$ rpki-client -vvf rpki.apnic.net/member_repository/A91F5753/7B5624441BBB11EDA87F6E67C4F9AE02/LnNx4gZThK0R1DN9DS7NH2bSGco.mft File: LnNx4gZThK0R1DN9DS7NH2bSGco.mft (raw, json) Hash identifier: K/oY+KukYui1EWPnuBNGKvlkcJy4jf8oL+usZ2DGA/w= Subject key identifier: 34:CB:C7:D4:5D:D7:B4:B2:98:F7:BA:A8:CD:3E:D5:3C:BB:E7:E3:C8 Authority key identifier: 2E:73:71:E2:06:53:84:AD:11:D4:33:7D:0D:2E:CD:1F:66:D2:19:CA Certificate issuer: /CN=A91F5753/serialNumber=2E7371E2065384AD11D4337D0D2ECD1F66D219CA Certificate serial: 0285 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LnNx4gZThK0R1DN9DS7NH2bSGco.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F5753/7B5624441BBB11EDA87F6E67C4F9AE02/LnNx4gZThK0R1DN9DS7NH2bSGco.mft Manifest number: 0280 Signing time: Sat 23 Aug 2025 01:56:14 +0000 Manifest this update: Sat 23 Aug 2025 01:56:14 +0000 Manifest next update: Sat 30 Aug 2025 01:56:13 +0000 Files and hashes: 1: LnNx4gZThK0R1DN9DS7NH2bSGco.crl (hash: wdKfK+vcDd/UI61T+70c6uZZzmSl/QgTwGVz3Ji481c=) 2: 68C425FC1BBF11ED9F87C083C4F9AE02.roa (hash: x9csIWd6s8afCMS1YmHZZTrl70IFmSCSA9MRca7TL7s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F5753/7B5624441BBB11EDA87F6E67C4F9AE02/LnNx4gZThK0R1DN9DS7NH2bSGco.crl rsync://rpki.apnic.net/member_repository/A91F5753/7B5624441BBB11EDA87F6E67C4F9AE02/LnNx4gZThK0R1DN9DS7NH2bSGco.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LnNx4gZThK0R1DN9DS7NH2bSGco.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 01:56:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 645 (0x285) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F5753, serialNumber=2E7371E2065384AD11D4337D0D2ECD1F66D219CA Validity Not Before: Aug 23 01:56:14 2025 GMT Not After : Aug 30 01:56:13 2025 GMT Subject: CN=68a91fbe-cd5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:2f:d4:a5:96:41:4e:72:47:36:db:92:01:25: 82:29:88:2c:e5:c3:a3:1a:22:23:eb:1b:4b:e8:8b: 9f:e0:25:05:93:cb:06:74:00:cb:db:d4:2a:d4:ec: 61:88:7c:11:2f:23:c8:4c:e6:63:5b:5a:62:de:6f: 6e:95:27:9b:f0:29:da:7e:ab:c8:e3:5b:48:4a:a6: ae:5a:a8:29:17:d7:1e:43:da:b3:4e:15:f7:31:8f: 37:06:2e:44:23:b4:d3:bd:d6:08:d7:bb:23:3f:bb: f3:73:35:42:15:6c:ce:e4:ff:3f:82:96:d7:6e:47: f4:ee:07:c2:89:41:36:8b:28:d7:02:4c:8e:72:dc: e8:d9:e3:7e:99:f0:e9:9e:37:fa:83:51:be:db:0a: ef:72:10:2b:8a:e3:b1:71:54:ca:a4:36:3f:7c:6f: 0e:7d:01:b4:7c:4a:78:3f:a0:c8:8b:79:40:46:bf: 93:71:ed:b8:ad:c0:74:3e:1a:98:e9:2e:46:8b:c8: ce:d7:43:a6:02:0f:93:d2:60:f3:f8:e6:64:1b:49: 62:7b:fd:4e:08:ce:7d:4c:dd:17:b1:c3:22:4f:76: 20:74:f3:41:39:3c:cc:45:64:b2:5b:e2:fc:ec:0b: 6d:33:df:85:6e:a8:b7:05:d6:26:99:60:5b:b6:9d: 36:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:CB:C7:D4:5D:D7:B4:B2:98:F7:BA:A8:CD:3E:D5:3C:BB:E7:E3:C8 X509v3 Authority Key Identifier: keyid:2E:73:71:E2:06:53:84:AD:11:D4:33:7D:0D:2E:CD:1F:66:D2:19:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F5753/7B5624441BBB11EDA87F6E67C4F9AE02/LnNx4gZThK0R1DN9DS7NH2bSGco.