$ rpki-client -vvf rpki.apnic.net/member_repository/A911F753/7809DA02BC0D11EF9B4AD649C4F9AE02/LUmzrm2hi2NGSjF3qzIQGULmpRo.mft File: LUmzrm2hi2NGSjF3qzIQGULmpRo.mft (raw, json) Hash identifier: yQfX0IRoMh7UCpX1T7AyMWO6ETVp/7bhylYM/pj4c4Q= Subject key identifier: C2:6C:1B:4C:E8:61:5A:A0:81:A7:37:55:11:75:20:E9:1E:56:40:CC Authority key identifier: 2D:49:B3:AE:6D:A1:8B:63:46:4A:31:77:AB:32:10:19:42:E6:A5:1A Certificate issuer: /CN=A911F753/serialNumber=2D49B3AE6DA18B63464A3177AB32101942E6A51A Certificate serial: 21 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/LUmzrm2hi2NGSjF3qzIQGULmpRo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911F753/7809DA02BC0D11EF9B4AD649C4F9AE02/LUmzrm2hi2NGSjF3qzIQGULmpRo.mft Manifest number: 1F Signing time: Wed 05 Feb 2025 06:20:25 +0000 Manifest this update: Wed 05 Feb 2025 06:20:24 +0000 Manifest next update: Wed 12 Feb 2025 06:20:24 +0000 Files and hashes: 1: LUmzrm2hi2NGSjF3qzIQGULmpRo.crl (hash: nM/DtLjc3TPn74+GbUPFeDlU3j6DrFJL47eKpx6FAtA=) 2: E51A0F1CBC7211EF870FDD21C4F9AE02.roa (hash: T9bVFC+7xpXVsPqPdgoCB8jD3lh7ibXEAScTNhvEn5k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911F753/7809DA02BC0D11EF9B4AD649C4F9AE02/LUmzrm2hi2NGSjF3qzIQGULmpRo.crl rsync://rpki.apnic.net/member_repository/A911F753/7809DA02BC0D11EF9B4AD649C4F9AE02/LUmzrm2hi2NGSjF3qzIQGULmpRo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/LUmzrm2hi2NGSjF3qzIQGULmpRo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Feb 2025 06:20:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33 (0x21) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911F753 Validity Not Before: Feb 5 06:20:24 2025 GMT Not After : Feb 12 06:20:24 2025 GMT Subject: CN=67a30328-5614 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:99:b3:46:51:85:b1:7b:9a:c1:65:07:83:2d: f5:c4:9f:02:ba:0a:2b:f3:a9:b8:e3:7c:3b:6e:86: 81:c2:37:a7:6c:33:89:c2:a0:50:ef:4c:b5:97:c5: 0a:c2:82:ca:d9:84:38:4a:2d:8a:51:2c:8d:82:f7: 8d:43:78:f6:55:bb:7e:da:b9:a8:aa:97:3d:4a:25: 3f:58:54:23:c8:5a:af:43:21:cc:39:04:a3:db:5d: b2:07:fd:c6:ea:2f:38:d9:af:9f:b2:a6:d2:2b:76: fa:b5:92:72:fb:e2:fe:ec:ef:35:df:05:8e:c4:f3: 73:28:a3:fc:4b:c9:be:e6:ae:5f:b6:f1:4b:a8:0e: 60:4c:ea:7b:cb:5e:f5:a8:ec:d7:b2:50:0a:43:a8: 8b:07:80:4f:52:3e:e3:a1:2c:ec:9c:e6:19:39:23: 32:ed:f8:b0:69:a6:6b:c3:29:42:3b:43:a4:19:af: ea:b4:f5:24:3f:73:9a:9a:7b:f8:95:4f:28:5c:e8: 27:22:12:35:50:81:c4:df:24:b6:d3:67:80:e6:78: 8e:d1:f9:1e:4b:c2:52:8d:32:b4:b3:1a:92:35:2e: a6:87:b2:f6:65:1d:1a:6b:71:7c:c8:3c:40:68:da: 8a:92:0a:b4:f5:01:b3:23:ef:26:3a:42:9c:7f:1b: 43:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:6C:1B:4C:E8:61:5A:A0:81:A7:37:55:11:75:20:E9:1E:56:40:CC X509v3 Authority Key Identifier: