$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.mft File: LBkXUyWl82wLtY-SEZ5lggyP1Xs.mft (raw, json) Hash identifier: 9nLA8r8mb558QxS88hswCNektCTnoveUt3yLHLKMVJo= Subject key identifier: 58:93:80:8A:03:17:C7:39:08:83:1C:7C:CB:C9:C5:6A:15:7B:47:67 Authority key identifier: 2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B Certificate issuer: /CN=A91ACD72/serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B Certificate serial: 0545 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.mft Manifest number: 050A Signing time: Thu 03 Jul 2025 00:06:37 +0000 Manifest this update: Thu 03 Jul 2025 00:06:36 +0000 Manifest next update: Thu 10 Jul 2025 00:06:36 +0000 Files and hashes: 1: LBkXUyWl82wLtY-SEZ5lggyP1Xs.crl (hash: dh07WS6byLV23m+Pm09Lc1F+1gncM4zAcot7g4h/MjM=) 2: CE988D80FB7311EC97CD7F85C4F9AE02.roa (hash: c5X0bRS1v3BmM8+viPXYxx/gJz2nVR8k5o+BxqMhvNI=) 3: BD4E85B09E6311ECA6EC8071C4F9AE02.roa (hash: 2jfJLAfv4sSmTjn+t4R2DbosLO6LZGV4JERzq1/IuT0=) 4: F88F642285E411EEB951413BC4F9AE02.roa (hash: 5XS7gAJ1w57LGdHifEwdGpT41QuHVgx3tURmBIG/Ph0=) 5: 1CD7BEFC4D0E11EEA09FBF12C4F9AE02.roa (hash: ZVXIXb68LMeIyoHASYy5oVFyflHWdmoVD7FAYMUQOp4=) 6: BBDA9B429E6311ECA6EC8071C4F9AE02.roa (hash: WiSL38A4AfTZxujdbevnM0BHhlMtOQknr2QyeEfpbeg=) 7: 95C12B8E21A111EE8360C139C4F9AE02.roa (hash: ANarnw7th2betqTUJ1dSr/6kmM20Z4BPNu0RmkGVouY=) 8: D6C060C27E1811EEB9B4FE4AC4F9AE02.roa (hash: H6lUECWs/LnmCnEJB/ye5BlXZoehdKlxdmR5+P/1VOY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.crl rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 00:06:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1349 (0x545) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ACD72, serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B Validity Not Before: Jul 3 00:06:36 2025 GMT Not After : Jul 10 00:06:36 2025 GMT Subject: CN=6865c98c-563c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:d1:e6:66:e6:f4:70:00:d6:11:32:2c:01:44: 71:47:04:13:b5:91:30:5d:ae:c2:87:c7:24:63:62: 1e:b9:bd:56:09:87:d2:9b:da:ed:e4:2c:2b:59:ad: a8:ff:00:76:a7:30:57:16:4c:52:02:28:23:c4:8e: c5:05:6f:a2:59:47:31:99:6f:ae:37:44:4d:7c:03: de:f4:ac:fc:8c:5c:be:89:e6:97:a6:21:d8:a8:61: 33:80:37:10:02:c9:e9:76:92:f0:e5:99:c1:ec:4e: 39:e1:b0:23:0e:86:12:bc:ba:21:11:66:d3:d4:9c: d8:f3:12:e7:d1:95:b8:0f:63:62:5b:17:dd:65:8b: 3a:f3:48:1e:86:d5:15:1f:bb:64:dc:b9:4c:b2:48: 8f:66:dc:41:6f:79:4b:49:61:16:0b:f3:94:f7:2c: 4c:36:a7:42:cb:9f:f5:da:14:ee:3f:2b:b2:cc:27: 0a:b2:f7:05:c5:7d:0c:ba:1e:68:91:73:90:90:af: 32:92:47:88:e6:f3:7b:eb:85:e0:d8:2a:d7:36:d5: 61:fa:3f:f7:ca:e1:b8:8a:da:8f:5f:80:7e:63:a6: e4:76:e6:36:b4:29:4a:cf:d1:ee:db:1e:d4:1e:28: 