$ rpki-client -vvf rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/lfCdXluLzW9LTWm1yTbJEvd9LP0.mft File: lfCdXluLzW9LTWm1yTbJEvd9LP0.mft (raw, json) Hash identifier: W1dV0EECJTo39/H1depf6+xjmum+BVn0Rz+tehd0eFc= Subject key identifier: F3:53:BC:4D:16:A5:A8:C9:9A:73:EA:A4:23:1F:56:97:1D:F7:88:F5 Authority key identifier: 95:F0:9D:5E:5B:8B:CD:6F:4B:4D:69:B5:C9:36:C9:12:F7:7D:2C:FD Certificate issuer: /CN=A91D44BE/serialNumber=95F09D5E5B8BCD6F4B4D69B5C936C912F77D2CFD Certificate serial: 8B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lfCdXluLzW9LTWm1yTbJEvd9LP0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/lfCdXluLzW9LTWm1yTbJEvd9LP0.mft Manifest number: 88 Signing time: Tue 13 May 2025 05:47:54 +0000 Manifest this update: Tue 13 May 2025 05:47:54 +0000 Manifest next update: Tue 20 May 2025 05:47:54 +0000 Files and hashes: 1: lfCdXluLzW9LTWm1yTbJEvd9LP0.crl (hash: 3w7gav0M+thX43iD7sokIppi6UB94n8lBWlnQ/+yqI4=) 2: B23569E2756511EFB018F20DC4F9AE02.roa (hash: r6mTJvt8SukGGtNb+WgynqBgaxV1KBCRpaFxjoCbFH8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/lfCdXluLzW9LTWm1yTbJEvd9LP0.crl rsync://rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/lfCdXluLzW9LTWm1yTbJEvd9LP0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lfCdXluLzW9LTWm1yTbJEvd9LP0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 05:47:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 139 (0x8b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D44BE, serialNumber=95F09D5E5B8BCD6F4B4D69B5C936C912F77D2CFD Validity Not Before: May 13 05:47:54 2025 GMT Not After : May 20 05:47:54 2025 GMT Subject: CN=6822dd0a-055f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:72:8b:7f:0a:67:1c:44:7c:7e:21:ab:be:bc: 3a:10:83:24:b3:4b:90:36:54:55:57:1a:23:86:10: 05:4c:5e:fb:c6:1a:7c:77:44:42:6d:a7:17:0d:c8: be:7f:f2:01:6c:f8:81:06:8e:44:6d:fe:97:3a:6c: 0e:08:7d:58:46:34:90:e4:10:21:a5:d3:0a:2a:33: ba:f0:1c:68:ad:83:5e:6d:3d:dc:ce:a7:ed:22:d4: ec:ae:fc:9f:f6:b4:5e:ae:3d:3c:c5:79:c1:44:2e: 2d:cb:bd:6d:d9:b4:72:94:a9:f4:0e:20:f3:e0:40: 91:d6:e2:93:e3:5b:fd:92:ab:f9:b4:c0:15:4c:82: 5e:8d:c5:0c:cb:0b:95:28:64:b1:47:b8:d2:91:32: 5c:8a:a7:7b:aa:c2:a2:06:1f:b2:5e:6b:da:c6:8f: 9e:73:35:76:b9:92:53:ed:c2:6e:83:ae:d7:13:fc: 32:11:47:2d:33:a9:a2:6d:6b:f7:e1:f4:5e:a8:ea: be:34:d5:d7:8b:ba:39:b8:d3:ac:93:e7:04:c8:db: 5a:ee:1f:ac:71:1c:87:68:50:b6:01:b7:78:c3:b1: c6:56:0e:8d:7a:89:03:8f:41:dd:fb:ec:f3:0e:5c: 9c:f3:c0:b2:0e:dd:17:77:8f:c5:ea:c2:85:18:0f: 4c:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:53:BC:4D:16:A5:A8:C9:9A:73:EA:A4:23:1F:56:97:1D:F7:88:F5 X509v3 Authority Key Identifier: keyid:95:F0:9D:5E:5B:8B:CD:6F:4B:4D:69:B5:C9:36:C9:12:F7:7D:2C:FD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/lfCdXluLzW9LTWm1yTbJEvd9LP0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lfCdXluLzW9LTWm1yTbJEvd9LP0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/lfCdXluLzW9LTWm1yTbJEvd9LP0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 93:dd:ef:89:81:13:7f:4f:ef:56:b9:e0:6b:a9:ff:bf:33:a4: bd:02:85:f4:88:97:41:dd:4e:15:d9:af:2d:ff:dc:25:92:3d: 7d:34:ee:ad:e9:f4:83:e7:ce:bc:ab:e1:af:5a:9a:d1:67:fe: 59:5c:f2:be:1a:95:22:27:bc:9b:6f:0b:30:e0:6e:13:92:6f: fd:7f:1a:3f:50:f2:98:33:4e:95:7c:e7:3c:bd:ff:ed:2b:8f: 2e:7d:42:60:1d:1d:5b:96:4d:ab:1e:d1:30:a8:ea:8d:8c:30: 33:0d:6c:02:9a:ee:77:e7:61:c2:36:a0:9c:4c:23:e4:0b:06: a3:a0:db:62:b8:bc:d7:5f:55:aa:bd:7d:bd:d6:41:ae:4a:9d: f3:44:17:b7:d2:6e:4d:10:bf:36:da:cb:77:d7:f9:6a:0f:4d: 66:71:ba:35:fa:13:95:a3:cd:ee:83:8c:64:e3:5d:63:dc:32: c7:28:4b:a5:34:be:51:cb:18:84:4b:87:91:32:3c:69:a2:86: 9b:8e:2e:09:4d:30:ad:10:4a:d4:ee:70:fd:b8:27:c6:a4:79: 91:50:97:8b:42:38:7e:77:80:00:70:91:e3:92:ee:f8:9f:3e: fc:36:03:40:0d:aa:96:0f:f1:ac:69:18:02:96:a0:04:85:0e: 6a:fb:98:33 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDQ0QkUxMTAvBgNVBAUTKDk1RjA5RDVFNUI4QkNENkY0QjRENjlCNUM5MzZDOTEy Rjc3RDJDRkQwHhcNMjUwNTEzMDU0NzU0WhcNMjUwNTIwMDU0NzU0WjAYMRYwFAYD VQQDEw02ODIyZGQwYS0wNTVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqXKLfwpnHER8fiGrvrw6EIMks0uQNlRVVxojhhAFTF77xhp8d0RCbacXDci+ f/IBbPiBBo5Ebf6XOmwOCH1YRjSQ5BAhpdMKKjO68BxorYNebT3czqftItTsrvyf 9rRerj08xXnBRC4ty71t2bRylKn0DiDz4ECR1uKT41v9kqv5tMAVTIJejcUMywuV KGSxR7jSkTJciqd7qsKiBh+yXmvaxo+eczV2uZJT7cJug67XE/wyEUctM6mibWv3 4fReqOq+NNXXi7o5uNOsk+cEyNta7h+scRyHaFC2Abd4w7HGVg6NeokDj0Hd++zz Dlyc88CyDt0Xd4/F6sKFGA9M+QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPNTvE0W pajJmnPqpCMfVpcd94j1MB8GA1UdIwQYMBaAFJXwnV5bi81vS01ptck2yRL3fSz9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDRCRS8wMjhBQkU0MjY5 MjIxMUVGQkY4N0JCMEVDNEY5QUUwMi9sZkNkWGx1THpXOUxUV20xeVRiSkV2ZDlM UDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2xmQ2RYbHVMelc5TFRXbTF5VGJKRXZkOUxQMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NDRCRS8wMjhBQkU0MjY5MjIxMUVGQkY4N0JCMEVDNEY5QUUwMi9sZkNkWGx1THpX OUxUV20xeVRiSkV2ZDlMUDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCT3e+JgRN/T+9WueBrqf+/M6S9AoX0iJdB3U4V2a8t/9wlkj19NO6t 6fSD5868q+GvWprRZ/5ZXPK+GpUiJ7ybbwsw4G4Tkm/9fxo/UPKYM06VfOc8vf/t K48ufUJgHR1blk2rHtEwqOqNjDAzDWwCmu5352HCNqCcTCPkCwajoNtiuLzXX1Wq vX291kGuSp3zRBe30m5NEL822st31/lqD01mcbo1+hOVo83ug4xk411j3DLHKEul NL5RyxiES4eRMjxpooabji4JTTCtEErU7nD9uCfGpHmRUJeLQjh+d4AAcJHjku74 nz78NgNADaqWD/GsaRgClqAEhQ5q+5gz -----END CERTIFICATE-----Generated at Wed May 14 04:53:53 2025 by rpki-client