$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAD80/D223C5AE94C911EF92CD7258C4F9AE02/oRR-hHvP7urdnompeo2fM2ecp-I.mft File: oRR-hHvP7urdnompeo2fM2ecp-I.mft (raw, json) Hash identifier: E+UHhYAXQh1DBEyaMaDQjF4tQh8TM7un1UfhEUF7GgY= Subject key identifier: 7D:B1:EF:9C:82:B5:B1:61:9F:C6:E7:E2:79:32:1A:F7:CE:37:91:52 Authority key identifier: A1:14:7E:84:7B:CF:EE:EA:DD:9E:89:A9:7A:8D:9F:33:67:9C:A7:E2 Certificate issuer: /CN=A91EAD80/serialNumber=A1147E847BCFEEEADD9E89A97A8D9F33679CA7E2 Certificate serial: 71 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oRR-hHvP7urdnompeo2fM2ecp-I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EAD80/D223C5AE94C911EF92CD7258C4F9AE02/oRR-hHvP7urdnompeo2fM2ecp-I.mft Manifest number: 70 Signing time: Sat 31 May 2025 06:26:59 +0000 Manifest this update: Sat 31 May 2025 06:26:59 +0000 Manifest next update: Sat 07 Jun 2025 06:26:59 +0000 Files and hashes: 1: oRR-hHvP7urdnompeo2fM2ecp-I.crl (hash: hNB361lXDRQrq5U6TFSoGkXWF9rsqtSYWd/qvh7JXiw=) 2: 52DF0E62B2FA11EFA36E0387C4F9AE02.roa (hash: Es9pKOD8mSWZed849uffE6lhUB5WDPjyB7dm14eKTpA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EAD80/D223C5AE94C911EF92CD7258C4F9AE02/oRR-hHvP7urdnompeo2fM2ecp-I.crl rsync://rpki.apnic.net/member_repository/A91EAD80/D223C5AE94C911EF92CD7258C4F9AE02/oRR-hHvP7urdnompeo2fM2ecp-I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oRR-hHvP7urdnompeo2fM2ecp-I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 06:26:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 113 (0x71) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EAD80, serialNumber=A1147E847BCFEEEADD9E89A97A8D9F33679CA7E2 Validity Not Before: May 31 06:26:59 2025 GMT Not After : Jun 7 06:26:59 2025 GMT Subject: CN=683aa133-7fd1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:da:eb:96:5e:17:3d:63:83:ff:e2:ac:69:26: 88:1e:4d:a0:3e:09:16:1f:ed:d7:58:ed:b4:40:fd: e2:24:dd:a4:47:3d:40:ce:5d:b6:14:8c:bc:5a:9c: 84:47:98:b3:b5:67:0d:85:9c:66:b1:7a:9e:e8:57: e9:78:57:27:86:db:26:91:60:0c:d0:fb:03:da:2a: d9:26:c1:11:df:4b:c5:8b:f1:b0:4f:11:00:b2:a7: c3:f3:bc:b2:cd:02:21:cc:cc:96:96:c1:fe:a7:b0: 51:e7:8d:b6:c5:bb:61:ca:39:5c:5c:52:c8:4a:1b: 1e:51:99:a9:6c:fd:fe:36:0b:c7:de:59:b8:a2:7f: 07:22:97:33:ef:b9:7b:ad:16:cb:f2:9e:43:fb:c1: 52:b2:69:dd:46:69:fc:88:e1:44:40:36:ba:88:34: a1:cf:99:16:10:0a:5d:43:8b:c7:86:09:09:a7:46: 9b:5d:5c:a1:78:bc:38:38:e4:6a:2c:29:9b:c9:ba: 94:68:eb:97:74:70:0d:3e:45:b9:0e:85:f4:f7:16: d0:6b:e3:d4:b7:65:0e:f4:c0:a6:ae:b8:9d:a2:40: 12:4d:e0:38:e9:fb:1e:39:d5:ac:8f:60:97:c3:ff: ac:05:7d:5a:5e:ab:f9:73:69:27:7f:93:58:a9:72: e1:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:B1:EF:9C:82:B5:B1:61:9F:C6:E7:E2:79:32:1A:F7:CE:37:91:52 X509v3 Authority Key Identifier: