$ rpki-client -vvf rpki.apnic.net/member_repository/A91D8E2C/0FE1ED06A2FB11E9A526A57EC4F9AE02/lpDF1gn85ELDW5kW1WP58Ye2itQ.mft File: lpDF1gn85ELDW5kW1WP58Ye2itQ.mft (raw, json) Hash identifier: 4Oqqu+nxwfN0Djp79fIsw4DcigdgHFUXNK9tcRNX4QQ= Subject key identifier: 8A:62:FF:CC:E2:8B:CE:FE:9B:6C:DC:4C:F8:0C:60:94:6A:E3:3E:33 Authority key identifier: 96:90:C5:D6:09:FC:E4:42:C3:5B:99:16:D5:63:F9:F1:87:B6:8A:D4 Certificate issuer: /CN=A91D8E2C/serialNumber=9690C5D609FCE442C35B9916D563F9F187B68AD4 Certificate serial: 0E32 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lpDF1gn85ELDW5kW1WP58Ye2itQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D8E2C/0FE1ED06A2FB11E9A526A57EC4F9AE02/lpDF1gn85ELDW5kW1WP58Ye2itQ.mft Manifest number: 0E2A Signing time: Sat 10 May 2025 17:39:28 +0000 Manifest this update: Sat 10 May 2025 17:39:28 +0000 Manifest next update: Sat 17 May 2025 17:39:28 +0000 Files and hashes: 1: lpDF1gn85ELDW5kW1WP58Ye2itQ.crl (hash: yZOnJtaHRHLghQxsmnHauynxUKmHdSwBpLf/43qqWfo=) 2: 6C153768CE5511EB9DD80C30C4F9AE02.roa (hash: 8FSx/7pmWfnqq5buFAKmXuNtb84bNl4hKWrDWfIfWSE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D8E2C/0FE1ED06A2FB11E9A526A57EC4F9AE02/lpDF1gn85ELDW5kW1WP58Ye2itQ.crl rsync://rpki.apnic.net/member_repository/A91D8E2C/0FE1ED06A2FB11E9A526A57EC4F9AE02/lpDF1gn85ELDW5kW1WP58Ye2itQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lpDF1gn85ELDW5kW1WP58Ye2itQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 17:39:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3634 (0xe32) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D8E2C, serialNumber=9690C5D609FCE442C35B9916D563F9F187B68AD4 Validity Not Before: May 10 17:39:28 2025 GMT Not After : May 17 17:39:28 2025 GMT Subject: CN=681f8f50-6692 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:b5:ac:b9:fa:e4:6f:35:6a:62:7a:3d:d0:ab: 04:e4:96:99:45:a6:9d:f7:7b:f6:23:31:c8:91:de: e7:bb:38:b1:c4:0b:b5:ed:ac:32:08:44:46:3a:29: e5:a1:f4:82:82:b3:39:3a:be:25:9e:a4:bb:e6:2b: 12:ad:fb:37:bc:5c:b9:8c:cb:0c:97:69:4f:e4:a4: 14:d3:57:ec:c1:19:91:c8:7d:b5:ff:38:ce:14:9a: 52:7c:1c:99:af:a9:98:0b:65:07:91:f8:98:12:92: 69:34:51:b0:d8:ab:0e:4f:b8:c0:a7:1c:40:e1:83: 85:46:fc:1e:f9:51:b4:c3:ca:51:96:3e:00:c9:69: 0d:dc:e0:47:d9:2f:32:91:f9:6f:39:3b:d0:9a:b6: 72:d9:83:af:91:aa:9d:9a:05:fe:7e:12:70:a9:40: 5b:d5:01:3c:73:89:6e:a7:5c:99:2d:c3:8e:9e:95: b8:0b:74:db:66:72:47:e8:49:5e:f0:38:f2:1d:d5: e5:dd:7d:81:d8:06:07:a2:c9:f3:49:a3:a1:01:cc: 5e:11:36:25:6e:ee:69:ad:46:35:61:59:e3:f5:5b: 7a:7f:da:a4:63:8d:ee:64:8c:a0:a5:00:4f:34:3d: 8a:b4:e9:fe:17:d5:81:25:af:94:7e:a5:44:e8:c5: 5e:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:62:FF:CC:E2:8B:CE:FE:9B:6C:DC:4C:F8:0C:60:94:6A:E3:3E:33 X509v3 Authority Key Identifier: keyid:96:90:C5:D6:09:FC:E4:42:C3:5B:99:16:D5:63:F9:F1:87:B6:8A:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D8E2C/0FE1ED06A2FB11E9A526A57EC4F9AE02/lpDF1gn85ELDW5kW1WP58Ye2itQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lpDF1gn85ELDW5kW1WP58Ye2itQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D8E2C/0FE1ED06A2FB11E9A526A57EC4F9AE02/lpDF1gn85ELDW5kW1WP58Ye2itQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 49:b4:b2:01:a1:7e:de:e7:56:90:b3:82:cb:9a:e7:26:e7:de: 7e:0c:0f:08:5a:c3:be:7c:d5:c4:29:e5:4e:07:ae:eb:76:e7: 0b:b2:60:47:86:e7:e9:1b:72:3a:0e:cc:d6:4c:03:4f:7e:04: 83:5f:39:a0:6c:6f:8d:06:53:93:d4:33:de:75:55:82:69:8c: d9:f4:90:4b:f0:1f:69:94:1d:74:9e:e3:34:aa:83:7c:67:45: d8:15:29:25:91:87:4b:59:9b:37:a8:82:07:15:b0:69:0d:cb: af:f8:a7:ed:cd:23:68:8d:52:df:af:f5:97:fa:e9:e4:91:b2: 5c:45:8d:42:43:30:e0:5b:c7:62:71:48:06:30:0f:0a:8a:f4: 5a:9d:72:62:77:a5:a0:86:80:67:f7:da:34:a1:d9:8b:5f:06: 5c:11:74:ae:d1:d6:b1:50:21:0d:e5:8c:78:48:65:2b:20:86: 4d:7f:46:48:1d:5e:66:80:9a:1d:2e:2c:0d:80:76:24:a9:1f: a3:8a:a7:c9:21:c8:1c:4c:be:fd:2e:b1:79:7e:f7:2d:97:f4: 74:7d:3b:9f:cb:ff:ca:e9:de:5f:b4:bf:51:e6:10:65:a9:26: 8c:20:6e:94:29:70:2f:57:97:54:a5:bb:63:b2:3c:4f:c2:6a: bf:c0:b1:ed -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDjIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDhFMkMxMTAvBgNVBAUTKDk2OTBDNUQ2MDlGQ0U0NDJDMzVCOTkxNkQ1NjNGOUYx ODdCNjhBRDQwHhcNMjUwNTEwMTczOTI4WhcNMjUwNTE3MTczOTI4WjAYMRYwFAYD VQQDEw02ODFmOGY1MC02NjkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArrWsufrkbzVqYno90KsE5JaZRaad93v2IzHIkd7nuzixxAu17awyCERGOinl ofSCgrM5Or4lnqS75isSrfs3vFy5jMsMl2lP5KQU01fswRmRyH21/zjOFJpSfByZ r6mYC2UHkfiYEpJpNFGw2KsOT7jApxxA4YOFRvwe+VG0w8pRlj4AyWkN3OBH2S8y kflvOTvQmrZy2YOvkaqdmgX+fhJwqUBb1QE8c4lup1yZLcOOnpW4C3TbZnJH6Ele 8DjyHdXl3X2B2AYHosnzSaOhAcxeETYlbu5prUY1YVnj9Vt6f9qkY43uZIygpQBP ND2KtOn+F9WBJa+UfqVE6MVeMQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIpi/8zi i87+m2zcTPgMYJRq4z4zMB8GA1UdIwQYMBaAFJaQxdYJ/ORCw1uZFtVj+fGHtorU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOEUyQy8wRkUxRUQwNkEy RkIxMUU5QTUyNkE1N0VDNEY5QUUwMi9scERGMWduODVFTERXNWtXMVdQNThZZTJp dFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xwREYxZ244NUVMRFc1a1cxV1A1OFllMml0US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE OEUyQy8wRkUxRUQwNkEyRkIxMUU5QTUyNkE1N0VDNEY5QUUwMi9scERGMWduODVF TERXNWtXMVdQNThZZTJpdFEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBJtLIBoX7e51aQs4LLmucm595+DA8IWsO+fNXEKeVOB67rducLsmBH hufpG3I6DszWTANPfgSDXzmgbG+NBlOT1DPedVWCaYzZ9JBL8B9plB10nuM0qoN8 Z0XYFSklkYdLWZs3qIIHFbBpDcuv+KftzSNojVLfr/WX+unkkbJcRY1CQzDgW8di cUgGMA8KivRanXJid6WghoBn99o0odmLXwZcEXSu0daxUCEN5Yx4SGUrIIZNf0ZI HV5mgJodLiwNgHYkqR+jiqfJIcgcTL79LrF5fvctl/R0fTufy//K6d5ftL9R5hBl qSaMIG6UKXAvV5dUpbtjsjxPwmq/wLHt -----END CERTIFICATE-----Generated at Mon May 12 15:47:06 2025 by rpki-client