$ rpki-client -vvf rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/lHDnYQgGPk98ZK1D0Ha8Ea4f210.mft File: lHDnYQgGPk98ZK1D0Ha8Ea4f210.mft (raw, json) Hash identifier: rYxmZoBc8fj8zEQ5f/KxOFGtGl52lvlDJmo8fQAIfJs= Subject key identifier: CF:5F:27:87:C1:2C:3C:F0:01:7D:A0:87:EB:F8:88:7F:AC:35:DF:FB Authority key identifier: 94:70:E7:61:08:06:3E:4F:7C:64:AD:43:D0:76:BC:11:AE:1F:DB:5D Certificate issuer: /CN=A91E41C9/serialNumber=9470E76108063E4F7C64AD43D076BC11AE1FDB5D Certificate serial: 087C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lHDnYQgGPk98ZK1D0Ha8Ea4f210.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/lHDnYQgGPk98ZK1D0Ha8Ea4f210.mft Manifest number: 0876 Signing time: Mon 12 May 2025 20:28:40 +0000 Manifest this update: Mon 12 May 2025 20:28:39 +0000 Manifest next update: Mon 19 May 2025 20:28:39 +0000 Files and hashes: 1: lHDnYQgGPk98ZK1D0Ha8Ea4f210.crl (hash: OUvxdS4JkOOsKsKyGtgO8dvpOjuz0xDtQbqtoWbiBcY=) 2: 2C74B00CF70011EA8EFF4C67C4F9AE02.roa (hash: tCsERzsAtsk+5phQVU01aXCd1wv6EXGawIRg0i0oP6k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/lHDnYQgGPk98ZK1D0Ha8Ea4f210.crl rsync://rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/lHDnYQgGPk98ZK1D0Ha8Ea4f210.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lHDnYQgGPk98ZK1D0Ha8Ea4f210.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 20:28:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2172 (0x87c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E41C9, serialNumber=9470E76108063E4F7C64AD43D076BC11AE1FDB5D Validity Not Before: May 12 20:28:39 2025 GMT Not After : May 19 20:28:39 2025 GMT Subject: CN=682259f8-393e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:d4:76:73:aa:e7:b3:28:af:bf:40:d7:74:8a: 74:3c:d3:c6:52:ec:f3:1f:90:17:fc:10:06:9f:52: 54:70:0d:f1:5b:9e:bd:91:65:3d:5e:37:58:7f:2e: c9:17:76:8c:65:2d:13:64:8f:b1:df:03:6b:47:e7: e9:e8:1e:09:7e:49:91:d1:7d:00:05:c0:e3:2c:db: 2d:f0:2d:a6:45:32:e8:43:21:f7:b9:0e:2a:1d:3a: e3:43:e3:1f:02:5a:cb:23:c4:90:d3:c8:07:9d:a7: 2c:39:73:ea:72:11:51:4a:b2:92:82:43:f4:b0:3b: 05:fb:67:6b:1b:be:65:af:e0:73:0a:6b:d6:f8:47: 23:52:a1:10:86:ce:08:e7:7f:0f:73:88:25:f9:52: f8:d3:fb:ce:7d:40:39:ff:be:02:ca:d8:a0:0d:6c: 90:c5:a0:e3:85:05:06:f6:5e:63:f7:0d:cc:d4:9a: d6:72:47:15:3f:8b:1b:67:d2:75:14:e2:a9:a7:58: b6:9a:60:06:a3:a6:ed:78:f5:2e:67:a0:59:bd:b7: c3:44:73:c2:9e:c6:17:a9:a8:30:77:c6:e1:19:51: 23:27:65:2f:a3:35:c4:3e:2b:78:27:14:ec:e6:14: 9f:e7:c1:86:1f:20:87:1b:69:67:1d:11:55:ef:03: 20:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:5F:27:87:C1:2C:3C:F0:01:7D:A0:87:EB:F8:88:7F:AC:35:DF:FB X509v3 Authority Key Identifier: keyid:94:70:E7:61:08:06:3E:4F:7C:64:AD:43:D0:76:BC:11:AE:1F:DB:5D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/lHDnYQgGPk98ZK1D0Ha8Ea4f210.