$ rpki-client -vvf rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.mft File: R-lr-DG7PMQ7TweEJj5ylYddVRY.mft (raw, json) Hash identifier: G8NB2KEm8oOdFkLCnc2FJu+LrYy0qFRvUtyRD6IH8eE= Subject key identifier: C5:02:EC:B0:1B:63:12:9C:6A:F5:35:91:00:C4:79:29:14:3E:EB:D4 Authority key identifier: 47:E9:6B:F8:31:BB:3C:C4:3B:4F:07:84:26:3E:72:95:87:5D:55:16 Certificate issuer: /CN=A91C4204/serialNumber=47E96BF831BB3CC43B4F0784263E7295875D5516 Certificate serial: 1E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/R-lr-DG7PMQ7TweEJj5ylYddVRY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.mft Manifest number: 1C Signing time: Thu 03 Jul 2025 08:11:17 +0000 Manifest this update: Thu 03 Jul 2025 08:11:16 +0000 Manifest next update: Thu 10 Jul 2025 08:11:16 +0000 Files and hashes: 1: R-lr-DG7PMQ7TweEJj5ylYddVRY.crl (hash: z/JnNBybFG/RnsQoNdCrXpBezCO/TLu2Q4eZuMeMmkk=) 2: CA2D4952300911F0AB675D3EC4F9AE02.roa (hash: wSACUp5c4PrWddzrJcvj1KCwEmCFzuB6DHldOTgXN4E=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.crl rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/R-lr-DG7PMQ7TweEJj5ylYddVRY.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30 (0x1e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C4204, serialNumber=47E96BF831BB3CC43B4F0784263E7295875D5516 Validity Not Before: Jul 3 08:11:16 2025 GMT Not After : Jul 10 08:11:16 2025 GMT Subject: CN=68663b25-4fae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:74:f6:5e:90:f1:3f:a6:68:3b:e7:63:b6:f8: b3:46:96:cb:d3:a6:14:65:b5:ab:13:72:ee:6a:7e: f4:41:ce:70:07:dc:84:90:fe:8b:18:fb:fa:f4:bc: 31:aa:2b:f1:43:86:26:61:b6:5c:2c:69:1f:88:82: 12:df:93:21:79:5f:56:72:0b:7a:14:5d:29:d8:b0: 1a:08:b2:56:b0:62:48:97:3f:6b:96:b0:d4:19:2a: 73:1d:63:e9:2f:e4:f9:02:3f:f2:20:11:26:c6:70: 77:51:c0:08:54:2e:cf:49:90:c8:43:a5:c0:2d:70: d6:91:b6:e7:e0:12:d2:af:a3:af:52:9a:d9:e9:be: ea:b5:79:8d:0e:b8:be:ce:e8:8d:85:ad:b1:34:3f: 38:ce:96:65:75:5f:c9:5a:09:57:c8:6c:69:23:44: c2:8d:ff:74:16:2b:b3:66:bf:52:7f:4e:c0:e1:29: 05:f9:8e:9f:d6:9f:6d:f1:2a:fe:4f:b4:b4:fd:d8: 2f:cd:37:3f:65:30:f0:f0:52:b3:84:e4:b7:db:d0: fe:80:2b:40:9d:a3:a1:b8:7a:73:fa:e2:97:d8:4e: 13:cc:f7:42:de:70:59:a9:e7:ab:de:9c:cf:b8:0f: b2:2c:10:16:a5:b1:89:d2:b3:e1:c5:51:8b:76:3d: ab:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:02:EC:B0:1B:63:12:9C:6A:F5:35:91:00:C4:79:29:14:3E:EB:D4 X509v3 Authority Key Identifier: keyid:47:E9:6B:F8:31:BB:3C:C4:3B:4F:07:84:26:3E:72:95:87:5D:55:16 