$ rpki-client -vvf rpki.apnic.net/member_repository/A9185B6D/181B8220E78E11EE9831EB7EC4F9AE02/Lfmh43Whe46lYCe0WovWb5Z0fYY.mft File: Lfmh43Whe46lYCe0WovWb5Z0fYY.mft (raw, json) Hash identifier: Fx7t+W1zp26kbKwVMknX7hFFKM360nxmauQ337z/3ig= Subject key identifier: B8:25:A4:AF:50:1B:E0:CE:FC:0C:A1:44:33:98:F0:29:92:18:03:D9 Authority key identifier: 2D:F9:A1:E3:75:A1:7B:8E:A5:60:27:B4:5A:8B:D6:6F:96:74:7D:86 Certificate issuer: /CN=A9185B6D/serialNumber=2DF9A1E375A17B8EA56027B45A8BD66F96747D86 Certificate serial: D7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Lfmh43Whe46lYCe0WovWb5Z0fYY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9185B6D/181B8220E78E11EE9831EB7EC4F9AE02/Lfmh43Whe46lYCe0WovWb5Z0fYY.mft Manifest number: D5 Signing time: Sun 11 May 2025 04:25:53 +0000 Manifest this update: Sun 11 May 2025 04:25:53 +0000 Manifest next update: Sun 18 May 2025 04:25:53 +0000 Files and hashes: 1: Lfmh43Whe46lYCe0WovWb5Z0fYY.crl (hash: 7E4hrMB6uY8snwmYvPUnfVrMPhCGA1oo78fyQ4d9iLI=) 2: AB3CCD50E79011EEA3DFB922C4F9AE02.roa (hash: CLLXrK2zzVLl1EYNQyxS+WzBqeRrVeVENVbUau48OSo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9185B6D/181B8220E78E11EE9831EB7EC4F9AE02/Lfmh43Whe46lYCe0WovWb5Z0fYY.crl rsync://rpki.apnic.net/member_repository/A9185B6D/181B8220E78E11EE9831EB7EC4F9AE02/Lfmh43Whe46lYCe0WovWb5Z0fYY.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Lfmh43Whe46lYCe0WovWb5Z0fYY.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 04:25:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 215 (0xd7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9185B6D, serialNumber=2DF9A1E375A17B8EA56027B45A8BD66F96747D86 Validity Not Before: May 11 04:25:53 2025 GMT Not After : May 18 04:25:53 2025 GMT Subject: CN=682026d1-57b3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:3f:81:cc:c2:61:a8:28:81:01:3f:1e:90:99: 3d:b9:07:4d:60:da:f3:5a:dc:c7:78:c1:4a:03:f0: 27:7b:c4:91:a4:96:d2:d8:73:90:bd:35:e0:53:db: 64:2e:12:fd:d0:48:5a:3d:d2:eb:c6:6d:aa:de:f1: 49:74:88:7b:76:27:8c:9f:66:28:36:a8:d8:f5:b8: ad:03:14:eb:43:16:90:af:9b:7f:e5:5e:7c:51:57: e0:6e:25:85:86:81:a5:ef:24:3c:b0:4d:3c:45:a0: 49:4a:63:ba:01:a5:64:ef:46:51:46:9a:9e:c7:be: e0:47:4c:c3:61:c3:e1:28:8e:7e:2a:c0:1d:40:22: a9:f5:53:51:21:9e:06:49:bd:c1:91:ea:7a:ff:8c: 3e:4a:70:11:5a:24:11:74:b0:47:64:4a:28:76:a5: 26:46:c7:e5:ec:65:75:89:81:2d:3a:f7:47:22:ad: c0:4f:77:42:ee:f8:90:64:d7:6f:40:b2:80:2c:ad: a6:88:cf:85:3a:b0:4b:d8:f3:53:35:a9:66:66:a6: 82:c1:34:78:e3:c2:8d:1f:57:e4:61:d3:ef:98:18: d2:5d:a3:59:d9:f5:66:ee:94:aa:9d:1b:c1:0e:b0: f8:f4:fc:c1:57:17:17:0e:4d:bc:ef:36:39:7f:48: 91:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:25:A4:AF:50:1B:E0:CE:FC:0C:A1:44:33:98:F0:29:92:18:03:D9 X509v3 Authority Key Identifier: keyid:2D:F9:A1:E3:75:A1:7B:8E:A5:60:27:B4:5A:8B:D6:6F:96:74:7D:86 