88:cd:c9:90:98:ed:be:ee:40:eb:77: 20:39:f3:e2:e2:8a:bb:1c:94:e2:90:79:48:77:94:e2:ef:a5: 3b:c7:2e:dc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDUIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTdCQzQxMTAvBgNVBAUTKEEyRjZGNjYxMzEyQzk1QkYwNUEwQjUyMzBCMTM3MUQ0 NjIyRkQ2MjcwHhcNMjUwNTMxMTgwMzU2WhcNMjUwNjA3MTgwMzU2WjAYMRYwFAYD VQQDEw02ODNiNDQ4Yy1mODg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxdNMwa8Nq6Z3E6shJ4Yo1JXHE5BGu0cfpCHV6NvwHPX7y3zWqX4J2eOB7GEK 9V/FyiG3EcPw77SwSyjwyVo71ZLlkjW6gbtp4x4mrjnMWwbeR3J9ObqQLBsFk/QX VN8aHQ5GII9Bj7bcn1YjVl2MczGPYj0kRiQ3QbbJALC1CQ9iCcPBnStOMFVV9o43 TkbuVyo2cRqepPm3+gUS31wQABnonsblMTO1mytxtT8AQVN3oRf98ID+PCsbr0Vj bQlNEX9BaWRtKFEzDlnmZ2UP1diYZwJnxLho6UDlGmr+PDoNa10Qw0AshM92jUa1 aJFO9BxgnIV3qVS1su+WkfVAUwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNH5YW/m DIEnUU31jZAM1oj6hR8PMB8GA1UdIwQYMBaAFKL29mExLJW/BaC1IwsTcdRiL9Yn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFN0JDNC8yNjFEMjgzMEQ1 MEQxMUU5QkFENkMyMjZDNEY5QUUwMi9vdmIyWVRFc2xiOEZvTFVqQ3hOeDFHSXYx aWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL292YjJZVEVzbGI4Rm9MVWpDeE54MUdJdjFpYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF N0JDNC8yNjFEMjgzMEQ1MEQxMUU5QkFENkMyMjZDNEY5QUUwMi9vdmIyWVRFc2xi OEZvTFVqQ3hOeDFHSXYxaWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQALjBLwYwt4lPY0E6oAlogbwtmn/vebSIN1aj1mK8cC4lYDfcczMu2I QoaJfwtR7KlA/ylSNY3m+F1N3e1YQFuRrG4uJPyoY8JjhATGXJz8o8XPGbRKK260 0NC7GxYvrZVWl4Zox71DpuCrWMiB2r3kKNhffH1aEFtfo1gZ7zcO3YVqhLe5ZG0/ 58dmhV/+tUjvJqWg2DOYItmihAYC8PS+XMPwMmWX3PWT/VkHk4ycRHKCde67ZbYK knaRDH0Mqb6CCzpVzqS8CVrQw3Dki+8bEqLGxUvaBq3sAZRpMN26iM3JkJjtvu5A 63cgOfPi4oq7HJTikHlId5Ti76U7xy7c -----END CERTIFICATE-----Generated at Mon Jun 2 20:30:57 2025 by rpki-client