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LnNx4gZThK0R1DN9DS7NH2bSGco.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F5753/7B5624441BBB11EDA87F6E67C4F9AE02/LnNx4gZThK0R1DN9DS7NH2bSGco.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8b:e0:12:0c:e8:14:d2:72:2f:3b:1e:76:f6:18:bc:27:8f:b6: ba:a4:ea:11:bf:9f:22:a9:8e:7c:75:0e:52:10:73:c0:73:6b: 6e:35:3f:51:ed:ac:2b:79:d2:27:2f:a3:a0:35:65:8e:d7:12: 7a:5b:2c:2b:38:c8:00:ff:67:76:e5:29:94:83:09:1a:1c:69: 82:83:36:e6:82:24:a1:49:5f:8c:e5:c3:fb:e5:19:0d:e1:3a: 3f:da:ca:58:b6:18:9f:8d:23:e0:7a:b1:d1:13:82:cc:59:fc: d0:07:a6:65:4b:38:b6:69:b8:7b:54:0f:ab:b5:67:b4:b2:83: f1:3c:82:10:b0:cb:06:ff:ec:9b:7b:b0:04:a0:9b:67:fd:5a: 0d:d5:5e:1e:3b:2e:4a:11:81:03:0f:48:71:31:01:b9:52:a2: 8e:c0:f6:c2:b1:27:df:62:0b:4b:63:cd:29:03:72:56:bf:f2: 55:6b:40:1d:98:58:a9:31:0a:4e:41:0e:ed:18:35:cd:1b:b6: 8a:33:11:26:b5:23:ab:0a:0b:52:46:e9:6e:97:ba:6d:b0:7d: 16:eb:a4:ef:f3:39:68:9d:98:0f:fd:fb:cc:79:db:7a:8c:5b: cd:0c:49:56:e6:30:38:f6:6d:2e:f6:23:26:64:ea:e2:40:cd: 25:fe:21:04 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAoUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjU3NTMxMTAvBgNVBAUTKDJFNzM3MUUyMDY1Mzg0QUQxMUQ0MzM3RDBEMkVDRDFG NjZEMjE5Q0EwHhcNMjUwODIzMDE1NjE0WhcNMjUwODMwMDE1NjEzWjAYMRYwFAYD VQQDEw02OGE5MWZiZS1jZDVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3i/UpZZBTnJHNtuSASWCKYgs5cOjGiIj6xtL6Iuf4CUFk8sGdADL29Qq1Oxh iHwRLyPITOZjW1pi3m9ulSeb8CnafqvI41tISqauWqgpF9ceQ9qzThX3MY83Bi5E I7TTvdYI17sjP7vzczVCFWzO5P8/gpbXbkf07gfCiUE2iyjXAkyOctzo2eN+mfDp njf6g1G+2wrvchAriuOxcVTKpDY/fG8OfQG0fEp4P6DIi3lARr+Tce24rcB0PhqY 6S5Gi8jO10OmAg+T0mDz+OZkG0lie/1OCM59TN0XscMiT3YgdPNBOTzMRWSyW+L8 7AttM9+Fbqi3BdYmmWBbtp02BQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDTLx9Rd 17SymPe6qM0+1Ty75+PIMB8GA1UdIwQYMBaAFC5zceIGU4StEdQzfQ0uzR9m0hnK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNTc1My83QjU2MjQ0NDFC QkIxMUVEQTg3RjZFNjdDNEY5QUUwMi9Mbk54NGdaVGhLMFIxRE45RFM3TkgyYlNH Y28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xuTng0Z1pUaEswUjFETjlEUzdOSDJiU0djby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NTc1My83QjU2MjQ0NDFCQkIxMUVEQTg3RjZFNjdDNEY5QUUwMi9Mbk54NGdaVGhL MFIxRE45RFM3TkgyYlNHY28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCL4BIM6BTSci87Hnb2GLwnj7a6pOoRv58iqY58dQ5SEHPAc2tuNT9R 7awredInL6OgNWWO1xJ6WywrOMgA/2d25SmUgwkaHGmCgzbmgiShSV+M5cP75RkN 4To/2spYthifjSPgerHRE4LMWfzQB6ZlSzi2abh7VA+rtWe0soPxPIIQsMsG/+yb e7AEoJtn/VoN1V4eOy5KEYEDD0hxMQG5UqKOwPbCsSffYgtLY80pA3JWv/JVa0Ad mFipMQpOQQ7tGDXNG7aKMxEmtSOrCgtSRulul7ptsH0W66Tv8zlonZgP/fvMedt6 jFvNDElW5jA49m0u9iMmZOriQM0l/iEE -----END CERTIFICATE-----Generated at Sun Aug 24 03:37:27 2025 by rpki-client