$ rpki-client -vvf rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.mft File: lKlQswO0aQDdWjBhAwyJpIloA68.mft (raw, json) Hash identifier: eJU6f/KvIO/2WS344rmsaaz4ouZu0VCgqkE+kYVO59A= Subject key identifier: B8:DD:4C:5C:E6:C9:7A:53:7C:F3:8B:94:09:13:58:E9:2A:1D:A6:48 Authority key identifier: 94:A9:50:B3:03:B4:69:00:DD:5A:30:61:03:0C:89:A4:89:68:03:AF Certificate issuer: /CN=A91BAD2D/serialNumber=94A950B303B46900DD5A3061030C89A4896803AF Certificate serial: F7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lKlQswO0aQDdWjBhAwyJpIloA68.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.mft Manifest number: F4 Signing time: Thu 03 Jul 2025 05:29:07 +0000 Manifest this update: Thu 03 Jul 2025 05:29:07 +0000 Manifest next update: Thu 10 Jul 2025 05:29:07 +0000 Files and hashes: 1: lKlQswO0aQDdWjBhAwyJpIloA68.crl (hash: 2YrzN1ztZwEmwF+E4QfZL5sh+Iatl29Ed8gfc1OFTMA=) 2: 33B566F2E80811EEB4888B0FC4F9AE02.roa (hash: ZSDoXQLk70kw9Tv9vuIwvYTULilf6nNLQq+LER2jQIQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.crl rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lKlQswO0aQDdWjBhAwyJpIloA68.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 247 (0xf7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BAD2D, serialNumber=94A950B303B46900DD5A3061030C89A4896803AF Validity Not Before: Jul 3 05:29:07 2025 GMT Not After : Jul 10 05:29:07 2025 GMT Subject: CN=68661523-3e52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:72:86:e6:3d:cd:7c:51:49:fd:7a:d2:16:a5: 49:b1:65:a0:1f:9d:db:bb:f1:b0:65:5c:ff:68:02: dd:d1:c4:34:0d:89:10:58:ef:a1:66:f3:e7:ba:fd: 81:0c:15:5a:48:85:a4:96:25:da:49:00:2e:70:38: c5:c8:e4:83:6b:ed:d4:a9:dd:9c:b2:4c:e6:19:63: e5:3a:1a:29:2f:e4:65:a6:89:4f:d8:96:0f:f2:3e: 19:54:17:87:5f:94:52:48:d1:e0:0b:0b:19:a0:4d: 56:23:73:08:96:97:0d:47:98:5f:bf:64:64:31:11: 68:a4:c9:3a:97:f9:57:05:bb:ad:1d:45:a0:29:c4: d3:8e:83:21:f8:90:9e:fd:6d:3f:37:0f:3a:b3:74: 07:8f:8e:a6:1f:0d:a4:91:1c:ed:cb:f1:1a:4d:8a: 0c:d6:cd:7a:32:ff:c1:02:9a:a0:97:fa:6a:f1:86: c5:df:ba:62:36:67:75:3b:ce:d5:0d:7c:0d:e2:58: a9:65:c3:c2:6b:23:1d:14:11:f8:be:70:07:5f:47: 8a:1b:2b:56:7b:60:f3:af:ef:75:4e:f0:85:38:28: 2d:83:18:a6:27:5f:ca:16:08:16:bb:71:27:80:25: 7c:99:a6:69:02:6e:98:56:39:c1:2a:04:d2:58:26: e8:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:DD:4C:5C:E6:C9:7A:53:7C:F3:8B:94:09:13:58:E9:2A:1D:A6:48 X509v3 Authority Key Identifier: keyid:94:A9:50:B3:03:B4:69:00:DD:5A:30:61:03:0C:89:A4:89:68:03:AF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lKlQswO0aQDdWjBhAwyJpIloA68.