$ rpki-client -vvf rpki.apnic.net/member_repository/A912D71D/1E0F992E36CE11F0A2A69C1FC4F9AE02/lSpNx8TWEJWYvu5awKIG0nuFxWo.mft File: lSpNx8TWEJWYvu5awKIG0nuFxWo.mft (raw, json) Hash identifier: UooeUqtOh39RpLT/riUdQV9rFW1j8CknyjGa6CBb2bo= Subject key identifier: B4:D7:7D:00:BE:2C:86:FA:76:4C:ED:D3:EB:95:36:65:AF:0E:7C:24 Authority key identifier: 95:2A:4D:C7:C4:D6:10:95:98:BE:EE:5A:C0:A2:06:D2:7B:85:C5:6A Certificate issuer: /CN=A912D71D/serialNumber=952A4DC7C4D6109598BEEE5AC0A206D27B85C56A Certificate serial: 09 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lSpNx8TWEJWYvu5awKIG0nuFxWo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912D71D/1E0F992E36CE11F0A2A69C1FC4F9AE02/lSpNx8TWEJWYvu5awKIG0nuFxWo.mft Manifest number: 08 Signing time: Thu 05 Jun 2025 07:33:21 +0000 Manifest this update: Thu 05 Jun 2025 07:33:20 +0000 Manifest next update: Thu 12 Jun 2025 07:33:20 +0000 Files and hashes: 1: lSpNx8TWEJWYvu5awKIG0nuFxWo.crl (hash: Nj34jadN00yHq+tfRefu/DP9PXb5+4hNr9ooyDDYBt8=) 2: 4002AE6236CF11F0AA705D26C4F9AE02.roa (hash: mqzypacDD7xIbwYv9NK8trW6oiDHkBTrKySSx1uZLFU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912D71D/1E0F992E36CE11F0A2A69C1FC4F9AE02/lSpNx8TWEJWYvu5awKIG0nuFxWo.crl rsync://rpki.apnic.net/member_repository/A912D71D/1E0F992E36CE11F0A2A69C1FC4F9AE02/lSpNx8TWEJWYvu5awKIG0nuFxWo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lSpNx8TWEJWYvu5awKIG0nuFxWo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 12 Jun 2025 07:33:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9 (0x9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912D71D, serialNumber=952A4DC7C4D6109598BEEE5AC0A206D27B85C56A Validity Not Before: Jun 5 07:33:20 2025 GMT Not After : Jun 12 07:33:20 2025 GMT Subject: CN=68414841-8ea5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:35:d5:87:13:68:03:aa:db:fc:eb:c2:fe:65: bb:02:9c:db:f0:b0:05:a4:17:4d:35:23:41:e7:8b: 57:ba:a8:85:78:b8:01:bc:1c:2e:8f:4c:79:88:ef: c0:25:5e:34:ec:0e:e2:ea:ee:ef:1a:ee:50:4b:8d: 3e:0e:85:7b:4a:7c:e1:ea:aa:4b:c7:ac:1a:11:02: 75:e7:64:e4:29:dc:35:36:db:6c:50:39:25:08:f6: d5:c9:a7:82:28:dd:f7:15:0d:fb:20:6b:4a:e7:a1: 69:52:a6:8b:e7:f6:f1:d7:dc:cb:78:cc:ae:59:38: f6:09:5c:af:96:45:b5:a5:25:46:3c:ed:68:ba:3a: 05:c7:62:7c:50:17:ea:f5:98:54:9c:bb:ba:43:9d: 74:b1:35:a5:a7:99:0e:a4:76:51:ae:da:ff:28:f2: 61:05:0d:3a:b1:bb:a1:0a:fd:7b:d0:98:22:1f:b9: 6f:e6:ca:84:54:f1:b3:de:e3:62:05:d3:b4:22:c7: c5:7a:03:bf:89:04:bb:dc:c8:c1:33:3b:80:7d:ac: 4b:e4:24:b4:43:a4:bf:aa:e1:03:70:66:74:ec:39: 4c:9d:b4:1a:1c:53:33:8b:17:0b:95:9f:44:3c:16: f5:1a:0e:d1:40:77:b1:c7:68:de:79:ab:ca:a0:b1: 8d:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:D7:7D:00:BE:2C:86:FA:76:4C:ED:D3:EB:95:36:65:AF:0E:7C:24 X509v3 Authority Key Identifier: