$ rpki-client -vvf rpki.apnic.net/member_repository/A9194040/9B04A0F2A34011ECB3FA047BC4F9AE02/oHzT0QIaWMJAoSE3QAuXsYt5mNA.mft File: oHzT0QIaWMJAoSE3QAuXsYt5mNA.mft (raw, json) Hash identifier: 6N77PTTdA6Tv1BjeI8F/pd8mbLpbhNQps/uIDHpZLPU= Subject key identifier: 10:99:7C:E0:93:01:D5:FA:DE:90:4D:88:03:E5:AC:05:30:78:78:CC Authority key identifier: A0:7C:D3:D1:02:1A:58:C2:40:A1:21:37:40:0B:97:B1:8B:79:98:D0 Certificate issuer: /CN=A9194040/serialNumber=A07CD3D1021A58C240A12137400B97B18B7998D0 Certificate serial: 037A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oHzT0QIaWMJAoSE3QAuXsYt5mNA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9194040/9B04A0F2A34011ECB3FA047BC4F9AE02/oHzT0QIaWMJAoSE3QAuXsYt5mNA.mft Manifest number: 0376 Signing time: Sun 27 Apr 2025 00:33:32 +0000 Manifest this update: Sun 27 Apr 2025 00:33:31 +0000 Manifest next update: Sun 04 May 2025 00:33:31 +0000 Files and hashes: 1: oHzT0QIaWMJAoSE3QAuXsYt5mNA.crl (hash: yYStEVc+ZtGdxee2z5f2GRlyaXrqkHcXOoDcBrYROhY=) 2: D1E294C2A34411EC803D2585C4F9AE02.roa (hash: 9gufT/8L47ewBvsedXGTY9SOVItSQOfXiC+UqlsipuM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9194040/9B04A0F2A34011ECB3FA047BC4F9AE02/oHzT0QIaWMJAoSE3QAuXsYt5mNA.crl rsync://rpki.apnic.net/member_repository/A9194040/9B04A0F2A34011ECB3FA047BC4F9AE02/oHzT0QIaWMJAoSE3QAuXsYt5mNA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oHzT0QIaWMJAoSE3QAuXsYt5mNA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 04 May 2025 00:33:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 890 (0x37a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9194040, serialNumber=A07CD3D1021A58C240A12137400B97B18B7998D0 Validity Not Before: Apr 27 00:33:31 2025 GMT Not After : May 4 00:33:31 2025 GMT Subject: CN=680d7b5c-c23b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:85:be:d6:e6:52:ef:2d:6b:d7:5d:9c:9e:78: be:e7:ae:4d:76:0b:06:ad:95:aa:aa:1b:fe:6b:bd: b7:86:d0:30:8f:03:ab:96:e2:71:83:1d:6a:c7:2e: 9b:8f:b3:06:86:95:39:61:d9:01:cc:48:66:18:91: ff:ff:9e:d1:73:17:4e:41:17:94:39:8a:fd:04:2f: ef:f7:2a:c2:5a:9b:6f:ff:cb:18:26:cf:78:a2:02: 48:21:00:e1:fa:9c:fc:65:1c:b8:a1:62:3c:34:24: 2f:db:27:86:34:b9:47:89:2b:23:55:df:eb:ff:f5: 4d:72:65:9e:f3:31:ee:81:cc:1f:fa:de:3a:f0:8e: dc:db:ae:a6:5d:c8:71:1e:4e:c5:9f:84:e8:30:28: ed:cc:ef:b3:b5:77:de:61:ad:f6:27:14:9c:80:f3: cf:8f:82:27:4d:72:a6:64:fa:33:33:f9:07:c3:9d: 6e:ba:91:b1:c8:7f:76:fd:c3:2f:10:d6:11:f6:c7: 70:73:4b:66:a2:3f:cb:5a:05:96:a3:5e:9f:f9:d2: 42:8b:59:a7:6b:ce:cb:f9:24:80:60:4f:68:72:03: 74:15:a4:5e:fc:28:27:bd:54:ba:3a:97:ff:92:d0: f3:b4:ce:05:af:bd:40:d4:4c:f2:c6:70:58:c8:a3: 26:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:99:7C:E0:93:01:D5:FA:DE:90:4D:88:03:E5:AC:05:30:78:78:CC X509v3 Authority Key Identifier: