$ rpki-client -vvf rpki.apnic.net/member_repository/A9185B6D/181B8220E78E11EE9831EB7EC4F9AE02/Lfmh43Whe46lYCe0WovWb5Z0fYY.mft File: Lfmh43Whe46lYCe0WovWb5Z0fYY.mft (raw, json) Hash identifier: 2lLAX3187sOM3O2mkow7OeJiNcf2k6CviQf/WsR7jEM= Subject key identifier: A6:77:B1:BF:11:3A:27:E1:B1:FC:75:28:38:EB:D3:87:3E:8C:E2:E6 Authority key identifier: 2D:F9:A1:E3:75:A1:7B:8E:A5:60:27:B4:5A:8B:D6:6F:96:74:7D:86 Certificate issuer: /CN=A9185B6D/serialNumber=2DF9A1E375A17B8EA56027B45A8BD66F96747D86 Certificate serial: CD Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Lfmh43Whe46lYCe0WovWb5Z0fYY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9185B6D/181B8220E78E11EE9831EB7EC4F9AE02/Lfmh43Whe46lYCe0WovWb5Z0fYY.mft Manifest number: CB Signing time: Mon 21 Apr 2025 04:35:12 +0000 Manifest this update: Mon 21 Apr 2025 04:35:12 +0000 Manifest next update: Mon 28 Apr 2025 04:35:12 +0000 Files and hashes: 1: Lfmh43Whe46lYCe0WovWb5Z0fYY.crl (hash: gaVkOALU/MumopebFMTaY0dtsv7w/gt1lV4BrvGSg6E=) 2: AB3CCD50E79011EEA3DFB922C4F9AE02.roa (hash: CLLXrK2zzVLl1EYNQyxS+WzBqeRrVeVENVbUau48OSo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9185B6D/181B8220E78E11EE9831EB7EC4F9AE02/Lfmh43Whe46lYCe0WovWb5Z0fYY.crl rsync://rpki.apnic.net/member_repository/A9185B6D/181B8220E78E11EE9831EB7EC4F9AE02/Lfmh43Whe46lYCe0WovWb5Z0fYY.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Lfmh43Whe46lYCe0WovWb5Z0fYY.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 04:35:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 205 (0xcd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9185B6D, serialNumber=2DF9A1E375A17B8EA56027B45A8BD66F96747D86 Validity Not Before: Apr 21 04:35:12 2025 GMT Not After : Apr 28 04:35:12 2025 GMT Subject: CN=6805cb00-38bf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:3f:b4:b6:8a:fd:dd:c8:29:19:32:de:10:8d: 15:ae:f3:a3:e0:fe:f8:6f:a2:46:e2:5a:37:a5:33: 37:ce:52:b6:d8:e8:4f:16:2f:65:38:88:b2:63:9d: 49:65:52:1d:f6:0f:9d:25:74:da:52:61:0a:77:c9: 20:87:27:00:b4:38:fd:8d:14:51:74:3e:8a:4b:bf: e2:e8:12:36:b3:1c:1c:ea:3d:7a:76:b2:47:a8:c1: c3:25:7c:39:cb:ae:f5:55:7c:db:ed:77:65:38:e8: 7b:2b:e1:5c:55:d7:60:fd:86:e9:57:82:ef:05:21: 3e:fb:e0:08:58:29:25:81:a0:c5:44:f9:b8:58:b1: 21:23:12:45:21:fc:75:67:c5:1d:a2:d5:6c:4b:71: 3e:6f:33:75:8e:88:50:8c:cf:6d:07:3b:8f:87:0b: 90:88:32:19:b4:ea:c5:90:bc:89:e8:28:8d:9f:8b: c4:02:58:5c:69:1b:7c:bd:64:9d:de:b3:d6:e8:c7: 15:a8:8a:ca:3f:c9:c5:fa:1d:34:c0:9a:57:84:66: c9:f1:5b:e3:4f:ee:ba:2d:bd:16:c5:38:ca:9c:ec: 10:b7:7e:db:e4:5b:df:bf:24:93:28:0a:f4:fe:86: 83:4d:d6:b2:a3:84:4f:f0:3e:17:71:93:d6:79:25: 69:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:77:B1:BF:11:3A:27:E1:B1:FC:75:28:38:EB:D3:87:3E:8C:E2:E6 X509v3 Authority Key Identifier: keyid:2D:F9:A1:E3:75:A1:7B:8E:A5:60:27:B4:5A:8B:D6:6F:96:74:7D:86 