$ rpki-client -vvf rpki.apnic.net/member_repository/A915C1AA/6C9D26307F2011EAB57D5732C4F9AE02/1lqglKUeKDl1O1khC2zyxUkVwB4.mft File: 1lqglKUeKDl1O1khC2zyxUkVwB4.mft (raw, json) Hash identifier: bPZ4yiNh4ozTZGHyhWrOjQtRWD8FEciWmiv0ksv6NxA= Subject key identifier: 91:A4:26:B6:53:EE:C4:49:1A:6F:59:6E:9C:65:D3:78:25:A3:F8:F5 Authority key identifier: D6:5A:A0:94:A5:1E:28:39:75:3B:59:21:0B:6C:F2:C5:49:15:C0:1E Certificate issuer: /CN=A915C1AA/serialNumber=D65AA094A51E2839753B59210B6CF2C54915C01E Certificate serial: 09D1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1lqglKUeKDl1O1khC2zyxUkVwB4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915C1AA/6C9D26307F2011EAB57D5732C4F9AE02/1lqglKUeKDl1O1khC2zyxUkVwB4.mft Manifest number: 09CA Signing time: Wed 14 May 2025 20:04:01 +0000 Manifest this update: Wed 14 May 2025 20:04:01 +0000 Manifest next update: Wed 21 May 2025 20:04:01 +0000 Files and hashes: 1: 1lqglKUeKDl1O1khC2zyxUkVwB4.crl (hash: JYYRqgqMJ40bReHqIYVTSl7bZ8aoENaswlCv14lygpw=) 2: 220853047F2211EA8E730F35C4F9AE02.roa (hash: GncSpKfRZkeGl3QwfrF2wdsfNONCmDmNLMd0bZEde3M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915C1AA/6C9D26307F2011EAB57D5732C4F9AE02/1lqglKUeKDl1O1khC2zyxUkVwB4.crl rsync://rpki.apnic.net/member_repository/A915C1AA/6C9D26307F2011EAB57D5732C4F9AE02/1lqglKUeKDl1O1khC2zyxUkVwB4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1lqglKUeKDl1O1khC2zyxUkVwB4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 21 May 2025 20:04:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2513 (0x9d1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915C1AA, serialNumber=D65AA094A51E2839753B59210B6CF2C54915C01E Validity Not Before: May 14 20:04:01 2025 GMT Not After : May 21 20:04:01 2025 GMT Subject: CN=6824f731-6202 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:0a:0f:5a:ad:7c:f7:70:16:c8:0c:de:29:68: 30:ac:a3:8c:44:d2:49:95:32:15:99:e4:95:7a:05: d8:13:81:f0:f3:a1:db:9a:79:09:29:b0:00:80:15: 92:13:01:c1:47:13:b9:3d:36:b6:fc:f0:85:57:c0: 73:f5:ff:ab:87:40:b4:47:ad:8e:d5:aa:f4:b2:ed: 63:df:44:09:5b:77:49:50:a6:45:80:6d:9f:b2:30: 59:b3:82:71:37:07:40:97:77:69:86:15:bd:60:d2: 02:47:df:4d:2a:f6:9c:1b:20:02:0d:55:71:18:bb: 71:b1:1e:e0:38:2d:e8:3c:cd:d4:58:fb:cd:80:dc: 0b:c6:99:16:10:5d:3b:cc:21:eb:36:9b:e4:3e:ca: dc:bc:51:d9:45:c6:af:29:5d:75:20:b0:25:11:29: f2:de:75:d8:89:b5:ce:da:87:09:8b:ea:44:5b:ed: 3d:0c:7b:52:ee:d8:cf:2d:78:ae:4d:4f:41:05:1f: c5:80:de:3f:da:26:e9:6a:2e:ad:e5:3d:e0:b5:00: aa:de:66:59:f8:4c:68:21:cb:08:cf:ef:e6:a0:0e: 1f:79:ef:1f:1d:43:45:2b:ae:fe:b4:2a:08:d9:8d: d4:4f:95:39:a0:f4:61:7d:79:fd:7a:b1:6b:17:fa: 3e:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:A4:26:B6:53:EE:C4:49:1A:6F:59:6E:9C:65:D3:78:25:A3:F8:F5 X509v3 Authority Key Identifier: keyid:D6:5A:A0:94:A5:1E:28:39:75:3B:59:21:0B:6C:F2:C5:49:15:C0:1E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915C1AA/6C9D26307F2011EAB57D5732C4F9AE02/1lqglKUeKDl1O1khC2zyxUkVwB4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1lqglKUeKDl1O1khC2zyxUkVwB4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915C1AA/6C9D26307F2011EAB57D5732C4F9AE02/1lqglKUeKDl1O1khC2zyxUkVwB4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5f:6a:d5:e1:8b:af:3e:d1:b3:61:aa:19:41:c7:9e:45:f2:a2: 93:04:88:26:a4:4b:ed:1d:13:1d:ee:b7:0f:b7:b1:55:17:11: 7b:be:7e:ad:c6:1f:d1:77:0b:88:2e:be:c4:fb:7c:62:a7:0f: 50:3f:25:0b:22:48:66:f4:7b:1d:0f:41:9f:58:5d:ee:a2:22: 4b:f6:3d:4f:47:f3:d4:fe:3c:2a:c0:ea:1c:76:97:ca:ce:65: 12:5a:15:0d:02:dd:02:22:05:6f:17:02:88:88:74:91:24:19: 05:62:48:40:51:c6:21:7c:f5:42:87:95:31:0f:72:45:84:52: 22:4e:0d:2e:01:6e:2b:35:65:5e:0c:94:f8:6c:8d:8c:ec:d0: 61:35:02:09:13:d9:96:6e:ba:43:44:6f:93:fe:7d:40:a8:bb: 08:34:f7:d8:e0:ff:61:39:d1:37:60:89:0a:d4:24:a1:62:55: 0a:1e:2d:c6:c6:d7:f9:fb:a1:f0:0c:b6:5a:c9:a3:fd:32:c4: 72:54:d0:12:15:95:ce:e1:88:b0:1c:92:07:59:e2:ad:8a:52: b4:76:d9:ed:07:85:65:72:1c:c6:5a:55:5a:f6:ec:7e:c1:8d: 06:72:f1:4d:1a:7a:af:07:bc:e2:9d:45:f8:28:91:0d:34:36: d8:75:ea:82 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCdEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUMxQUExMTAvBgNVBAUTKEQ2NUFBMDk0QTUxRTI4Mzk3NTNCNTkyMTBCNkNGMkM1 NDkxNUMwMUUwHhcNMjUwNTE0MjAwNDAxWhcNMjUwNTIxMjAwNDAxWjAYMRYwFAYD VQQDEw02ODI0ZjczMS02MjAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzAoPWq1893AWyAzeKWgwrKOMRNJJlTIVmeSVegXYE4Hw86HbmnkJKbAAgBWS EwHBRxO5PTa2/PCFV8Bz9f+rh0C0R62O1ar0su1j30QJW3dJUKZFgG2fsjBZs4Jx NwdAl3dphhW9YNICR99NKvacGyACDVVxGLtxsR7gOC3oPM3UWPvNgNwLxpkWEF07 zCHrNpvkPsrcvFHZRcavKV11ILAlESny3nXYibXO2ocJi+pEW+09DHtS7tjPLXiu TU9BBR/FgN4/2ibpai6t5T3gtQCq3mZZ+ExoIcsIz+/moA4fee8fHUNFK67+tCoI 2Y3UT5U5oPRhfXn9erFrF/o+PwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJGkJrZT 7sRJGm9Zbpxl03glo/j1MB8GA1UdIwQYMBaAFNZaoJSlHig5dTtZIQts8sVJFcAe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QzFBQS82QzlEMjYzMDdG MjAxMUVBQjU3RDU3MzJDNEY5QUUwMi8xbHFnbEtVZUtEbDFPMWtoQzJ6eXhVa1Z3 QjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFscWdsS1VlS0RsMU8xa2hDMnp5eFVrVndCNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 QzFBQS82QzlEMjYzMDdGMjAxMUVBQjU3RDU3MzJDNEY5QUUwMi8xbHFnbEtVZUtE bDFPMWtoQzJ6eXhVa1Z3QjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBfatXhi68+0bNhqhlBx55F8qKTBIgmpEvtHRMd7rcPt7FVFxF7vn6t xh/RdwuILr7E+3xipw9QPyULIkhm9HsdD0GfWF3uoiJL9j1PR/PU/jwqwOocdpfK zmUSWhUNAt0CIgVvFwKIiHSRJBkFYkhAUcYhfPVCh5UxD3JFhFIiTg0uAW4rNWVe DJT4bI2M7NBhNQIJE9mWbrpDRG+T/n1AqLsINPfY4P9hOdE3YIkK1CShYlUKHi3G xtf5+6HwDLZayaP9MsRyVNASFZXO4YiwHJIHWeKtilK0dtntB4VlchzGWlVa9ux+ wY0GcvFNGnqvB7zinUX4KJENNDbYdeqC -----END CERTIFICATE-----Generated at Fri May 16 09:46:12 2025 by rpki-client