$ rpki-client -vvf rpki.apnic.net/member_repository/A9165D52/612B67AC84FA11ED80AC4E10C4F9AE02/LnG4umMF_9SMEx0IYK8sGs9tIrY.mft File: LnG4umMF_9SMEx0IYK8sGs9tIrY.mft (raw, json) Hash identifier: XvzjEPI3VenhApq15S1jVcxhvCHVHwEhdrLZgtK7TIA= Subject key identifier: E3:01:E5:93:58:2D:1F:3C:0A:6A:9C:99:DC:54:AC:72:D8:51:BD:F5 Authority key identifier: 2E:71:B8:BA:63:05:FF:D4:8C:13:1D:08:60:AF:2C:1A:CF:6D:22:B6 Certificate issuer: /CN=A9165D52/serialNumber=2E71B8BA6305FFD48C131D0860AF2C1ACF6D22B6 Certificate serial: 01B3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LnG4umMF_9SMEx0IYK8sGs9tIrY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9165D52/612B67AC84FA11ED80AC4E10C4F9AE02/LnG4umMF_9SMEx0IYK8sGs9tIrY.mft Manifest number: 01AF Signing time: Fri 11 Apr 2025 02:31:57 +0000 Manifest this update: Fri 11 Apr 2025 02:31:56 +0000 Manifest next update: Fri 18 Apr 2025 02:31:56 +0000 Files and hashes: 1: LnG4umMF_9SMEx0IYK8sGs9tIrY.crl (hash: JqKsnYOJatu8r5n4N3wY+opTFhOw5becfoQLzTXT5lo=) 2: D08310DE94C511EDB2732947C4F9AE02.roa (hash: Xy93j2wiTLRQmJ+0n87qnILIP2Iwo0hp0rGxKJhzYuY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9165D52/612B67AC84FA11ED80AC4E10C4F9AE02/LnG4umMF_9SMEx0IYK8sGs9tIrY.crl rsync://rpki.apnic.net/member_repository/A9165D52/612B67AC84FA11ED80AC4E10C4F9AE02/LnG4umMF_9SMEx0IYK8sGs9tIrY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LnG4umMF_9SMEx0IYK8sGs9tIrY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 18 Apr 2025 02:31:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 435 (0x1b3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9165D52, serialNumber=2E71B8BA6305FFD48C131D0860AF2C1ACF6D22B6 Validity Not Before: Apr 11 02:31:56 2025 GMT Not After : Apr 18 02:31:56 2025 GMT Subject: CN=67f87f1c-4817 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:f9:a1:fa:84:b5:62:2c:04:96:b0:05:36:d0: ea:c9:32:d1:54:a2:0e:19:9f:1f:fb:92:31:3e:03: 6c:54:b5:a0:77:4e:36:67:a4:0d:8e:9a:9b:9c:8c: 2f:7a:87:3e:e4:a3:7e:7b:49:53:cc:cb:8a:1a:25: 5b:34:02:6f:74:4b:ca:7e:96:dc:26:7a:9d:09:10: 44:99:bd:ab:ec:4f:2f:a4:b9:0b:4a:46:f8:49:77: 52:d2:fd:a8:05:d9:23:a1:8a:a1:0b:a7:16:16:0f: 62:8e:61:a4:bf:4a:81:2e:6a:0a:8c:fc:51:02:dd: db:ee:a2:47:7a:6d:0e:f3:b3:17:e9:1d:7c:31:bc: 25:7d:a4:4c:38:a0:85:04:35:16:0f:8b:e7:93:9a: 91:dd:ec:74:6c:15:30:ff:6d:61:4f:36:78:2c:28: 9f:c4:0c:eb:7e:c6:fa:a6:60:2f:59:74:74:1a:87: 37:4c:ef:54:32:ce:50:9c:94:e5:fd:55:18:b7:3c: 56:29:ba:1e:59:6b:a3:57:0a:13:27:bc:ae:e9:1a: 6a:50:02:8e:98:0d:21:1d:8f:e8:0f:7b:29:e0:49: aa:8f:97:31:69:41:64:d6:ff:4b:72:13:80:4a:24: 0d:92:b8:29:dc:c7:49:60:98:c9:96:3f:c2:7d:a4: 1f:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:01:E5:93:58:2D:1F:3C:0A:6A:9C:99:DC:54:AC:72:D8:51:BD:F5 X509v3 Authority Key Identifier: