$ rpki-client -vvf rpki.apnic.net/member_repository/A9185B6D/181B8220E78E11EE9831EB7EC4F9AE02/Lfmh43Whe46lYCe0WovWb5Z0fYY.mft File: Lfmh43Whe46lYCe0WovWb5Z0fYY.mft (raw, json) Hash identifier: KkV+AMBz1gBcmyxFDrFsacNchJOl0fLF3xU1xje61B4= Subject key identifier: 7B:C7:BB:12:80:75:A1:79:48:EC:3D:00:48:56:BB:83:BC:95:58:23 Authority key identifier: 2D:F9:A1:E3:75:A1:7B:8E:A5:60:27:B4:5A:8B:D6:6F:96:74:7D:86 Certificate issuer: /CN=A9185B6D/serialNumber=2DF9A1E375A17B8EA56027B45A8BD66F96747D86 Certificate serial: 011B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Lfmh43Whe46lYCe0WovWb5Z0fYY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9185B6D/181B8220E78E11EE9831EB7EC4F9AE02/Lfmh43Whe46lYCe0WovWb5Z0fYY.mft Manifest number: 0108 Signing time: Thu 03 Jul 2025 05:28:58 +0000 Manifest this update: Thu 03 Jul 2025 05:28:58 +0000 Manifest next update: Thu 10 Jul 2025 05:28:58 +0000 Files and hashes: 1: Lfmh43Whe46lYCe0WovWb5Z0fYY.crl (hash: LYlXp18IMA0MPb6IhOo5DE5a0iPq2LXg516yc9evPgo=) 2: BA6555344DEE11F0B209371DC4F9AE02.roa (hash: CQr2hobxwoFHY9a4Ev/A2yb3z142YhpnnpTJ8f2F528=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9185B6D/181B8220E78E11EE9831EB7EC4F9AE02/Lfmh43Whe46lYCe0WovWb5Z0fYY.crl rsync://rpki.apnic.net/member_repository/A9185B6D/181B8220E78E11EE9831EB7EC4F9AE02/Lfmh43Whe46lYCe0WovWb5Z0fYY.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Lfmh43Whe46lYCe0WovWb5Z0fYY.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 283 (0x11b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9185B6D, serialNumber=2DF9A1E375A17B8EA56027B45A8BD66F96747D86 Validity Not Before: Jul 3 05:28:58 2025 GMT Not After : Jul 10 05:28:58 2025 GMT Subject: CN=6866151a-9208 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:c5:3d:8a:9e:b9:7f:df:b9:be:d3:59:56:b9: 17:70:02:88:82:ba:1e:13:f5:15:39:fe:7f:d1:d5: 21:58:6f:35:b7:0f:63:86:02:ca:ab:38:19:12:78: f4:b4:1a:13:b7:82:c4:c3:a3:ce:c4:8e:53:1a:8c: 17:c1:f2:96:0f:2a:6e:42:0e:90:a2:f5:bf:ae:33: a9:e3:89:01:7a:0e:7b:0d:76:06:f9:24:b5:6e:3b: ef:fe:21:c1:26:ed:c0:cd:38:83:92:05:f6:88:1d: 22:c3:d1:9e:25:4a:ad:5e:76:93:03:4a:a7:da:52: f1:51:0f:02:0f:f3:a8:71:1c:d1:ec:21:3b:6c:14: 5d:74:d3:76:b0:33:ff:f7:48:21:64:38:b2:f6:61: 8d:79:4a:10:21:e8:f9:96:96:b1:6b:ec:4c:90:8a: de:13:38:05:ca:c6:a1:e6:42:86:bf:e1:a0:4d:47: 17:5a:f8:ed:9f:cd:c5:f8:7c:0f:9e:b8:69:ec:b9: 43:e5:9b:95:3a:85:a1:45:78:f5:03:f3:e2:5e:ee: 09:00:20:ec:18:67:2b:90:7a:ae:ac:4a:5b:c7:e6: 7f:ee:47:4c:75:8e:83:46:e6:76:7d:34:65:38:ba: e6:52:f3:25:d6:8b:c9:60:36:ce:37:a7:83:37:76: 35:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:C7:BB:12:80:75:A1:79:48:EC:3D:00:48:56:BB:83:BC:95:58:23 X509v3 Authority Key Identifier: keyid:2D:F9:A1:E3:75:A1:7B:8E:A5:60:27:B4:5A:8B:D6:6F:96:74:7D:86 