$ rpki-client -vvf rpki.apnic.net/member_repository/A91514B1/7A8864ACFBE411EB82B6264FC4F9AE02/loLCq-JTI1gHdrHQ4nXS_S1pfrY.mft File: loLCq-JTI1gHdrHQ4nXS_S1pfrY.mft (raw, json) Hash identifier: 8m7HAcKNL+OggvQ4jvagvLUY3AEfBGm8b4g6F0t5Ezw= Subject key identifier: FD:BD:B9:51:FE:66:D2:05:38:5D:F1:81:8A:BB:21:61:F4:B9:B5:0F Authority key identifier: 96:82:C2:AB:E2:53:23:58:07:76:B1:D0:E2:75:D2:FD:2D:69:7E:B6 Certificate issuer: /CN=A91514B1/serialNumber=9682C2ABE25323580776B1D0E275D2FD2D697EB6 Certificate serial: 053C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/loLCq-JTI1gHdrHQ4nXS_S1pfrY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91514B1/7A8864ACFBE411EB82B6264FC4F9AE02/loLCq-JTI1gHdrHQ4nXS_S1pfrY.mft Manifest number: 0525 Signing time: Fri 04 Apr 2025 23:42:21 +0000 Manifest this update: Fri 04 Apr 2025 23:42:20 +0000 Manifest next update: Fri 11 Apr 2025 23:42:20 +0000 Files and hashes: 1: loLCq-JTI1gHdrHQ4nXS_S1pfrY.crl (hash: xLUZf+OSNLGK2RYXOjpLlJe3XaQvAW0F7o+S5JM0EeI=) 2: AF0A3F14178911EC876F5F50C4F9AE02.roa (hash: IVU27JRYWuBmIt6QcWFMqPFM6vDpf9nhIJBTc75GYY0=) 3: F1C7A044D91E11EFAD3C7613C4F9AE02.roa (hash: iDEEL9U9FxQCZ93LBYj286NgN76ygoYjLl0M4z8SPpI=) 4: D3D36BE0271011ECA0D7D95AC4F9AE02.roa (hash: U7esX+0iuEFV+x7WiXgxLOpS83nYnKPDWOfbwdSRies=) 5: AE8BB766178911EC876F5F50C4F9AE02.roa (hash: OD4QLqvF0E7NjniUYIqO9yXt+jiElu9IZS+rh6A1NUw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91514B1/7A8864ACFBE411EB82B6264FC4F9AE02/loLCq-JTI1gHdrHQ4nXS_S1pfrY.crl rsync://rpki.apnic.net/member_repository/A91514B1/7A8864ACFBE411EB82B6264FC4F9AE02/loLCq-JTI1gHdrHQ4nXS_S1pfrY.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/loLCq-JTI1gHdrHQ4nXS_S1pfrY.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 23:42:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1340 (0x53c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91514B1 Validity Not Before: Apr 4 23:42:20 2025 GMT Not After : Apr 11 23:42:20 2025 GMT Subject: CN=67f06e5c-cc32 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:8a:ac:10:b0:20:26:3c:f4:d9:45:53:cc:3a: c3:1c:29:5f:9e:e0:e7:cc:63:4f:d6:90:87:8a:6b: 9e:6d:90:31:a4:cd:cb:4a:bd:74:cc:29:0f:e9:90: c7:8a:7d:5f:9b:cf:f4:2e:80:99:a0:91:d4:3f:33: 6d:b0:52:d7:e1:72:8e:5f:c4:df:88:c2:ce:24:07: 89:9a:f9:16:5a:9a:8b:fd:ca:1a:b1:0a:e7:61:d3: ca:0e:64:08:68:cb:8c:6d:91:3f:36:2b:8b:90:4f: 6a:6b:0e:c4:64:38:46:29:04:d5:21:5b:4c:22:1c: 6d:bc:01:3c:eb:c3:8a:74:c1:d1:e9:27:f3:b9:34: f8:e1:f5:6e:2b:ca:45:56:5b:23:19:69:9a:27:f9: 2b:83:5d:2e:76:45:45:b7:45:76:1b:cd:4d:4d:89: 4d:fa:a3:38:b1:b0:e7:fd:fe:76:13:67:39:5e:6a: 0e:d2:74:57:4e:29:ec:37:9b:4b:70:f8:a2:59:95: d2:fa:5e:97:81:6d:aa:05:36:f9:38:e9:0b:ef:9d: 17:a9:38:9b:03:24:20:08:cf:6f:71:22:af:c4:c3: 30:3a:7f:ef:97:05:07:99:7c:bd:ac:0f:ad:30:1c: 2e:1d:d5:24:50:f8:19:45:93:c1:f4:e2:05:96:1c: b5:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:BD:B9:51:FE:66:D2:05:38:5D:F1:81:8A:BB:21:61:F4:B9:B5:0F