$ rpki-client -vvf rpki.apnic.net/member_repository/A91FA024/D33A4794F18811EA9E80F71EC4F9AE02/oKxCfpV7N00CZ_p2SN0_-FcC2rE.mft File: oKxCfpV7N00CZ_p2SN0_-FcC2rE.mft (raw, json) Hash identifier: w/tHyrP3lwOPagfzwvxwudp8NDxMCrtdJhysflkbVB8= Subject key identifier: BE:22:63:49:41:6A:BC:57:33:B1:60:22:0A:8F:87:43:C4:E9:27:B6 Authority key identifier: A0:AC:42:7E:95:7B:37:4D:02:67:FA:76:48:DD:3F:F8:57:02:DA:B1 Certificate issuer: /CN=A91FA024/serialNumber=A0AC427E957B374D0267FA7648DD3FF85702DAB1 Certificate serial: 07DF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oKxCfpV7N00CZ_p2SN0_-FcC2rE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FA024/D33A4794F18811EA9E80F71EC4F9AE02/oKxCfpV7N00CZ_p2SN0_-FcC2rE.mft Manifest number: 07D7 Signing time: Fri 30 May 2025 21:17:10 +0000 Manifest this update: Fri 30 May 2025 21:17:10 +0000 Manifest next update: Fri 06 Jun 2025 21:17:10 +0000 Files and hashes: 1: oKxCfpV7N00CZ_p2SN0_-FcC2rE.crl (hash: mhugmzTGEVdCWJ8ZevfyplSszvzBcJSrifg+ClfEOFg=) 2: FE1FDB12BCD011EC8283681EC4F9AE02.roa (hash: 2wuY0yDKdmJN9ZQKTlSwz2efwa28k+u+9dd3owV3hlg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FA024/D33A4794F18811EA9E80F71EC4F9AE02/oKxCfpV7N00CZ_p2SN0_-FcC2rE.crl rsync://rpki.apnic.net/member_repository/A91FA024/D33A4794F18811EA9E80F71EC4F9AE02/oKxCfpV7N00CZ_p2SN0_-FcC2rE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oKxCfpV7N00CZ_p2SN0_-FcC2rE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 21:17:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2015 (0x7df) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA024, serialNumber=A0AC427E957B374D0267FA7648DD3FF85702DAB1 Validity Not Before: May 30 21:17:10 2025 GMT Not After : Jun 6 21:17:10 2025 GMT Subject: CN=683a2056-0041 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:66:8a:3f:0a:22:2c:f3:18:15:ce:67:4c:51: 81:69:53:af:b8:dc:64:ce:e7:96:01:9d:1f:6d:a8: 8a:4e:41:d2:91:76:b4:a8:f3:2b:41:af:6e:84:61: ab:78:a5:2a:fa:b0:db:57:af:d6:4a:66:a6:e5:23: b0:0b:ab:e3:ce:90:ca:c6:68:ce:e4:c9:2f:88:5b: 3c:d4:ee:4e:22:4f:c4:65:b7:9e:f3:11:c4:1f:63: 1d:85:16:9b:0e:a8:65:76:d0:33:77:fc:2e:fe:66: 2d:94:47:8c:d4:73:8a:56:d0:9d:76:09:1b:e6:77: ae:ab:31:75:bb:b2:22:b4:47:bc:9f:a4:8c:ec:58: af:a9:81:81:9d:30:e7:16:bb:57:44:1a:10:4e:3f: 17:03:c4:b0:60:29:09:6a:bc:57:2f:31:7d:a5:05: 05:a6:12:74:2a:89:a3:b3:43:61:04:62:b1:91:42: 29:73:11:59:8c:28:87:af:48:17:06:6c:e1:6c:d6: b1:67:71:15:27:12:e6:37:8c:40:53:2c:30:d2:ff: 95:dc:2a:fa:ad:38:0b:35:88:39:48:f0:69:a9:31: ac:1a:43:84:dd:5e:0f:48:5d:cc:cc:e2:ae:b4:be: 9e:96:c0:79:27:d2:c5:53:a6:bf:08:1e:fb:f3:77: b4:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:22:63:49:41:6A:BC:57:33:B1:60:22:0A:8F:87:43:C4:E9:27:B6 X509v3 Authority Key Identifier: keyid:A0:AC:42:7E:95:7B:37:4D:02:67:FA:76:48:DD:3F:F8:57:02:DA:B1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FA024/D33A4794F18811EA9E80F71EC4F9AE02/oKxCfpV7N00CZ_p2SN0_-FcC2rE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oKxCfpV7N00CZ_p2SN0_-FcC2rE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FA024/D33A4794F18811EA9E80F71EC4F9AE02/oKxCfpV7N00CZ_p2SN0_-FcC2rE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0d:3d:30:ea:f3:15:aa:20:87:28:0a:05:7c:5f:ed:07:53:62: d7:72:38:30:fd:7e:0e:1c:fb:34:68:6f:58:42:eb:42:d6:57: f9:f0:8d:ee:a4:08:47:50:27:4e:8c:d6:fe:e7:6d:af:fe:8d: 96:04:ec:8f:fc:63:20:fc:9b:2a:3d:7e:5e:c2:2c:17:34:e8: 6f:3e:df:99:46:3b:5d:e7:f9:bf:06:db:11:cb:ba:33:54:3e: 1b:b2:3e:47:ef:04:b5:09:d1:81:1f:40:be:94:a9:50:d3:ff: e0:99:b9:03:d8:98:3f:75:da:20:68:e6:f4:10:65:ab:39:be: e4:d7:0d:6f:ca:a6:34:a6:54:06:df:c1:49:53:cc:c7:1f:5b: 59:40:50:43:09:8d:e0:b6:34:61:83:8e:34:ca:37:47:1e:49: 6f:b7:9d:ef:3b:0c:2e:6f:b0:d2:a5:57:98:f4:fc:52:83:21: b8:f8:fe:3d:eb:38:88:4d:9c:d7:d5:a5:7d:b7:55:60:11:d7: d0:14:91:30:82:f1:48:07:d5:9a:cc:b9:c6:c2:d0:d5:73:de: 9f:28:fb:89:ab:6c:c6:6f:aa:a2:76:9f:74:bd:9d:d2:c4:9f: 77:d1:48:1b:dc:85:38:ed:b9:70:9a:25:aa:36:42:ae:23:12: 7c:28:c8:cb -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB98wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkEwMjQxMTAvBgNVBAUTKEEwQUM0MjdFOTU3QjM3NEQwMjY3RkE3NjQ4REQzRkY4 NTcwMkRBQjEwHhcNMjUwNTMwMjExNzEwWhcNMjUwNjA2MjExNzEwWjAYMRYwFAYD VQQDEw02ODNhMjA1Ni0wMDQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1WaKPwoiLPMYFc5nTFGBaVOvuNxkzueWAZ0fbaiKTkHSkXa0qPMrQa9uhGGr eKUq+rDbV6/WSmam5SOwC6vjzpDKxmjO5MkviFs81O5OIk/EZbee8xHEH2MdhRab DqhldtAzd/wu/mYtlEeM1HOKVtCddgkb5neuqzF1u7IitEe8n6SM7FivqYGBnTDn FrtXRBoQTj8XA8SwYCkJarxXLzF9pQUFphJ0Komjs0NhBGKxkUIpcxFZjCiHr0gX BmzhbNaxZ3EVJxLmN4xAUyww0v+V3Cr6rTgLNYg5SPBpqTGsGkOE3V4PSF3MzOKu tL6elsB5J9LFU6a/CB7783e0/wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL4iY0lB arxXM7FgIgqPh0PE6Se2MB8GA1UdIwQYMBaAFKCsQn6VezdNAmf6dkjdP/hXAtqx MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQTAyNC9EMzNBNDc5NEYx ODgxMUVBOUU4MEY3MUVDNEY5QUUwMi9vS3hDZnBWN04wMENaX3AyU04wXy1GY0My ckUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29LeENmcFY3TjAwQ1pfcDJTTjBfLUZjQzJyRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QTAyNC9EMzNBNDc5NEYxODgxMUVBOUU4MEY3MUVDNEY5QUUwMi9vS3hDZnBWN04w MENaX3AyU04wXy1GY0MyckUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQANPTDq8xWqIIcoCgV8X+0HU2LXcjgw/X4OHPs0aG9YQutC1lf58I3u pAhHUCdOjNb+522v/o2WBOyP/GMg/JsqPX5ewiwXNOhvPt+ZRjtd5/m/BtsRy7oz VD4bsj5H7wS1CdGBH0C+lKlQ0//gmbkD2Jg/ddogaOb0EGWrOb7k1w1vyqY0plQG 38FJU8zHH1tZQFBDCY3gtjRhg440yjdHHklvt53vOwwub7DSpVeY9PxSgyG4+P49 6ziITZzX1aV9t1VgEdfQFJEwgvFIB9WazLnGwtDVc96fKPuJq2zGb6qidp90vZ3S xJ930Ugb3IU47blwmiWqNkKuIxJ8KMjL -----END CERTIFICATE-----Generated at Sat May 31 17:02:18 2025 by rpki-client