keyid:2D:49:B3:AE:6D:A1:8B:63:46:4A:31:77:AB:32:10:19:42:E6:A5:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911F753/7809DA02BC0D11EF9B4AD649C4F9AE02/LUmzrm2hi2NGSjF3qzIQGULmpRo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/LUmzrm2hi2NGSjF3qzIQGULmpRo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911F753/7809DA02BC0D11EF9B4AD649C4F9AE02/LUmzrm2hi2NGSjF3qzIQGULmpRo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a2:7c:26:a4:72:5e:b8:6d:54:c2:c2:98:6b:29:fe:fa:f6:24: 2e:e5:a4:c2:4e:d2:12:6e:02:8c:27:80:2e:b5:92:22:06:b8: c0:ae:ec:36:97:d2:7a:39:08:c0:8a:45:7b:61:29:30:3e:b3: 47:f6:54:8c:64:ee:83:c6:61:f6:1d:0a:3f:75:b3:99:7a:bc: 40:5b:93:82:d7:28:af:bf:b9:51:20:a6:f5:71:c3:de:ac:cc: df:0c:38:b9:64:fc:fc:73:a1:23:86:48:05:3f:7c:25:cd:89: 48:49:c6:e7:80:94:73:db:f7:6c:0b:f0:65:57:64:87:0a:94: a8:86:70:c7:52:66:18:f9:66:cc:bc:7e:31:fe:f3:23:5c:b3: 84:b1:d5:f8:81:56:45:9d:25:9d:3c:84:c6:ae:43:ec:b5:d2: af:f0:09:b2:cd:40:d4:f6:41:ce:aa:b3:9b:dd:ca:62:77:95: ce:41:9c:65:e7:ec:93:e9:64:b8:ec:db:84:21:16:7b:08:ae: 1f:0a:55:6e:60:fb:f1:bd:19:0c:a0:77:c1:cd:da:72:e3:8d: c6:62:30:e0:b5:a3:48:d9:af:01:bd:63:d9:1a:b3:ef:17:3f: 21:66:c7:4e:01:75:06:ac:69:86:95:59:44:f5:67:2f:13:c6: bc:3b:2d:83 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBITANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx Rjc1MzExMC8GA1UEBRMoMkQ0OUIzQUU2REExOEI2MzQ2NEEzMTc3QUIzMjEwMTk0 MkU2QTUxQTAeFw0yNTAyMDUwNjIwMjRaFw0yNTAyMTIwNjIwMjRaMBgxFjAUBgNV BAMTDTY3YTMwMzI4LTU2MTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDTmbNGUYWxe5rBZQeDLfXEnwK6CivzqbjjfDtuhoHCN6dsM4nCoFDvTLWXxQrC gsrZhDhKLYpRLI2C941DePZVu37auaiqlz1KJT9YVCPIWq9DIcw5BKPbXbIH/cbq LzjZr5+yptIrdvq1knL74v7s7zXfBY7E83Moo/xLyb7mrl+28UuoDmBM6nvLXvWo 7NeyUApDqIsHgE9SPuOhLOyc5hk5IzLt+LBppmvDKUI7Q6QZr+q09SQ/c5qae/iV Tyhc6CciEjVQgcTfJLbTZ4DmeI7R+R5LwlKNMrSzGpI1LqaHsvZlHRprcXzIPEBo 2oqSCrT1AbMj7yY6Qpx/G0PpAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUwmwbTOhh WqCBpzdVEXUg6R5WQMwwHwYDVR0jBBgwFoAULUmzrm2hi2NGSjF3qzIQGULmpRow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFGNzUzLzc4MDlEQTAyQkMw RDExRUY5QjRBRDY0OUM0RjlBRTAyL0xVbXpybTJoaTJOR1NqRjNxeklRR1VMbXBS by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvTFVtenJtMmhpMk5HU2pGM3F6SVFHVUxtcFJvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFG NzUzLzc4MDlEQTAyQkMwRDExRUY5QjRBRDY0OUM0RjlBRTAyL0xVbXpybTJoaTJO R1NqRjNxeklRR1VMbXBSby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKJ8JqRyXrhtVMLCmGsp/vr2JC7lpMJO0hJuAowngC61kiIGuMCu7DaX 0no5CMCKRXthKTA+s0f2VIxk7oPGYfYdCj91s5l6vEBbk4LXKK+/uVEgpvVxw96s zN8MOLlk/PxzoSOGSAU/fCXNiUhJxueAlHPb92wL8GVXZIcKlKiGcMdSZhj5Zsy8 fjH+8yNcs4Sx1fiBVkWdJZ08hMauQ+y10q/wCbLNQNT2Qc6qs5vdymJ3lc5BnGXn 7JPpZLjs24QhFnsIrh8KVW5g+/G9GQygd8HN2nLjjcZiMOC1o0jZrwG9Y9kas+8X PyFmx04BdQasaYaVWUT1Zy8Txrw7LYM= -----END CERTIFICATE-----Generated at Wed Feb 5 19:56:47 2025 by rpki-client