$ rpki-client -vvf rpki.apnic.net/member_repository/A916C4FA/B89BCBF4BA6A11EC82AC0787C4F9AE02/lufMd6OOPhgL91JrodlTIYBONeY.mft File: lufMd6OOPhgL91JrodlTIYBONeY.mft (raw, json) Hash identifier: ub0twZqzPP7P5VSYgYo9VdWxBoGv3UhGvxa9I+kb6m4= Subject key identifier: 5A:29:03:0E:23:95:FF:BB:90:5C:A7:6E:7B:0B:9A:CA:F3:6D:A1:EB Authority key identifier: 96:E7:CC:77:A3:8E:3E:18:0B:F7:52:6B:A1:D9:53:21:80:4E:35:E6 Certificate issuer: /CN=A916C4FA/serialNumber=96E7CC77A38E3E180BF7526BA1D95321804E35E6 Certificate serial: 01A9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lufMd6OOPhgL91JrodlTIYBONeY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916C4FA/B89BCBF4BA6A11EC82AC0787C4F9AE02/lufMd6OOPhgL91JrodlTIYBONeY.mft Manifest number: 04ED Signing time: Tue 13 May 2025 00:50:36 +0000 Manifest this update: Tue 13 May 2025 00:50:36 +0000 Manifest next update: Tue 20 May 2025 00:50:36 +0000 Files and hashes: 1: lufMd6OOPhgL91JrodlTIYBONeY.crl (hash: Qdkl+1X2QtnL/HMIwoT2GITg5fp8QWM3peuNaSxO60I=) 2: C310EE5AACD311ED84BAA06EC4F9AE02.roa (hash: NPYNnjaBYs2qmRUfu8/y0KOBedXU4EghxnWja8r1cbI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916C4FA/B89BCBF4BA6A11EC82AC0787C4F9AE02/lufMd6OOPhgL91JrodlTIYBONeY.crl rsync://rpki.apnic.net/member_repository/A916C4FA/B89BCBF4BA6A11EC82AC0787C4F9AE02/lufMd6OOPhgL91JrodlTIYBONeY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lufMd6OOPhgL91JrodlTIYBONeY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 00:50:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 425 (0x1a9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916C4FA, serialNumber=96E7CC77A38E3E180BF7526BA1D95321804E35E6 Validity Not Before: May 13 00:50:36 2025 GMT Not After : May 20 00:50:36 2025 GMT Subject: CN=6822975c-c61a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:50:31:67:f1:db:42:06:ef:5b:c2:9c:78:fe: 5b:16:e1:c1:03:55:1f:77:89:15:1c:04:ea:ce:4e: 51:f9:cc:04:e9:c6:a2:62:cf:27:5a:14:80:ca:cc: fa:3f:ba:b0:38:ac:4c:b8:67:fa:4a:c8:6f:8f:54: 84:d5:2b:81:8a:db:a4:62:09:b1:f3:a4:86:75:51: a2:c8:b9:82:81:f9:2c:ce:3d:30:9e:43:ff:ed:47: 22:95:97:c3:bb:2a:18:0c:c6:12:ee:b9:a8:2c:ad: c1:33:cf:7d:fb:11:33:ac:e2:21:fd:78:bf:e8:56: 20:cf:98:b2:a7:31:70:9b:bb:c0:b3:6e:22:9e:0c: d5:60:6f:7b:37:4d:b8:02:99:f7:1f:5a:b4:d3:b3: b8:d1:3f:86:80:6e:09:65:48:d7:b6:c5:49:b5:5e: 2a:3a:09:af:32:4d:17:03:59:dd:6c:c2:2d:14:39: a9:ec:50:c0:6c:0b:57:44:ea:92:26:93:09:63:77: 1b:71:35:49:e5:a3:3f:fc:34:17:3b:a1:aa:2b:c3: 6e:b0:44:dc:3e:87:a0:80:d4:74:eb:c6:43:4c:18: a5:a8:20:4f:c0:9e:22:a5:e5:ae:90:d7:99:d6:8c: 5e:dd:6f:06:b9:8e:0e:43:97:30:29:86:70:c9:9b: cf:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:29:03:0E:23:95:FF:BB:90:5C:A7:6E:7B:0B:9A:CA:F3:6D:A1:EB X509v3 Authority Key Identifier: keyid:96:E7:CC:77:A3:8E:3E:18:0B:F7:52:6B:A1:D9:53:21:80:4E:35:E6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916C4FA/B89BCBF4BA6A11EC82AC0787C4F9AE02/lufMd6OOPhgL91JrodlTIYBONeY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lufMd6OOPhgL91JrodlTIYBONeY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C4FA/B89BCBF4BA6A11EC82AC0787C4F9AE02/lufMd6OOPhgL91JrodlTIYBONeY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b4:32:5b:21:5e:fb:81:b1:1f:bf:ab:77:10:cb:76:a5:1d:f5: e7:60:18:a5:e4:60:44:46:3b:83:f4:5b:46:f3:c5:a9:02:84: 53:68:50:37:1b:65:97:6b:b9:36:f4:23:7d:84:9d:5e:66:23: f4:f7:f6:6d:46:d7:9b:02:09:e7:db:61:64:5c:1e:db:37:29: 32:8c:92:9f:9b:85:e2:31:f6:e2:f9:97:26:46:08:fe:a3:25: d9:ee:2d:3a:45:32:6b:ac:18:33:7b:23:48:36:95:96:8e:07: c9:e8:6c:13:7c:50:5f:28:18:7e:b5:d6:71:2e:20:20:01:d6: 21:35:b9:54:74:5c:59:4c:e2:82:d4:1a:3c:bf:4f:d5:29:96: b8:a0:bd:48:94:a1:e7:38:29:66:bd:e8:5d:80:fc:02:a2:ed: a0:78:18:c8:e7:ac:4a:30:af:ab:3e:74:4f:a1:54:3d:9a:b6: 07:2a:37:fa:f0:e5:e0:72:93:07:69:9c:bc:78:20:7f:e9:a0: 1d:8b:9e:db:aa:45:5c:34:5c:35:64:c9:52:b4:96:c7:5e:c8: 66:53:b8:29:11:ef:02:6d:54:f3:f3:0f:3a:76:e1:eb:96:c6: 85:35:5f:37:2b:39:5e:fe:cf:3c:ff:bc:6c:38:40:80:f2:e8: 1d:c9:47:af -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAakwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkM0RkExMTAvBgNVBAUTKDk2RTdDQzc3QTM4RTNFMTgwQkY3NTI2QkExRDk1MzIx ODA0RTM1RTYwHhcNMjUwNTEzMDA1MDM2WhcNMjUwNTIwMDA1MDM2WjAYMRYwFAYD VQQDEw02ODIyOTc1Yy1jNjFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw1AxZ/HbQgbvW8KceP5bFuHBA1Ufd4kVHATqzk5R+cwE6caiYs8nWhSAysz6 P7qwOKxMuGf6Sshvj1SE1SuBitukYgmx86SGdVGiyLmCgfkszj0wnkP/7UcilZfD uyoYDMYS7rmoLK3BM899+xEzrOIh/Xi/6FYgz5iypzFwm7vAs24ingzVYG97N024 Apn3H1q007O40T+GgG4JZUjXtsVJtV4qOgmvMk0XA1ndbMItFDmp7FDAbAtXROqS JpMJY3cbcTVJ5aM//DQXO6GqK8NusETcPoeggNR068ZDTBilqCBPwJ4ipeWukNeZ 1oxe3W8GuY4OQ5cwKYZwyZvPuQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFopAw4j lf+7kFynbnsLmsrzbaHrMB8GA1UdIwQYMBaAFJbnzHejjj4YC/dSa6HZUyGATjXm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzRGQS9CODlCQ0JGNEJB NkExMUVDODJBQzA3ODdDNEY5QUUwMi9sdWZNZDZPT1BoZ0w5MUpyb2RsVElZQk9O ZVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2x1Zk1kNk9PUGhnTDkxSnJvZGxUSVlCT05lWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 QzRGQS9CODlCQ0JGNEJBNkExMUVDODJBQzA3ODdDNEY5QUUwMi9sdWZNZDZPT1Bo Z0w5MUpyb2RsVElZQk9OZVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC0MlshXvuBsR+/q3cQy3alHfXnYBil5GBERjuD9FtG88WpAoRTaFA3 G2WXa7k29CN9hJ1eZiP09/ZtRtebAgnn22FkXB7bNykyjJKfm4XiMfbi+ZcmRgj+ oyXZ7i06RTJrrBgzeyNINpWWjgfJ6GwTfFBfKBh+tdZxLiAgAdYhNblUdFxZTOKC 1Bo8v0/VKZa4oL1IlKHnOClmvehdgPwCou2geBjI56xKMK+rPnRPoVQ9mrYHKjf6 8OXgcpMHaZy8eCB/6aAdi57bqkVcNFw1ZMlStJbHXshmU7gpEe8CbVTz8w86duHr lsaFNV83Kzle/s88/7xsOECA8ugdyUev -----END CERTIFICATE-----Generated at Wed May 14 07:56:08 2025 by rpki-client