$ rpki-client -vvf rpki.apnic.net/member_repository/A91818BD/414D5BDAFE8011EC9F317A3FC4F9AE02/lrgMN8ZhPRSpLNvsZighZD6K8Rs.mft File: lrgMN8ZhPRSpLNvsZighZD6K8Rs.mft (raw, json) Hash identifier: qeI8hH7TDbG5r73D6UUAu4GS3yIQAjchfDoAe4HBDaE= Subject key identifier: BD:71:F5:88:90:0A:B9:1B:74:00:B6:EE:2B:FF:BD:48:EA:28:2D:75 Authority key identifier: 96:B8:0C:37:C6:61:3D:14:A9:2C:DB:EC:66:28:21:64:3E:8A:F1:1B Certificate issuer: /CN=A91818BD/serialNumber=96B80C37C6613D14A92CDBEC662821643E8AF11B Certificate serial: 029E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lrgMN8ZhPRSpLNvsZighZD6K8Rs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91818BD/414D5BDAFE8011EC9F317A3FC4F9AE02/lrgMN8ZhPRSpLNvsZighZD6K8Rs.mft Manifest number: 0297 Signing time: Mon 05 May 2025 01:07:58 +0000 Manifest this update: Mon 05 May 2025 01:07:57 +0000 Manifest next update: Mon 12 May 2025 01:07:57 +0000 Files and hashes: 1: lrgMN8ZhPRSpLNvsZighZD6K8Rs.crl (hash: oTLnyyyYzJleXrrrO1SZnEl39HEOH6I8jFuebb6xW0s=) 2: B83B7E0C065511EDB3E94E54C4F9AE02.roa (hash: tal6R2lkJBoeIIUyi6mdxCD2dqzkhyqrKbW//gzTT04=) 3: 481545DEFE8211ECBAB0E13FC4F9AE02.roa (hash: Qlo4+mbKJCym2bywU9/+B9nSR/lgPkj3tiR7WBd3VEs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91818BD/414D5BDAFE8011EC9F317A3FC4F9AE02/lrgMN8ZhPRSpLNvsZighZD6K8Rs.crl rsync://rpki.apnic.net/member_repository/A91818BD/414D5BDAFE8011EC9F317A3FC4F9AE02/lrgMN8ZhPRSpLNvsZighZD6K8Rs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lrgMN8ZhPRSpLNvsZighZD6K8Rs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 12 May 2025 00:08:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 670 (0x29e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91818BD, serialNumber=96B80C37C6613D14A92CDBEC662821643E8AF11B Validity Not Before: May 5 01:07:57 2025 GMT Not After : May 12 01:07:57 2025 GMT Subject: CN=68180f6d-ace5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:c4:21:6f:a6:38:47:eb:64:3f:9c:98:c2:b2: 27:53:a5:c1:c2:8a:57:c5:4b:dc:cb:ec:fe:08:ae: b1:81:ea:f5:75:38:78:bd:61:4a:81:b9:a4:2d:ca: 0a:35:a4:e1:72:40:c6:e8:25:d8:6a:96:e6:10:99: f4:ec:f8:ec:0d:5e:d1:06:7d:e5:93:44:9e:4d:63: 3c:43:eb:90:6a:61:28:4d:bc:8a:bf:89:4b:31:a8: c9:61:60:c7:1f:be:ac:8a:38:01:cd:de:9b:41:b9: 06:b9:38:dd:b2:ae:33:e9:54:3d:1f:54:85:37:58: ba:66:7c:1f:bb:45:0c:53:fb:30:c7:0e:76:27:bf: 26:af:89:f1:47:75:68:77:b1:61:f9:66:dd:6e:84: 4a:0c:03:2e:3a:6b:d7:31:3d:6c:9c:d6:a1:d2:49: 95:c7:8a:55:f0:c8:55:cb:78:0d:cd:4b:40:25:49: 67:ed:49:96:65:00:8f:5b:b1:7c:bc:05:62:86:0a: 2c:48:04:53:60:6a:7d:ca:71:a1:cf:44:fb:1a:f6: 1b:f7:71:ad:18:e3:9e:aa:20:6e:28:5b:c6:d8:03: 2d:f9:40:a4:3d:9d:23:0d:20:1b:97:dc:82:e7:f5: f1:6b:3d:aa:96:98:a4:26:39:9a:b8:b0:ea:53:79: e4:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:71:F5:88:90:0A:B9:1B:74:00:B6:EE:2B:FF:BD:48:EA:28:2D:75 X509v3 Authority Key Identifier: