$ rpki-client -vvf rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft File: OxaIpfe3JKr754IKLGPZey6o5SI.mft (raw, json) Hash identifier: rX8irYeOSMm4yKTD3TNbS3LjD5qBjQ6DAyO8Wo2p7xM= Subject key identifier: 47:CD:21:A2:32:2B:11:66:CA:9E:0A:46:D0:41:0E:D6:D6:D1:19:96 Authority key identifier: 3B:16:88:A5:F7:B7:24:AA:FB:E7:82:0A:2C:63:D9:7B:2E:A8:E5:22 Certificate issuer: /CN=A91772FA/serialNumber=3B1688A5F7B724AAFBE7820A2C63D97B2EA8E522 Certificate serial: 030F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OxaIpfe3JKr754IKLGPZey6o5SI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft Manifest number: 0309 Signing time: Sun 27 Apr 2025 00:51:44 +0000 Manifest this update: Sun 27 Apr 2025 00:51:44 +0000 Manifest next update: Sun 04 May 2025 00:51:44 +0000 Files and hashes: 1: OxaIpfe3JKr754IKLGPZey6o5SI.crl (hash: i5inXzkVBunrmLW9tmRGotRSiSN8IhNnQimONWvfYIo=) 2: 2D613294CD7611EC83259862C4F9AE02.roa (hash: eiU7ZSeORX7Nfv/I101YymEKed9tnUaeLJmxcj6rlLI=) 3: EF8CB49CD78F11EC91680D49C4F9AE02.roa (hash: lJKugMMEeA6hotCUmsieh3f9JUtmDi6Rwayct/vX1UY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.crl rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OxaIpfe3JKr754IKLGPZey6o5SI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 04 May 2025 00:51:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 783 (0x30f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91772FA, serialNumber=3B1688A5F7B724AAFBE7820A2C63D97B2EA8E522 Validity Not Before: Apr 27 00:51:44 2025 GMT Not After : May 4 00:51:44 2025 GMT Subject: CN=680d7fa0-e431 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:3b:3d:8d:eb:94:4c:40:2d:56:e3:39:1e:58: ca:56:b9:28:09:3d:ca:b1:c8:f8:12:3a:54:1c:06: 5b:00:64:33:66:b9:16:37:8a:79:90:f7:81:b2:3a: 5f:3d:d5:3c:69:88:94:48:24:2e:a7:a4:fc:8d:d1: af:6b:a4:2b:d8:f7:e8:e4:7f:1c:f4:00:02:53:42: ea:b6:0f:c5:3e:a5:90:dd:6f:1e:25:db:7d:8d:b7: 44:2b:1a:0d:c0:c5:86:20:1c:fc:b9:35:25:41:0d: 50:f4:fa:35:0f:10:37:a0:a9:51:90:e6:53:1a:78: 81:02:2b:e1:a1:95:9f:d8:59:47:84:d4:1a:f1:64: 0c:31:7b:3c:a4:90:e5:61:51:3f:99:5c:c1:0b:ad: 6c:12:75:6e:d6:ef:ba:e7:e8:f5:0a:f5:18:a4:f1: fb:5c:24:61:6f:ac:56:e8:8a:08:bf:54:2d:c8:53: ae:9c:55:81:c6:16:0b:d6:8a:a7:9e:3e:79:41:08: 0f:4e:3f:8b:3e:77:66:81:a2:b2:a7:2e:2c:55:f9: a1:7d:eb:c8:41:82:1a:cf:8b:c9:e8:d4:f9:ca:ce: e3:98:6d:59:f6:50:b4:1a:06:45:d8:3d:70:46:c6: c5:7b:64:b9:97:ef:74:c1:fa:4e:9e:d0:dc:d2:c1: 0a:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:CD:21:A2:32:2B:11:66:CA:9E:0A:46:D0:41:0E:D6:D6:D1:19:96 X509v3 Authority Key Identifier: