$ rpki-client -vvf rpki.apnic.net/member_repository/A91D318A/ECFF2AF887E611EE97E6C746C4F9AE02/OhVDvfN3KpjSlOuQAjgD3d3xHmI.mft File: OhVDvfN3KpjSlOuQAjgD3d3xHmI.mft (raw, json) Hash identifier: GMDWNK72ymQfoCwVmRqsCQOKkw8FtC9OQOyQsayZd/s= Subject key identifier: 0D:06:5E:3D:4E:6F:EE:15:1D:51:9E:DE:69:2D:70:06:25:84:53:33 Authority key identifier: 3A:15:43:BD:F3:77:2A:98:D2:94:EB:90:02:38:03:DD:DD:F1:1E:62 Certificate issuer: /CN=A91D318A/serialNumber=3A1543BDF3772A98D294EB90023803DDDDF11E62 Certificate serial: 0118 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OhVDvfN3KpjSlOuQAjgD3d3xHmI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D318A/ECFF2AF887E611EE97E6C746C4F9AE02/OhVDvfN3KpjSlOuQAjgD3d3xHmI.mft Manifest number: 010F Signing time: Fri 25 Apr 2025 04:01:26 +0000 Manifest this update: Fri 25 Apr 2025 04:01:26 +0000 Manifest next update: Fri 02 May 2025 04:01:26 +0000 Files and hashes: 1: OhVDvfN3KpjSlOuQAjgD3d3xHmI.crl (hash: xuFJO9YkoyInkKKL4GIGCQgoV4BY1Lbz2TCp3F6ouqw=) 2: 67CB8C7287E711EEAC6C0B48C4F9AE02.roa (hash: F1mmz33PgwMDoRRZC6GtV9seLtgQSAErXHweDotrVWA=) 3: C1BECCFC68ED11EF85713047C4F9AE02.roa (hash: Sezt6J9wGq2uA81TOBF7C4CUuNihzkNfNyFAuKq+xQc=) 4: 675EE9DC87E711EEAC6C0B48C4F9AE02.roa (hash: drw42sYp0Yh/VWP9xaFHuMDcqO3Tii4R1NV32pLiPSM=) 5: 08310D28339011EFA4FD915FC4F9AE02.roa (hash: SpJu5nU/KENpOPLXjRvExSZV1G2bbDwfeZ2+Dj1X+E8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D318A/ECFF2AF887E611EE97E6C746C4F9AE02/OhVDvfN3KpjSlOuQAjgD3d3xHmI.crl rsync://rpki.apnic.net/member_repository/A91D318A/ECFF2AF887E611EE97E6C746C4F9AE02/OhVDvfN3KpjSlOuQAjgD3d3xHmI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OhVDvfN3KpjSlOuQAjgD3d3xHmI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 02:50:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 280 (0x118) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D318A, serialNumber=3A1543BDF3772A98D294EB90023803DDDDF11E62 Validity Not Before: Apr 25 04:01:26 2025 GMT Not After : May 2 04:01:26 2025 GMT Subject: CN=680b0916-11e1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:46:e7:bd:a8:c2:f8:c5:e1:1e:03:a5:ef:40: 2f:c6:4c:ed:ca:4f:28:01:c4:12:be:c7:4c:b3:cc: 56:95:86:27:d1:c1:47:f8:7a:9d:0f:01:f5:5e:d1: 7f:ce:cd:64:c1:b4:be:16:eb:15:aa:1f:ac:58:44: 06:31:20:90:8c:5d:62:9d:17:78:ee:34:3c:ee:10: 50:76:37:74:00:21:f7:b2:54:48:8c:13:92:cc:de: 5d:71:af:63:44:c4:27:eb:7d:14:5c:0a:15:b4:25: e3:fc:f7:74:1f:27:c6:b9:54:f5:2e:e3:04:ee:b8: 03:36:72:5d:b9:85:5f:16:77:53:15:c6:a4:06:6b: bf:46:55:6c:88:e3:e8:cd:d8:5b:ad:63:73:e5:e2: 83:0d:bc:c6:f2:9c:04:25:44:98:69:0a:b2:b1:c0: 94:44:7d:aa:86:98:02:2f:f6:b1:8e:ea:86:61:9c: 76:93:8d:eb:4b:ff:e0:fa:b1:ff:fc:9e:ce:c5:25: 5a:93:8a:b9:e5:05:50:47:8d:75:71:06:13:19:4c: eb:55:d9:3a:7d:17:52:1d:4f:be:17:58:f4:54:de: 61:ad:f6:c9:21:6d:ef:06:83:c3:33:8a:07:2d:ff: fc:bc:fd:ca:d6:1d:06:2d:ea:03:ab:2d:11:12:ed: 45:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:06:5E:3D:4E:6F:EE:15:1D:51:9E:DE:69:2D:70:06:25:84:53:33 