X509v3 Authority Key Identifier: keyid:96:82:C2:AB:E2:53:23:58:07:76:B1:D0:E2:75:D2:FD:2D:69:7E:B6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91514B1/7A8864ACFBE411EB82B6264FC4F9AE02/loLCq-JTI1gHdrHQ4nXS_S1pfrY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/loLCq-JTI1gHdrHQ4nXS_S1pfrY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91514B1/7A8864ACFBE411EB82B6264FC4F9AE02/loLCq-JTI1gHdrHQ4nXS_S1pfrY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 23:03:9d:16:92:05:e7:81:ea:de:84:c2:77:de:44:f8:a7:00: fa:dd:9b:ea:89:d4:6c:14:7a:40:ba:1c:41:49:64:7f:81:9c: ba:f4:8b:ca:78:cf:25:b2:b8:04:fb:cf:f4:d3:1f:30:c1:69: 5c:73:a6:a8:df:a4:b1:0d:a8:9f:a9:da:0a:92:62:c6:07:8d: 74:26:b9:a4:88:66:44:c6:76:50:88:69:60:e9:d9:86:a0:3d: 72:cd:06:0d:c0:b1:18:7b:1c:be:a1:31:5a:bd:34:17:c2:bb: 92:41:20:5e:83:0b:84:2c:8b:0a:da:c5:fc:ac:d5:d6:70:3f: 45:ce:fb:70:27:2e:ae:12:52:67:ec:a2:d6:d0:c4:8c:ab:3e: 5a:78:0f:31:d4:85:83:0b:12:09:f9:02:50:cd:de:a1:a5:d6: 43:37:3b:90:df:46:8e:65:ea:8b:3e:c3:c9:41:0e:40:24:7b: 53:87:4d:6b:d2:2e:f1:e2:9e:ff:02:6e:fe:65:32:fe:99:a3: 46:59:b2:ea:c3:a2:06:56:42:6f:0d:61:f5:3c:da:3c:2b:8f: c2:80:b1:bf:14:2f:91:9e:6b:24:94:63:39:e0:80:b7:dc:48: f3:6c:4e:ed:a8:47:82:f4:95:b2:a5:b5:75:2b:45:6e:33:81: 5d:5e:4b:73 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBTwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTE0QjExMTAvBgNVBAUTKDk2ODJDMkFCRTI1MzIzNTgwNzc2QjFEMEUyNzVEMkZE MkQ2OTdFQjYwHhcNMjUwNDA0MjM0MjIwWhcNMjUwNDExMjM0MjIwWjAYMRYwFAYD VQQDEw02N2YwNmU1Yy1jYzMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApYqsELAgJjz02UVTzDrDHClfnuDnzGNP1pCHimuebZAxpM3LSr10zCkP6ZDH in1fm8/0LoCZoJHUPzNtsFLX4XKOX8TfiMLOJAeJmvkWWpqL/coasQrnYdPKDmQI aMuMbZE/NiuLkE9qaw7EZDhGKQTVIVtMIhxtvAE868OKdMHR6SfzuTT44fVuK8pF VlsjGWmaJ/krg10udkVFt0V2G81NTYlN+qM4sbDn/f52E2c5XmoO0nRXTinsN5tL cPiiWZXS+l6XgW2qBTb5OOkL750XqTibAyQgCM9vcSKvxMMwOn/vlwUHmXy9rA+t MBwuHdUkUPgZRZPB9OIFlhy1BQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP29uVH+ ZtIFOF3xgYq7IWH0ubUPMB8GA1UdIwQYMBaAFJaCwqviUyNYB3ax0OJ10v0taX62 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTRCMS83QTg4NjRBQ0ZC RTQxMUVCODJCNjI2NEZDNEY5QUUwMi9sb0xDcS1KVEkxZ0hkckhRNG5YU19TMXBm clkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2xvTENxLUpUSTFnSGRySFE0blhTX1MxcGZyWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 MTRCMS83QTg4NjRBQ0ZCRTQxMUVCODJCNjI2NEZDNEY5QUUwMi9sb0xDcS1KVEkx Z0hkckhRNG5YU19TMXBmclkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAjA50WkgXngerehMJ33kT4pwD63ZvqidRsFHpAuhxBSWR/gZy69IvK eM8lsrgE+8/00x8wwWlcc6ao36SxDaifqdoKkmLGB410JrmkiGZExnZQiGlg6dmG oD1yzQYNwLEYexy+oTFavTQXwruSQSBegwuELIsK2sX8rNXWcD9FzvtwJy6uElJn 7KLW0MSMqz5aeA8x1IWDCxIJ+QJQzd6hpdZDNzuQ30aOZeqLPsPJQQ5AJHtTh01r 0i7x4p7/Am7+ZTL+maNGWbLqw6IGVkJvDWH1PNo8K4/CgLG/FC+RnmsklGM54IC3 3EjzbE7tqEeC9JWypbV1K0VuM4FdXktz -----END CERTIFICATE-----Generated at Sat Apr 5 21:09:00 2025 by rpki-client