keyid:95:2A:4D:C7:C4:D6:10:95:98:BE:EE:5A:C0:A2:06:D2:7B:85:C5:6A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912D71D/1E0F992E36CE11F0A2A69C1FC4F9AE02/lSpNx8TWEJWYvu5awKIG0nuFxWo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lSpNx8TWEJWYvu5awKIG0nuFxWo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912D71D/1E0F992E36CE11F0A2A69C1FC4F9AE02/lSpNx8TWEJWYvu5awKIG0nuFxWo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 63:15:04:57:09:ac:f7:f3:33:28:46:ae:84:47:a5:b8:8f:10: 0d:ff:d8:df:8e:c3:cf:f4:bd:73:40:64:8d:47:ed:25:2f:12: 1e:ef:41:dd:44:fd:fc:eb:18:de:c9:4f:bb:4a:90:65:c9:0a: a1:a6:90:a9:cf:84:1b:8a:79:4d:f8:59:6d:b2:33:27:f1:2d: eb:22:f6:d5:28:49:63:50:36:ab:9b:8a:b6:d1:1c:e5:b6:bb: b3:a5:5a:b1:51:52:0d:9a:4e:a6:68:50:91:c4:90:64:e6:36: 07:ac:88:07:b5:a1:1b:2e:5b:25:b3:48:11:f2:78:3c:4b:8a: d5:47:84:30:be:5c:4d:67:91:0b:07:ba:1c:43:3e:5b:70:11: c8:03:25:c2:5e:70:b0:5c:25:02:98:ca:38:3e:a9:9b:43:cb: 2f:8e:3c:09:9c:06:7c:f4:9e:58:cc:19:c0:d3:c8:2c:ab:c2: fe:20:d7:18:5b:7b:92:d8:5d:dc:d8:79:84:67:a9:05:be:d7: bb:4e:ae:b4:a5:d1:9a:31:a2:68:bc:af:16:e9:49:6f:f6:17: 2b:cc:cf:7a:11:e2:5c:1a:fc:d6:0c:99:b4:3b:a4:e1:ad:55: 6b:42:d2:6a:dc:85:68:2a:b8:83:7d:0f:ec:a9:a6:66:14:cd: 18:f4:0c:98 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBCTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy RDcxRDExMC8GA1UEBRMoOTUyQTREQzdDNEQ2MTA5NTk4QkVFRTVBQzBBMjA2RDI3 Qjg1QzU2QTAeFw0yNTA2MDUwNzMzMjBaFw0yNTA2MTIwNzMzMjBaMBgxFjAUBgNV BAMTDTY4NDE0ODQxLThlYTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDvNdWHE2gDqtv868L+ZbsCnNvwsAWkF001I0Hni1e6qIV4uAG8HC6PTHmI78Al XjTsDuLq7u8a7lBLjT4OhXtKfOHqqkvHrBoRAnXnZOQp3DU222xQOSUI9tXJp4Io 3fcVDfsga0rnoWlSpovn9vHX3Mt4zK5ZOPYJXK+WRbWlJUY87Wi6OgXHYnxQF+r1 mFScu7pDnXSxNaWnmQ6kdlGu2v8o8mEFDTqxu6EK/XvQmCIfuW/myoRU8bPe42IF 07Qix8V6A7+JBLvcyMEzO4B9rEvkJLRDpL+q4QNwZnTsOUydtBocUzOLFwuVn0Q8 FvUaDtFAd7HHaN55q8qgsY2vAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUtNd9AL4s hvp2TO3T65U2Za8OfCQwHwYDVR0jBBgwFoAUlSpNx8TWEJWYvu5awKIG0nuFxWow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJENzFELzFFMEY5OTJFMzZD RTExRjBBMkE2OUMxRkM0RjlBRTAyL2xTcE54OFRXRUpXWXZ1NWF3S0lHMG51RnhX by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvbFNwTng4VFdFSldZdnU1YXdLSUcwbnVGeFdvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJE NzFELzFFMEY5OTJFMzZDRTExRjBBMkE2OUMxRkM0RjlBRTAyL2xTcE54OFRXRUpX WXZ1NWF3S0lHMG51RnhXby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGMVBFcJrPfzMyhGroRHpbiPEA3/2N+Ow8/0vXNAZI1H7SUvEh7vQd1E /fzrGN7JT7tKkGXJCqGmkKnPhBuKeU34WW2yMyfxLesi9tUoSWNQNqubirbRHOW2 u7OlWrFRUg2aTqZoUJHEkGTmNgesiAe1oRsuWyWzSBHyeDxLitVHhDC+XE1nkQsH uhxDPltwEcgDJcJecLBcJQKYyjg+qZtDyy+OPAmcBnz0nljMGcDTyCyrwv4g1xhb e5LYXdzYeYRnqQW+17tOrrSl0Zoxomi8rxbpSW/2FyvMz3oR4lwa/NYMmbQ7pOGt VWtC0mrchWgquIN9D+yppmYUzRj0DJg= -----END CERTIFICATE-----Generated at Thu Jun 5 20:04:34 2025 by rpki-client