$ rpki-client -vvf rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.mft File: lC1UHf55gvbgHmvMl23Ay4QU6Dg.mft (raw, json) Hash identifier: 6CtZyCqmSSgKa6kqVOsn/hubKpESw3XvTC3Wi4lxNEI= Subject key identifier: 29:EB:C2:6E:C3:EB:32:E5:AE:BB:B5:6E:D4:C8:94:BD:FF:6B:3A:6D Authority key identifier: 94:2D:54:1D:FE:79:82:F6:E0:1E:6B:CC:97:6D:C0:CB:84:14:E8:38 Certificate issuer: /CN=A917D7F2/serialNumber=942D541DFE7982F6E01E6BCC976DC0CB8414E838 Certificate serial: 348D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.mft Manifest number: 3488 Signing time: Mon 12 May 2025 14:36:05 +0000 Manifest this update: Mon 12 May 2025 14:36:05 +0000 Manifest next update: Mon 19 May 2025 14:36:05 +0000 Files and hashes: 1: lC1UHf55gvbgHmvMl23Ay4QU6Dg.crl (hash: lVnCobcddQRRdaD7G953X+6GXH9mwNqYyoqOLFy7EGY=) 2: 35FC192C272C11ED9E64C718C4F9AE02.roa (hash: of9zh63P1E28Fw1JXMf3Mift2nJvEjjB8iXijpwTEOw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.crl rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 14:36:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13453 (0x348d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917D7F2, serialNumber=942D541DFE7982F6E01E6BCC976DC0CB8414E838 Validity Not Before: May 12 14:36:05 2025 GMT Not After : May 19 14:36:05 2025 GMT Subject: CN=68220755-084b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:69:ca:1d:f7:98:43:b8:20:10:9b:bf:bc:dc: 88:85:41:a5:6c:0d:9d:2e:38:c6:d7:db:60:49:34: 45:fb:36:7b:90:ec:db:6e:a9:cf:62:6f:f1:0f:b8: 4d:d5:c5:37:62:6d:01:b5:37:cd:bf:79:0b:fd:58: 8e:43:72:bd:73:1a:98:b4:2e:c4:7c:b2:27:d2:22: 4e:f7:87:21:15:8a:59:05:bf:bc:5f:70:35:50:a3: 18:01:c4:6d:38:22:41:aa:01:0b:f6:3f:32:b5:88: 17:3d:f8:3c:c7:ba:60:ac:89:18:9e:59:4d:a9:8f: 9a:2a:dc:08:b5:e9:f7:ae:59:49:94:d8:62:07:65: 88:5f:22:46:7f:e4:2f:07:1f:8c:5d:c5:91:43:da: ed:85:5e:be:18:e2:c7:b9:0e:87:cf:bc:49:00:94: 9d:6d:ed:68:02:36:23:50:55:0f:e5:6d:8d:67:8e: ce:f3:47:04:41:0d:c6:cb:3e:f5:aa:de:05:d8:fc: 84:18:12:7f:2e:22:db:3a:0a:d6:2c:c2:49:29:7b: 24:ae:89:cf:60:07:bd:ca:95:0a:a7:21:6e:3b:be: dd:5c:20:d3:3b:bd:36:9d:91:ba:ef:ea:1e:a2:13: d8:b4:19:7d:c3:3f:07:fe:a1:b6:31:eb:34:76:d9: 86:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:EB:C2:6E:C3:EB:32:E5:AE:BB:B5:6E:D4:C8:94:BD:FF:6B:3A:6D X509v3 Authority Key Identifier: keyid:94:2D:54:1D:FE:79:82:F6:E0:1E:6B:CC:97:6D:C0:CB:84:14:E8:38 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 