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9185B6D/181B8220E78E11EE9831EB7EC4F9AE02/Lfmh43Whe46lYCe0WovWb5Z0fYY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Lfmh43Whe46lYCe0WovWb5Z0fYY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9185B6D/181B8220E78E11EE9831EB7EC4F9AE02/Lfmh43Whe46lYCe0WovWb5Z0fYY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2b:5f:33:66:aa:a9:29:b2:b0:e9:4d:3a:73:c5:e0:65:36:00: d8:d7:2a:c1:f3:47:af:90:52:3e:cf:ff:f9:db:ac:db:48:55: e3:36:1a:cb:72:77:1d:57:31:c8:45:f5:64:a0:53:4b:01:28: e4:48:a1:25:af:73:be:13:b0:28:82:ec:2f:fd:ca:94:de:62: 51:8b:60:71:b8:ae:93:5f:b8:cf:e5:9d:a8:fb:28:e1:13:ee: 01:c1:d5:54:74:96:f1:0a:e6:c3:cf:ea:b4:e8:d7:e0:1a:12: 06:fc:99:82:98:57:a9:2c:65:51:77:62:0c:8d:87:ba:33:04: a4:e7:fc:c9:28:82:b5:6d:a3:c6:69:7c:ae:b0:09:ee:23:87: 1a:ff:95:2a:07:9a:df:44:3c:0b:9f:24:80:31:6a:ea:d8:62: 0b:c8:15:06:8d:00:c7:d0:8f:e3:e8:56:19:49:71:9f:64:a0: b7:77:1b:5c:b0:c2:49:48:85:27:2c:e9:85:13:bc:14:7c:17: de:6d:ea:b4:94:7e:93:16:a5:8f:58:8c:08:3d:15:cc:c5:2e: 4b:f4:54:ed:71:5a:47:1c:35:22:92:0a:fa:a2:c3:6a:8b:cb: 2f:1b:83:2e:48:d6:77:a8:b8:51:d9:c2:44:f1:1e:b5:e9:9c: f1:95:4b:81 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICARswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODVCNkQxMTAvBgNVBAUTKDJERjlBMUUzNzVBMTdCOEVBNTYwMjdCNDVBOEJENjZG OTY3NDdEODYwHhcNMjUwNzAzMDUyODU4WhcNMjUwNzEwMDUyODU4WjAYMRYwFAYD VQQDEw02ODY2MTUxYS05MjA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAysU9ip65f9+5vtNZVrkXcAKIgroeE/UVOf5/0dUhWG81tw9jhgLKqzgZEnj0 tBoTt4LEw6POxI5TGowXwfKWDypuQg6QovW/rjOp44kBeg57DXYG+SS1bjvv/iHB Ju3AzTiDkgX2iB0iw9GeJUqtXnaTA0qn2lLxUQ8CD/OocRzR7CE7bBRddNN2sDP/ 90ghZDiy9mGNeUoQIej5lpaxa+xMkIreEzgFysah5kKGv+GgTUcXWvjtn83F+HwP nrhp7LlD5ZuVOoWhRXj1A/PiXu4JACDsGGcrkHqurEpbx+Z/7kdMdY6DRuZ2fTRl OLrmUvMl1ovJYDbON6eDN3Y1NQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHvHuxKA daF5SOw9AEhWu4O8lVgjMB8GA1UdIwQYMBaAFC35oeN1oXuOpWAntFqL1m+WdH2G MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NUI2RC8xODFCODIyMEU3 OEUxMUVFOTgzMUVCN0VDNEY5QUUwMi9MZm1oNDNXaGU0NmxZQ2UwV292V2I1WjBm WVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0xmbWg0M1doZTQ2bFlDZTBXb3ZXYjVaMGZZWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 NUI2RC8xODFCODIyMEU3OEUxMUVFOTgzMUVCN0VDNEY5QUUwMi9MZm1oNDNXaGU0 NmxZQ2UwV292V2I1WjBmWVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQArXzNmqqkpsrDpTTpzxeBlNgDY1yrB80evkFI+z//526zbSFXjNhrL cncdVzHIRfVkoFNLASjkSKElr3O+E7Aoguwv/cqU3mJRi2BxuK6TX7jP5Z2o+yjh E+4BwdVUdJbxCubDz+q06NfgGhIG/JmCmFepLGVRd2IMjYe6MwSk5/zJKIK1baPG aXyusAnuI4ca/5UqB5rfRDwLnySAMWrq2GILyBUGjQDH0I/j6FYZSXGfZKC3dxtc sMJJSIUnLOmFE7wUfBfebeq0lH6TFqWPWIwIPRXMxS5L9FTtcVpHHDUikgr6osNq i8svG4MuSNZ3qLhR2cJE8R616ZzxlUuB -----END CERTIFICATE-----Generated at Fri Jul 4 02:21:21 2025 by rpki-client