$ rpki-client -vvf rpki.apnic.net/member_repository/A9123BFF/F290829A10DA11E685C4BB3DC4F9AE02/EK5_oM-c-qh-uthEzYxCasHDpec.mft File: EK5_oM-c-qh-uthEzYxCasHDpec.mft (raw, json) Hash identifier: ySEulz71fKmEIjbeN8FNOG6WcapG0Zrj+13mVznOMHM= Subject key identifier: B3:2E:2B:E6:70:56:9A:77:ED:97:F4:4A:B4:30:A8:6F:2B:53:83:4F Authority key identifier: 10:AE:7F:A0:CF:9C:FA:A8:7E:BA:D8:44:CD:8C:42:6A:C1:C3:A5:E7 Certificate issuer: /CN=A9123BFF/serialNumber=10AE7FA0CF9CFAA87EBAD844CD8C426AC1C3A5E7 Certificate serial: 2062 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EK5_oM-c-qh-uthEzYxCasHDpec.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9123BFF/F290829A10DA11E685C4BB3DC4F9AE02/EK5_oM-c-qh-uthEzYxCasHDpec.mft Manifest number: 205B Signing time: Mon 28 Apr 2025 16:05:02 +0000 Manifest this update: Mon 28 Apr 2025 16:05:01 +0000 Manifest next update: Mon 05 May 2025 16:05:01 +0000 Files and hashes: 1: EK5_oM-c-qh-uthEzYxCasHDpec.crl (hash: nkR9f1oLW0PiYKB/Z2wV3FyMhpP4NhX6G5LQOQY0Wwg=) 2: 449C08948D1211EBB9548186C4F9AE02.roa (hash: hFvoTK4OtAWXeUzfRY08E0R6vhbINiOuVhDEOiD6rEA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9123BFF/F290829A10DA11E685C4BB3DC4F9AE02/EK5_oM-c-qh-uthEzYxCasHDpec.crl rsync://rpki.apnic.net/member_repository/A9123BFF/F290829A10DA11E685C4BB3DC4F9AE02/EK5_oM-c-qh-uthEzYxCasHDpec.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EK5_oM-c-qh-uthEzYxCasHDpec.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 05 May 2025 15:55:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8290 (0x2062) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9123BFF, serialNumber=10AE7FA0CF9CFAA87EBAD844CD8C426AC1C3A5E7 Validity Not Before: Apr 28 16:05:01 2025 GMT Not After : May 5 16:05:01 2025 GMT Subject: CN=680fa72d-20e4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:0b:c3:e5:00:e6:12:0c:13:8d:f8:b0:4a:24: 89:ae:8b:15:15:8f:82:de:9c:07:75:4a:07:34:56: bd:62:7d:71:08:93:b0:4b:91:b2:54:21:4c:f1:56: e5:01:c8:b5:84:14:17:4b:68:a9:65:f3:dd:5f:74: e5:fe:54:28:18:a2:40:36:45:f5:ef:12:74:07:32: 03:41:08:18:dd:d8:8f:1c:b4:cf:80:9e:4c:11:5b: 55:15:0f:aa:0b:03:21:12:f6:d0:5e:0c:46:59:72: 45:f3:a3:3d:71:4e:98:e1:06:e2:ea:d3:d1:07:93: a4:8f:d7:98:e5:cc:22:f9:25:4b:6e:9b:9b:39:96: 28:cf:97:32:d1:26:20:cc:89:75:f5:6b:a9:38:8d: ee:72:6d:0d:4a:18:7d:9f:6a:32:6b:2f:a8:c6:8b: 02:93:d2:2e:e4:f8:01:b2:27:e5:68:b5:cc:2d:75: 5f:3f:f1:c7:49:af:21:36:d3:48:b0:3f:19:fd:9d: ab:fc:50:80:95:8d:4e:dd:3d:7c:1f:b7:72:f8:93: b6:a1:49:50:13:29:7d:1c:bf:ba:62:18:57:cb:42: a5:c7:6a:69:8f:bb:92:06:69:a8:b6:e8:20:44:67: cd:3e:da:8f:11:0f:e6:a5:e5:7c:c7:3a:aa:78:f9: f7:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:2E:2B:E6:70:56:9A:77:ED:97:F4:4A:B4:30:A8:6F:2B:53:83:4F X509v3 Authority Key Identifier: keyid:10:AE:7F:A0:CF:9C:FA:A8:7E:BA:D8:44:CD:8C:42:6A:C1:C3:A5:E7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9123BFF/F290829A10DA11E685C4BB3DC4F9AE02/EK5_oM-c-qh-uthEzYxCasHDpec.