$ rpki-client -vvf rpki.apnic.net/member_repository/A9147DCA/1C75EDA67D6A11EBA4A5980CC4F9AE02/LDoqgSHM-Km_x8tmkYVK9eTSGfk.mft File: LDoqgSHM-Km_x8tmkYVK9eTSGfk.mft (raw, json) Hash identifier: fVkZ49NoSBRkT5sNt722izceQJqUq5PbF7ERgRAvWJM= Subject key identifier: 6E:D9:90:40:AE:71:E4:A1:42:D1:6D:68:A3:A6:50:8C:17:B7:C2:B4 Authority key identifier: 2C:3A:2A:81:21:CC:F8:A9:BF:C7:CB:66:91:85:4A:F5:E4:D2:19:F9 Certificate issuer: /CN=A9147DCA/serialNumber=2C3A2A8121CCF8A9BFC7CB6691854AF5E4D219F9 Certificate serial: 065A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LDoqgSHM-Km_x8tmkYVK9eTSGfk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9147DCA/1C75EDA67D6A11EBA4A5980CC4F9AE02/LDoqgSHM-Km_x8tmkYVK9eTSGfk.mft Manifest number: 064E Signing time: Fri 28 Mar 2025 22:44:30 +0000 Manifest this update: Fri 28 Mar 2025 22:44:30 +0000 Manifest next update: Fri 04 Apr 2025 22:44:30 +0000 Files and hashes: 1: LDoqgSHM-Km_x8tmkYVK9eTSGfk.crl (hash: qncaSUiXe62M5SHGLz4nCxPUTJZSfRx+ukcpA3rWmf4=) 2: F100A1207F9911EBAFB6C91BC4F9AE02.roa (hash: 33QQuphQRYqieH70NrggQ8h+UAAXFdTttYTtHGKfVsc=) 3: 0463FF50526C11EC80A31615C4F9AE02.roa (hash: 75t6akdtpfZ66rCaphdHE8Ci0vcMWvnaqPUEn6z8jRY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9147DCA/1C75EDA67D6A11EBA4A5980CC4F9AE02/LDoqgSHM-Km_x8tmkYVK9eTSGfk.crl rsync://rpki.apnic.net/member_repository/A9147DCA/1C75EDA67D6A11EBA4A5980CC4F9AE02/LDoqgSHM-Km_x8tmkYVK9eTSGfk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LDoqgSHM-Km_x8tmkYVK9eTSGfk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 22:44:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1626 (0x65a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9147DCA Validity Not Before: Mar 28 22:44:30 2025 GMT Not After : Apr 4 22:44:30 2025 GMT Subject: CN=67e7264e-db27 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:e9:24:65:7e:70:d9:ba:ab:2a:83:1e:c1:a2: 4f:05:5a:f8:7c:ee:98:f2:a1:68:79:aa:d2:86:4d: 27:05:d8:06:40:b4:0a:cf:1e:f8:b4:9a:56:6d:6e: 1a:26:b3:bb:7c:74:4f:dd:3b:18:d6:ff:50:ed:a0: db:0f:19:18:a8:97:bd:c6:73:e9:5b:bf:39:19:92: 06:fc:76:d7:22:99:35:71:8d:ae:8c:04:88:53:b8: d0:a0:65:4d:0b:c1:bc:05:4d:1b:50:72:e9:47:ef: 2d:12:4e:fe:01:16:11:13:9d:89:61:4e:c5:2c:a7: 17:ee:5d:da:79:b1:bc:64:cb:cd:af:80:70:2e:29: 8d:0b:45:56:46:55:77:34:70:a6:fc:91:bb:97:b5: e1:67:34:d7:aa:14:1f:35:db:b4:ea:47:a6:41:9b: 27:eb:02:62:74:21:fe:5f:88:71:e6:69:d1:bf:03: d9:64:eb:1b:b9:f2:ce:62:c3:3d:0d:d9:e8:3d:1d: de:3f:5b:4c:a4:4c:47:5c:99:69:02:73:7e:63:b0: ae:a8:bc:27:98:7b:73:8c:69:9d:85:6f:68:fd:ca: d4:57:1e:6e:f3:a8:1f:96:77:d9:95:5f:1e:f9:85: 20:07:da:65:24:5f:24:35:1a:6c:1c:ac:fa:7c:a5: eb:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:D9:90:40:AE:71:E4:A1:42:D1:6D:68:A3:A6:50:8C:17:B7:C2:B4 X509v3 Authority Key Identifier: keyid:2C:3A:2A:81:21:CC:F8:A9:BF:C7:CB:66:91:85:4A:F5:E4:D2:19:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9147DCA/1C75EDA67D6A11EBA4A5980CC4F9AE02/LDoqgSHM-Km_x8tmkYVK9eTSGfk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LDoqgSHM-Km_x8tmkYVK9eTSGfk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147DCA/1C75EDA67D6A11EBA4A5980CC4F9AE02/LDoqgSHM-Km_x8tmkYVK9eTSGfk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 80:85:71:e9:b3:fe:4c:bb:d1:19:68:b6:d9:e6:d3:b3:ed:c9: 97:dd:78:c1:01:eb:c8:e7:ce:f6:26:4c:6b:86:d5:2b:bf:6b: 92:34:b4:0a:75:a8:50:43:44:8e:f6:31:3a:e8:c9:28:20:41: 3d:72:f0:17:91:cb:7d:82:04:9a:31:48:58:0a:3f:be:07:e4: af:3e:50:84:20:20:e9:c9:30:8b:b7:ec:da:67:d2:1f:1d:7b: 3d:18:ae:76:1b:cc:fd:3b:c4:42:d2:9d:c0:42:a9:78:fb:16: 44:40:63:99:50:a5:75:19:64:f0:b7:42:52:eb:4d:16:6d:64: 70:2a:39:60:99:5e:89:7a:4e:3d:61:3c:88:a3:88:ed:dc:5a: a5:a8:33:c0:4d:3f:7f:54:9e:21:76:2d:8b:3e:27:d5:83:c8: 4c:76:dd:94:4d:fa:12:08:27:f5:75:54:d0:e9:c8:96:6f:27: a4:40:57:4e:7e:43:9a:23:62:5b:99:01:c9:6c:df:67:5d:8e: 4a:93:00:34:4f:62:d7:91:34:b3:14:b3:ac:ca:58:a0:c9:aa: ec:72:91:a3:fe:79:60:60:25:bd:6e:1f:55:5d:1f:b9:87:b4: 6b:76:d8:fc:41:79:f8:86:df:3c:e2:8f:ba:d4:bb:30:09:76: c1:93:4a:b8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBlowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDdEQ0ExMTAvBgNVBAUTKDJDM0EyQTgxMjFDQ0Y4QTlCRkM3Q0I2NjkxODU0QUY1 RTREMjE5RjkwHhcNMjUwMzI4MjI0NDMwWhcNMjUwNDA0MjI0NDMwWjAYMRYwFAYD VQQDEw02N2U3MjY0ZS1kYjI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtekkZX5w2bqrKoMewaJPBVr4fO6Y8qFoearShk0nBdgGQLQKzx74tJpWbW4a JrO7fHRP3TsY1v9Q7aDbDxkYqJe9xnPpW785GZIG/HbXIpk1cY2ujASIU7jQoGVN C8G8BU0bUHLpR+8tEk7+ARYRE52JYU7FLKcX7l3aebG8ZMvNr4BwLimNC0VWRlV3 NHCm/JG7l7XhZzTXqhQfNdu06kemQZsn6wJidCH+X4hx5mnRvwPZZOsbufLOYsM9 DdnoPR3eP1tMpExHXJlpAnN+Y7CuqLwnmHtzjGmdhW9o/crUVx5u86gflnfZlV8e +YUgB9plJF8kNRpsHKz6fKXrkwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFG7ZkECu ceShQtFtaKOmUIwXt8K0MB8GA1UdIwQYMBaAFCw6KoEhzPipv8fLZpGFSvXk0hn5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0N0RDQS8xQzc1RURBNjdE NkExMUVCQTRBNTk4MENDNEY5QUUwMi9MRG9xZ1NITS1LbV94OHRta1lWSzllVFNH ZmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xEb3FnU0hNLUttX3g4dG1rWVZLOWVUU0dmay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 N0RDQS8xQzc1RURBNjdENkExMUVCQTRBNTk4MENDNEY5QUUwMi9MRG9xZ1NITS1L bV94OHRta1lWSzllVFNHZmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCAhXHps/5Mu9EZaLbZ5tOz7cmX3XjBAevI5872JkxrhtUrv2uSNLQK dahQQ0SO9jE66MkoIEE9cvAXkct9ggSaMUhYCj++B+SvPlCEICDpyTCLt+zaZ9If HXs9GK52G8z9O8RC0p3AQql4+xZEQGOZUKV1GWTwt0JS600WbWRwKjlgmV6Jek49 YTyIo4jt3FqlqDPATT9/VJ4hdi2LPifVg8hMdt2UTfoSCCf1dVTQ6ciWbyekQFdO fkOaI2JbmQHJbN9nXY5KkwA0T2LXkTSzFLOsyligyarscpGj/nlgYCW9bh9VXR+5 h7Rrdtj8QXn4ht884o+61LswCXbBk0q4 -----END CERTIFICATE-----Generated at Fri Apr 4 22:34:56 2025 by rpki-client