$ rpki-client -vvf rpki.apnic.net/member_repository/A9147DCA/1C75EDA67D6A11EBA4A5980CC4F9AE02/LDoqgSHM-Km_x8tmkYVK9eTSGfk.mft File: LDoqgSHM-Km_x8tmkYVK9eTSGfk.mft (raw, json) Hash identifier: 3BCDjE3V+vTPVjOJHVEVGtOCW/ZhmzaNP/dq7zzoVkk= Subject key identifier: 89:8E:73:42:90:C4:0B:0B:92:44:EF:1D:4A:C4:EC:9D:78:BA:7F:86 Authority key identifier: 2C:3A:2A:81:21:CC:F8:A9:BF:C7:CB:66:91:85:4A:F5:E4:D2:19:F9 Certificate issuer: /CN=A9147DCA/serialNumber=2C3A2A8121CCF8A9BFC7CB6691854AF5E4D219F9 Certificate serial: 0696 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LDoqgSHM-Km_x8tmkYVK9eTSGfk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9147DCA/1C75EDA67D6A11EBA4A5980CC4F9AE02/LDoqgSHM-Km_x8tmkYVK9eTSGfk.mft Manifest number: 0688 Signing time: Fri 18 Jul 2025 22:35:09 +0000 Manifest this update: Fri 18 Jul 2025 22:35:08 +0000 Manifest next update: Fri 25 Jul 2025 22:35:08 +0000 Files and hashes: 1: LDoqgSHM-Km_x8tmkYVK9eTSGfk.crl (hash: PIxK+KQiDGBWrng6iwJEe1WQp/RCZwFB7gesAezJxrk=) 2: F100A1207F9911EBAFB6C91BC4F9AE02.roa (hash: WC17u871QRbv9L0eEf3wRpZbTARtAM6LAemuxBHqCWE=) 3: 0463FF50526C11EC80A31615C4F9AE02.roa (hash: mMd+OVrFW5GAoQGXV5q8W888lgwtgTWX8rE/7aryuNU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9147DCA/1C75EDA67D6A11EBA4A5980CC4F9AE02/LDoqgSHM-Km_x8tmkYVK9eTSGfk.crl rsync://rpki.apnic.net/member_repository/A9147DCA/1C75EDA67D6A11EBA4A5980CC4F9AE02/LDoqgSHM-Km_x8tmkYVK9eTSGfk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LDoqgSHM-Km_x8tmkYVK9eTSGfk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 22:35:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1686 (0x696) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9147DCA, serialNumber=2C3A2A8121CCF8A9BFC7CB6691854AF5E4D219F9 Validity Not Before: Jul 18 22:35:08 2025 GMT Not After : Jul 25 22:35:08 2025 GMT Subject: CN=687acc1c-5eee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:4f:ab:f6:92:40:c0:fb:ed:8f:37:1c:27:5e: 02:be:39:fe:89:1e:aa:d9:c3:12:ee:c6:19:3c:c7: 82:6c:be:9e:de:76:ff:c5:84:28:e3:10:2f:d8:a5: 70:34:58:8f:a5:7f:e9:3b:8f:5b:c9:32:7e:85:07: 08:fe:f0:e4:68:67:b6:3a:ee:a4:89:cc:b9:e3:1e: 43:29:c1:9d:59:6d:ba:5f:3b:55:89:2e:07:bd:33: f0:23:47:b1:fa:af:30:2a:d1:aa:4a:6f:91:66:25: eb:2a:69:e5:5e:ab:d4:27:da:f8:13:fa:93:d5:d7: 73:d0:31:4f:93:c4:8e:6f:7a:28:94:88:14:d9:e2: c8:4e:84:7f:35:f0:c9:c7:36:ef:b9:4d:ea:58:17: fc:5a:0b:c3:7e:ec:44:5d:75:58:51:1e:ea:4b:16: 71:29:85:3b:30:34:49:22:dd:9c:2e:97:b1:0e:13: 09:d2:5e:fb:6e:c3:b8:c3:8f:de:2f:1f:9b:5b:00: 72:4a:04:33:e6:f8:68:3b:7f:aa:9a:05:10:84:95: 81:36:4d:0d:8a:13:48:15:fd:47:96:8c:29:9e:da: fa:fe:0b:66:97:63:09:74:6f:d3:02:7c:e5:3f:90: 8d:7e:c4:91:c8:4b:8b:29:76:c2:aa:f1:cf:ac:9d: 8d:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:8E:73:42:90:C4:0B:0B:92:44:EF:1D:4A:C4:EC:9D:78:BA:7F:86 X509v3 Authority Key Identifier: keyid:2C:3A:2A:81:21:CC:F8:A9:BF:C7:CB:66:91:85:4A:F5:E4:D2:19:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9147DCA/1C75EDA67D6A11EBA4A5980CC4F9AE02/LDoqgSHM-Km_x8tmkYVK9eTSGfk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LDoqgSHM-Km_x8tmkYVK9eTSGfk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147DCA/1C75EDA67D6A11EBA4A5980CC4F9AE02/LDoqgSHM-Km_x8tmkYVK9eTSGfk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a7:cf:b9:f4:57:8b:c6:1b:df:a3:92:49:85:47:ca:c9:ab:9d: 46:61:52:33:76:d7:1c:e5:45:e5:5f:24:f8:b3:89:9c:1e:5a: 41:57:83:3d:8c:53:a7:bb:13:da:dc:89:4a:a6:59:c4:d8:9e: e7:99:60:f4:0e:5b:78:8f:de:ce:e1:15:77:82:f7:85:6f:eb: 2a:61:31:c2:43:80:20:7c:56:a8:ba:a7:74:82:66:32:4d:39: fa:eb:37:24:40:27:93:d3:3b:34:f2:9d:11:9e:76:7f:26:e6: 92:e6:e9:cc:e5:fd:b9:f1:31:d6:a8:11:ba:fc:11:f7:4a:48: 55:07:74:23:a2:6a:2c:19:44:84:b0:71:60:23:57:8f:3c:e3: 49:c0:1d:8c:c6:19:35:a8:50:b4:37:9a:62:1f:57:d5:bc:b4: d8:e3:83:fc:0e:70:75:e5:17:24:5e:9c:8c:92:7f:16:c6:aa: 18:9f:8d:ae:54:7f:d0:13:62:60:dd:a0:b6:f6:06:93:2e:28: 2f:b0:f0:04:8d:88:5e:a2:6d:06:b6:78:10:dd:f6:46:6a:8e: 82:01:16:73:84:da:4a:05:f3:20:77:c1:de:e8:f0:32:10:a9: 80:94:a2:34:17:1c:55:7d:6f:3a:62:fc:22:58:65:ac:1a:bf: 22:da:90:c8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBpYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDdEQ0ExMTAvBgNVBAUTKDJDM0EyQTgxMjFDQ0Y4QTlCRkM3Q0I2NjkxODU0QUY1 RTREMjE5RjkwHhcNMjUwNzE4MjIzNTA4WhcNMjUwNzI1MjIzNTA4WjAYMRYwFAYD VQQDEw02ODdhY2MxYy01ZWVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp0+r9pJAwPvtjzccJ14Cvjn+iR6q2cMS7sYZPMeCbL6e3nb/xYQo4xAv2KVw NFiPpX/pO49byTJ+hQcI/vDkaGe2Ou6kicy54x5DKcGdWW26XztViS4HvTPwI0ex +q8wKtGqSm+RZiXrKmnlXqvUJ9r4E/qT1ddz0DFPk8SOb3oolIgU2eLIToR/NfDJ xzbvuU3qWBf8WgvDfuxEXXVYUR7qSxZxKYU7MDRJIt2cLpexDhMJ0l77bsO4w4/e Lx+bWwBySgQz5vhoO3+qmgUQhJWBNk0NihNIFf1Hlowpntr6/gtml2MJdG/TAnzl P5CNfsSRyEuLKXbCqvHPrJ2NvwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFImOc0KQ xAsLkkTvHUrE7J14un+GMB8GA1UdIwQYMBaAFCw6KoEhzPipv8fLZpGFSvXk0hn5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0N0RDQS8xQzc1RURBNjdE NkExMUVCQTRBNTk4MENDNEY5QUUwMi9MRG9xZ1NITS1LbV94OHRta1lWSzllVFNH ZmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xEb3FnU0hNLUttX3g4dG1rWVZLOWVUU0dmay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 N0RDQS8xQzc1RURBNjdENkExMUVCQTRBNTk4MENDNEY5QUUwMi9MRG9xZ1NITS1L bV94OHRta1lWSzllVFNHZmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCnz7n0V4vGG9+jkkmFR8rJq51GYVIzdtcc5UXlXyT4s4mcHlpBV4M9 jFOnuxPa3IlKplnE2J7nmWD0Dlt4j97O4RV3gveFb+sqYTHCQ4AgfFaouqd0gmYy TTn66zckQCeT0zs08p0RnnZ/JuaS5unM5f258THWqBG6/BH3SkhVB3QjomosGUSE sHFgI1ePPONJwB2Mxhk1qFC0N5piH1fVvLTY44P8DnB15RckXpyMkn8WxqoYn42u VH/QE2Jg3aC29gaTLigvsPAEjYheom0GtngQ3fZGao6CARZzhNpKBfMgd8He6PAy EKmAlKI0FxxVfW86YvwiWGWsGr8i2pDI -----END CERTIFICATE-----Generated at Sun Jul 20 12:21:20 2025 by rpki-client