$ rpki-client -vvf rpki.apnic.net/member_repository/A9120E21/A5E950D4427311E9BAC00065C4F9AE02/lMnUO1O12FDZjg2i1e88ThwxIEU.mft File: lMnUO1O12FDZjg2i1e88ThwxIEU.mft (raw, json) Hash identifier: doY/gJheqMZ1D+Qa2TAY33rkyBnvQhcYdvEz6Hsk+z0= Subject key identifier: B3:A8:A0:7C:D4:6A:C1:BF:9D:8B:02:DC:C4:69:EC:13:81:D3:1A:65 Authority key identifier: 94:C9:D4:3B:53:B5:D8:50:D9:8E:0D:A2:D5:EF:3C:4E:1C:31:20:45 Certificate issuer: /CN=A9120E21/serialNumber=94C9D43B53B5D850D98E0DA2D5EF3C4E1C312045 Certificate serial: 1017 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lMnUO1O12FDZjg2i1e88ThwxIEU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9120E21/A5E950D4427311E9BAC00065C4F9AE02/lMnUO1O12FDZjg2i1e88ThwxIEU.mft Manifest number: 1016 Signing time: Wed 14 May 2025 17:33:22 +0000 Manifest this update: Wed 14 May 2025 17:33:22 +0000 Manifest next update: Wed 21 May 2025 17:33:22 +0000 Files and hashes: 1: lMnUO1O12FDZjg2i1e88ThwxIEU.crl (hash: p/bKn5pR9MyUMCBZfFbCvxVf2HCaYmZ62lFFB/b/0mo=) 2: 90FBBCBEB3F311EFA5A0C630C4F9AE02.roa (hash: fjbjZHBA/FnAxnWN8e7Z/ROBTRwA1nOrCoj5zv4PAPA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9120E21/A5E950D4427311E9BAC00065C4F9AE02/lMnUO1O12FDZjg2i1e88ThwxIEU.crl rsync://rpki.apnic.net/member_repository/A9120E21/A5E950D4427311E9BAC00065C4F9AE02/lMnUO1O12FDZjg2i1e88ThwxIEU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lMnUO1O12FDZjg2i1e88ThwxIEU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 21 May 2025 17:33:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4119 (0x1017) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9120E21, serialNumber=94C9D43B53B5D850D98E0DA2D5EF3C4E1C312045 Validity Not Before: May 14 17:33:22 2025 GMT Not After : May 21 17:33:22 2025 GMT Subject: CN=6824d3e2-dd20 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:2a:f1:93:44:61:18:5a:88:0b:bb:70:50:e3: 62:50:b0:4e:dc:71:30:a9:94:46:f6:e7:e6:a3:4d: 3d:67:c1:b9:d5:ef:66:fb:2b:32:38:be:5a:10:b8: 50:4a:79:f7:31:c4:b5:60:3c:48:42:07:26:04:44: 12:0e:cc:bd:52:6e:22:c4:50:f6:9c:2b:97:80:1a: c7:fd:4f:37:f4:59:2c:d9:2f:45:9f:46:d5:81:83: 71:53:f6:f3:e2:5c:d8:a5:45:47:cb:78:4d:e1:97: bc:86:be:bd:85:8f:c8:5e:33:b3:be:f5:e3:27:5e: 0e:3e:9e:5e:ed:99:27:d2:2b:ae:0e:9a:0b:1a:15: d9:33:a1:04:77:7c:75:e6:5d:05:65:53:22:7f:5c: 88:e9:85:90:61:74:e6:dd:ca:cb:00:07:64:16:8e: d2:de:6a:64:f3:9b:f2:66:a5:78:2e:60:d0:9b:bb: 0b:e2:d6:4f:92:e5:31:5a:4c:80:79:8c:c1:5c:17: 3b:9a:c8:13:3b:8e:b6:2b:ad:67:79:ee:15:d3:18: 49:5d:73:05:87:87:00:b0:40:25:8a:06:aa:24:55: 7e:5e:70:af:38:99:de:03:b2:61:fa:bb:8a:82:7d: 1f:fb:19:3f:6c:25:a8:f9:8f:3b:c5:0d:42:83:23: ae:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:A8:A0:7C:D4:6A:C1:BF:9D:8B:02:DC:C4:69:EC:13:81:D3:1A:65 X509v3 Authority Key Identifier: keyid:94:C9:D4:3B:53:B5:D8:50:D9:8E:0D:A2:D5:EF:3C:4E:1C:31:20:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9120E21/A5E950D4427311E9BAC00065C4F9AE02/lMnUO1O12FDZjg2i1e88ThwxIEU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lMnUO1O12FDZjg2i1e88ThwxIEU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9120E21/A5E950D4427311E9BAC00065C4F9AE02/lMnUO1O12FDZjg2i1e88ThwxIEU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 63:77:8b:c8:3d:80:b3:70:a3:24:bf:61:ea:91:3c:f3:5a:6b: 78:41:a9:55:23:5a:99:d9:29:25:b5:e6:40:49:89:51:8d:7b: 2e:45:a4:88:4d:0f:7f:73:4e:43:85:42:09:f8:c4:bb:2c:b3: 1b:52:df:45:4e:cf:de:fe:81:d5:e5:a2:2c:bc:fa:78:ce:e5: aa:17:49:97:15:18:44:ec:0e:02:e1:8b:df:33:d1:a0:be:fd: f3:b7:25:b5:eb:3b:93:aa:13:bc:e5:6b:89:0a:3e:a3:8b:ce: ac:5b:a0:5d:b7:06:a8:d7:29:d4:1e:bf:67:6c:46:a6:66:fa: d7:71:82:8e:3c:a6:27:ec:3e:fb:e7:ea:6d:27:c0:33:97:7b: 8c:0b:e6:b3:ed:75:40:ce:62:00:7c:38:31:51:3b:b8:18:27: 2a:e1:8f:da:05:7a:01:86:d8:01:b8:07:59:e2:a5:af:05:c9: f0:42:5f:2d:35:71:3e:f6:ff:48:be:8c:5f:ee:86:9d:66:8c: db:bb:48:c8:b8:57:da:d9:bc:70:4b:4d:10:f8:fa:2c:ab:41: ca:6d:1f:12:1a:7a:8b:f7:6e:9f:7d:03:8a:f9:38:ad:38:04: c0:d2:15:78:4f:29:b6:86:53:c6:c0:d7:4c:de:98:43:2a:81: 15:aa:f2:e3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEBcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjBFMjExMTAvBgNVBAUTKDk0QzlENDNCNTNCNUQ4NTBEOThFMERBMkQ1RUYzQzRF MUMzMTIwNDUwHhcNMjUwNTE0MTczMzIyWhcNMjUwNTIxMTczMzIyWjAYMRYwFAYD VQQDEw02ODI0ZDNlMi1kZDIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzSrxk0RhGFqIC7twUONiULBO3HEwqZRG9ufmo009Z8G51e9m+ysyOL5aELhQ Snn3McS1YDxIQgcmBEQSDsy9Um4ixFD2nCuXgBrH/U839Fks2S9Fn0bVgYNxU/bz 4lzYpUVHy3hN4Ze8hr69hY/IXjOzvvXjJ14OPp5e7Zkn0iuuDpoLGhXZM6EEd3x1 5l0FZVMif1yI6YWQYXTm3crLAAdkFo7S3mpk85vyZqV4LmDQm7sL4tZPkuUxWkyA eYzBXBc7msgTO462K61nee4V0xhJXXMFh4cAsEAligaqJFV+XnCvOJneA7Jh+ruK gn0f+xk/bCWo+Y87xQ1CgyOuawIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLOooHzU asG/nYsC3MRp7BOB0xplMB8GA1UdIwQYMBaAFJTJ1DtTtdhQ2Y4NotXvPE4cMSBF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMEUyMS9BNUU5NTBENDQy NzMxMUU5QkFDMDAwNjVDNEY5QUUwMi9sTW5VTzFPMTJGRFpqZzJpMWU4OFRod3hJ RVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xNblVPMU8xMkZEWmpnMmkxZTg4VGh3eElFVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MEUyMS9BNUU5NTBENDQyNzMxMUU5QkFDMDAwNjVDNEY5QUUwMi9sTW5VTzFPMTJG RFpqZzJpMWU4OFRod3hJRVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBjd4vIPYCzcKMkv2HqkTzzWmt4QalVI1qZ2SklteZASYlRjXsuRaSI TQ9/c05DhUIJ+MS7LLMbUt9FTs/e/oHV5aIsvPp4zuWqF0mXFRhE7A4C4YvfM9Gg vv3ztyW16zuTqhO85WuJCj6ji86sW6Bdtwao1ynUHr9nbEamZvrXcYKOPKYn7D77 5+ptJ8Azl3uMC+az7XVAzmIAfDgxUTu4GCcq4Y/aBXoBhtgBuAdZ4qWvBcnwQl8t NXE+9v9Ivoxf7oadZozbu0jIuFfa2bxwS00Q+Posq0HKbR8SGnqL926ffQOK+Tit OATA0hV4Tym2hlPGwNdM3phDKoEVqvLj -----END CERTIFICATE-----Generated at Wed May 14 21:03:16 2025 by rpki-client