keyid:2E:71:B8:BA:63:05:FF:D4:8C:13:1D:08:60:AF:2C:1A:CF:6D:22:B6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9165D52/612B67AC84FA11ED80AC4E10C4F9AE02/LnG4umMF_9SMEx0IYK8sGs9tIrY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LnG4umMF_9SMEx0IYK8sGs9tIrY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9165D52/612B67AC84FA11ED80AC4E10C4F9AE02/LnG4umMF_9SMEx0IYK8sGs9tIrY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2b:70:d8:56:59:b6:b7:3d:22:3a:02:44:aa:32:07:a7:db:b3: af:c7:ef:39:8a:77:8b:63:9b:19:d5:1a:c6:48:05:1d:46:ce: 7b:71:e1:8c:cc:fd:c2:9c:21:bb:80:2f:56:41:79:26:e8:50: 2b:da:37:6d:55:a2:48:7a:60:41:df:7f:9a:88:e8:a0:f9:b8: 2b:26:d5:46:06:3d:57:4f:26:57:52:5a:35:ad:11:87:a7:db: 04:da:a5:90:e3:5a:2b:81:9c:4b:44:bb:68:55:30:bc:d1:f7: c1:70:c6:26:f9:ed:f5:fb:e2:f5:07:eb:31:b9:5a:09:a6:bc: 26:f5:53:1e:af:c5:a7:a7:a5:d2:db:da:6b:f4:1e:65:62:7e: 95:40:74:ea:d1:67:84:f0:2b:5f:81:f1:99:0f:cc:c7:b6:92: bd:73:b4:e2:98:4f:be:d7:c0:bf:d1:a0:df:08:a7:af:80:a6: 99:d7:fe:41:2d:46:e0:8a:b3:a8:fc:eb:11:8b:d7:60:17:4f: 0a:7c:bc:6e:83:97:c8:2b:43:3f:26:dd:7e:5b:a5:5e:9b:b9: aa:0a:15:eb:dd:1c:1f:cb:c3:02:a3:c9:a9:d9:54:39:51:73: c0:77:ef:b5:a5:e6:57:e1:a0:c5:48:df:15:2e:fd:73:a8:58: 69:32:5d:3f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAbMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjVENTIxMTAvBgNVBAUTKDJFNzFCOEJBNjMwNUZGRDQ4QzEzMUQwODYwQUYyQzFB Q0Y2RDIyQjYwHhcNMjUwNDExMDIzMTU2WhcNMjUwNDE4MDIzMTU2WjAYMRYwFAYD VQQDEw02N2Y4N2YxYy00ODE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp/mh+oS1YiwElrAFNtDqyTLRVKIOGZ8f+5IxPgNsVLWgd042Z6QNjpqbnIwv eoc+5KN+e0lTzMuKGiVbNAJvdEvKfpbcJnqdCRBEmb2r7E8vpLkLSkb4SXdS0v2o BdkjoYqhC6cWFg9ijmGkv0qBLmoKjPxRAt3b7qJHem0O87MX6R18MbwlfaRMOKCF BDUWD4vnk5qR3ex0bBUw/21hTzZ4LCifxAzrfsb6pmAvWXR0Goc3TO9UMs5QnJTl /VUYtzxWKboeWWujVwoTJ7yu6RpqUAKOmA0hHY/oD3sp4Emqj5cxaUFk1v9LchOA SiQNkrgp3MdJYJjJlj/CfaQfgQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOMB5ZNY LR88CmqcmdxUrHLYUb31MB8GA1UdIwQYMBaAFC5xuLpjBf/UjBMdCGCvLBrPbSK2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NUQ1Mi82MTJCNjdBQzg0 RkExMUVEODBBQzRFMTBDNEY5QUUwMi9Mbkc0dW1NRl85U01FeDBJWUs4c0dzOXRJ clkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xuRzR1bU1GXzlTTUV4MElZSzhzR3M5dElyWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 NUQ1Mi82MTJCNjdBQzg0RkExMUVEODBBQzRFMTBDNEY5QUUwMi9Mbkc0dW1NRl85 U01FeDBJWUs4c0dzOXRJclkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQArcNhWWba3PSI6AkSqMgen27Ovx+85ineLY5sZ1RrGSAUdRs57ceGM zP3CnCG7gC9WQXkm6FAr2jdtVaJIemBB33+aiOig+bgrJtVGBj1XTyZXUlo1rRGH p9sE2qWQ41orgZxLRLtoVTC80ffBcMYm+e31++L1B+sxuVoJprwm9VMer8Wnp6XS 29pr9B5lYn6VQHTq0WeE8CtfgfGZD8zHtpK9c7TimE++18C/0aDfCKevgKaZ1/5B LUbgirOo/OsRi9dgF08KfLxug5fIK0M/Jt1+W6Vem7mqChXr3Rwfy8MCo8mp2VQ5 UXPAd++1peZX4aDFSN8VLv1zqFhpMl0/ -----END CERTIFICATE-----Generated at Sat Apr 12 17:40:54 2025 by rpki-client