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9185B6D/181B8220E78E11EE9831EB7EC4F9AE02/Lfmh43Whe46lYCe0WovWb5Z0fYY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Lfmh43Whe46lYCe0WovWb5Z0fYY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9185B6D/181B8220E78E11EE9831EB7EC4F9AE02/Lfmh43Whe46lYCe0WovWb5Z0fYY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 82:e9:46:99:9f:76:5a:a8:13:08:54:36:5b:32:ac:a9:a2:ab: a3:61:aa:5e:44:b0:40:2b:30:09:7c:c7:dd:33:10:8a:f8:a3: 81:87:3c:a2:a5:fe:7d:d6:8e:b1:4a:7e:87:fe:5a:56:ab:14: 94:bd:e7:6a:89:70:c8:34:77:e3:bf:ad:ac:9f:7c:cb:5c:55: 88:72:d1:ac:4b:ac:e5:37:10:be:8c:9b:ae:29:e7:cb:1d:67: d6:5a:4d:3f:e7:28:1a:4e:73:42:fa:a1:11:45:76:da:b1:11: ac:52:6d:a7:7d:6e:24:67:a7:17:77:d5:cc:83:76:74:70:27: f3:b2:7d:96:c2:fa:60:55:ce:0e:cf:93:4d:f9:15:06:82:bd: 25:be:08:b6:d9:70:d2:58:22:9f:93:5b:5d:92:01:3f:ae:15: 50:e3:0b:04:0d:b6:17:ec:cc:83:aa:08:36:8e:60:91:28:d8: 49:f6:97:c8:27:4c:e5:70:9f:23:81:e9:dc:f7:ce:38:4b:c7: 1d:f9:d4:c2:23:c4:0e:2b:b0:f2:62:28:79:90:e6:07:e2:7e: a2:eb:fe:41:94:9e:78:14:6e:d9:91:0f:1f:cb:16:f7:4d:cc: 73:e3:93:b8:62:35:2a:82:65:42:79:bc:0d:0f:b8:17:6d:a2: e2:46:9f:28 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAM0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODVCNkQxMTAvBgNVBAUTKDJERjlBMUUzNzVBMTdCOEVBNTYwMjdCNDVBOEJENjZG OTY3NDdEODYwHhcNMjUwNDIxMDQzNTEyWhcNMjUwNDI4MDQzNTEyWjAYMRYwFAYD VQQDEw02ODA1Y2IwMC0zOGJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvz+0tor93cgpGTLeEI0VrvOj4P74b6JG4lo3pTM3zlK22OhPFi9lOIiyY51J ZVId9g+dJXTaUmEKd8kghycAtDj9jRRRdD6KS7/i6BI2sxwc6j16drJHqMHDJXw5 y671VXzb7XdlOOh7K+FcVddg/YbpV4LvBSE+++AIWCklgaDFRPm4WLEhIxJFIfx1 Z8UdotVsS3E+bzN1johQjM9tBzuPhwuQiDIZtOrFkLyJ6CiNn4vEAlhcaRt8vWSd 3rPW6McVqIrKP8nF+h00wJpXhGbJ8VvjT+66Lb0WxTjKnOwQt37b5FvfvySTKAr0 /oaDTdayo4RP8D4XcZPWeSVp2QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKZ3sb8R Oifhsfx1KDjr04c+jOLmMB8GA1UdIwQYMBaAFC35oeN1oXuOpWAntFqL1m+WdH2G MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NUI2RC8xODFCODIyMEU3 OEUxMUVFOTgzMUVCN0VDNEY5QUUwMi9MZm1oNDNXaGU0NmxZQ2UwV292V2I1WjBm WVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0xmbWg0M1doZTQ2bFlDZTBXb3ZXYjVaMGZZWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 NUI2RC8xODFCODIyMEU3OEUxMUVFOTgzMUVCN0VDNEY5QUUwMi9MZm1oNDNXaGU0 NmxZQ2UwV292V2I1WjBmWVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCC6UaZn3ZaqBMIVDZbMqypoqujYapeRLBAKzAJfMfdMxCK+KOBhzyi pf591o6xSn6H/lpWqxSUvedqiXDINHfjv62sn3zLXFWIctGsS6zlNxC+jJuuKefL HWfWWk0/5ygaTnNC+qERRXbasRGsUm2nfW4kZ6cXd9XMg3Z0cCfzsn2WwvpgVc4O z5NN+RUGgr0lvgi22XDSWCKfk1tdkgE/rhVQ4wsEDbYX7MyDqgg2jmCRKNhJ9pfI J0zlcJ8jgenc9844S8cd+dTCI8QOK7DyYih5kOYH4n6i6/5BlJ54FG7ZkQ8fyxb3 Tcxz45O4YjUqgmVCebwND7gXbaLiRp8o -----END CERTIFICATE-----Generated at Tue Apr 22 17:01:17 2025 by rpki-client