64:0d:f4:73:4f:cc:36:a4:19:9a:c0:3c:31:c5:88:8a:d7:7a: 6a:22:a9:e8:bc:70:de:93:84:f2:39:b4:f5:a3:22:99:8d:d2: 58:aa:ac:17:34:db:b5:1a:45:ca:6c:a0:22:1f:da:08:35:53: d9:28:ff:f3:59:7d:9a:9e:05:6f:ac:75:49:2e:f1:c5:3c:5f: ab:d1:44:ad:f2:0b:40:b9:aa:7b:04:3b:06:63:b8:82:31:e7: 2c:60:aa:ea:23:31:7d:d4:26:95:ff:56:74:bc:84:5f:14:84: a5:2b:58:76:0c:4e:70:08:8a:d7:71:ae:4f:93:c0:47:43:0f: ab:12:00:b5:9a:4f:3c:a7:7b:5c:d0:83:a2:dc:87:2a:3e:f7: 4c:93:5a:eb:0a:fb:b9:37:4d:41:67:eb:f3:c2:60:b0:2c:b9: 41:f0:f8:a7:5e:bf:15:aa:c8:34:a2:73:c2:13:de:24:2e:ab: ff:80:a5:50:c5:b0:6b:6a:49:6a:0a:3d:68:55:a7:50:60:11: 72:4f:f7:23:f9:61:9a:81:aa:c6:3d:17:35:ff:bc:1e:a5:31: 33:e8:4a:7a:89:e1:2d:18:34:42:a2:f2:57:42:14:9d:b1:2f: 5f:1d:a4:0f:8e:fe:42:a5:2c:5f:c6:2c:45:5d:94:ed:f3:a6: 90:90:28:5d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNI0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0Q3RjIxMTAvBgNVBAUTKDk0MkQ1NDFERkU3OTgyRjZFMDFFNkJDQzk3NkRDMENC ODQxNEU4MzgwHhcNMjUwNTEyMTQzNjA1WhcNMjUwNTE5MTQzNjA1WjAYMRYwFAYD VQQDEw02ODIyMDc1NS0wODRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxGnKHfeYQ7ggEJu/vNyIhUGlbA2dLjjG19tgSTRF+zZ7kOzbbqnPYm/xD7hN 1cU3Ym0BtTfNv3kL/ViOQ3K9cxqYtC7EfLIn0iJO94chFYpZBb+8X3A1UKMYAcRt OCJBqgEL9j8ytYgXPfg8x7pgrIkYnllNqY+aKtwIten3rllJlNhiB2WIXyJGf+Qv Bx+MXcWRQ9rthV6+GOLHuQ6Hz7xJAJSdbe1oAjYjUFUP5W2NZ47O80cEQQ3Gyz71 qt4F2PyEGBJ/LiLbOgrWLMJJKXskronPYAe9ypUKpyFuO77dXCDTO702nZG67+oe ohPYtBl9wz8H/qG2Mes0dtmGkwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCnrwm7D 6zLlrru1btTIlL3/azptMB8GA1UdIwQYMBaAFJQtVB3+eYL24B5rzJdtwMuEFOg4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RDdGMi9GMDI4OTAzQzFE OEMxMUUyQjE5RDVGRUEwOEIwMkNEMi9sQzFVSGY1NWd2YmdIbXZNbDIzQXk0UVU2 RGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xDMVVIZjU1Z3ZiZ0htdk1sMjNBeTRRVTZEZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RDdGMi9GMDI4OTAzQzFEOEMxMUUyQjE5RDVGRUEwOEIwMkNEMi9sQzFVSGY1NWd2 YmdIbXZNbDIzQXk0UVU2RGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBkDfRzT8w2pBmawDwxxYiK13pqIqnovHDek4TyObT1oyKZjdJYqqwX NNu1GkXKbKAiH9oINVPZKP/zWX2angVvrHVJLvHFPF+r0USt8gtAuap7BDsGY7iC MecsYKrqIzF91CaV/1Z0vIRfFISlK1h2DE5wCIrXca5Pk8BHQw+rEgC1mk88p3tc 0IOi3IcqPvdMk1rrCvu5N01BZ+vzwmCwLLlB8PinXr8Vqsg0onPCE94kLqv/gKVQ xbBraklqCj1oVadQYBFyT/cj+WGagarGPRc1/7wepTEz6Ep6ieEtGDRCovJXQhSd sS9fHaQPjv5CpSxfxixFXZTt86aQkChd -----END CERTIFICATE-----Generated at Tue May 13 15:00:33 2025 by rpki-client