$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7164/228ABF74898B11EA92759A5CC4F9AE02/L2rfQq_RZAgOox4PO4M4vtbaHlk.mft File: L2rfQq_RZAgOox4PO4M4vtbaHlk.mft (raw, json) Hash identifier: 1OVRwo4XubRf8XWi1O7s3qzWTOphIO9mVOjjC4BPnoQ= Subject key identifier: 90:BA:46:1B:39:E3:DC:36:A7:CC:11:E4:E2:D5:5C:06:58:05:2B:56 Authority key identifier: 2F:6A:DF:42:AF:D1:64:08:0E:A3:1E:0F:3B:83:38:BE:D6:DA:1E:59 Certificate issuer: /CN=A91E7164/serialNumber=2F6ADF42AFD164080EA31E0F3B8338BED6DA1E59 Certificate serial: 0996 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L2rfQq_RZAgOox4PO4M4vtbaHlk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E7164/228ABF74898B11EA92759A5CC4F9AE02/L2rfQq_RZAgOox4PO4M4vtbaHlk.mft Manifest number: 0990 Signing time: Mon 12 May 2025 19:55:53 +0000 Manifest this update: Mon 12 May 2025 19:55:52 +0000 Manifest next update: Mon 19 May 2025 19:55:52 +0000 Files and hashes: 1: L2rfQq_RZAgOox4PO4M4vtbaHlk.crl (hash: v67V4K0akchC8QcLtKsl8gx6+/M2fByfVD8EZ2BJ9Ik=) 2: F3173EDC898C11EA97286262C4F9AE02.roa (hash: 1ZtsZNF5jFsKlAT00IrDzQyZHeqFH7iBf+N8uJoqrEE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E7164/228ABF74898B11EA92759A5CC4F9AE02/L2rfQq_RZAgOox4PO4M4vtbaHlk.crl rsync://rpki.apnic.net/member_repository/A91E7164/228ABF74898B11EA92759A5CC4F9AE02/L2rfQq_RZAgOox4PO4M4vtbaHlk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L2rfQq_RZAgOox4PO4M4vtbaHlk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 19:55:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2454 (0x996) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E7164, serialNumber=2F6ADF42AFD164080EA31E0F3B8338BED6DA1E59 Validity Not Before: May 12 19:55:52 2025 GMT Not After : May 19 19:55:52 2025 GMT Subject: CN=68225248-0570 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:ba:b6:54:c0:44:ee:80:ed:a9:5e:56:5f:07: 04:14:7d:53:b8:ed:95:60:be:0f:81:94:d7:78:2c: d9:a8:03:f0:db:df:e0:48:d5:44:38:ec:87:84:fa: 66:06:40:5b:cf:95:6d:93:31:9e:ca:52:4a:3f:32: 2b:cf:4f:f2:04:24:1e:6a:ec:03:c9:5e:3d:15:93: a3:06:ce:61:8e:7d:89:79:61:5a:31:6f:94:e4:26: 49:15:d3:94:93:9e:cd:2b:26:26:4e:bd:20:f3:07: d8:b5:ef:73:ce:4e:e9:81:1c:7c:91:f1:5a:54:28: e0:4c:39:5d:29:85:23:7f:95:f5:ad:bd:dd:62:65: e3:b3:95:e4:65:fd:11:68:14:f3:6a:d8:1c:62:bf: 7e:b0:20:85:ad:00:00:2c:fa:fe:79:b9:64:1a:51: 9b:c2:ad:b1:f3:60:d3:16:ef:1d:10:a7:bb:d5:5d: b5:22:95:c3:5a:07:64:d6:0a:17:cc:73:bf:05:40: 00:8d:82:16:4f:18:31:e0:53:4b:57:6d:8b:19:e6: 2c:6e:0b:0c:80:66:bf:d5:6e:01:ac:5c:49:34:c8: 33:d1:7e:aa:f1:1d:1d:31:ce:48:ba:3c:15:4a:e2: e5:fe:a4:75:fd:b8:ad:8a:d6:cc:8d:12:7c:51:1c: 71:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:BA:46:1B:39:E3:DC:36:A7:CC:11:E4:E2:D5:5C:06:58:05:2B:56 X509v3 Authority Key Identifier: keyid:2F:6A:DF:42:AF:D1:64:08:0E:A3:1E:0F:3B:83:38:BE:D6:DA:1E:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E7164/228ABF74898B11EA92759A5CC4F9AE02/L2rfQq_RZAgOox4PO4M4vtbaHlk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L2rfQq_RZAgOox4PO4M4vtbaHlk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7164/228ABF74898B11EA92759A5CC4F9AE02/L2rfQq_RZAgOox4PO4M4vtbaHlk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1e:19:f2:a8:76:97:6a:61:f3:01:23:42:23:0a:8a:62:d0:d7: e2:21:4a:8c:8b:ca:8c:c1:1d:16:1f:87:39:ff:e4:26:e9:57: d9:e2:31:a0:ac:bf:b2:61:53:ff:cc:a4:09:29:5f:dd:5c:71: 0f:3d:73:16:4d:96:5a:1d:1f:00:cb:46:99:e1:30:2c:61:17: 5e:bb:46:fa:8e:0c:59:e7:ca:4e:6d:f3:53:fd:ee:dc:dc:5d: 19:0d:e7:dd:99:f8:93:99:5e:a4:3f:eb:e1:74:ff:2d:bd:5d: 80:26:7a:46:1e:b8:9e:ea:1c:60:ff:31:0b:c6:8e:65:82:43: af:87:3d:38:78:b7:72:cf:03:f1:f4:ed:d4:76:92:cc:38:28: 3c:c1:9c:60:3b:de:6f:c0:1e:f4:28:71:0a:31:ad:c8:19:c2: 41:32:7a:d2:28:67:be:a1:98:fb:81:66:9f:4f:ff:f8:ad:1b: 4c:3c:fd:d8:b5:47:27:59:dc:85:38:61:7d:8a:a5:1b:6a:1a: d9:c6:7d:46:9a:7c:02:88:a9:ac:f1:d1:72:9b:58:4a:2c:10: 10:ba:e5:be:5c:f8:ff:74:74:6e:48:f5:2d:d6:44:d5:22:90: a6:23:e4:32:cd:a7:f0:b4:98:c5:6b:db:6c:28:fc:5d:f0:40: 7e:9d:0e:74 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCZYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTcxNjQxMTAvBgNVBAUTKDJGNkFERjQyQUZEMTY0MDgwRUEzMUUwRjNCODMzOEJF RDZEQTFFNTkwHhcNMjUwNTEyMTk1NTUyWhcNMjUwNTE5MTk1NTUyWjAYMRYwFAYD VQQDEw02ODIyNTI0OC0wNTcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwbq2VMBE7oDtqV5WXwcEFH1TuO2VYL4PgZTXeCzZqAPw29/gSNVEOOyHhPpm BkBbz5VtkzGeylJKPzIrz0/yBCQeauwDyV49FZOjBs5hjn2JeWFaMW+U5CZJFdOU k57NKyYmTr0g8wfYte9zzk7pgRx8kfFaVCjgTDldKYUjf5X1rb3dYmXjs5XkZf0R aBTzatgcYr9+sCCFrQAALPr+eblkGlGbwq2x82DTFu8dEKe71V21IpXDWgdk1goX zHO/BUAAjYIWTxgx4FNLV22LGeYsbgsMgGa/1W4BrFxJNMgz0X6q8R0dMc5IujwV SuLl/qR1/bititbMjRJ8URxxJwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJC6Rhs5 49w2p8wR5OLVXAZYBStWMB8GA1UdIwQYMBaAFC9q30Kv0WQIDqMeDzuDOL7W2h5Z MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNzE2NC8yMjhBQkY3NDg5 OEIxMUVBOTI3NTlBNUNDNEY5QUUwMi9MMnJmUXFfUlpBZ09veDRQTzRNNHZ0YmFI bGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0wycmZRcV9SWkFnT294NFBPNE00dnRiYUhsay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NzE2NC8yMjhBQkY3NDg5OEIxMUVBOTI3NTlBNUNDNEY5QUUwMi9MMnJmUXFfUlpB Z09veDRQTzRNNHZ0YmFIbGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAeGfKodpdqYfMBI0IjCopi0NfiIUqMi8qMwR0WH4c5/+Qm6VfZ4jGg rL+yYVP/zKQJKV/dXHEPPXMWTZZaHR8Ay0aZ4TAsYRdeu0b6jgxZ58pObfNT/e7c 3F0ZDefdmfiTmV6kP+vhdP8tvV2AJnpGHrie6hxg/zELxo5lgkOvhz04eLdyzwPx 9O3UdpLMOCg8wZxgO95vwB70KHEKMa3IGcJBMnrSKGe+oZj7gWafT//4rRtMPP3Y tUcnWdyFOGF9iqUbahrZxn1GmnwCiKms8dFym1hKLBAQuuW+XPj/dHRuSPUt1kTV IpCmI+QyzafwtJjFa9tsKPxd8EB+nQ50 -----END CERTIFICATE-----Generated at Wed May 14 17:27:11 2025 by rpki-client