$ rpki-client -vvf rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.mft File: LbxGXaaBtbMRiXq2xGjCVHBuXS8.mft (raw, json) Hash identifier: 5JcMZHCDJxFfmk+ycnIpmHN4L7a0UUaw1MeKSyeijoo= Subject key identifier: 33:B0:53:64:77:DA:BF:9C:D8:11:BC:D2:84:A3:83:8A:FF:55:75:9D Authority key identifier: 2D:BC:46:5D:A6:81:B5:B3:11:89:7A:B6:C4:68:C2:54:70:6E:5D:2F Certificate issuer: /CN=A9153D75/serialNumber=2DBC465DA681B5B311897AB6C468C254706E5D2F Certificate serial: 01D7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LbxGXaaBtbMRiXq2xGjCVHBuXS8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.mft Manifest number: 01D4 Signing time: Mon 19 May 2025 01:49:29 +0000 Manifest this update: Mon 19 May 2025 01:49:29 +0000 Manifest next update: Mon 26 May 2025 01:49:29 +0000 Files and hashes: 1: LbxGXaaBtbMRiXq2xGjCVHBuXS8.crl (hash: z1s2kXBpHVW2Jua8EPM3R78NPNvAi821MYror5qkdSw=) 2: 552D155464A711ED99D40117C4F9AE02.roa (hash: vqnq1ln0jacCM48xfrENGgLrWxqslFbyB5Snj9ZJdaw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.crl rsync://rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LbxGXaaBtbMRiXq2xGjCVHBuXS8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 26 May 2025 01:49:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 471 (0x1d7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9153D75, serialNumber=2DBC465DA681B5B311897AB6C468C254706E5D2F Validity Not Before: May 19 01:49:29 2025 GMT Not After : May 26 01:49:29 2025 GMT Subject: CN=682a8e29-7712 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:ce:9d:7e:b0:5a:dc:6d:30:17:be:ae:27:ce: ee:f2:56:c3:b3:6d:e9:c8:39:1c:7e:b7:c7:c6:13: 70:04:25:7a:08:22:db:ea:ad:36:a8:dc:2b:ec:9e: fd:68:f7:75:09:0b:d6:d7:14:b5:3b:19:b2:f5:2a: 7e:7a:db:cf:22:69:7d:4e:5a:c4:2d:35:82:b9:9b: b3:90:1f:37:37:99:cb:3a:8e:a1:45:11:9d:47:ca: d7:d0:30:5e:6c:d6:0a:02:f0:71:a8:5f:df:0d:7e: 28:94:ea:05:d7:8e:19:b8:6c:1f:6c:23:73:00:7c: 81:8a:49:3b:67:1f:cd:1e:9d:64:d3:a9:4c:c8:61: 2e:9e:7e:18:7e:f1:89:a2:87:96:68:bf:42:4d:74: 66:fa:e1:71:ed:76:13:62:24:6c:70:7e:ae:5d:77: 3d:3e:1b:d3:bf:1a:cf:98:37:76:15:f5:1e:5e:26: 98:0b:81:ab:1c:9f:90:5c:f3:1d:7c:d2:f5:cd:58: 30:50:0b:5e:8a:ad:71:a7:9a:cd:e9:43:14:55:2c: bb:04:34:93:93:ce:9e:71:d1:7b:c3:c2:11:43:27: 76:14:d2:7e:08:08:d4:54:3a:07:03:d6:e1:54:f3: 4a:e1:44:65:46:fd:ec:ce:75:8e:48:58:28:64:1a: 95:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:B0:53:64:77:DA:BF:9C:D8:11:BC:D2:84:A3:83:8A:FF:55:75:9D X509v3 Authority Key Identifier: keyid:2D:BC:46:5D:A6:81:B5:B3:11:89:7A:B6:C4:68:C2:54:70:6E:5D:2F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LbxGXaaBtbMRiXq2xGjCVHBuXS8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0a:27:93:37:4a:e1:60:ff:f0:6d:53:06:07:6c:d5:10:4e:ff: b5:d3:9d:01:2c:76:d6:4c:e1:13:0f:61:9d:b5:18:77:d9:7f: b5:95:ad:00:38:6b:f3:da:e3:4e:b3:d7:e1:ff:2e:de:f0:bf: 3e:8f:61:7d:61:16:e6:64:2a:39:ac:2b:a0:f9:f6:20:31:03: b6:ba:1f:fc:5e:16:78:1f:f3:e2:de:cf:bb:af:c7:20:e8:80: da:88:f1:7f:18:f7:2d:4a:db:3d:20:10:e8:06:62:e7:2c:c7: 24:22:f0:48:08:62:11:f8:59:78:26:69:f4:99:35:bd:19:30: d8:f0:f3:5b:df:cc:ad:16:99:cb:9b:b0:3f:25:69:e9:a3:a7: 22:65:fa:b5:8a:54:42:77:72:75:ca:bf:73:56:77:69:3a:9b: ac:77:95:5b:e2:ae:af:a4:82:6c:5a:9b:2d:7c:78:97:8e:1d: 18:fa:30:f9:0d:b4:2a:8d:94:0a:6e:34:b5:1a:48:66:4c:d4: 0d:b5:3d:3c:52:3e:d6:86:d0:29:42:7c:e2:fe:7d:0f:2b:72: 8c:f0:54:e6:47:3d:72:0e:ee:74:5b:57:51:96:15:4b:4f:17: 7f:e2:33:7d:01:80:64:5a:2d:b5:b3:9e:7b:e8:f5:9d:25:61: e9:fa:aa:a0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAdcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTNENzUxMTAvBgNVBAUTKDJEQkM0NjVEQTY4MUI1QjMxMTg5N0FCNkM0NjhDMjU0 NzA2RTVEMkYwHhcNMjUwNTE5MDE0OTI5WhcNMjUwNTI2MDE0OTI5WjAYMRYwFAYD VQQDEw02ODJhOGUyOS03NzEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtc6dfrBa3G0wF76uJ87u8lbDs23pyDkcfrfHxhNwBCV6CCLb6q02qNwr7J79 aPd1CQvW1xS1Oxmy9Sp+etvPIml9TlrELTWCuZuzkB83N5nLOo6hRRGdR8rX0DBe bNYKAvBxqF/fDX4olOoF144ZuGwfbCNzAHyBikk7Zx/NHp1k06lMyGEunn4YfvGJ ooeWaL9CTXRm+uFx7XYTYiRscH6uXXc9PhvTvxrPmDd2FfUeXiaYC4GrHJ+QXPMd fNL1zVgwUAteiq1xp5rN6UMUVSy7BDSTk86ecdF7w8IRQyd2FNJ+CAjUVDoHA9bh VPNK4URlRv3sznWOSFgoZBqVowIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDOwU2R3 2r+c2BG80oSjg4r/VXWdMB8GA1UdIwQYMBaAFC28Rl2mgbWzEYl6tsRowlRwbl0v MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1M0Q3NS81MkRFNEM0QTY0 QTMxMUVEODIyMDI0MTJDNEY5QUUwMi9MYnhHWGFhQnRiTVJpWHEyeEdqQ1ZIQnVY UzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xieEdYYWFCdGJNUmlYcTJ4R2pDVkhCdVhTOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 M0Q3NS81MkRFNEM0QTY0QTMxMUVEODIyMDI0MTJDNEY5QUUwMi9MYnhHWGFhQnRi TVJpWHEyeEdqQ1ZIQnVYUzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAKJ5M3SuFg//BtUwYHbNUQTv+1050BLHbWTOETD2GdtRh32X+1la0A OGvz2uNOs9fh/y7e8L8+j2F9YRbmZCo5rCug+fYgMQO2uh/8XhZ4H/Pi3s+7r8cg 6IDaiPF/GPctSts9IBDoBmLnLMckIvBICGIR+Fl4Jmn0mTW9GTDY8PNb38ytFpnL m7A/JWnpo6ciZfq1ilRCd3J1yr9zVndpOpusd5Vb4q6vpIJsWpstfHiXjh0Y+jD5 DbQqjZQKbjS1GkhmTNQNtT08Uj7WhtApQnzi/n0PK3KM8FTmRz1yDu50W1dRlhVL Txd/4jN9AYBkWi21s5576PWdJWHp+qqg -----END CERTIFICATE-----Generated at Mon May 19 08:05:49 2025 by rpki-client