$ rpki-client -vvf rpki.apnic.net/member_repository/A9132FD9/7F9A70342BB511F09DE5BA4EC4F9AE02/lyuQ2cUZIlatlkdbOSurGnp5zC0.mft File: lyuQ2cUZIlatlkdbOSurGnp5zC0.mft (raw, json) Hash identifier: S1LJfwiaeqCNpJRy3zUpvMy/Aundo8F6x7tohPyUn+A= Subject key identifier: 77:89:AB:FC:F4:64:F5:2C:AA:DF:BB:EC:E9:DA:DC:A9:F0:AB:5A:0C Authority key identifier: 97:2B:90:D9:C5:19:22:56:AD:96:47:5B:39:2B:AB:1A:7A:79:CC:2D Certificate issuer: /CN=A9132FD9/serialNumber=972B90D9C5192256AD96475B392BAB1A7A79CC2D Certificate serial: 24 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lyuQ2cUZIlatlkdbOSurGnp5zC0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9132FD9/7F9A70342BB511F09DE5BA4EC4F9AE02/lyuQ2cUZIlatlkdbOSurGnp5zC0.mft Manifest number: 20 Signing time: Sun 29 Jun 2025 06:55:23 +0000 Manifest this update: Sun 29 Jun 2025 06:55:23 +0000 Manifest next update: Sun 06 Jul 2025 06:55:23 +0000 Files and hashes: 1: lyuQ2cUZIlatlkdbOSurGnp5zC0.crl (hash: utYR5slfmq9e+xJr5HSyRt+zP8gKQsuOKzpO4VqxJF0=) 2: DCC2224A313011F0BE214A64C4F9AE02.roa (hash: boAAaQY0nzMtC8MdALGWU7uiMFPgsCoPJLOiVmNOgmU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9132FD9/7F9A70342BB511F09DE5BA4EC4F9AE02/lyuQ2cUZIlatlkdbOSurGnp5zC0.crl rsync://rpki.apnic.net/member_repository/A9132FD9/7F9A70342BB511F09DE5BA4EC4F9AE02/lyuQ2cUZIlatlkdbOSurGnp5zC0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lyuQ2cUZIlatlkdbOSurGnp5zC0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 06 Jul 2025 06:55:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36 (0x24) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9132FD9, serialNumber=972B90D9C5192256AD96475B392BAB1A7A79CC2D Validity Not Before: Jun 29 06:55:23 2025 GMT Not After : Jul 6 06:55:23 2025 GMT Subject: CN=6860e35b-5f79 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:da:f6:86:7c:22:7c:10:c9:05:9f:b1:d5:af: 6e:91:7d:f5:bb:f6:92:ce:ef:ff:c7:54:a6:7b:4c: cf:30:55:29:a5:d6:a8:f8:72:67:fe:cc:13:19:6b: 81:b5:a4:c7:14:a9:61:88:20:2c:0f:14:3f:40:81: 4e:9c:dc:ef:64:dd:f2:e1:e7:3c:54:cd:02:bf:22: 47:b2:34:b1:11:7b:3f:e6:c5:d3:51:28:e2:86:42: a4:95:bd:e6:df:35:9f:5a:c7:12:8d:24:0d:1e:3c: 0c:af:d6:0f:69:89:d5:80:43:a0:18:fb:18:57:76: 07:50:f4:cd:08:37:76:4f:92:78:fa:42:f3:23:2a: 0a:e4:cb:d5:98:e3:7f:f2:58:09:08:bc:f1:ed:f3: a9:18:a1:65:56:aa:44:b8:4a:9f:bc:39:89:d7:e4: 85:9a:ec:e6:43:ae:8c:e0:42:15:e3:9a:bd:23:3d: 00:57:79:ec:4d:17:30:e9:f9:40:d9:66:13:15:a5: 60:f2:e3:c4:81:cf:a5:40:f5:05:ba:e2:a6:17:f7: 98:1b:58:7e:79:07:63:59:d5:2f:71:12:c1:9e:a2: 8e:de:e5:1b:4d:c5:e6:9d:e6:e5:16:70:67:c9:df: d9:2f:ed:cd:10:3a:e9:13:ae:2e:34:8c:6a:ce:21: 37:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:89:AB:FC:F4:64:F5:2C:AA:DF:BB:EC:E9:DA:DC:A9:F0:AB:5A:0C X509v3 Authority Key Identifier: keyid:97:2B:90:D9:C5:19:22:56:AD:96:47:5B:39:2B:AB:1A:7A:79:CC:2D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9132FD9/7F9A70342BB511F09DE5BA4EC4F9AE02/lyuQ2cUZIlatlkdbOSurGnp5zC0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lyuQ2cUZIlatlkdbOSurGnp5zC0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9132FD9/7F9A70342BB511F09DE5BA4EC4F9AE02/lyuQ2cUZIlatlkdbOSurGnp5zC0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5e:60:95:50:e2:94:f6:b4:8e:96:e5:35:5c:90:81:98:4a:93: 3a:ca:e4:d8:12:08:e0:82:ed:85:ff:cd:26:f7:f7:d3:01:b6: b7:46:6d:34:b8:33:44:f9:6f:d7:7a:cb:fb:bd:e4:43:6b:28: bd:c0:cb:94:5c:2b:c1:2b:70:e8:66:55:97:39:5b:aa:40:fb: 46:94:aa:01:bc:be:1a:ef:97:63:22:87:37:da:ac:75:04:08: af:3a:7c:b0:af:9c:30:94:bf:d8:0f:78:05:f5:d7:55:fc:e9: 50:55:16:f4:1a:bd:df:6d:e7:8b:0f:13:3e:27:d1:87:6f:4a: 06:53:7a:43:c1:16:b3:7d:b9:95:08:a1:9e:dd:43:8b:86:98: cb:9f:30:7c:45:c2:87:2a:31:bd:83:e3:5c:94:e3:04:74:91: eb:53:86:97:60:76:29:4d:08:7c:bd:b7:e6:6a:fe:bd:a1:57: 22:dc:5b:27:22:9c:be:ec:90:0c:e4:74:45:ee:ba:4b:43:84: 19:27:54:f8:38:a2:dc:26:b4:d2:4a:b6:65:c2:aa:c8:3e:5c: 4f:aa:79:6a:4a:fd:3e:3c:9e:ac:f1:3c:66:7f:f4:1d:62:a8: 76:a5:9c:30:65:22:c5:72:d0:c8:e3:b1:ee:05:c2:ba:a6:80: c3:dc:3f:6c -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBJDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz MkZEOTExMC8GA1UEBRMoOTcyQjkwRDlDNTE5MjI1NkFEOTY0NzVCMzkyQkFCMUE3 QTc5Q0MyRDAeFw0yNTA2MjkwNjU1MjNaFw0yNTA3MDYwNjU1MjNaMBgxFjAUBgNV BAMTDTY4NjBlMzViLTVmNzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDM2vaGfCJ8EMkFn7HVr26RffW79pLO7//HVKZ7TM8wVSml1qj4cmf+zBMZa4G1 pMcUqWGIICwPFD9AgU6c3O9k3fLh5zxUzQK/IkeyNLERez/mxdNRKOKGQqSVvebf NZ9axxKNJA0ePAyv1g9pidWAQ6AY+xhXdgdQ9M0IN3ZPknj6QvMjKgrky9WY43/y WAkIvPHt86kYoWVWqkS4Sp+8OYnX5IWa7OZDrozgQhXjmr0jPQBXeexNFzDp+UDZ ZhMVpWDy48SBz6VA9QW64qYX95gbWH55B2NZ1S9xEsGeoo7e5RtNxead5uUWcGfJ 39kv7c0QOukTri40jGrOITefAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUd4mr/PRk 9Syq37vs6drcqfCrWgwwHwYDVR0jBBgwFoAUlyuQ2cUZIlatlkdbOSurGnp5zC0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTMyRkQ5LzdGOUE3MDM0MkJC NTExRjA5REU1QkE0RUM0RjlBRTAyL2x5dVEyY1VaSWxhdGxrZGJPU3VyR25wNXpD MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvbHl1UTJjVVpJbGF0bGtkYk9TdXJHbnA1ekMwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTMy RkQ5LzdGOUE3MDM0MkJCNTExRjA5REU1QkE0RUM0RjlBRTAyL2x5dVEyY1VaSWxh dGxrZGJPU3VyR25wNXpDMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAF5glVDilPa0jpblNVyQgZhKkzrK5NgSCOCC7YX/zSb399MBtrdGbTS4 M0T5b9d6y/u95ENrKL3Ay5RcK8ErcOhmVZc5W6pA+0aUqgG8vhrvl2MihzfarHUE CK86fLCvnDCUv9gPeAX111X86VBVFvQavd9t54sPEz4n0YdvSgZTekPBFrN9uZUI oZ7dQ4uGmMufMHxFwocqMb2D41yU4wR0ketThpdgdilNCHy9t+Zq/r2hVyLcWyci nL7skAzkdEXuuktDhBknVPg4otwmtNJKtmXCqsg+XE+qeWpK/T48nqzxPGZ/9B1i qHalnDBlIsVy0Mjjse4FwrqmgMPcP2w= -----END CERTIFICATE-----Generated at Mon Jun 30 03:36:54 2025 by rpki-client