$ rpki-client -vvf rpki.apnic.net/member_repository/A912FB1D/C684CA9C1DAB11E2A21E35AA08B02CD2/lC8l1zULID6onvLRzBULBbF7K4c.mft File: lC8l1zULID6onvLRzBULBbF7K4c.mft (raw, json) Hash identifier: kQXcBZmfLIyBzVD9zzDpE8ULo5QbmSeBPlZAHG/vyLw= Subject key identifier: 32:23:D3:29:5D:9F:01:E2:02:D5:E0:7F:38:C3:3B:13:81:1E:70:12 Authority key identifier: 94:2F:25:D7:35:0B:20:3E:A8:9E:F2:D1:CC:15:0B:05:B1:7B:2B:87 Certificate issuer: /CN=A912FB1D/serialNumber=942F25D7350B203EA89EF2D1CC150B05B17B2B87 Certificate serial: 34AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lC8l1zULID6onvLRzBULBbF7K4c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912FB1D/C684CA9C1DAB11E2A21E35AA08B02CD2/lC8l1zULID6onvLRzBULBbF7K4c.mft Manifest number: 3497 Signing time: Sat 31 May 2025 15:19:07 +0000 Manifest this update: Sat 31 May 2025 15:19:07 +0000 Manifest next update: Sat 07 Jun 2025 15:19:07 +0000 Files and hashes: 1: lC8l1zULID6onvLRzBULBbF7K4c.crl (hash: wvUYyPUaGNtIy2v6ViGBJWi6u1qHdmHv2QlWk6ck/sw=) 2: C098D762675111E9A0C4BB36C4F9AE02.roa (hash: INyUubVzyzPFDA6zTyRhkIRyBY0HoCb9vhAv2oVdZVY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912FB1D/C684CA9C1DAB11E2A21E35AA08B02CD2/lC8l1zULID6onvLRzBULBbF7K4c.crl rsync://rpki.apnic.net/member_repository/A912FB1D/C684CA9C1DAB11E2A21E35AA08B02CD2/lC8l1zULID6onvLRzBULBbF7K4c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lC8l1zULID6onvLRzBULBbF7K4c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 15:19:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13484 (0x34ac) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912FB1D, serialNumber=942F25D7350B203EA89EF2D1CC150B05B17B2B87 Validity Not Before: May 31 15:19:07 2025 GMT Not After : Jun 7 15:19:07 2025 GMT Subject: CN=683b1deb-bffa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:ac:77:2f:44:1b:72:de:f8:a0:52:c4:8d:b5: 57:c6:5a:d2:78:f5:7b:8d:29:6b:8c:b3:a9:49:14: f6:cb:73:44:43:6a:46:c7:df:b9:a0:2d:fd:1c:2a: c6:15:32:0b:e8:d0:79:d0:9b:b2:b6:41:c9:82:c3: e7:ab:df:51:c4:b7:27:3e:8c:2c:22:97:9a:5c:8a: c4:00:cc:5f:40:da:06:18:d1:68:e8:9d:ff:37:b3: b4:18:e5:c7:02:a5:e6:31:8a:73:4a:ee:28:33:f3: b3:27:24:4e:92:b0:c0:7a:6b:a0:fe:b2:1e:c9:8b: 29:e1:1b:75:94:b6:7e:b0:f2:99:c6:06:b5:84:22: 57:00:df:a9:f4:43:4b:e8:ae:9e:e4:43:8b:1b:c0: 03:c5:bc:e7:36:75:79:1e:ca:1b:5a:78:af:0b:f3: 89:84:35:c7:a7:1b:c9:f5:b5:e7:09:4a:8a:66:ef: 35:d0:07:98:aa:1d:cb:65:49:c8:81:86:f6:b8:a4: 8f:fd:9a:fb:9d:04:0d:1a:90:b8:ac:59:bd:52:ac: 3e:51:8c:22:fd:f0:32:be:bc:a6:fe:b3:65:ef:c7: a4:40:3c:22:f4:05:1d:e3:65:fe:40:f9:8b:3c:b2: d4:ca:ec:09:b0:fb:03:d0:e2:4e:43:75:cd:9e:42: 64:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:23:D3:29:5D:9F:01:E2:02:D5:E0:7F:38:C3:3B:13:81:1E:70:12 X509v3 Authority Key Identifier: keyid:94:2F:25:D7:35:0B:20:3E:A8:9E:F2:D1:CC:15:0B:05:B1:7B:2B:87 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912FB1D/C684CA9C1DAB11E2A21E35AA08B02CD2/lC8l1zULID6onvLRzBULBbF7K4c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lC8l1zULID6onvLRzBULBbF7K4c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912FB1D/C684CA9C1DAB11E2A21E35AA08B02CD2/lC8l1zULID6onvLRzBULBbF7K4c.