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9185B6D/181B8220E78E11EE9831EB7EC4F9AE02/Lfmh43Whe46lYCe0WovWb5Z0fYY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Lfmh43Whe46lYCe0WovWb5Z0fYY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9185B6D/181B8220E78E11EE9831EB7EC4F9AE02/Lfmh43Whe46lYCe0WovWb5Z0fYY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 28:e1:97:cf:93:8e:5f:b5:97:57:c0:a1:1e:98:52:24:f5:ae: 93:d1:c8:22:06:5a:34:02:b7:3c:11:10:ef:ef:a6:e7:e8:bf: 7f:5e:d6:a4:94:40:23:16:36:92:58:2f:fa:2d:e2:8c:52:bd: 86:f6:f2:54:03:bd:9f:be:9c:38:e0:0a:be:2d:23:ea:8f:0a: 9c:e1:c2:7d:48:62:ca:31:5d:99:f0:fe:fc:fe:88:80:68:da: 2e:81:e9:2f:87:92:d9:dd:b0:f2:c6:d6:8a:b1:b7:5d:ae:61: ed:6f:3b:f5:37:9b:ef:f0:3c:6c:9e:90:5f:1a:a9:6b:e8:7c: 2e:c6:37:a5:06:e6:3e:0e:32:04:96:c7:a1:9d:4f:fa:aa:f7: 95:b2:21:cd:71:9a:1f:46:5b:9c:87:64:46:d9:e2:75:96:bf: 74:fb:68:4b:56:ce:b7:61:81:e1:20:31:00:1e:68:16:23:8f: 67:70:14:9c:6c:38:8d:5f:05:e6:eb:ff:2b:ea:75:97:1b:d7: 52:26:ec:d2:97:d9:37:7c:4b:e1:03:6d:43:81:79:31:bc:9a: 77:18:0e:e0:5b:de:ff:e4:57:fe:1d:b5:1c:5b:d3:ad:af:da: 2e:20:80:ed:eb:3d:08:5d:2e:53:a8:f3:19:79:c8:b2:2b:2b: c1:ef:22:a5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODVCNkQxMTAvBgNVBAUTKDJERjlBMUUzNzVBMTdCOEVBNTYwMjdCNDVBOEJENjZG OTY3NDdEODYwHhcNMjUwNTExMDQyNTUzWhcNMjUwNTE4MDQyNTUzWjAYMRYwFAYD VQQDEw02ODIwMjZkMS01N2IzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvj+BzMJhqCiBAT8ekJk9uQdNYNrzWtzHeMFKA/Ane8SRpJbS2HOQvTXgU9tk LhL90EhaPdLrxm2q3vFJdIh7dieMn2YoNqjY9bitAxTrQxaQr5t/5V58UVfgbiWF hoGl7yQ8sE08RaBJSmO6AaVk70ZRRpqex77gR0zDYcPhKI5+KsAdQCKp9VNRIZ4G Sb3Bkep6/4w+SnARWiQRdLBHZEoodqUmRsfl7GV1iYEtOvdHIq3AT3dC7viQZNdv QLKALK2miM+FOrBL2PNTNalmZqaCwTR448KNH1fkYdPvmBjSXaNZ2fVm7pSqnRvB DrD49PzBVxcXDk287zY5f0iRsQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLglpK9Q G+DO/AyhRDOY8CmSGAPZMB8GA1UdIwQYMBaAFC35oeN1oXuOpWAntFqL1m+WdH2G MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NUI2RC8xODFCODIyMEU3 OEUxMUVFOTgzMUVCN0VDNEY5QUUwMi9MZm1oNDNXaGU0NmxZQ2UwV292V2I1WjBm WVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0xmbWg0M1doZTQ2bFlDZTBXb3ZXYjVaMGZZWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 NUI2RC8xODFCODIyMEU3OEUxMUVFOTgzMUVCN0VDNEY5QUUwMi9MZm1oNDNXaGU0 NmxZQ2UwV292V2I1WjBmWVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAo4ZfPk45ftZdXwKEemFIk9a6T0cgiBlo0Arc8ERDv76bn6L9/Xtak lEAjFjaSWC/6LeKMUr2G9vJUA72fvpw44Aq+LSPqjwqc4cJ9SGLKMV2Z8P78/oiA aNougekvh5LZ3bDyxtaKsbddrmHtbzv1N5vv8DxsnpBfGqlr6HwuxjelBuY+DjIE lsehnU/6qveVsiHNcZofRluch2RG2eJ1lr90+2hLVs63YYHhIDEAHmgWI49ncBSc bDiNXwXm6/8r6nWXG9dSJuzSl9k3fEvhA21DgXkxvJp3GA7gW97/5Ff+HbUcW9Ot r9ouIIDt6z0IXS5TqPMZeciyKyvB7yKl -----END CERTIFICATE-----Generated at Sun May 11 22:35:28 2025 by rpki-client