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EK5_oM-c-qh-uthEzYxCasHDpec.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9123BFF/F290829A10DA11E685C4BB3DC4F9AE02/EK5_oM-c-qh-uthEzYxCasHDpec.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption be:dc:6f:92:13:4e:46:5b:9c:a8:06:54:dc:ee:c9:67:21:25: 91:1c:b9:e6:e1:b1:4b:9e:9f:8d:68:07:e2:b6:8f:3f:e6:b5: 88:e0:9d:e6:25:a6:c6:cc:6f:e7:fd:44:4b:ab:8e:34:9f:ad: 75:da:55:7b:67:e0:0a:7c:77:bb:6b:f2:94:70:77:b6:1b:c5: 3a:cd:6f:91:17:11:a5:f0:94:be:ad:a2:68:40:48:e3:43:f0: 84:e8:10:27:aa:7c:4f:66:54:7f:ba:93:04:47:c6:66:55:9e: fa:40:ef:4c:bd:d4:cc:0e:32:5d:41:d1:10:9c:0d:f4:b7:38: 9a:f0:9d:c6:3e:06:1e:1d:0f:90:ce:ff:da:6b:e1:2d:28:5e: a4:bb:03:39:0b:cf:d1:b8:9c:b9:df:4c:4a:37:3e:a9:6b:46: 0e:ee:63:f1:84:5d:6e:d6:17:47:5f:6b:64:5a:fc:43:e6:5b: 61:85:ed:9d:e4:40:c9:00:7d:ed:f1:58:8a:56:8a:27:d5:79: 59:22:2c:a1:d9:68:c4:9e:2d:cc:6d:05:7a:9e:43:ae:95:8d: e2:87:42:3e:48:d2:7c:8d:15:1a:ee:9e:c3:ad:b3:3b:e7:c9: b7:df:60:1f:6b:2b:98:7b:ad:5c:3e:db:d2:f1:c6:68:f8:99: e1:dc:c6:2e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICIGIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjNCRkYxMTAvBgNVBAUTKDEwQUU3RkEwQ0Y5Q0ZBQTg3RUJBRDg0NENEOEM0MjZB QzFDM0E1RTcwHhcNMjUwNDI4MTYwNTAxWhcNMjUwNTA1MTYwNTAxWjAYMRYwFAYD VQQDEw02ODBmYTcyZC0yMGU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7gvD5QDmEgwTjfiwSiSJrosVFY+C3pwHdUoHNFa9Yn1xCJOwS5GyVCFM8Vbl Aci1hBQXS2ipZfPdX3Tl/lQoGKJANkX17xJ0BzIDQQgY3diPHLTPgJ5MEVtVFQ+q CwMhEvbQXgxGWXJF86M9cU6Y4Qbi6tPRB5Okj9eY5cwi+SVLbpubOZYoz5cy0SYg zIl19WupOI3ucm0NShh9n2oyay+oxosCk9Iu5PgBsiflaLXMLXVfP/HHSa8hNtNI sD8Z/Z2r/FCAlY1O3T18H7dy+JO2oUlQEyl9HL+6YhhXy0Klx2ppj7uSBmmotugg RGfNPtqPEQ/mpeV8xzqqePn32wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLMuK+Zw Vpp37Zf0SrQwqG8rU4NPMB8GA1UdIwQYMBaAFBCuf6DPnPqofrrYRM2MQmrBw6Xn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyM0JGRi9GMjkwODI5QTEw REExMUU2ODVDNEJCM0RDNEY5QUUwMi9FSzVfb00tYy1xaC11dGhFell4Q2FzSERw ZWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0VLNV9vTS1jLXFoLXV0aEV6WXhDYXNIRHBlYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy M0JGRi9GMjkwODI5QTEwREExMUU2ODVDNEJCM0RDNEY5QUUwMi9FSzVfb00tYy1x aC11dGhFell4Q2FzSERwZWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC+3G+SE05GW5yoBlTc7slnISWRHLnm4bFLnp+NaAfito8/5rWI4J3m JabGzG/n/URLq440n6112lV7Z+AKfHe7a/KUcHe2G8U6zW+RFxGl8JS+raJoQEjj Q/CE6BAnqnxPZlR/upMER8ZmVZ76QO9MvdTMDjJdQdEQnA30tzia8J3GPgYeHQ+Q zv/aa+EtKF6kuwM5C8/RuJy530xKNz6pa0YO7mPxhF1u1hdHX2tkWvxD5lthhe2d 5EDJAH3t8ViKVoon1XlZIiyh2WjEni3MbQV6nkOulY3ih0I+SNJ8jRUa7p7DrbM7 58m332AfayuYe61cPtvS8cZo+Jnh3MYu -----END CERTIFICATE-----Generated at Mon Apr 28 17:44:45 2025 by rpki-client on console.sobornost.net