$ rpki-client -vvf rpki.apnic.net/member_repository/A91346B1/9A0ECE10D0F011EC8ECDBF63C4F9AE02/Lz71uQE3FOMXTGcArgSCTi8FwjA.mft File: Lz71uQE3FOMXTGcArgSCTi8FwjA.mft (raw, json) Hash identifier: SM1SiuTbfv3RLKqJwwfe7elVym5/axDw/gWo+Pn+84M= Subject key identifier: 23:8B:52:3E:2D:A6:59:CD:C2:31:B6:E6:D1:79:8C:8E:65:0C:79:18 Authority key identifier: 2F:3E:F5:B9:01:37:14:E3:17:4C:67:00:AE:04:82:4E:2F:05:C2:30 Certificate issuer: /CN=A91346B1/serialNumber=2F3EF5B9013714E3174C6700AE04824E2F05C230 Certificate serial: 0316 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Lz71uQE3FOMXTGcArgSCTi8FwjA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91346B1/9A0ECE10D0F011EC8ECDBF63C4F9AE02/Lz71uQE3FOMXTGcArgSCTi8FwjA.mft Manifest number: 02FA Signing time: Sat 05 Apr 2025 01:26:00 +0000 Manifest this update: Sat 05 Apr 2025 01:26:00 +0000 Manifest next update: Sat 12 Apr 2025 01:26:00 +0000 Files and hashes: 1: Lz71uQE3FOMXTGcArgSCTi8FwjA.crl (hash: R9UAKews3NVswpJJCv8+v6kmAdFXHDJtXuByaIA5t1E=) 2: 19E46D60D0F711EC8673072FC4F9AE02.roa (hash: MW8b0lzbn7akooUbZ8tV+oRNYmXktBHymwJPvbPr0T4=) 3: 69C96612D0F411EC8DAD6D11C4F9AE02.roa (hash: zRGHLr8o7A/D/r9KWR7LY3IvuquDXPxtjtwrPymfsx8=) 4: 196C52A8D0F711EC8673072FC4F9AE02.roa (hash: pmgvt39f/aMkunvyVMO6rfLmljyqEtakdw2Wz0MGd3o=) 5: 6A430D5AD0F411EC8DAD6D11C4F9AE02.roa (hash: Vk4lMkqK5ng6B+iZp/Sl6mPlRDRoZ3QpBy8plRdehn4=) 6: 1BC3E9F8D0F711EC8673072FC4F9AE02.roa (hash: RV0bq4XHGKUuOS8T3WS7G4aUlSWl2to/4furDRifxYQ=) 7: 6920E4D8D0F411EC8DAD6D11C4F9AE02.roa (hash: 6/3DevyJRKnv1xx6SHWcr3LVBgvTH0u4H55ECTrHATk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91346B1/9A0ECE10D0F011EC8ECDBF63C4F9AE02/Lz71uQE3FOMXTGcArgSCTi8FwjA.crl rsync://rpki.apnic.net/member_repository/A91346B1/9A0ECE10D0F011EC8ECDBF63C4F9AE02/Lz71uQE3FOMXTGcArgSCTi8FwjA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Lz71uQE3FOMXTGcArgSCTi8FwjA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 01:25:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 790 (0x316) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91346B1 Validity Not Before: Apr 5 01:26:00 2025 GMT Not After : Apr 12 01:26:00 2025 GMT Subject: CN=67f086a8-5a56 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:69:3b:86:8e:a8:d9:16:56:33:9f:70:51:cf: 6d:a2:a2:a0:04:ca:65:f0:6b:5d:38:cb:13:39:b6: e4:f0:37:8e:45:41:48:2c:0c:ed:c8:04:86:34:15: c6:40:fe:fa:6d:b7:01:7a:ab:69:f2:9a:2b:5e:a9: 85:4b:23:e0:73:db:7b:cc:34:1e:8f:d4:d3:c5:4d: 05:0a:82:93:df:d4:9f:24:33:bd:2b:57:7d:cf:5f: 11:50:45:d7:64:77:38:4b:2b:f1:ca:72:0c:87:fc: 85:b5:17:68:01:57:8b:f9:ea:97:0d:9b:a1:65:65: 1a:b8:ad:76:1b:72:be:90:49:06:5d:9d:ea:5a:74: 97:dd:18:71:71:0c:2c:0c:35:d9:6b:de:55:f5:5e: 5c:42:3e:5b:6b:e5:f8:a8:ed:e2:54:d0:85:1c:69: f2:d3:b6:d6:d9:63:c9:41:0f:83:e6:e9:a8:60:77: 5a:7c:b1:9b:90:bf:1c:17:77:93:0e:d4:b2:5b:3d: 41:6b:3e:9f:12:2a:38:bc:2a:1f:73:76:78:39:ed: 00:2c:8e:29:1c:96:e2:af:04:9a:df:bd:2d:8c:83: 93:f1:49:7d:d6:01:24:1e:aa:90:13:39:41:06:85: a0:ee:28:9d:78:ec:bc:d8:93:dd:50:fd:66:17:18: 