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lHDnYQgGPk98ZK1D0Ha8Ea4f210.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/lHDnYQgGPk98ZK1D0Ha8Ea4f210.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 43:c8:7f:0e:60:ce:98:3c:74:2b:f9:d4:14:ff:0b:9a:ad:5f: c2:d5:ea:06:fb:52:44:41:99:62:41:b1:fb:8a:e8:14:7c:8d: 83:b3:b3:ae:89:f2:bc:89:67:9e:45:80:2b:4f:79:63:39:a2: 11:3e:0a:11:2c:43:c5:f3:aa:6f:e9:7e:08:f1:0a:be:c6:fa: d0:d4:9b:28:05:9b:2c:5f:08:a8:99:79:94:62:c8:f9:13:2b: d8:a9:00:7c:1f:3c:20:34:5e:89:37:d3:91:fd:ef:e3:35:60: 4b:cf:8d:bd:48:97:35:b3:20:31:19:fd:ad:2c:b0:e0:61:3e: fb:03:c0:a2:48:c7:ad:24:a8:d3:ff:ac:2b:f2:7f:0d:d1:d5: 4c:1f:b0:9f:4e:45:e6:08:1e:4e:00:c8:5b:4d:85:ac:a5:d9: ae:ff:ec:17:98:ec:c6:17:d8:cc:72:b7:9e:ef:da:ce:ac:b0: e4:16:9c:0d:0f:43:83:43:bc:18:53:32:22:1e:51:45:74:7e: c7:c5:98:bf:4b:7f:99:3b:90:a1:c7:ee:2f:da:96:d2:c7:33: 41:32:1c:7b:62:bd:a5:b2:75:22:05:0a:5f:7a:71:c6:47:f8: 5d:d8:3e:e8:b7:dc:e5:ea:26:d1:27:14:61:2c:ef:f1:72:96: 8a:9d:a7:71 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCHwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTQxQzkxMTAvBgNVBAUTKDk0NzBFNzYxMDgwNjNFNEY3QzY0QUQ0M0QwNzZCQzEx QUUxRkRCNUQwHhcNMjUwNTEyMjAyODM5WhcNMjUwNTE5MjAyODM5WjAYMRYwFAYD VQQDEw02ODIyNTlmOC0zOTNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy9R2c6rnsyivv0DXdIp0PNPGUuzzH5AX/BAGn1JUcA3xW569kWU9XjdYfy7J F3aMZS0TZI+x3wNrR+fp6B4JfkmR0X0ABcDjLNst8C2mRTLoQyH3uQ4qHTrjQ+Mf AlrLI8SQ08gHnacsOXPqchFRSrKSgkP0sDsF+2drG75lr+BzCmvW+EcjUqEQhs4I 538Pc4gl+VL40/vOfUA5/74CytigDWyQxaDjhQUG9l5j9w3M1JrWckcVP4sbZ9J1 FOKpp1i2mmAGo6btePUuZ6BZvbfDRHPCnsYXqagwd8bhGVEjJ2UvozXEPit4JxTs 5hSf58GGHyCHG2lnHRFV7wMgjwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFM9fJ4fB LDzwAX2gh+v4iH+sNd/7MB8GA1UdIwQYMBaAFJRw52EIBj5PfGStQ9B2vBGuH9td MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNDFDOS80OUJEOURBNkMw RjgxMUVBOEFDNkM0NkNDNEY5QUUwMi9sSERuWVFnR1BrOThaSzFEMEhhOEVhNGYy MTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xIRG5ZUWdHUGs5OFpLMUQwSGE4RWE0ZjIxMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NDFDOS80OUJEOURBNkMwRjgxMUVBOEFDNkM0NkNDNEY5QUUwMi9sSERuWVFnR1Br OThaSzFEMEhhOEVhNGYyMTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBDyH8OYM6YPHQr+dQU/wuarV/C1eoG+1JEQZliQbH7iugUfI2Ds7Ou ifK8iWeeRYArT3ljOaIRPgoRLEPF86pv6X4I8Qq+xvrQ1JsoBZssXwiomXmUYsj5 EyvYqQB8HzwgNF6JN9OR/e/jNWBLz429SJc1syAxGf2tLLDgYT77A8CiSMetJKjT /6wr8n8N0dVMH7CfTkXmCB5OAMhbTYWspdmu/+wXmOzGF9jMcree79rOrLDkFpwN D0ODQ7wYUzIiHlFFdH7HxZi/S3+ZO5Chx+4v2pbSxzNBMhx7Yr2lsnUiBQpfenHG R/hd2D7ot9zl6ibRJxRhLO/xcpaKnadx -----END CERTIFICATE-----Generated at Wed May 14 18:28:35 2025 by rpki-client