$ rpki-client -vvf rpki.apnic.net/member_repository/A911F753/7809DA02BC0D11EF9B4AD649C4F9AE02/LUmzrm2hi2NGSjF3qzIQGULmpRo.mft File: LUmzrm2hi2NGSjF3qzIQGULmpRo.mft (raw, json) Hash identifier: N7Moa58xi3nPhUzV8em/Lk6pp6VTAy+Mg3jHzyGs00s= Subject key identifier: A3:F0:2E:EC:5B:AF:A0:C6:E7:9B:60:9B:B3:B6:26:BC:DA:26:A0:24 Authority key identifier: 2D:49:B3:AE:6D:A1:8B:63:46:4A:31:77:AB:32:10:19:42:E6:A5:1A Certificate issuer: /CN=A911F753/serialNumber=2D49B3AE6DA18B63464A3177AB32101942E6A51A Certificate serial: 7C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/LUmzrm2hi2NGSjF3qzIQGULmpRo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911F753/7809DA02BC0D11EF9B4AD649C4F9AE02/LUmzrm2hi2NGSjF3qzIQGULmpRo.mft Manifest number: 77 Signing time: Mon 21 Jul 2025 07:04:36 +0000 Manifest this update: Mon 21 Jul 2025 07:04:36 +0000 Manifest next update: Mon 28 Jul 2025 07:04:36 +0000 Files and hashes: 1: LUmzrm2hi2NGSjF3qzIQGULmpRo.crl (hash: BGCMImBQFsEzEiNTHdPs2MKbLZJ0mVSCpfWp8SKoU04=) 2: C48E5CA6EC5811EFB20A8A18C4F9AE02.roa (hash: 93C48aUyOvrcw03A3Tv7n2rRAvJ48I+je6JuY6BDvN8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911F753/7809DA02BC0D11EF9B4AD649C4F9AE02/LUmzrm2hi2NGSjF3qzIQGULmpRo.crl rsync://rpki.apnic.net/member_repository/A911F753/7809DA02BC0D11EF9B4AD649C4F9AE02/LUmzrm2hi2NGSjF3qzIQGULmpRo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/LUmzrm2hi2NGSjF3qzIQGULmpRo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 07:04:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 124 (0x7c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911F753, serialNumber=2D49B3AE6DA18B63464A3177AB32101942E6A51A Validity Not Before: Jul 21 07:04:36 2025 GMT Not After : Jul 28 07:04:36 2025 GMT Subject: CN=687de684-e90b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:dd:05:bb:74:88:17:40:10:aa:69:5d:cd:8b: 69:3b:52:73:05:e8:4b:7a:8c:dc:c9:22:a0:08:32: e0:a8:07:b5:2e:dc:13:a0:35:19:cd:d2:a4:41:c5: 05:64:45:93:31:bc:bb:b9:58:b1:97:f6:55:7f:48: 01:f4:86:74:7c:eb:dc:e4:44:ff:1f:24:84:24:1f: 01:24:ff:07:e9:84:4a:d2:f0:84:d0:66:76:a8:ea: 8c:30:04:5b:d4:ef:64:03:f5:d5:8e:0a:18:33:8b: 23:d4:81:8f:35:ca:40:bf:da:76:69:6e:33:8b:9e: 41:d0:fe:43:48:d7:f0:99:10:54:5b:7a:91:98:25: bf:82:c3:29:c6:b8:13:ab:7a:d9:4b:c8:c8:f1:fe: c2:9c:71:eb:3a:af:92:d9:6a:8c:5c:12:7f:0e:8e: 02:3b:28:7c:3c:86:f3:9d:ca:a1:49:01:3c:f1:b8: e3:66:08:e0:80:e4:65:31:8d:03:56:f9:79:d8:6e: 52:7f:ad:97:a1:01:5c:f8:32:3f:b0:0b:e3:44:5e: 1a:b2:0b:35:a1:ba:eb:46:ee:04:4a:dd:5a:72:f5: d3:84:10:6d:31:8d:97:17:9b:0f:df:1e:18:f2:d2: 5d:68:38:c7:29:e0:24:80:e5:14:5f:b0:e4:7d:c6: 35:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:F0:2E:EC:5B:AF:A0:C6:E7:9B:60:9B:B3:B6:26:BC:DA:26:A0:24 X509v3 Authority Key Identifier: keyid:2D:49:B3:AE:6D:A1:8B:63:46:4A:31:77:AB:32:10:19:42:E6:A5:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911F753/7809DA02BC0D11EF9B4AD649C4F9AE02/LUmzrm2hi2NGSjF3qzIQGULmpRo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/LUmzrm2hi2NGSjF3qzIQGULmpRo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911F753/7809DA02BC0D11EF9B4AD649C4F9AE02/LUmzrm2hi2NGSjF3qzIQGULmpRo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3a:d7:a1:7f:24:d7:60:c9:84:e4:6f:cc:f1:5d:a1:46:73:79: 81:e8:99:f9:b0:b7:14:70:12:e4:8e:90:b3:82:b7:44:6a:2b: 15:36:ef:bc:65:00:31:11:6e:38:c9:be:ea:47:dc:30:fd:5f: 71:47:26:4f:d9:db:2f:d3:3b:e4:fa:b7:4b:bc:58:d9:d3:b2: 66:ca:9d:4f:4e:80:56:3d:0f:2f:1b:07:2b:00:41:ee:e6:83: 98:1d:8e:a0:7c:8e:ce:2a:5f:86:45:cb:65:0a:fa:f1:a3:6a: 58:1f:da:4d:42:ed:87:cc:54:6b:d5:1c:b6:53:da:bf:3e:fc: f7:ef:6a:32:19:b4:ea:8e:af:80:ef:7e:3b:17:07:36:e2:80: 10:11:f3:29:70:2c:ac:72:40:e1:a3:f7:c7:6e:17:b0:b4:5d: ab:5b:e7:ba:53:c8:4d:d4:cf:6e:41:ff:8a:49:4a:83:be:ae: dd:65:ba:0d:8e:15:2e:18:4b:1c:8c:f3:9b:38:bc:cd:ea:f6: 0b:e1:02:31:c3:50:95:72:5c:9b:1b:dc:c4:fc:94:9f:b9:05: d3:46:87:d4:65:c5:7c:98:d2:d0:d7:7f:ce:23:e0:3d:c1:91: 31:14:58:4d:0d:f7:7a:4c:7d:2b:ca:d7:2b:ce:25:70:8b:a8: c2:7d:76:62 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBfDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx Rjc1MzExMC8GA1UEBRMoMkQ0OUIzQUU2REExOEI2MzQ2NEEzMTc3QUIzMjEwMTk0 MkU2QTUxQTAeFw0yNTA3MjEwNzA0MzZaFw0yNTA3MjgwNzA0MzZaMBgxFjAUBgNV BAMTDTY4N2RlNjg0LWU5MGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDU3QW7dIgXQBCqaV3Ni2k7UnMF6Et6jNzJIqAIMuCoB7Uu3BOgNRnN0qRBxQVk RZMxvLu5WLGX9lV/SAH0hnR869zkRP8fJIQkHwEk/wfphErS8ITQZnao6owwBFvU 72QD9dWOChgziyPUgY81ykC/2nZpbjOLnkHQ/kNI1/CZEFRbepGYJb+CwynGuBOr etlLyMjx/sKcces6r5LZaoxcEn8OjgI7KHw8hvOdyqFJATzxuONmCOCA5GUxjQNW +XnYblJ/rZehAVz4Mj+wC+NEXhqyCzWhuutG7gRK3Vpy9dOEEG0xjZcXmw/fHhjy 0l1oOMcp4CSA5RRfsOR9xjVtAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUo/Au7Fuv oMbnm2Cbs7YmvNomoCQwHwYDVR0jBBgwFoAULUmzrm2hi2NGSjF3qzIQGULmpRow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFGNzUzLzc4MDlEQTAyQkMw RDExRUY5QjRBRDY0OUM0RjlBRTAyL0xVbXpybTJoaTJOR1NqRjNxeklRR1VMbXBS by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvTFVtenJtMmhpMk5HU2pGM3F6SVFHVUxtcFJvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFG NzUzLzc4MDlEQTAyQkMwRDExRUY5QjRBRDY0OUM0RjlBRTAyL0xVbXpybTJoaTJO R1NqRjNxeklRR1VMbXBSby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBADrXoX8k12DJhORvzPFdoUZzeYHomfmwtxRwEuSOkLOCt0RqKxU277xl ADERbjjJvupH3DD9X3FHJk/Z2y/TO+T6t0u8WNnTsmbKnU9OgFY9Dy8bBysAQe7m g5gdjqB8js4qX4ZFy2UK+vGjalgf2k1C7YfMVGvVHLZT2r8+/PfvajIZtOqOr4Dv fjsXBzbigBAR8ylwLKxyQOGj98duF7C0Xatb57pTyE3Uz25B/4pJSoO+rt1lug2O FS4YSxyM85s4vM3q9gvhAjHDUJVyXJsb3MT8lJ+5BdNGh9RlxXyY0tDXf84j4D3B kTEUWE0N93pMfSvK1yvOJXCLqMJ9dmI= -----END CERTIFICATE-----Generated at Mon Jul 21 13:27:16 2025 by rpki-client