keyid:A1:14:7E:84:7B:CF:EE:EA:DD:9E:89:A9:7A:8D:9F:33:67:9C:A7:E2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EAD80/D223C5AE94C911EF92CD7258C4F9AE02/oRR-hHvP7urdnompeo2fM2ecp-I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oRR-hHvP7urdnompeo2fM2ecp-I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAD80/D223C5AE94C911EF92CD7258C4F9AE02/oRR-hHvP7urdnompeo2fM2ecp-I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a5:5a:03:26:a3:4f:18:6a:64:f4:4c:89:60:b0:5c:ec:03:01: 35:54:3e:cf:33:b8:67:b5:b2:6f:e3:3c:a3:19:bf:72:9c:16: 06:f8:ef:4f:b4:43:16:af:ec:7b:a3:39:fd:13:ea:90:67:50: 74:7c:3a:6e:13:27:11:66:1c:7b:44:cd:1f:89:0d:24:51:e7: b1:f5:20:45:e2:46:78:70:18:7f:3d:54:2c:de:dd:62:df:91: ab:ff:a4:30:5c:b3:7a:89:ae:44:04:42:e1:ac:aa:df:7f:17: 42:eb:6c:9e:ef:da:51:79:89:fa:3d:0f:09:9a:c3:1c:07:fb: bc:27:01:cd:81:fa:72:08:1b:a8:5e:65:c4:ea:7f:a1:6c:6b: 72:04:10:49:f9:70:0d:dd:6d:5f:2c:51:1e:3f:b9:18:ce:8c: 2c:c5:cb:3f:8c:a8:ef:5c:27:ce:19:33:cd:31:9f:3e:a7:af: d9:84:7d:b4:a2:74:22:e8:91:0e:c0:f3:fa:b9:01:7e:68:2d: 7c:e8:d1:bd:f2:c6:2e:d5:53:05:b9:92:78:91:2e:67:e6:9f: f4:1d:dd:b5:ca:93:4f:2b:60:62:d6:67:40:99:8d:50:d7:18: 88:92:30:fb:70:ae:9f:34:d1:b7:0f:98:5f:bd:9d:f8:60:c7: 9b:45:41:06 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBcTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF QUQ4MDExMC8GA1UEBRMoQTExNDdFODQ3QkNGRUVFQUREOUU4OUE5N0E4RDlGMzM2 NzlDQTdFMjAeFw0yNTA1MzEwNjI2NTlaFw0yNTA2MDcwNjI2NTlaMBgxFjAUBgNV BAMTDTY4M2FhMTMzLTdmZDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDO2uuWXhc9Y4P/4qxpJogeTaA+CRYf7ddY7bRA/eIk3aRHPUDOXbYUjLxanIRH mLO1Zw2FnGaxep7oV+l4VyeG2yaRYAzQ+wPaKtkmwRHfS8WL8bBPEQCyp8PzvLLN AiHMzJaWwf6nsFHnjbbFu2HKOVxcUshKGx5Rmals/f42C8feWbiifwcilzPvuXut FsvynkP7wVKyad1GafyI4URANrqINKHPmRYQCl1Di8eGCQmnRptdXKF4vDg45Gos KZvJupRo65d0cA0+RbkOhfT3FtBr49S3ZQ70wKauuJ2iQBJN4Djp+x451ayPYJfD /6wFfVpeq/lzaSd/k1ipcuGLAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUfbHvnIK1 sWGfxufieTIa9843kVIwHwYDVR0jBBgwFoAUoRR+hHvP7urdnompeo2fM2ecp+Iw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVBRDgwL0QyMjNDNUFFOTRD OTExRUY5MkNENzI1OEM0RjlBRTAyL29SUi1oSHZQN3VyZG5vbXBlbzJmTTJlY3At SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvb1JSLWhIdlA3dXJkbm9tcGVvMmZNMmVjcC1JLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVB RDgwL0QyMjNDNUFFOTRDOTExRUY5MkNENzI1OEM0RjlBRTAyL29SUi1oSHZQN3Vy ZG5vbXBlbzJmTTJlY3AtSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKVaAyajTxhqZPRMiWCwXOwDATVUPs8zuGe1sm/jPKMZv3KcFgb470+0 Qxav7HujOf0T6pBnUHR8Om4TJxFmHHtEzR+JDSRR57H1IEXiRnhwGH89VCze3WLf kav/pDBcs3qJrkQEQuGsqt9/F0LrbJ7v2lF5ifo9DwmawxwH+7wnAc2B+nIIG6he ZcTqf6Fsa3IEEEn5cA3dbV8sUR4/uRjOjCzFyz+MqO9cJ84ZM80xnz6nr9mEfbSi dCLokQ7A8/q5AX5oLXzo0b3yxi7VUwW5kniRLmfmn/Qd3bXKk08rYGLWZ0CZjVDX GIiSMPtwrp800bcPmF+9nfhgx5tFQQY= -----END CERTIFICATE-----Generated at Sat May 31 16:26:57 2025 by rpki-client