X509v3 Authority Key Identifier: keyid:3A:15:43:BD:F3:77:2A:98:D2:94:EB:90:02:38:03:DD:DD:F1:1E:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D318A/ECFF2AF887E611EE97E6C746C4F9AE02/OhVDvfN3KpjSlOuQAjgD3d3xHmI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OhVDvfN3KpjSlOuQAjgD3d3xHmI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D318A/ECFF2AF887E611EE97E6C746C4F9AE02/OhVDvfN3KpjSlOuQAjgD3d3xHmI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 09:07:e5:95:b0:9c:d1:88:37:c8:99:d7:23:e0:bd:47:22:75: 43:d1:cd:c7:05:56:ca:1d:ac:01:05:0b:11:f5:8a:d9:cf:3e: 51:d4:47:b4:37:34:14:fe:4f:32:93:a7:6f:c1:e1:bc:b4:30: 4d:29:5f:87:30:3b:dd:78:d6:a2:b1:18:01:07:a9:88:ba:ea: 25:3e:63:bb:dc:44:ce:7c:1d:da:dd:6b:4f:6d:80:bf:6a:c5: d7:40:a1:c4:c5:42:a9:be:e4:c2:dd:3f:28:59:f4:ca:65:a0: 2e:25:89:84:b6:2e:57:dd:5f:fb:2d:69:91:ee:24:d8:2a:b1: 92:2b:3c:d9:86:0a:88:ac:a0:3b:94:bb:c3:c5:09:d3:12:2c: e9:22:6f:1e:dd:b6:16:74:c3:91:39:64:86:c6:49:fb:e9:00: 37:2c:a8:e4:29:88:fb:e3:ea:24:f0:dc:65:59:cd:60:7a:bf: e8:94:b2:7c:3d:42:49:8c:1d:e9:40:c8:77:b7:24:3e:86:49: ab:27:1b:e4:3f:f0:4a:14:c9:e1:d8:16:b2:91:b1:54:29:a9: 6b:7b:de:d7:89:bf:52:ad:2e:7f:db:a2:9a:24:86:da:31:42: 18:8a:c2:16:f5:f2:26:54:a0:e4:2f:55:4a:19:70:08:c8:1e: 63:e6:e0:31 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICARgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDMxOEExMTAvBgNVBAUTKDNBMTU0M0JERjM3NzJBOThEMjk0RUI5MDAyMzgwM0RE RERGMTFFNjIwHhcNMjUwNDI1MDQwMTI2WhcNMjUwNTAyMDQwMTI2WjAYMRYwFAYD VQQDEw02ODBiMDkxNi0xMWUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7EbnvajC+MXhHgOl70Avxkztyk8oAcQSvsdMs8xWlYYn0cFH+HqdDwH1XtF/ zs1kwbS+FusVqh+sWEQGMSCQjF1inRd47jQ87hBQdjd0ACH3slRIjBOSzN5dca9j RMQn630UXAoVtCXj/Pd0HyfGuVT1LuME7rgDNnJduYVfFndTFcakBmu/RlVsiOPo zdhbrWNz5eKDDbzG8pwEJUSYaQqyscCURH2qhpgCL/axjuqGYZx2k43rS//g+rH/ /J7OxSVak4q55QVQR411cQYTGUzrVdk6fRdSHU++F1j0VN5hrfbJIW3vBoPDM4oH Lf/8vP3K1h0GLeoDqy0REu1FoQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA0GXj1O b+4VHVGe3mktcAYlhFMzMB8GA1UdIwQYMBaAFDoVQ73zdyqY0pTrkAI4A93d8R5i MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMzE4QS9FQ0ZGMkFGODg3 RTYxMUVFOTdFNkM3NDZDNEY5QUUwMi9PaFZEdmZOM0twalNsT3VRQWpnRDNkM3hI bUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL09oVkR2Zk4zS3BqU2xPdVFBamdEM2QzeEhtSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MzE4QS9FQ0ZGMkFGODg3RTYxMUVFOTdFNkM3NDZDNEY5QUUwMi9PaFZEdmZOM0tw alNsT3VRQWpnRDNkM3hIbUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAJB+WVsJzRiDfImdcj4L1HInVD0c3HBVbKHawBBQsR9YrZzz5R1Ee0 NzQU/k8yk6dvweG8tDBNKV+HMDvdeNaisRgBB6mIuuolPmO73ETOfB3a3WtPbYC/ asXXQKHExUKpvuTC3T8oWfTKZaAuJYmEti5X3V/7LWmR7iTYKrGSKzzZhgqIrKA7 lLvDxQnTEizpIm8e3bYWdMOROWSGxkn76QA3LKjkKYj74+ok8NxlWc1ger/olLJ8 PUJJjB3pQMh3tyQ+hkmrJxvkP/BKFMnh2BaykbFUKalre97Xib9SrS5/26KaJIba MUIYisIW9fImVKDkL1VKGXAIyB5j5uAx -----END CERTIFICATE-----Generated at Fri Apr 25 08:25:12 2025 by rpki-client on console.sobornost.net