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2e:de:f5:73:db:10:7f:9d:d2:14:d7:9c:d0:f3:83:0e:90:a0: d8:92:58:a1:91:27:3c:6d:e3:f2:e0:26:aa:85:7b:7f:6a:cf: 95:64:7b:b2:f8:55:fd:bb:74:c4:7a:30:94:fa:28:2e:7d:5a: 5d:21:e4:40:41:65:a0:f4:2f:62:e9:7a:1f:e6:ba:76:72:2d: 18:d5:d1:a5:65:0a:bc:3c:37:59:52:ad:80:bd:40:10:b8:1a: bf:b0:e7:6a:a2:f2:88:0b:8e:44:12:e2:1c:de:f7:00:a4:fb: d2:72:6d:d7:86:0d:d4:3d:b1:5a:07:2e:b1:7e:23:4f:7d:43: 46:3f:b9:25:e4:83:f7:84:0d:30:3f:e2:a5:74:89:47:3d:bb: c5:2c:06:c8:ea:a9:6f:6e:43:a5:0f:ab:56:18:6f:cd:53:94: aa:f2:cc:98:dc:1c:4b:eb:06:e1:9a:86:c3:86:6b:09:db:ec: 29:4a:d1:15:91:b8:06:47:1c:56:c1:cf:2a:2c:f0:e4:e7:2d: 9d:d3:6b:c2:af:59:a9:49:53:5d:ba:5c:66:b5:c6:bf:5b:65: a3:1d:ba:3c:1b:85:c0:cd:3a:9a:ab:9c:07:02:bc:1b:ed:6f: f7:30:ca:8f:32:18:e0:53:1e:0c:b3:d5:a0:e3:2d:06:38:69: a6:ce:c0:11 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAPcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkFEMkQxMTAvBgNVBAUTKDk0QTk1MEIzMDNCNDY5MDBERDVBMzA2MTAzMEM4OUE0 ODk2ODAzQUYwHhcNMjUwNzAzMDUyOTA3WhcNMjUwNzEwMDUyOTA3WjAYMRYwFAYD VQQDEw02ODY2MTUyMy0zZTUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAunKG5j3NfFFJ/XrSFqVJsWWgH53bu/GwZVz/aALd0cQ0DYkQWO+hZvPnuv2B DBVaSIWkliXaSQAucDjFyOSDa+3Uqd2cskzmGWPlOhopL+RlpolP2JYP8j4ZVBeH X5RSSNHgCwsZoE1WI3MIlpcNR5hfv2RkMRFopMk6l/lXBbutHUWgKcTTjoMh+JCe /W0/Nw86s3QHj46mHw2kkRzty/EaTYoM1s16Mv/BApqgl/pq8YbF37piNmd1O87V DXwN4lipZcPCayMdFBH4vnAHX0eKGytWe2Dzr+91TvCFOCgtgximJ1/KFggWu3En gCV8maZpAm6YVjnBKgTSWCbowwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLjdTFzm yXpTfPOLlAkTWOkqHaZIMB8GA1UdIwQYMBaAFJSpULMDtGkA3VowYQMMiaSJaAOv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQUQyRC85MDg4RUU1QUU4 MDExMUVFQUQ2QzUwMzBDNEY5QUUwMi9sS2xRc3dPMGFRRGRXakJoQXd5SnBJbG9B NjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xLbFFzd08wYVFEZFdqQmhBd3lKcElsb0E2OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QUQyRC85MDg4RUU1QUU4MDExMUVFQUQ2QzUwMzBDNEY5QUUwMi9sS2xRc3dPMGFR RGRXakJoQXd5SnBJbG9BNjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAu3vVz2xB/ndIU15zQ84MOkKDYklihkSc8bePy4CaqhXt/as+VZHuy +FX9u3TEejCU+igufVpdIeRAQWWg9C9i6Xof5rp2ci0Y1dGlZQq8PDdZUq2AvUAQ uBq/sOdqovKIC45EEuIc3vcApPvScm3Xhg3UPbFaBy6xfiNPfUNGP7kl5IP3hA0w P+KldIlHPbvFLAbI6qlvbkOlD6tWGG/NU5Sq8syY3BxL6wbhmobDhmsJ2+wpStEV kbgGRxxWwc8qLPDk5y2d02vCr1mpSVNdulxmtca/W2WjHbo8G4XAzTqaq5wHArwb 7W/3MMqPMhjgUx4Ms9Wg4y0GOGmmzsAR -----END CERTIFICATE-----Generated at Thu Jul 3 17:31:30 2025 by rpki-client