$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.mft File: LBkXUyWl82wLtY-SEZ5lggyP1Xs.mft (raw, json) Hash identifier: JIm8p70X7meUCwKrLurH2nXA31GObsOMmql9puWRFeg= Subject key identifier: 29:52:12:31:5F:68:46:7D:39:44:99:E9:C2:80:D2:FF:CD:5A:47:FA Authority key identifier: 2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B Certificate issuer: /CN=A91ACD72/serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B Certificate serial: 055F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.mft Manifest number: 0524 Signing time: Fri 22 Aug 2025 23:53:49 +0000 Manifest this update: Fri 22 Aug 2025 23:53:48 +0000 Manifest next update: Fri 29 Aug 2025 23:53:48 +0000 Files and hashes: 1: LBkXUyWl82wLtY-SEZ5lggyP1Xs.crl (hash: /xcpRGNZ8HGplybvkvXOVoFfal0JM/ZOa+Zv+HOzgWA=) 2: CE988D80FB7311EC97CD7F85C4F9AE02.roa (hash: c5X0bRS1v3BmM8+viPXYxx/gJz2nVR8k5o+BxqMhvNI=) 3: BD4E85B09E6311ECA6EC8071C4F9AE02.roa (hash: 2jfJLAfv4sSmTjn+t4R2DbosLO6LZGV4JERzq1/IuT0=) 4: F88F642285E411EEB951413BC4F9AE02.roa (hash: 5XS7gAJ1w57LGdHifEwdGpT41QuHVgx3tURmBIG/Ph0=) 5: 1CD7BEFC4D0E11EEA09FBF12C4F9AE02.roa (hash: ZVXIXb68LMeIyoHASYy5oVFyflHWdmoVD7FAYMUQOp4=) 6: BBDA9B429E6311ECA6EC8071C4F9AE02.roa (hash: WiSL38A4AfTZxujdbevnM0BHhlMtOQknr2QyeEfpbeg=) 7: 95C12B8E21A111EE8360C139C4F9AE02.roa (hash: ANarnw7th2betqTUJ1dSr/6kmM20Z4BPNu0RmkGVouY=) 8: D6C060C27E1811EEB9B4FE4AC4F9AE02.roa (hash: H6lUECWs/LnmCnEJB/ye5BlXZoehdKlxdmR5+P/1VOY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.crl rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 23:53:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1375 (0x55f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ACD72, serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B Validity Not Before: Aug 22 23:53:48 2025 GMT Not After : Aug 29 23:53:48 2025 GMT Subject: CN=68a9030d-5fed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:7b:c3:74:0f:58:6d:e1:cd:e0:b2:10:0b:49: 16:4f:e6:57:dd:1d:f3:04:cc:f2:c4:a5:f9:8a:22: 1c:7a:eb:76:c8:3c:7a:88:df:af:89:46:19:e0:75: 1b:7f:c1:c3:cf:6b:ee:5f:cd:a3:48:12:2d:b7:2b: 2c:20:de:2d:07:5e:30:54:de:59:73:19:02:6e:3a: 06:a1:6b:f4:d9:aa:ea:0e:c9:4c:fb:60:a7:6a:43: 6b:7e:59:98:37:45:cd:d5:a3:10:af:f1:7c:95:ab: dc:69:69:75:45:e4:97:78:cc:a6:da:78:88:49:95: 31:0c:00:d0:76:aa:9c:df:d7:32:2f:e3:b9:c2:06: 47:8a:3c:c5:bf:f8:12:93:00:a5:39:d6:aa:16:72: 99:53:17:0f:47:e4:50:f5:d0:9c:41:7c:f9:a4:bd: 4f:32:e7:e0:32:9e:11:9e:53:4e:a7:b1:73:02:83: d9:07:5b:7f:b2:94:ce:97:62:f4:64:9d:bd:4f:45: 6b:92:46:ba:f4:da:ed:ab:23:65:30:33:a1:a0:c2: f2:1d:56:d3:b6:d6:71:8a:0a:77:c0:d0:a1:3b:b3: 24:1e:b6:3d:a3:54:20:c2:26:d8:a3:b0:44:96:3f: db:56:28:ca:6e:61:d6:37:14:05:59:4f:cc:2f:14: a1:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:52:12:31:5F:68:46:7D:39:44:99:E9:C2:80:D2:FF:CD:5A:47:FA X509v3 Authority Key Identifier: keyid:2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 32:75:6c:0c:09:33:7d:e2:d0:be:f8:ef:30:c2:8e:e5:fa:f5: ff:17:32:5f:b2:f8:dd:e9:31:3e:93:3a:06:54:36:76:f7:13: 66:9a:39:d6:0d:02:1b:7c:fa:1f:0c:8f:2b:56:ba:98:59:3e: ec:14:dc:5d:ed:77:3b:61:5f:59:da:56:64:24:66:3d:e2:e9: 79:de:56:43:0e:c0:ae:0d:7b:b2:9d:63:ac:b0:c9:74:65:f0: 58:9b:7c:8b:b1:2d:e1:bd:5e:3b:e2:8f:0f:ec:5e:03:25:76: e9:bb:ce:87:a6:f8:98:9f:51:7f:8b:89:59:e9:b9:a3:57:3d: 47:3b:db:db:b7:21:96:99:47:b7:c8:88:df:56:de:7e:2f:cd: e5:1e:3d:17:7a:62:67:f1:0a:6d:3f:81:b0:f3:1e:57:91:23: 9b:55:bd:0f:4a:f1:7c:2d:94:4d:8c:75:e4:dd:26:bf:70:f2: 0a:5b:0e:85:c5:48:25:ad:2d:3b:6e:95:dc:7a:d7:75:8b:44: 1a:ca:1b:3d:d3:27:0b:24:96:e5:32:c4:41:74:53:ac:43:69: 74:ac:eb:b8:1d:df:18:ff:e5:03:ac:c9:43:b0:cb:d8:5d:ad: 4a:78:d2:ce:7e:f3:be:18:34:24:d5:0c:ef:29:6b:37:05:20: ba:23:1b:f6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBV8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUNENzIxMTAvBgNVBAUTKDJDMTkxNzUzMjVBNUYzNkMwQkI1OEY5MjExOUU2NTgy MEM4RkQ1N0IwHhcNMjUwODIyMjM1MzQ4WhcNMjUwODI5MjM1MzQ4WjAYMRYwFAYD VQQDEw02OGE5MDMwZC01ZmVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArXvDdA9YbeHN4LIQC0kWT+ZX3R3zBMzyxKX5iiIceut2yDx6iN+viUYZ4HUb f8HDz2vuX82jSBIttyssIN4tB14wVN5ZcxkCbjoGoWv02arqDslM+2CnakNrflmY N0XN1aMQr/F8lavcaWl1ReSXeMym2niISZUxDADQdqqc39cyL+O5wgZHijzFv/gS kwClOdaqFnKZUxcPR+RQ9dCcQXz5pL1PMufgMp4RnlNOp7FzAoPZB1t/spTOl2L0 ZJ29T0Vrkka69NrtqyNlMDOhoMLyHVbTttZxigp3wNChO7MkHrY9o1QgwibYo7BE lj/bVijKbmHWNxQFWU/MLxShJQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFClSEjFf aEZ9OUSZ6cKA0v/NWkf6MB8GA1UdIwQYMBaAFCwZF1MlpfNsC7WPkhGeZYIMj9V7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0Q3Mi80NTc2QTY3MjI2 MTIxMUVDQjkzMTk5NDJDNEY5QUUwMi9MQmtYVXlXbDgyd0x0WS1TRVo1bGdneVAx WHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xCa1hVeVdsODJ3THRZLVNFWjVsZ2d5UDFYcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB Q0Q3Mi80NTc2QTY3MjI2MTIxMUVDQjkzMTk5NDJDNEY5QUUwMi9MQmtYVXlXbDgy d0x0WS1TRVo1bGdneVAxWHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAydWwMCTN94tC++O8wwo7l+vX/FzJfsvjd6TE+kzoGVDZ29xNmmjnW DQIbfPofDI8rVrqYWT7sFNxd7Xc7YV9Z2lZkJGY94ul53lZDDsCuDXuynWOssMl0 ZfBYm3yLsS3hvV474o8P7F4DJXbpu86HpviYn1F/i4lZ6bmjVz1HO9vbtyGWmUe3 yIjfVt5+L83lHj0XemJn8QptP4Gw8x5XkSObVb0PSvF8LZRNjHXk3Sa/cPIKWw6F xUglrS07bpXcetd1i0Qayhs90ycLJJblMsRBdFOsQ2l0rOu4Hd8Y/+UDrMlDsMvY Xa1KeNLOfvO+GDQk1QzvKWs3BSC6Ixv2 -----END CERTIFICATE-----Generated at Sat Aug 23 10:46:19 2025 by rpki-client