$ rpki-client -vvf rpki.apnic.net/member_repository/A91A58AA/C1939CE6240211F0961B646DC4F9AE02/lnO1zPCo6lzkGi5HYxHzdc2DwNI.mft File: lnO1zPCo6lzkGi5HYxHzdc2DwNI.mft (raw, json) Hash identifier: KERe2z0snma0UqCgGf9cpYNU0vm4IDw7fP7YV8SS6MU= Subject key identifier: 13:62:A3:02:66:88:C5:1A:2D:BD:E5:36:07:FC:DC:19:59:16:1A:72 Authority key identifier: 96:73:B5:CC:F0:A8:EA:5C:E4:1A:2E:47:63:11:F3:75:CD:83:C0:D2 Certificate issuer: /CN=A91A58AA/serialNumber=9673B5CCF0A8EA5CE41A2E476311F375CD83C0D2 Certificate serial: 22 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lnO1zPCo6lzkGi5HYxHzdc2DwNI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A58AA/C1939CE6240211F0961B646DC4F9AE02/lnO1zPCo6lzkGi5HYxHzdc2DwNI.mft Manifest number: 22 Signing time: Thu 03 Jul 2025 08:05:55 +0000 Manifest this update: Thu 03 Jul 2025 08:05:54 +0000 Manifest next update: Thu 10 Jul 2025 08:05:54 +0000 Files and hashes: 1: lnO1zPCo6lzkGi5HYxHzdc2DwNI.crl (hash: CygzJIt11czJEZ6g2cDMpPB4GqFKRg610M90p2y0mSM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A58AA/C1939CE6240211F0961B646DC4F9AE02/lnO1zPCo6lzkGi5HYxHzdc2DwNI.crl rsync://rpki.apnic.net/member_repository/A91A58AA/C1939CE6240211F0961B646DC4F9AE02/lnO1zPCo6lzkGi5HYxHzdc2DwNI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lnO1zPCo6lzkGi5HYxHzdc2DwNI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34 (0x22) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A58AA, serialNumber=9673B5CCF0A8EA5CE41A2E476311F375CD83C0D2 Validity Not Before: Jul 3 08:05:54 2025 GMT Not After : Jul 10 08:05:54 2025 GMT Subject: CN=686639e2-8305 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:3c:89:81:8a:5c:2a:54:ea:e6:cb:65:d0:3b: 86:5a:67:02:7c:03:d9:0e:c2:6f:96:30:d5:19:ca: 9a:a3:a4:de:9b:5b:3c:8a:d2:2c:df:70:6e:0c:53: 71:70:ad:62:df:c3:6a:78:81:b5:01:10:28:e8:a6: 69:8a:5e:56:35:27:8e:c4:82:1d:03:09:99:78:81: c2:7c:40:96:68:ea:f0:13:00:c8:ab:94:51:8f:d6: 07:92:1b:78:25:ad:75:7c:4a:7c:48:a2:4f:fd:ba: ad:01:bf:c7:1f:52:1d:01:93:91:b9:d5:c6:4a:0c: 86:b8:fd:89:91:38:8c:d9:85:6a:86:6d:39:9c:3e: cc:63:86:0e:07:81:98:65:30:e2:dc:15:b4:dd:85: 42:d7:49:0c:b8:d9:47:47:55:d5:f1:a0:61:b9:1b: 8d:6f:13:13:1f:7a:14:c3:50:5a:b1:e8:01:a1:30: c2:f9:39:29:f3:20:4f:09:be:33:47:3b:f2:0f:6c: a8:55:6a:85:6f:ca:e2:28:68:60:ae:47:11:81:29: 6e:f6:e8:b1:1b:41:6c:89:31:a1:3c:a0:67:6b:91: fd:ec:81:d2:25:74:ed:31:d4:f7:b2:47:c3:2f:d1: 21:4b:42:67:3a:29:70:c3:db:c1:6e:cd:f3:62:06: 7a:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:62:A3:02:66:88:C5:1A:2D:BD:E5:36:07:FC:DC:19:59:16:1A:72 X509v3 Authority Key Identifier: keyid:96:73:B5:CC:F0:A8:EA:5C:E4:1A:2E:47:63:11:F3:75:CD:83:C0:D2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A58AA/C1939CE6240211F0961B646DC4F9AE02/lnO1zPCo6lzkGi5HYxHzdc2DwNI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lnO1zPCo6lzkGi5HYxHzdc2DwNI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A58AA/C1939CE6240211F0961B646DC4F9AE02/lnO1zPCo6lzkGi5HYxHzdc2DwNI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 45:3c:a9:f3:eb:e5:19:91:af:f4:28:c3:91:e5:38:63:15:a4: 08:08:44:dd:a6:6d:6f:60:74:4b:f2:02:89:a1:50:a0:e6:9c: d2:41:8d:a7:14:fa:8f:51:fb:60:f5:86:83:69:22:a7:0d:bc: 2b:44:56:06:da:3c:69:a2:3d:9a:71:08:21:db:ab:82:07:c0: bd:fb:56:e8:86:b0:07:ef:7a:34:fa:b3:b5:5c:05:ba:ed:9c: 45:27:de:58:61:50:e6:84:e7:3b:1e:cd:c5:50:d0:0c:79:9a: a8:0c:82:e8:9c:d9:b5:3a:83:82:db:19:82:cc:f9:42:7a:d2: fd:44:66:8e:57:9f:d3:19:a3:63:69:a0:f6:4b:b3:10:c3:39: d7:c4:4e:26:91:58:ba:57:87:a7:1e:ad:a7:ea:da:1a:5b:7f: d4:3f:7d:17:8b:08:a1:e3:f9:a3:e4:07:5a:46:8a:53:47:0e: 1b:f5:2e:7b:20:af:87:a8:29:62:70:f9:29:07:34:b8:17:25: 7c:8d:8a:bf:3b:8d:9d:ff:78:ed:8f:bd:26:52:21:2d:aa:c3: fb:43:1a:c6:61:5c:25:ae:21:37:1f:e6:ef:d5:14:0a:56:80: c8:2f:01:54:de:43:c5:99:06:70:25:50:1b:8a:de:b8:3f:44: ee:06:78:6a -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBIjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB NThBQTExMC8GA1UEBRMoOTY3M0I1Q0NGMEE4RUE1Q0U0MUEyRTQ3NjMxMUYzNzVD RDgzQzBEMjAeFw0yNTA3MDMwODA1NTRaFw0yNTA3MTAwODA1NTRaMBgxFjAUBgNV BAMTDTY4NjYzOWUyLTgzMDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDIPImBilwqVOrmy2XQO4ZaZwJ8A9kOwm+WMNUZypqjpN6bWzyK0izfcG4MU3Fw rWLfw2p4gbUBECjopmmKXlY1J47Egh0DCZl4gcJ8QJZo6vATAMirlFGP1geSG3gl rXV8SnxIok/9uq0Bv8cfUh0Bk5G51cZKDIa4/YmROIzZhWqGbTmcPsxjhg4HgZhl MOLcFbTdhULXSQy42UdHVdXxoGG5G41vExMfehTDUFqx6AGhMML5OSnzIE8JvjNH O/IPbKhVaoVvyuIoaGCuRxGBKW726LEbQWyJMaE8oGdrkf3sgdIldO0x1PeyR8Mv 0SFLQmc6KXDD28FuzfNiBnqpAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUE2KjAmaI xRotveU2B/zcGVkWGnIwHwYDVR0jBBgwFoAUlnO1zPCo6lzkGi5HYxHzdc2DwNIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE1OEFBL0MxOTM5Q0U2MjQw MjExRjA5NjFCNjQ2REM0RjlBRTAyL2xuTzF6UENvNmx6a0dpNUhZeEh6ZGMyRHdO SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvbG5PMXpQQ282bHprR2k1SFl4SHpkYzJEd05JLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE1 OEFBL0MxOTM5Q0U2MjQwMjExRjA5NjFCNjQ2REM0RjlBRTAyL2xuTzF6UENvNmx6 a0dpNUhZeEh6ZGMyRHdOSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEU8qfPr5RmRr/Qow5HlOGMVpAgIRN2mbW9gdEvyAomhUKDmnNJBjacU +o9R+2D1hoNpIqcNvCtEVgbaPGmiPZpxCCHbq4IHwL37VuiGsAfvejT6s7VcBbrt nEUn3lhhUOaE5zsezcVQ0Ax5mqgMguic2bU6g4LbGYLM+UJ60v1EZo5Xn9MZo2Np oPZLsxDDOdfETiaRWLpXh6cerafq2hpbf9Q/fReLCKHj+aPkB1pGilNHDhv1Lnsg r4eoKWJw+SkHNLgXJXyNir87jZ3/eO2PvSZSIS2qw/tDGsZhXCWuITcf5u/VFApW gMgvAVTeQ8WZBnAlUBuK3rg/RO4GeGo= -----END CERTIFICATE-----Generated at Thu Jul 3 23:14:25 2025 by rpki-client