$ rpki-client -vvf rpki.apnic.net/member_repository/A91FA1BE/4168FF762D3211ED92B8B761C4F9AE02/lSamckeK-nVEXY0H3MV8BYlm7-I.mft File: lSamckeK-nVEXY0H3MV8BYlm7-I.mft (raw, json) Hash identifier: zmmKLSHIe6Ljf6NhshL+1Hh0XPPimSi+jJGfcK/umug= Subject key identifier: DC:24:80:27:66:5B:49:CC:B3:ED:36:17:6A:34:8B:04:E2:2E:43:E9 Authority key identifier: 95:26:A6:72:47:8A:FA:75:44:5D:8D:07:DC:C5:7C:05:89:66:EF:E2 Certificate issuer: /CN=A91FA1BE/serialNumber=9526A672478AFA75445D8D07DCC57C058966EFE2 Certificate serial: 0249 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lSamckeK-nVEXY0H3MV8BYlm7-I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FA1BE/4168FF762D3211ED92B8B761C4F9AE02/lSamckeK-nVEXY0H3MV8BYlm7-I.mft Manifest number: 0241 Signing time: Mon 21 Jul 2025 02:10:00 +0000 Manifest this update: Mon 21 Jul 2025 02:10:00 +0000 Manifest next update: Mon 28 Jul 2025 02:10:00 +0000 Files and hashes: 1: lSamckeK-nVEXY0H3MV8BYlm7-I.crl (hash: 63YTOr2CHYuKSYN71Mnfzvs8GBasq05omW++vPRqlfI=) 2: 6F46908C2D3411ED92165562C4F9AE02.roa (hash: sR0eTjFYTlKs7mzVHMIl7telIMsp7nYju6MlYaiMBkg=) 3: 6E98B3182D3411ED92165562C4F9AE02.roa (hash: 64gg/L8X7dQV3AAOAv3MN1klInujbmxMEcZ9X63m+I4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FA1BE/4168FF762D3211ED92B8B761C4F9AE02/lSamckeK-nVEXY0H3MV8BYlm7-I.crl rsync://rpki.apnic.net/member_repository/A91FA1BE/4168FF762D3211ED92B8B761C4F9AE02/lSamckeK-nVEXY0H3MV8BYlm7-I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lSamckeK-nVEXY0H3MV8BYlm7-I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 02:09:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 585 (0x249) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA1BE, serialNumber=9526A672478AFA75445D8D07DCC57C058966EFE2 Validity Not Before: Jul 21 02:10:00 2025 GMT Not After : Jul 28 02:10:00 2025 GMT Subject: CN=687da178-0708 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:e7:91:79:85:fe:1e:08:e3:41:5d:1d:6f:ce: 29:10:26:8c:5f:23:c7:e7:67:86:7b:b9:e9:a5:96: 8b:3e:f5:d0:73:16:7c:ae:0e:c4:51:c8:10:1a:75: 9a:c7:9f:35:7f:e9:41:0e:d9:fa:40:67:31:9a:bd: 1e:ee:cc:80:35:5a:26:ee:3e:5f:aa:bd:9a:36:d6: b1:b6:9f:5c:31:b6:48:63:23:fe:71:a8:77:18:b9: 3a:0b:f3:4b:7f:92:f7:2b:39:d0:92:77:93:d5:71: b4:ef:67:17:80:12:b3:7f:26:77:11:97:59:61:1b: b3:c0:49:2e:00:07:80:fc:01:b1:e1:aa:64:a0:f7: f5:94:01:06:26:98:af:fd:30:3b:6c:4e:59:0c:de: 0e:fe:02:2b:49:c1:3d:c1:78:b8:d3:ac:ff:3d:b5: d3:c1:b1:8f:5e:b0:5d:02:48:64:60:26:9c:33:6c: a2:e1:c2:31:4b:03:b0:ae:21:ff:5a:7c:7b:0e:4c: 92:63:e4:b6:b0:91:d5:98:c8:9c:bc:0a:2d:44:1a: 02:2c:cc:c7:0d:ae:3a:5c:81:55:36:07:66:08:5d: 46:45:73:b0:f6:73:6b:b2:72:4a:ad:26:a8:ea:95: 10:32:fc:d3:2b:19:62:48:e2:e9:cd:5b:10:fc:44: 57:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:24:80:27:66:5B:49:CC:B3:ED:36:17:6A:34:8B:04:E2:2E:43:E9 X509v3 Authority Key Identifier: keyid:95:26:A6:72:47:8A:FA:75:44:5D:8D:07:DC:C5:7C:05:89:66:EF:E2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FA1BE/4168FF762D3211ED92B8B761C4F9AE02/lSamckeK-nVEXY0H3MV8BYlm7-I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lSamckeK-nVEXY0H3MV8BYlm7-I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FA1BE/4168FF762D3211ED92B8B761C4F9AE02/lSamckeK-nVEXY0H3MV8BYlm7-I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 77:db:85:3d:7a:f8:dc:9a:4b:f4:82:2a:53:44:9e:a2:45:4a: 3b:63:a8:01:7d:5c:1e:c0:fd:77:91:fe:07:0d:09:9d:3d:3b: 9b:75:46:ed:18:7c:32:47:bb:45:f5:85:bd:c5:ab:07:d0:96: be:b6:29:9c:8e:d2:15:4d:08:72:b2:9c:fc:e8:41:cf:da:d9: 21:b1:eb:84:a9:3b:77:3a:31:26:65:be:ef:62:e0:ea:9f:1f: c1:9b:dd:3b:b1:72:f2:d8:cc:07:41:f2:7f:30:d2:95:b4:fa: 88:6a:cc:0e:a2:4f:0a:28:7c:98:a2:e4:87:04:46:30:b9:60: 4d:47:06:3d:9b:8e:9e:fc:9b:54:e9:9c:54:ce:09:1d:e5:7f: 2d:92:2c:f8:7c:fe:e8:53:d0:40:0a:55:1d:84:88:7f:a0:c1: 14:7f:64:27:95:75:51:44:12:06:e1:3e:14:2c:a9:29:1d:03: 2a:88:d1:fb:9c:75:d6:52:a9:b8:85:f6:14:49:da:d6:f7:32: 2d:30:a7:2e:0e:dc:e5:5b:e7:41:4b:87:48:ee:16:13:b8:03: 6a:65:ff:ea:19:30:31:fe:3d:16:9d:67:02:da:4a:8a:31:e9: 92:e1:ba:e3:04:77:5a:5a:d2:b2:be:62:f0:09:dc:46:d1:c5: 65:e3:12:39 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAkkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkExQkUxMTAvBgNVBAUTKDk1MjZBNjcyNDc4QUZBNzU0NDVEOEQwN0RDQzU3QzA1 ODk2NkVGRTIwHhcNMjUwNzIxMDIxMDAwWhcNMjUwNzI4MDIxMDAwWjAYMRYwFAYD VQQDEw02ODdkYTE3OC0wNzA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApueReYX+HgjjQV0db84pECaMXyPH52eGe7nppZaLPvXQcxZ8rg7EUcgQGnWa x581f+lBDtn6QGcxmr0e7syANVom7j5fqr2aNtaxtp9cMbZIYyP+cah3GLk6C/NL f5L3KznQkneT1XG072cXgBKzfyZ3EZdZYRuzwEkuAAeA/AGx4apkoPf1lAEGJpiv /TA7bE5ZDN4O/gIrScE9wXi406z/PbXTwbGPXrBdAkhkYCacM2yi4cIxSwOwriH/ Wnx7DkySY+S2sJHVmMicvAotRBoCLMzHDa46XIFVNgdmCF1GRXOw9nNrsnJKrSao 6pUQMvzTKxliSOLpzVsQ/ERXkQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNwkgCdm W0nMs+02F2o0iwTiLkPpMB8GA1UdIwQYMBaAFJUmpnJHivp1RF2NB9zFfAWJZu/i MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQTFCRS80MTY4RkY3NjJE MzIxMUVEOTJCOEI3NjFDNEY5QUUwMi9sU2FtY2tlSy1uVkVYWTBIM01WOEJZbG03 LUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xTYW1ja2VLLW5WRVhZMEgzTVY4QllsbTctSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QTFCRS80MTY4RkY3NjJEMzIxMUVEOTJCOEI3NjFDNEY5QUUwMi9sU2FtY2tlSy1u VkVYWTBIM01WOEJZbG03LUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB324U9evjcmkv0gipTRJ6iRUo7Y6gBfVwewP13kf4HDQmdPTubdUbt GHwyR7tF9YW9xasH0Ja+timcjtIVTQhyspz86EHP2tkhseuEqTt3OjEmZb7vYuDq nx/Bm907sXLy2MwHQfJ/MNKVtPqIaswOok8KKHyYouSHBEYwuWBNRwY9m46e/JtU 6ZxUzgkd5X8tkiz4fP7oU9BAClUdhIh/oMEUf2QnlXVRRBIG4T4ULKkpHQMqiNH7 nHXWUqm4hfYUSdrW9zItMKcuDtzlW+dBS4dI7hYTuANqZf/qGTAx/j0WnWcC2kqK MemS4brjBHdaWtKyvmLwCdxG0cVl4xI5 -----END CERTIFICATE-----Generated at Mon Jul 21 12:31:14 2025 by rpki-client