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 47:38:59:80:d0:cd:11:cb:48:e8:26:7a:6f:f9:18:cd:bb:f4: e8:e2:cd:2d:f0:e9:8e:88:59:99:2e:3f:cb:1d:b5:0d:1b:91: 1b:f8:63:98:75:d9:c3:fb:79:83:9d:f5:d9:b4:d9:e6:57:0a: 65:02:e0:ff:78:f4:46:60:3e:05:23:2d:f9:16:a6:cd:93:a8: ab:aa:58:57:14:a3:49:5c:b8:e3:4c:67:a3:7a:d7:e4:cb:f2: e4:29:7c:81:a9:29:e9:59:9e:2e:64:0f:2d:bf:3d:de:c5:74: 5a:8b:bd:37:c3:60:41:55:55:a9:3e:23:7a:a8:93:69:ef:3e: 0c:0f:5e:29:36:bc:bc:56:6b:c1:22:ce:67:44:6d:12:6b:ff: 84:79:a3:c3:db:b2:e8:2e:65:30:37:9a:3d:28:3e:50:31:6e: 6e:8c:9f:45:89:2e:df:49:bb:59:58:04:eb:ca:7d:16:ae:29: 2d:e4:2f:d0:de:df:e6:58:d6:e9:79:ec:bb:e7:4c:b7:b3:ee: f7:42:d4:52:08:14:30:c6:4b:b7:84:23:83:1a:80:a4:64:29: c7:e7:cd:5f:38:15:47:15:e4:48:fe:04:c1:05:5c:17:8b:8f: a8:e4:96:f0:e1:75:b4:04:d2:65:74:11:ec:68:b7:01:78:d0: d9:24:4b:1c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNKwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkZCMUQxMTAvBgNVBAUTKDk0MkYyNUQ3MzUwQjIwM0VBODlFRjJEMUNDMTUwQjA1 QjE3QjJCODcwHhcNMjUwNTMxMTUxOTA3WhcNMjUwNjA3MTUxOTA3WjAYMRYwFAYD VQQDEw02ODNiMWRlYi1iZmZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6qx3L0Qbct74oFLEjbVXxlrSePV7jSlrjLOpSRT2y3NEQ2pGx9+5oC39HCrG FTIL6NB50JuytkHJgsPnq99RxLcnPowsIpeaXIrEAMxfQNoGGNFo6J3/N7O0GOXH AqXmMYpzSu4oM/OzJyROkrDAemug/rIeyYsp4Rt1lLZ+sPKZxga1hCJXAN+p9ENL 6K6e5EOLG8ADxbznNnV5HsobWnivC/OJhDXHpxvJ9bXnCUqKZu810AeYqh3LZUnI gYb2uKSP/Zr7nQQNGpC4rFm9Uqw+UYwi/fAyvrym/rNl78ekQDwi9AUd42X+QPmL PLLUyuwJsPsD0OJOQ3XNnkJkRQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDIj0yld nwHiAtXgfzjDOxOBHnASMB8GA1UdIwQYMBaAFJQvJdc1CyA+qJ7y0cwVCwWxeyuH MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRkIxRC9DNjg0Q0E5QzFE QUIxMUUyQTIxRTM1QUEwOEIwMkNEMi9sQzhsMXpVTElENm9udkxSekJVTEJiRjdL NGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xDOGwxelVMSUQ2b252TFJ6QlVMQmJGN0s0Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy RkIxRC9DNjg0Q0E5QzFEQUIxMUUyQTIxRTM1QUEwOEIwMkNEMi9sQzhsMXpVTElE Nm9udkxSekJVTEJiRjdLNGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBHOFmA0M0Ry0joJnpv+RjNu/To4s0t8OmOiFmZLj/LHbUNG5Eb+GOY ddnD+3mDnfXZtNnmVwplAuD/ePRGYD4FIy35FqbNk6irqlhXFKNJXLjjTGejetfk y/LkKXyBqSnpWZ4uZA8tvz3exXRai703w2BBVVWpPiN6qJNp7z4MD14pNry8VmvB Is5nRG0Sa/+EeaPD27LoLmUwN5o9KD5QMW5ujJ9FiS7fSbtZWATryn0Wrikt5C/Q 3t/mWNbpeey750y3s+73QtRSCBQwxku3hCODGoCkZCnH581fOBVHFeRI/gTBBVwX i4+o5Jbw4XW0BNJldBHsaLcBeNDZJEsc -----END CERTIFICATE-----Generated at Sat May 31 16:49:08 2025 by rpki-client