keyid:A0:7C:D3:D1:02:1A:58:C2:40:A1:21:37:40:0B:97:B1:8B:79:98:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9194040/9B04A0F2A34011ECB3FA047BC4F9AE02/oHzT0QIaWMJAoSE3QAuXsYt5mNA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oHzT0QIaWMJAoSE3QAuXsYt5mNA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9194040/9B04A0F2A34011ECB3FA047BC4F9AE02/oHzT0QIaWMJAoSE3QAuXsYt5mNA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b7:12:08:a7:9d:ff:e5:ff:5e:95:67:79:02:4e:60:9b:19:2c: cf:25:22:a5:8e:e2:b4:8d:50:4e:68:cb:87:f0:53:f2:4e:42: 66:8c:4d:3e:8c:30:8b:42:0e:19:6f:a1:96:33:fc:b8:1d:d4: bf:12:84:c6:07:03:3c:0c:05:39:97:5b:ab:d7:04:b2:b1:1b: 2e:cb:7c:16:79:a2:c2:dc:38:d5:b9:21:67:de:77:2d:03:75: 81:4d:52:91:4e:d7:a6:5a:88:cd:78:44:74:8f:9b:b3:0b:f2: 0f:7b:40:ae:e6:b4:71:e8:dc:c1:db:b8:8e:01:35:92:c2:73: 60:99:c7:86:81:2e:c3:54:bb:c1:0f:23:fd:35:c4:ad:01:9f: 49:b0:7d:42:9a:e8:b0:fe:69:c8:15:16:18:db:47:c8:90:51: e4:0d:53:4a:cb:8e:35:8e:5e:1f:2d:bc:b7:96:27:1f:28:b0: cb:51:6d:1b:ec:b4:ce:fc:e6:e5:d9:6e:a2:b0:2b:8a:cf:82: cd:a3:99:e5:65:c4:19:9c:39:96:db:10:01:4f:fe:98:eb:31: df:3e:7e:05:05:4d:2c:71:ab:e7:3b:e2:54:38:08:91:d5:af: 0c:2d:0f:14:cf:36:92:79:0a:32:46:7e:07:a4:a2:c5:47:c7: 03:28:27:1e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA3owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTQwNDAxMTAvBgNVBAUTKEEwN0NEM0QxMDIxQTU4QzI0MEExMjEzNzQwMEI5N0Ix OEI3OTk4RDAwHhcNMjUwNDI3MDAzMzMxWhcNMjUwNTA0MDAzMzMxWjAYMRYwFAYD VQQDEw02ODBkN2I1Yy1jMjNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx4W+1uZS7y1r112cnni+565NdgsGrZWqqhv+a723htAwjwOrluJxgx1qxy6b j7MGhpU5YdkBzEhmGJH//57RcxdOQReUOYr9BC/v9yrCWptv/8sYJs94ogJIIQDh +pz8ZRy4oWI8NCQv2yeGNLlHiSsjVd/r//VNcmWe8zHugcwf+t468I7c266mXchx Hk7Fn4ToMCjtzO+ztXfeYa32JxScgPPPj4InTXKmZPozM/kHw51uupGxyH92/cMv ENYR9sdwc0tmoj/LWgWWo16f+dJCi1mna87L+SSAYE9ocgN0FaRe/CgnvVS6Opf/ ktDztM4Fr71A1EzyxnBYyKMmKwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBCZfOCT AdX63pBNiAPlrAUweHjMMB8GA1UdIwQYMBaAFKB809ECGljCQKEhN0ALl7GLeZjQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NDA0MC85QjA0QTBGMkEz NDAxMUVDQjNGQTA0N0JDNEY5QUUwMi9vSHpUMFFJYVdNSkFvU0UzUUF1WHNZdDVt TkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29IelQwUUlhV01KQW9TRTNRQXVYc1l0NW1OQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NDA0MC85QjA0QTBGMkEzNDAxMUVDQjNGQTA0N0JDNEY5QUUwMi9vSHpUMFFJYVdN SkFvU0UzUUF1WHNZdDVtTkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC3Eginnf/l/16VZ3kCTmCbGSzPJSKljuK0jVBOaMuH8FPyTkJmjE0+ jDCLQg4Zb6GWM/y4HdS/EoTGBwM8DAU5l1ur1wSysRsuy3wWeaLC3DjVuSFn3nct A3WBTVKRTtemWojNeER0j5uzC/IPe0Cu5rRx6NzB27iOATWSwnNgmceGgS7DVLvB DyP9NcStAZ9JsH1Cmuiw/mnIFRYY20fIkFHkDVNKy441jl4fLby3licfKLDLUW0b 7LTO/Obl2W6isCuKz4LNo5nlZcQZnDmW2xABT/6Y6zHfPn4FBU0scavnO+JUOAiR 1a8MLQ8UzzaSeQoyRn4HpKLFR8cDKCce -----END CERTIFICATE-----Generated at Sun Apr 27 05:43:00 2025 by rpki-client on console.sobornost.net