keyid:3B:16:88:A5:F7:B7:24:AA:FB:E7:82:0A:2C:63:D9:7B:2E:A8:E5:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OxaIpfe3JKr754IKLGPZey6o5SI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91772FA/D7244562CD7311ECA0AA8061C4F9AE02/OxaIpfe3JKr754IKLGPZey6o5SI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2a:ad:8e:72:c3:6b:00:7c:db:58:e9:64:dc:91:5c:4a:66:b7: 00:9f:81:59:27:88:b9:c6:1d:6b:eb:b8:c2:10:dc:1e:a0:b4: 70:7c:ab:e6:be:6a:5b:e1:48:c4:41:0b:04:5c:21:dd:ff:ed: f0:15:3e:2d:2c:86:ad:76:c3:60:74:1e:fa:79:d1:86:99:d8: 18:94:6a:16:7f:98:e1:be:b0:9b:ea:fc:a3:28:5d:d3:c8:94: 47:eb:10:07:32:3d:cd:42:28:29:a0:b9:8e:da:0c:ce:70:5f: 86:3e:57:96:7c:be:9a:98:9c:b1:17:a4:76:57:19:ea:1c:25: b6:fb:50:c9:e1:3a:8f:9b:b3:3e:23:62:75:0b:b6:e9:d0:ac: 59:ec:61:98:14:8e:f7:93:81:0d:3d:72:3f:18:cd:90:fd:f1: c9:e8:2c:f8:db:9c:d5:7b:62:12:34:f5:eb:80:a1:b3:0a:11: fe:cd:6d:d7:9c:5b:45:fb:51:fe:54:f4:80:39:b2:07:fb:12: 3c:9d:cb:2d:61:36:21:37:26:02:a2:ad:fa:9c:97:d6:d3:8a: a7:9f:7f:de:0e:de:63:fd:e6:8f:7b:48:4d:8b:ec:bc:f2:3d: 67:0c:a5:1c:6f:14:54:96:66:46:5e:31:02:e7:96:c0:e4:cf: df:b5:d3:03 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAw8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzcyRkExMTAvBgNVBAUTKDNCMTY4OEE1RjdCNzI0QUFGQkU3ODIwQTJDNjNEOTdC MkVBOEU1MjIwHhcNMjUwNDI3MDA1MTQ0WhcNMjUwNTA0MDA1MTQ0WjAYMRYwFAYD VQQDEw02ODBkN2ZhMC1lNDMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAujs9jeuUTEAtVuM5HljKVrkoCT3Kscj4EjpUHAZbAGQzZrkWN4p5kPeBsjpf PdU8aYiUSCQup6T8jdGva6Qr2Pfo5H8c9AACU0Lqtg/FPqWQ3W8eJdt9jbdEKxoN wMWGIBz8uTUlQQ1Q9Po1DxA3oKlRkOZTGniBAivhoZWf2FlHhNQa8WQMMXs8pJDl YVE/mVzBC61sEnVu1u+65+j1CvUYpPH7XCRhb6xW6IoIv1QtyFOunFWBxhYL1oqn nj55QQgPTj+LPndmgaKypy4sVfmhfevIQYIaz4vJ6NT5ys7jmG1Z9lC0GgZF2D1w RsbFe2S5l+90wfpOntDc0sEKSwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEfNIaIy KxFmyp4KRtBBDtbW0RmWMB8GA1UdIwQYMBaAFDsWiKX3tySq++eCCixj2XsuqOUi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NzJGQS9ENzI0NDU2MkNE NzMxMUVDQTBBQTgwNjFDNEY5QUUwMi9PeGFJcGZlM0pLcjc1NElLTEdQWmV5Nm81 U0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL094YUlwZmUzSktyNzU0SUtMR1BaZXk2bzVTSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 NzJGQS9ENzI0NDU2MkNENzMxMUVDQTBBQTgwNjFDNEY5QUUwMi9PeGFJcGZlM0pL cjc1NElLTEdQWmV5Nm81U0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAqrY5yw2sAfNtY6WTckVxKZrcAn4FZJ4i5xh1r67jCENweoLRwfKvm vmpb4UjEQQsEXCHd/+3wFT4tLIatdsNgdB76edGGmdgYlGoWf5jhvrCb6vyjKF3T yJRH6xAHMj3NQigpoLmO2gzOcF+GPleWfL6amJyxF6R2VxnqHCW2+1DJ4TqPm7M+ I2J1C7bp0KxZ7GGYFI73k4ENPXI/GM2Q/fHJ6Cz425zVe2ISNPXrgKGzChH+zW3X nFtF+1H+VPSAObIH+xI8ncstYTYhNyYCoq36nJfW04qnn3/eDt5j/eaPe0hNi+y8 8j1nDKUcbxRUlmZGXjEC55bA5M/ftdMD -----END CERTIFICATE-----Generated at Sun Apr 27 05:42:09 2025 by rpki-client on console.sobornost.net