$ rpki-client -vvf rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/lfCdXluLzW9LTWm1yTbJEvd9LP0.mft File: lfCdXluLzW9LTWm1yTbJEvd9LP0.mft (raw, json) Hash identifier: ehY14kWAO9RVFVpL3F6i3zUhys6Zp7XvLef8vyF7KJE= Subject key identifier: 4E:20:F5:CD:3D:ED:70:30:90:C0:6B:B2:61:CF:03:D5:DB:02:30:A7 Authority key identifier: 95:F0:9D:5E:5B:8B:CD:6F:4B:4D:69:B5:C9:36:C9:12:F7:7D:2C:FD Certificate issuer: /CN=A91D44BE/serialNumber=95F09D5E5B8BCD6F4B4D69B5C936C912F77D2CFD Certificate serial: A4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lfCdXluLzW9LTWm1yTbJEvd9LP0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/lfCdXluLzW9LTWm1yTbJEvd9LP0.mft Manifest number: A1 Signing time: Thu 03 Jul 2025 06:29:29 +0000 Manifest this update: Thu 03 Jul 2025 06:29:29 +0000 Manifest next update: Thu 10 Jul 2025 06:29:29 +0000 Files and hashes: 1: lfCdXluLzW9LTWm1yTbJEvd9LP0.crl (hash: KT4OQIzM+KqrYlvHOwQSS006u8AAjorJEj9NBJIR0CA=) 2: B23569E2756511EFB018F20DC4F9AE02.roa (hash: r6mTJvt8SukGGtNb+WgynqBgaxV1KBCRpaFxjoCbFH8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/lfCdXluLzW9LTWm1yTbJEvd9LP0.crl rsync://rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/lfCdXluLzW9LTWm1yTbJEvd9LP0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lfCdXluLzW9LTWm1yTbJEvd9LP0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 164 (0xa4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D44BE, serialNumber=95F09D5E5B8BCD6F4B4D69B5C936C912F77D2CFD Validity Not Before: Jul 3 06:29:29 2025 GMT Not After : Jul 10 06:29:29 2025 GMT Subject: CN=68662349-2aac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:68:e8:70:3f:28:34:1d:4d:67:6e:85:82:a4: 35:9d:f6:35:27:af:c9:d9:b4:13:d6:7f:98:c4:0f: 02:72:1c:b6:f5:b4:f0:35:b3:18:b5:2a:cc:10:a2: a1:ad:9c:70:3a:09:47:af:4b:57:f7:44:34:d1:c8: be:f2:16:13:03:1c:da:56:da:72:62:df:90:ca:a2: f5:7b:05:a4:58:86:0c:21:9a:9d:1a:61:4b:2b:8a: 29:3b:40:f8:4c:25:fd:a2:15:01:61:c4:4b:1e:3e: b1:14:ee:a6:37:bf:a2:3e:0e:01:6c:73:bf:94:48: 38:7a:5e:b9:b2:65:ec:72:85:4a:bf:24:68:a1:58: 6d:8f:34:d5:e5:ea:58:ad:e8:27:63:b3:09:83:bf: 59:ca:9f:64:5d:db:01:61:e3:e7:cc:0b:24:25:25: ff:68:23:cc:e6:6e:3c:74:6c:0d:c3:9b:d6:a3:ec: d2:3d:59:de:32:07:d6:ad:18:6e:2e:ee:20:1f:a5: 72:9b:03:c4:12:13:8f:c4:ab:06:d9:df:80:9d:6e: 4e:54:a0:c5:74:08:91:c3:eb:2d:0c:6a:62:25:42: fc:fc:70:03:5f:0c:71:03:68:87:27:ef:b0:a5:0f: 47:2b:4a:4e:69:03:bb:0b:6e:96:43:19:e9:01:44: 38:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:20:F5:CD:3D:ED:70:30:90:C0:6B:B2:61:CF:03:D5:DB:02:30:A7 X509v3 Authority Key Identifier: keyid:95:F0:9D:5E:5B:8B:CD:6F:4B:4D:69:B5:C9:36:C9:12:F7:7D:2C:FD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/lfCdXluLzW9LTWm1yTbJEvd9LP0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lfCdXluLzW9LTWm1yTbJEvd9LP0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/lfCdXluLzW9LTWm1yTbJEvd9LP0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 86:b1:b4:64:d9:16:1f:df:37:35:ae:6e:33:8f:6a:82:6f:05: d2:e4:7c:37:46:05:23:53:17:c9:8d:b5:c6:59:7f:33:97:30: e5:cc:c5:29:cc:ae:1f:a9:07:26:40:80:30:8b:a7:38:5b:f7: e8:1a:f6:d8:31:db:91:b6:9c:aa:26:0c:d3:32:ff:51:91:dc: 9f:6d:2f:43:6f:a7:e0:d8:df:d8:e2:09:38:6b:2a:19:b1:d8: 2e:52:58:d2:de:23:4e:b5:4c:91:fa:9b:07:3c:f8:e8:9d:a1: cc:f1:1b:a6:4a:d1:1c:fd:0f:97:b7:e4:81:cc:dc:a2:4e:5a: d0:5b:39:e1:e7:f3:93:40:62:63:14:72:98:10:aa:f8:e7:9b: 25:4c:61:ac:d1:0a:93:d3:e6:26:29:f0:1b:5c:eb:bb:1b:6b: 24:11:fc:21:50:f4:d6:d6:38:66:1d:c8:2a:30:15:21:8d:e0: 32:9e:61:57:5d:3b:e2:42:d7:4b:b3:fd:c1:a8:1c:c1:da:d7: 0d:8e:c8:ee:fc:e0:8e:ac:a8:3d:7c:78:94:85:d9:49:54:4c: 39:3a:ed:8b:6f:94:23:5e:b8:40:1b:3b:b4:9d:8a:40:e4:9a: 92:fc:4e:3e:ae:11:16:86:1d:32:9b:cb:a5:8b:97:96:a6:2e: a4:cb:18:91 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDQ0QkUxMTAvBgNVBAUTKDk1RjA5RDVFNUI4QkNENkY0QjRENjlCNUM5MzZDOTEy Rjc3RDJDRkQwHhcNMjUwNzAzMDYyOTI5WhcNMjUwNzEwMDYyOTI5WjAYMRYwFAYD VQQDEw02ODY2MjM0OS0yYWFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9mjocD8oNB1NZ26FgqQ1nfY1J6/J2bQT1n+YxA8Cchy29bTwNbMYtSrMEKKh rZxwOglHr0tX90Q00ci+8hYTAxzaVtpyYt+QyqL1ewWkWIYMIZqdGmFLK4opO0D4 TCX9ohUBYcRLHj6xFO6mN7+iPg4BbHO/lEg4el65smXscoVKvyRooVhtjzTV5epY regnY7MJg79Zyp9kXdsBYePnzAskJSX/aCPM5m48dGwNw5vWo+zSPVneMgfWrRhu Lu4gH6VymwPEEhOPxKsG2d+AnW5OVKDFdAiRw+stDGpiJUL8/HADXwxxA2iHJ++w pQ9HK0pOaQO7C26WQxnpAUQ4ZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE4g9c09 7XAwkMBrsmHPA9XbAjCnMB8GA1UdIwQYMBaAFJXwnV5bi81vS01ptck2yRL3fSz9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDRCRS8wMjhBQkU0MjY5 MjIxMUVGQkY4N0JCMEVDNEY5QUUwMi9sZkNkWGx1THpXOUxUV20xeVRiSkV2ZDlM UDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2xmQ2RYbHVMelc5TFRXbTF5VGJKRXZkOUxQMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NDRCRS8wMjhBQkU0MjY5MjIxMUVGQkY4N0JCMEVDNEY5QUUwMi9sZkNkWGx1THpX OUxUV20xeVRiSkV2ZDlMUDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCGsbRk2RYf3zc1rm4zj2qCbwXS5Hw3RgUjUxfJjbXGWX8zlzDlzMUp zK4fqQcmQIAwi6c4W/foGvbYMduRtpyqJgzTMv9RkdyfbS9Db6fg2N/Y4gk4ayoZ sdguUljS3iNOtUyR+psHPPjonaHM8RumStEc/Q+Xt+SBzNyiTlrQWznh5/OTQGJj FHKYEKr455slTGGs0QqT0+YmKfAbXOu7G2skEfwhUPTW1jhmHcgqMBUhjeAynmFX XTviQtdLs/3BqBzB2tcNjsju/OCOrKg9fHiUhdlJVEw5Ou2Lb5QjXrhAGzu0nYpA 5JqS/E4+rhEWhh0ym8uli5eWpi6kyxiR -----END CERTIFICATE-----Generated at Thu Jul 3 23:34:56 2025 by rpki-client