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/R-lr-DG7PMQ7TweEJj5ylYddVRY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 02:b2:b2:fd:ca:a9:8e:9e:2c:ea:e1:ea:d3:80:0e:2f:9a:99: 29:00:41:0f:7a:e8:60:f6:c2:83:d7:0b:93:1d:9d:9a:b5:b4: 3a:f2:cb:09:95:34:cd:01:a5:9b:60:c9:55:38:ff:53:04:e5: 11:00:95:eb:4b:57:e4:61:de:94:26:da:17:da:b3:0c:d4:2a: 55:84:9b:89:95:af:a7:93:96:82:6a:98:f8:09:2c:3b:be:a1: da:b9:4b:55:db:28:12:e9:c1:37:48:f3:6a:d6:83:8b:f7:eb: 94:87:c2:dd:f8:d3:da:89:3f:0a:92:b5:3e:1f:73:9c:26:7f: ac:de:22:1a:3b:f6:ab:ba:3d:e7:18:d6:25:cc:08:22:fa:f9: ec:5f:7c:9c:00:d0:63:93:8b:80:40:64:bb:77:af:0b:bd:23: f9:2e:73:80:4a:20:c5:eb:62:ee:0c:d2:8d:85:31:5e:7a:24: bd:e4:98:ff:84:6a:f6:eb:04:d6:b4:2a:3c:39:3b:18:ef:12: 57:96:cf:68:41:e2:52:61:10:22:ff:9e:3b:e7:6a:69:c2:6b: aa:da:b5:d9:a3:ab:bb:11:a0:f1:3b:af:f7:b9:d5:dc:0b:45: 57:de:24:87:ab:1a:01:e6:2c:3f:5e:ce:8d:88:87:7e:90:f0: fe:3a:19:a4 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBHjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD NDIwNDExMC8GA1UEBRMoNDdFOTZCRjgzMUJCM0NDNDNCNEYwNzg0MjYzRTcyOTU4 NzVENTUxNjAeFw0yNTA3MDMwODExMTZaFw0yNTA3MTAwODExMTZaMBgxFjAUBgNV BAMTDTY4NjYzYjI1LTRmYWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDYdPZekPE/pmg752O2+LNGlsvTphRltasTcu5qfvRBznAH3ISQ/osY+/r0vDGq K/FDhiZhtlwsaR+IghLfkyF5X1ZyC3oUXSnYsBoIslawYkiXP2uWsNQZKnMdY+kv 5PkCP/IgESbGcHdRwAhULs9JkMhDpcAtcNaRtufgEtKvo69Smtnpvuq1eY0OuL7O 6I2FrbE0PzjOlmV1X8laCVfIbGkjRMKN/3QWK7Nmv1J/TsDhKQX5jp/Wn23xKv5P tLT92C/NNz9lMPDwUrOE5Lfb0P6AK0Cdo6G4enP64pfYThPM90LecFmp56venM+4 D7IsEBalsYnSs+HFUYt2PaspAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUxQLssBtj Epxq9TWRAMR5KRQ+69QwHwYDVR0jBBgwFoAUR+lr+DG7PMQ7TweEJj5ylYddVRYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM0MjA0LzQ0MUI1MDUyMzAw OTExRjBBMEFBN0QzREM0RjlBRTAyL1ItbHItREc3UE1RN1R3ZUVKajV5bFlkZFZS WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvUi1sci1ERzdQTVE3VHdlRUpqNXlsWWRkVlJZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM0 MjA0LzQ0MUI1MDUyMzAwOTExRjBBMEFBN0QzREM0RjlBRTAyL1ItbHItREc3UE1R N1R3ZUVKajV5bFlkZFZSWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAAKysv3KqY6eLOrh6tOADi+amSkAQQ966GD2woPXC5MdnZq1tDryywmV NM0BpZtgyVU4/1ME5REAletLV+Rh3pQm2hfaswzUKlWEm4mVr6eTloJqmPgJLDu+ odq5S1XbKBLpwTdI82rWg4v365SHwt3409qJPwqStT4fc5wmf6zeIho79qu6PecY 1iXMCCL6+exffJwA0GOTi4BAZLt3rwu9I/kuc4BKIMXrYu4M0o2FMV56JL3kmP+E avbrBNa0Kjw5OxjvEleWz2hB4lJhECL/njvnamnCa6ratdmjq7sRoPE7r/e51dwL RVfeJIerGgHmLD9ezo2Ih36Q8P46GaQ= -----END CERTIFICATE-----Generated at Fri Jul 4 21:28:31 2025 by rpki-client