keyid:96:B8:0C:37:C6:61:3D:14:A9:2C:DB:EC:66:28:21:64:3E:8A:F1:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91818BD/414D5BDAFE8011EC9F317A3FC4F9AE02/lrgMN8ZhPRSpLNvsZighZD6K8Rs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lrgMN8ZhPRSpLNvsZighZD6K8Rs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91818BD/414D5BDAFE8011EC9F317A3FC4F9AE02/lrgMN8ZhPRSpLNvsZighZD6K8Rs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0e:82:c2:aa:4b:e4:90:49:d7:ae:0a:05:8a:18:07:47:fb:57: dd:03:9d:13:7b:ac:db:67:93:ea:40:b8:db:fd:98:85:36:2d: 3b:3a:60:24:0d:f7:fb:69:cc:15:f3:45:7c:49:5f:de:60:7d: d4:52:d1:65:f2:94:db:de:87:a9:40:3d:bd:41:33:4a:2f:1e: 0d:9a:c4:be:a0:33:d2:6a:55:50:8a:3e:de:97:1d:ec:48:79: a6:12:d9:ab:be:4e:ae:2e:48:6c:fc:68:77:d7:94:11:03:71: 6c:39:cb:13:d9:8d:03:68:64:3b:92:c5:1e:05:7c:fa:46:eb: f3:cf:ca:16:95:be:a9:d4:47:d3:6c:ff:a9:1e:92:2d:37:30: 00:cd:6f:70:4a:f9:2c:7d:f8:71:c8:6f:cb:fe:d5:fc:40:33: 4d:28:a2:7f:c3:25:a6:63:26:33:ab:9f:0b:7f:ce:ef:80:9d: 69:fb:e0:75:48:cd:e1:2f:a7:62:a1:a7:ba:a0:74:c8:79:a7: 88:bd:57:63:ec:4a:37:db:7f:ed:a8:29:97:3f:46:89:b6:69: 17:5a:3d:c9:e6:fa:65:13:83:f7:f8:1c:fb:21:fb:72:5c:41: 2c:5e:20:f5:7e:09:e1:c5:97:79:0e:22:08:d8:d8:b5:91:de: 82:98:52:79 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAp4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODE4QkQxMTAvBgNVBAUTKDk2QjgwQzM3QzY2MTNEMTRBOTJDREJFQzY2MjgyMTY0 M0U4QUYxMUIwHhcNMjUwNTA1MDEwNzU3WhcNMjUwNTEyMDEwNzU3WjAYMRYwFAYD VQQDEw02ODE4MGY2ZC1hY2U1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw8Qhb6Y4R+tkP5yYwrInU6XBwopXxUvcy+z+CK6xger1dTh4vWFKgbmkLcoK NaThckDG6CXYapbmEJn07PjsDV7RBn3lk0SeTWM8Q+uQamEoTbyKv4lLMajJYWDH H76sijgBzd6bQbkGuTjdsq4z6VQ9H1SFN1i6Znwfu0UMU/swxw52J78mr4nxR3Vo d7Fh+WbdboRKDAMuOmvXMT1snNah0kmVx4pV8MhVy3gNzUtAJUln7UmWZQCPW7F8 vAVihgosSARTYGp9ynGhz0T7GvYb93GtGOOeqiBuKFvG2AMt+UCkPZ0jDSAbl9yC 5/Xxaz2qlpikJjmauLDqU3nkHwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL1x9YiQ CrkbdAC27iv/vUjqKC11MB8GA1UdIwQYMBaAFJa4DDfGYT0UqSzb7GYoIWQ+ivEb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MThCRC80MTRENUJEQUZF ODAxMUVDOUYzMTdBM0ZDNEY5QUUwMi9scmdNTjhaaFBSU3BMTnZzWmlnaFpENks4 UnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xyZ01OOFpoUFJTcExOdnNaaWdoWkQ2SzhScy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 MThCRC80MTRENUJEQUZFODAxMUVDOUYzMTdBM0ZDNEY5QUUwMi9scmdNTjhaaFBS U3BMTnZzWmlnaFpENks4UnMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAOgsKqS+SQSdeuCgWKGAdH+1fdA50Te6zbZ5PqQLjb/ZiFNi07OmAk Dff7acwV80V8SV/eYH3UUtFl8pTb3oepQD29QTNKLx4NmsS+oDPSalVQij7elx3s SHmmEtmrvk6uLkhs/Gh315QRA3FsOcsT2Y0DaGQ7ksUeBXz6Ruvzz8oWlb6p1EfT bP+pHpItNzAAzW9wSvksffhxyG/L/tX8QDNNKKJ/wyWmYyYzq58Lf87vgJ1p++B1 SM3hL6dioae6oHTIeaeIvVdj7Eo323/tqCmXP0aJtmkXWj3J5vplE4P3+Bz7Ifty XEEsXiD1fgnhxZd5DiII2Ni1kd6CmFJ5 -----END CERTIFICATE-----Generated at Mon May 5 03:26:53 2025 by rpki-client