$ rpki-client -vvf rpki.apnic.net/member_repository/A91A58AA/C1939CE6240211F0961B646DC4F9AE02/lnO1zPCo6lzkGi5HYxHzdc2DwNI.mft File: lnO1zPCo6lzkGi5HYxHzdc2DwNI.mft (raw, json) Hash identifier: kEk1y17hvTLj7hqQ0og3LLT15t0DRIq7hlrDkdFDAXo= Subject key identifier: BA:ED:9C:A6:62:88:1E:1F:12:BF:2C:40:E5:B8:43:6B:EC:5C:B0:27 Authority key identifier: 96:73:B5:CC:F0:A8:EA:5C:E4:1A:2E:47:63:11:F3:75:CD:83:C0:D2 Certificate issuer: /CN=A91A58AA/serialNumber=9673B5CCF0A8EA5CE41A2E476311F375CD83C0D2 Certificate serial: 3C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lnO1zPCo6lzkGi5HYxHzdc2DwNI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A58AA/C1939CE6240211F0961B646DC4F9AE02/lnO1zPCo6lzkGi5HYxHzdc2DwNI.mft Manifest number: 3C Signing time: Sat 23 Aug 2025 07:44:47 +0000 Manifest this update: Sat 23 Aug 2025 07:44:46 +0000 Manifest next update: Sat 30 Aug 2025 07:44:46 +0000 Files and hashes: 1: lnO1zPCo6lzkGi5HYxHzdc2DwNI.crl (hash: 5+JkGJoZDoJPT5Uylc0JRqZcbghe2voxqfdcwyquY5k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A58AA/C1939CE6240211F0961B646DC4F9AE02/lnO1zPCo6lzkGi5HYxHzdc2DwNI.crl rsync://rpki.apnic.net/member_repository/A91A58AA/C1939CE6240211F0961B646DC4F9AE02/lnO1zPCo6lzkGi5HYxHzdc2DwNI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lnO1zPCo6lzkGi5HYxHzdc2DwNI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 07:44:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60 (0x3c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A58AA, serialNumber=9673B5CCF0A8EA5CE41A2E476311F375CD83C0D2 Validity Not Before: Aug 23 07:44:46 2025 GMT Not After : Aug 30 07:44:46 2025 GMT Subject: CN=68a9716e-3677 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:c9:2e:9f:d3:4f:05:5f:de:a6:49:26:c6:59: 88:ad:55:60:7d:10:73:27:89:9e:47:0f:38:ae:db: 52:64:db:c7:09:1a:64:f9:68:16:4c:c9:91:b2:f8: d7:e1:86:d7:a4:a5:72:26:58:f4:c3:2c:c3:77:63: 67:80:84:11:f2:f6:74:39:bf:99:ac:04:61:2e:a3: 8a:68:3a:0b:3c:71:ee:44:c1:30:97:5b:45:32:80: 5a:ab:74:bd:c6:c9:86:d1:30:ec:a2:69:e5:6f:0d: 2c:69:a2:e9:3c:f1:48:2f:40:e7:49:02:bf:b0:a5: ea:84:ec:1f:9e:c7:49:73:ec:61:a9:2a:6c:bd:d2: 5f:27:45:76:25:1d:cf:01:d8:04:63:bb:31:66:38: 14:7a:45:12:05:bf:d7:ab:24:92:3f:aa:c9:77:e1: ea:a5:6b:9c:4c:e2:f6:45:2b:fb:63:f2:bb:76:15: a6:fc:be:65:26:20:fd:0d:67:cc:5e:9e:ca:b7:27: 11:84:88:a4:3d:41:04:d9:64:9a:39:ee:9e:19:0e: 11:23:5e:03:2d:16:45:2d:8a:8b:0f:36:d1:34:f3: b1:d5:70:dc:f0:6c:63:f1:c5:54:06:d7:8a:14:2f: 1e:9e:4f:77:a9:6a:d8:b5:3d:26:6f:4b:b8:80:44: 1b:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:ED:9C:A6:62:88:1E:1F:12:BF:2C:40:E5:B8:43:6B:EC:5C:B0:27 X509v3 Authority Key Identifier: keyid:96:73:B5:CC:F0:A8:EA:5C:E4:1A:2E:47:63:11:F3:75:CD:83:C0:D2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A58AA/C1939CE6240211F0961B646DC4F9AE02/lnO1zPCo6lzkGi5HYxHzdc2DwNI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lnO1zPCo6lzkGi5HYxHzdc2DwNI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A58AA/C1939CE6240211F0961B646DC4F9AE02/lnO1zPCo6lzkGi5HYxHzdc2DwNI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3b:a3:f9:e1:86:10:59:76:09:cc:a4:39:c1:4a:ab:82:8e:b9: ee:59:4e:d4:6f:8d:6f:8e:57:e7:5e:01:eb:13:88:1b:05:60: 50:b2:43:20:1a:59:73:0c:b3:0f:11:26:ce:36:c5:37:ef:f4: 60:e3:17:da:25:8f:9a:56:29:5f:8f:d2:15:dd:83:ad:5a:1a: 5e:de:f8:09:53:c7:df:9d:a8:41:9c:fb:e2:eb:45:82:b3:de: aa:33:d2:01:d6:47:02:db:7f:ce:c4:b7:51:8b:79:9b:36:66: 46:7e:2a:98:31:4a:cc:52:02:c0:5b:9f:19:44:6e:a6:94:7b: 5f:01:77:7f:ef:cc:bc:38:73:63:36:88:83:ec:4d:7b:6a:5b: 9e:3a:0c:0a:6a:34:8e:99:29:69:0c:b8:22:db:96:53:d5:81: be:1f:ae:e5:60:86:ff:b1:71:0f:28:1b:3f:a5:d9:1d:b6:76: 14:98:6b:16:b4:77:4a:4e:f6:f5:f0:86:59:f2:02:36:57:b1: 5f:a2:aa:26:45:5e:34:d9:d3:0a:11:6b:5a:cd:a7:02:b7:ad: 26:d5:30:93:d2:90:04:bf:5e:58:cc:3b:0d:f9:19:eb:ff:d7: 4b:a1:7a:9f:46:b0:6e:91:5c:b2:20:af:51:ec:38:ee:3e:ed: c3:bd:34:a1 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBPDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB NThBQTExMC8GA1UEBRMoOTY3M0I1Q0NGMEE4RUE1Q0U0MUEyRTQ3NjMxMUYzNzVD RDgzQzBEMjAeFw0yNTA4MjMwNzQ0NDZaFw0yNTA4MzAwNzQ0NDZaMBgxFjAUBgNV BAMTDTY4YTk3MTZlLTM2NzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCpyS6f008FX96mSSbGWYitVWB9EHMniZ5HDziu21Jk28cJGmT5aBZMyZGy+Nfh htekpXImWPTDLMN3Y2eAhBHy9nQ5v5msBGEuo4poOgs8ce5EwTCXW0UygFqrdL3G yYbRMOyiaeVvDSxpouk88UgvQOdJAr+wpeqE7B+ex0lz7GGpKmy90l8nRXYlHc8B 2ARjuzFmOBR6RRIFv9erJJI/qsl34eqla5xM4vZFK/tj8rt2Fab8vmUmIP0NZ8xe nsq3JxGEiKQ9QQTZZJo57p4ZDhEjXgMtFkUtiosPNtE087HVcNzwbGPxxVQG14oU Lx6eT3epati1PSZvS7iARBtTAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUuu2cpmKI Hh8SvyxA5bhDa+xcsCcwHwYDVR0jBBgwFoAUlnO1zPCo6lzkGi5HYxHzdc2DwNIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE1OEFBL0MxOTM5Q0U2MjQw MjExRjA5NjFCNjQ2REM0RjlBRTAyL2xuTzF6UENvNmx6a0dpNUhZeEh6ZGMyRHdO SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvbG5PMXpQQ282bHprR2k1SFl4SHpkYzJEd05JLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE1 OEFBL0MxOTM5Q0U2MjQwMjExRjA5NjFCNjQ2REM0RjlBRTAyL2xuTzF6UENvNmx6 a0dpNUhZeEh6ZGMyRHdOSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBADuj+eGGEFl2CcykOcFKq4KOue5ZTtRvjW+OV+deAesTiBsFYFCyQyAa WXMMsw8RJs42xTfv9GDjF9olj5pWKV+P0hXdg61aGl7e+AlTx9+dqEGc++LrRYKz 3qoz0gHWRwLbf87Et1GLeZs2ZkZ+KpgxSsxSAsBbnxlEbqaUe18Bd3/vzLw4c2M2 iIPsTXtqW546DApqNI6ZKWkMuCLbllPVgb4fruVghv+xcQ8oGz+l2R22dhSYaxa0 d0pO9vXwhlnyAjZXsV+iqiZFXjTZ0woRa1rNpwK3rSbVMJPSkAS/XljMOw35Gev/ 10uhep9GsG6RXLIgr1HsOO4+7cO9NKE= -----END CERTIFICATE-----Generated at Sat Aug 23 12:35:56 2025 by rpki-client