7f:f7:8d:23:5d:af:cc:bb:66:2c:17:a0:e8:2b:99: 4e:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:93:80:8A:03:17:C7:39:08:83:1C:7C:CB:C9:C5:6A:15:7B:47:67 X509v3 Authority Key Identifier: keyid:2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7a:94:06:a3:77:e9:0a:a6:f5:47:f9:cb:af:cc:b3:7b:47:da: d8:c1:ac:90:7e:0b:be:97:51:85:8d:bc:b2:77:31:0b:f0:7b: 8f:af:b9:39:74:a9:62:82:f0:15:a7:3b:c4:41:ef:e1:5d:d9: e3:45:e4:97:e6:22:37:fb:25:db:4a:cd:8a:b8:99:cc:68:46: bb:8f:98:55:e1:b4:b2:8b:a8:c1:26:7b:34:79:b1:c6:fc:c1: fe:84:61:7a:58:29:8a:65:c5:0a:2b:fc:7b:47:29:d9:30:c2: 2b:46:dc:95:4e:58:63:e1:b3:09:8e:52:84:d6:1a:15:2d:49: 1d:fc:a1:15:9f:ef:15:c3:df:3f:06:e0:0d:23:ea:12:69:ae: 6e:95:e1:ac:39:7f:56:95:2b:b4:e3:01:69:9a:1d:18:2c:c3: 80:a6:20:e7:89:8a:81:82:f7:bf:54:6a:cc:06:1a:db:f1:ea: c7:46:2f:ef:4a:4f:40:df:21:f4:43:ca:06:6c:74:21:5d:6f: f5:92:8a:f6:57:37:2f:c3:ae:55:d7:44:81:63:52:72:e4:67: 7b:4b:ba:db:62:c4:9b:85:87:88:76:c3:dd:48:00:5a:0b:a2: b5:54:38:19:00:74:e0:c7:03:71:63:4d:f5:e3:9f:ae:f4:0e: 00:eb:a7:7e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBUUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUNENzIxMTAvBgNVBAUTKDJDMTkxNzUzMjVBNUYzNkMwQkI1OEY5MjExOUU2NTgy MEM4RkQ1N0IwHhcNMjUwNzAzMDAwNjM2WhcNMjUwNzEwMDAwNjM2WjAYMRYwFAYD VQQDEw02ODY1Yzk4Yy01NjNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvtHmZub0cADWETIsAURxRwQTtZEwXa7Ch8ckY2Ieub1WCYfSm9rt5CwrWa2o /wB2pzBXFkxSAigjxI7FBW+iWUcxmW+uN0RNfAPe9Kz8jFy+ieaXpiHYqGEzgDcQ AsnpdpLw5ZnB7E454bAjDoYSvLohEWbT1JzY8xLn0ZW4D2NiWxfdZYs680gehtUV H7tk3LlMskiPZtxBb3lLSWEWC/OU9yxMNqdCy5/12hTuPyuyzCcKsvcFxX0Muh5o kXOQkK8ykkeI5vN764Xg2CrXNtVh+j/3yuG4itqPX4B+Y6bkduY2tClKz9Hu2x7U Hih/940jXa/Mu2YsF6DoK5lONwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFiTgIoD F8c5CIMcfMvJxWoVe0dnMB8GA1UdIwQYMBaAFCwZF1MlpfNsC7WPkhGeZYIMj9V7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0Q3Mi80NTc2QTY3MjI2 MTIxMUVDQjkzMTk5NDJDNEY5QUUwMi9MQmtYVXlXbDgyd0x0WS1TRVo1bGdneVAx WHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xCa1hVeVdsODJ3THRZLVNFWjVsZ2d5UDFYcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB Q0Q3Mi80NTc2QTY3MjI2MTIxMUVDQjkzMTk5NDJDNEY5QUUwMi9MQmtYVXlXbDgy d0x0WS1TRVo1bGdneVAxWHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB6lAajd+kKpvVH+cuvzLN7R9rYwayQfgu+l1GFjbyydzEL8HuPr7k5 dKligvAVpzvEQe/hXdnjReSX5iI3+yXbSs2KuJnMaEa7j5hV4bSyi6jBJns0ebHG /MH+hGF6WCmKZcUKK/x7RynZMMIrRtyVTlhj4bMJjlKE1hoVLUkd/KEVn+8Vw98/ BuANI+oSaa5uleGsOX9WlSu04wFpmh0YLMOApiDniYqBgve/VGrMBhrb8erHRi/v Sk9A3yH0Q8oGbHQhXW/1kor2Vzcvw65V10SBY1Jy5Gd7S7rbYsSbhYeIdsPdSABa C6K1VDgZAHTgxwNxY03145+u9A4A66d+ -----END CERTIFICATE-----Generated at Thu Jul 3 09:53:25 2025 by rpki-client