$ rpki-client -vvf rpki.apnic.net/member_repository/A917DD85/846F4A684BC311EE8C657319C4F9AE02/lEN-3cyNBpieCVAFQ8kb3w0_SOU.mft File: lEN-3cyNBpieCVAFQ8kb3w0_SOU.mft (raw, json) Hash identifier: VpiV5pwK+930oeFPnll3PrJZ+I69V821iExdchm6gR8= Subject key identifier: BB:D2:84:F6:1C:BA:00:6F:9F:43:2A:AC:8F:83:C8:7D:F4:44:B9:E7 Authority key identifier: 94:43:7E:DD:CC:8D:06:98:9E:09:50:05:43:C9:1B:DF:0D:3F:48:E5 Certificate issuer: /CN=A917DD85/serialNumber=94437EDDCC8D06989E09500543C91BDF0D3F48E5 Certificate serial: 0136 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lEN-3cyNBpieCVAFQ8kb3w0_SOU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917DD85/846F4A684BC311EE8C657319C4F9AE02/lEN-3cyNBpieCVAFQ8kb3w0_SOU.mft Manifest number: 0130 Signing time: Fri 11 Apr 2025 03:49:17 +0000 Manifest this update: Fri 11 Apr 2025 03:49:17 +0000 Manifest next update: Fri 18 Apr 2025 03:49:17 +0000 Files and hashes: 1: lEN-3cyNBpieCVAFQ8kb3w0_SOU.crl (hash: 50VNZWvGoUI8kGMnTlH8CsQ3w0xTNTkj6aBM0Y04JeM=) 2: A155911C4BCA11EEBC8C8B82C4F9AE02.roa (hash: hWNFLgRLV5rq9DJdXOOCkETTtq81cKwNe+EsCM4by08=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917DD85/846F4A684BC311EE8C657319C4F9AE02/lEN-3cyNBpieCVAFQ8kb3w0_SOU.crl rsync://rpki.apnic.net/member_repository/A917DD85/846F4A684BC311EE8C657319C4F9AE02/lEN-3cyNBpieCVAFQ8kb3w0_SOU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lEN-3cyNBpieCVAFQ8kb3w0_SOU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 18 Apr 2025 03:49:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 310 (0x136) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917DD85, serialNumber=94437EDDCC8D06989E09500543C91BDF0D3F48E5 Validity Not Before: Apr 11 03:49:17 2025 GMT Not After : Apr 18 03:49:17 2025 GMT Subject: CN=67f8913d-6c43 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:d8:d9:66:b3:3c:d6:c3:0a:d2:9a:ae:4d:a4: 7e:50:20:1c:18:72:a0:df:9c:45:4e:a4:2e:b2:f1: 85:58:9f:54:ee:a9:d5:a5:23:95:8a:16:fb:7d:88: 83:a5:15:0f:d8:2a:c2:ab:52:4d:83:82:d1:f6:03: 33:b8:e6:91:c4:f5:70:c2:a8:17:a0:33:d0:b1:b3: 14:13:7b:02:1d:7f:62:05:6e:0f:ba:e1:60:00:d1: ed:a2:d6:93:7d:15:d4:c6:77:ea:d6:32:9f:ff:4e: 59:62:64:00:8e:a2:fc:47:59:9b:cd:98:01:3d:83: 27:11:4a:18:14:51:ed:89:3d:7e:fb:18:1e:88:c8: 86:e6:44:c2:28:a5:92:d2:0d:73:a9:39:a4:22:08: 41:81:7c:46:08:58:60:fc:9a:ae:7e:6e:71:4b:c9: c1:d9:d7:35:1a:be:28:6c:c1:c0:40:28:b1:c6:0f: a0:d1:18:25:ba:ae:02:c7:d7:76:e4:cb:de:0f:a7: 06:cd:ee:7c:08:09:15:00:f2:0a:ff:bf:cb:73:fa: ed:5d:ee:25:6d:ea:f9:27:d4:65:80:e9:3b:18:2b: 0a:ce:1b:7b:13:5a:6e:be:26:f2:96:ea:29:96:39: 6b:4b:48:6b:22:91:d2:85:05:6f:dd:bd:46:be:32: c4:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:D2:84:F6:1C:BA:00:6F:9F:43:2A:AC:8F:83:C8:7D:F4:44:B9:E7 X509v3 Authority Key Identifier: keyid:94:43:7E:DD:CC:8D:06:98:9E:09:50:05:43:C9:1B:DF:0D:3F:48:E5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917DD85/846F4A684BC311EE8C657319C4F9AE02/lEN-3cyNBpieCVAFQ8kb3w0_SOU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lEN-3cyNBpieCVAFQ8kb3w0_SOU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DD85/846F4A684BC311EE8C657319C4F9AE02/lEN-3cyNBpieCVAFQ8kb3w0_SOU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 10:55:bf:93:21:f0:77:1b:6e:f4:32:ea:b4:ab:9d:c4:67:09: f4:e8:55:5d:06:ac:f1:f1:f5:12:c4:d5:60:a6:16:33:3f:89: 29:29:91:b1:07:5a:ea:01:e5:d1:26:ea:80:1a:92:62:e8:31: f3:fa:c0:8f:4b:0d:e4:56:18:cf:1c:78:40:98:62:cf:4c:da: 39:e7:3e:5a:fd:a1:5e:66:eb:78:6c:1c:75:e6:0a:14:fa:77: 66:5c:26:a1:1b:21:d3:03:68:fc:ea:ca:f4:a0:67:4c:df:88: 0c:12:b2:67:4b:5e:6e:db:56:7b:91:53:95:1a:75:59:d0:31: 5d:59:85:b5:7d:47:dc:80:0d:9d:4f:3a:a2:73:cc:5d:64:6a: 91:51:1f:86:e2:13:8a:81:08:46:90:65:2b:b6:e9:2a:dc:f1: e1:a5:d8:aa:3b:a0:d1:9c:6f:ae:48:d1:2d:93:47:c8:b9:ed: 14:b1:e7:16:49:0f:ba:79:01:1d:d2:b2:32:42:32:6e:41:c6: 31:cb:ea:56:e3:55:30:7c:e2:d8:36:99:61:18:ea:f9:76:5d: 95:d0:12:13:20:50:2d:02:b9:7e:08:75:75:5d:f6:ad:08:05: 8c:88:e4:57:fb:2b:ba:dc:ad:f7:c6:cd:13:91:0f:b9:e2:3a: 46:c7:13:3b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICATYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0REODUxMTAvBgNVBAUTKDk0NDM3RUREQ0M4RDA2OTg5RTA5NTAwNTQzQzkxQkRG MEQzRjQ4RTUwHhcNMjUwNDExMDM0OTE3WhcNMjUwNDE4MDM0OTE3WjAYMRYwFAYD VQQDEw02N2Y4OTEzZC02YzQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0tjZZrM81sMK0pquTaR+UCAcGHKg35xFTqQusvGFWJ9U7qnVpSOVihb7fYiD pRUP2CrCq1JNg4LR9gMzuOaRxPVwwqgXoDPQsbMUE3sCHX9iBW4PuuFgANHtotaT fRXUxnfq1jKf/05ZYmQAjqL8R1mbzZgBPYMnEUoYFFHtiT1++xgeiMiG5kTCKKWS 0g1zqTmkIghBgXxGCFhg/Jqufm5xS8nB2dc1Gr4obMHAQCixxg+g0Rgluq4Cx9d2 5MveD6cGze58CAkVAPIK/7/Lc/rtXe4lber5J9RlgOk7GCsKzht7E1puvibyluop ljlrS0hrIpHShQVv3b1GvjLEhwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLvShPYc ugBvn0MqrI+DyH30RLnnMB8GA1UdIwQYMBaAFJRDft3MjQaYnglQBUPJG98NP0jl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REQ4NS84NDZGNEE2ODRC QzMxMUVFOEM2NTczMTlDNEY5QUUwMi9sRU4tM2N5TkJwaWVDVkFGUThrYjN3MF9T T1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xFTi0zY3lOQnBpZUNWQUZROGtiM3cwX1NPVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 REQ4NS84NDZGNEE2ODRCQzMxMUVFOEM2NTczMTlDNEY5QUUwMi9sRU4tM2N5TkJw aWVDVkFGUThrYjN3MF9TT1UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAQVb+TIfB3G270Muq0q53EZwn06FVdBqzx8fUSxNVgphYzP4kpKZGx B1rqAeXRJuqAGpJi6DHz+sCPSw3kVhjPHHhAmGLPTNo55z5a/aFeZut4bBx15goU +ndmXCahGyHTA2j86sr0oGdM34gMErJnS15u21Z7kVOVGnVZ0DFdWYW1fUfcgA2d Tzqic8xdZGqRUR+G4hOKgQhGkGUrtukq3PHhpdiqO6DRnG+uSNEtk0fIue0UsecW SQ+6eQEd0rIyQjJuQcYxy+pW41UwfOLYNplhGOr5dl2V0BITIFAtArl+CHV1Xfat CAWMiORX+yu63K33xs0TkQ+54jpGxxM7 -----END CERTIFICATE-----Generated at Sat Apr 12 17:47:56 2025 by rpki-client