5a:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:8B:52:3E:2D:A6:59:CD:C2:31:B6:E6:D1:79:8C:8E:65:0C:79:18 X509v3 Authority Key Identifier: keyid:2F:3E:F5:B9:01:37:14:E3:17:4C:67:00:AE:04:82:4E:2F:05:C2:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91346B1/9A0ECE10D0F011EC8ECDBF63C4F9AE02/Lz71uQE3FOMXTGcArgSCTi8FwjA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Lz71uQE3FOMXTGcArgSCTi8FwjA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91346B1/9A0ECE10D0F011EC8ECDBF63C4F9AE02/Lz71uQE3FOMXTGcArgSCTi8FwjA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6f:75:61:3f:72:26:a9:ed:59:d1:ac:6e:4b:d8:ab:5c:6d:4f: 01:3d:58:3e:e3:ee:da:c1:ac:28:e7:04:87:30:56:13:2a:ec: e5:de:cf:77:22:fb:0c:d0:31:bb:29:51:83:d9:a4:65:3c:8d: e7:62:12:8d:f3:c0:e0:69:ce:31:42:b6:ad:a9:8e:b4:a0:5b: 6b:96:a4:42:05:1e:44:26:8d:4c:31:e7:2b:c5:4d:1a:c1:a9: da:5d:fa:2d:0d:f9:a7:72:2f:a3:33:65:0e:85:1c:72:e0:0e: 8c:87:5b:39:b4:75:1b:df:da:83:d3:ee:13:de:35:71:5e:0f: e4:6d:16:37:98:46:fc:06:1e:1a:cd:d3:8e:b5:f5:84:5f:13: d2:6f:50:9e:be:e9:01:43:be:53:6a:ba:4d:ea:12:1c:27:89: 4e:df:05:eb:d2:67:aa:74:90:e0:9c:cb:46:c2:f7:02:f9:3d: 45:ff:df:e2:69:1e:9c:03:fc:fb:93:b3:6f:1e:21:dc:6b:82: 22:eb:79:cc:c7:3e:4a:fb:61:c9:4f:41:a7:a6:3a:18:01:f3: 7d:05:38:8c:bd:41:c1:f7:9b:fc:fd:f1:80:2e:a4:0f:d8:73: 8d:c0:14:56:b1:2a:28:0e:5b:eb:ad:79:2e:3e:e8:12:53:ce: d1:f0:8e:ae -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAxYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzQ2QjExMTAvBgNVBAUTKDJGM0VGNUI5MDEzNzE0RTMxNzRDNjcwMEFFMDQ4MjRF MkYwNUMyMzAwHhcNMjUwNDA1MDEyNjAwWhcNMjUwNDEyMDEyNjAwWjAYMRYwFAYD VQQDEw02N2YwODZhOC01YTU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvmk7ho6o2RZWM59wUc9toqKgBMpl8GtdOMsTObbk8DeORUFILAztyASGNBXG QP76bbcBeqtp8porXqmFSyPgc9t7zDQej9TTxU0FCoKT39SfJDO9K1d9z18RUEXX ZHc4SyvxynIMh/yFtRdoAVeL+eqXDZuhZWUauK12G3K+kEkGXZ3qWnSX3RhxcQws DDXZa95V9V5cQj5ba+X4qO3iVNCFHGny07bW2WPJQQ+D5umoYHdafLGbkL8cF3eT DtSyWz1Baz6fEio4vCofc3Z4Oe0ALI4pHJbirwSa370tjIOT8Ul91gEkHqqQEzlB BoWg7iideOy82JPdUP1mFxha8wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCOLUj4t plnNwjG25tF5jI5lDHkYMB8GA1UdIwQYMBaAFC8+9bkBNxTjF0xnAK4Egk4vBcIw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNDZCMS85QTBFQ0UxMEQw RjAxMUVDOEVDREJGNjNDNEY5QUUwMi9MejcxdVFFM0ZPTVhUR2NBcmdTQ1RpOEZ3 akEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0x6NzF1UUUzRk9NWFRHY0FyZ1NDVGk4RndqQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NDZCMS85QTBFQ0UxMEQwRjAxMUVDOEVDREJGNjNDNEY5QUUwMi9MejcxdVFFM0ZP TVhUR2NBcmdTQ1RpOEZ3akEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBvdWE/ciap7VnRrG5L2KtcbU8BPVg+4+7awawo5wSHMFYTKuzl3s93 IvsM0DG7KVGD2aRlPI3nYhKN88Dgac4xQratqY60oFtrlqRCBR5EJo1MMecrxU0a wanaXfotDfmnci+jM2UOhRxy4A6Mh1s5tHUb39qD0+4T3jVxXg/kbRY3mEb8Bh4a zdOOtfWEXxPSb1CevukBQ75TarpN6hIcJ4lO3wXr0meqdJDgnMtGwvcC+T1F/9/i aR6cA/z7k7NvHiHca4Ii63nMxz5K+2HJT0GnpjoYAfN9BTiMvUHB95v8/fGALqQP 2HONwBRWsSooDlvrrXkuPugSU87R8I6u -----END CERTIFICATE-----Generated at Sun Apr 6 07:36:20 2025 by rpki-client