$ rpki-client -vvf rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.mft File: LbxGXaaBtbMRiXq2xGjCVHBuXS8.mft (raw, json) Hash identifier: yEgRMr6nG9RG3D88JaRv9SKgu0SIJCb85pyCs5f6OKA= Subject key identifier: 71:CD:8C:45:60:4E:02:44:DE:BC:94:9B:13:FF:60:D2:B5:50:81:2C Authority key identifier: 2D:BC:46:5D:A6:81:B5:B3:11:89:7A:B6:C4:68:C2:54:70:6E:5D:2F Certificate issuer: /CN=A9153D75/serialNumber=2DBC465DA681B5B311897AB6C468C254706E5D2F Certificate serial: 0209 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LbxGXaaBtbMRiXq2xGjCVHBuXS8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.mft Manifest number: 0205 Signing time: Thu 21 Aug 2025 02:20:47 +0000 Manifest this update: Thu 21 Aug 2025 02:20:47 +0000 Manifest next update: Thu 28 Aug 2025 02:20:47 +0000 Files and hashes: 1: LbxGXaaBtbMRiXq2xGjCVHBuXS8.crl (hash: D3D3WUX00tuWAo1aUiT5oS24zRE5Vg3FxSxl1OwwZrQ=) 2: 552D155464A711ED99D40117C4F9AE02.roa (hash: 23rCyoR4WnNChFU7ymH391h0HiIrF4JQy1l5v2pbquM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.crl rsync://rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LbxGXaaBtbMRiXq2xGjCVHBuXS8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Aug 2025 02:20:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 521 (0x209) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9153D75, serialNumber=2DBC465DA681B5B311897AB6C468C254706E5D2F Validity Not Before: Aug 21 02:20:47 2025 GMT Not After : Aug 28 02:20:47 2025 GMT Subject: CN=68a6827f-7164 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:8a:65:f6:98:1c:98:09:81:ab:e1:24:e0:63: 69:65:f0:bd:bc:f3:83:59:2c:2b:3f:7d:b6:0c:2d: 5b:f4:24:7c:3f:76:1f:a9:a2:7a:f8:15:81:44:84: 71:af:e4:d4:b7:eb:d8:6c:a3:29:f6:4e:f9:74:f8: 7a:34:71:14:65:8c:e8:19:34:fb:44:c8:43:cb:48: e6:c3:a9:db:51:8d:4b:03:d0:61:43:f9:0a:0e:a5: 2b:20:64:26:18:d2:14:79:b2:65:9a:76:c7:70:bc: cb:78:e9:8f:07:9d:d1:8a:ab:18:2f:d8:b3:6f:42: 93:77:bc:4f:6f:f1:7a:82:14:37:69:02:10:aa:81: b0:8c:55:dd:e9:9b:90:9e:2a:44:0a:3d:c3:15:9c: c1:2f:39:48:14:cd:8b:eb:a4:db:5b:a0:3d:93:f6: c0:d1:c0:a0:ba:86:79:2e:73:30:5b:1e:44:92:c3: 79:17:bc:dc:3b:96:59:8c:9f:fa:51:89:5d:21:58: f0:1d:b8:d1:b5:dd:4a:02:52:88:1c:6d:82:20:a5: 84:e4:4b:17:8b:b9:fb:1a:37:ff:08:55:93:40:39: 0d:2f:a8:a1:e5:5a:82:6e:8e:24:87:6c:fe:5f:58: b0:14:66:d9:b7:55:d6:7a:90:0a:20:15:d6:f1:b4: 06:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:CD:8C:45:60:4E:02:44:DE:BC:94:9B:13:FF:60:D2:B5:50:81:2C X509v3 Authority Key Identifier: keyid:2D:BC:46:5D:A6:81:B5:B3:11:89:7A:B6:C4:68:C2:54:70:6E:5D:2F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LbxGXaaBtbMRiXq2xGjCVHBuXS8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 20:68:07:cb:a0:08:91:28:97:1d:7d:a8:d8:f7:de:8a:e2:29: 70:8b:0e:8a:de:47:86:2f:92:b4:30:f6:fd:9e:78:73:01:aa: 98:91:ec:dd:a2:81:4d:03:21:94:7f:0b:db:38:ca:d1:9b:6f: 79:a1:cd:33:bb:64:e5:f5:dd:9e:64:f6:f6:7c:ff:e0:3a:fe: 01:1b:63:4c:8a:78:dd:33:8d:26:3a:9e:c4:50:ac:d8:c8:96: f3:a5:a1:d7:a6:71:e2:02:44:ce:2a:06:22:74:f6:1c:b8:a2: 8c:56:1a:32:9f:c4:9c:d1:4d:09:ac:ae:77:88:d9:cc:04:10: ed:50:b9:a3:f0:5e:7e:fe:16:70:73:0e:c4:b3:2a:cb:0f:89: d8:40:74:c7:a4:9d:17:0f:7e:fd:5d:fd:5d:56:3c:7f:97:5c: 77:ba:27:d1:9c:25:da:68:d6:ae:1c:2a:dc:ac:84:9b:58:e4: 2e:2b:4b:2d:05:cb:e7:26:73:73:a5:d6:e4:c6:2a:a6:21:bc: 1c:49:76:ec:9d:54:1f:3e:df:04:f8:9c:83:24:78:2c:f1:43: 8b:a7:76:5d:d8:4b:72:b5:dd:63:5c:9e:be:79:00:f5:03:b4: c3:81:6e:d3:67:12:eb:34:04:31:39:86:5c:5d:96:d0:a7:08: 86:9f:b5:46 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAgkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTNENzUxMTAvBgNVBAUTKDJEQkM0NjVEQTY4MUI1QjMxMTg5N0FCNkM0NjhDMjU0 NzA2RTVEMkYwHhcNMjUwODIxMDIyMDQ3WhcNMjUwODI4MDIyMDQ3WjAYMRYwFAYD VQQDEw02OGE2ODI3Zi03MTY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAn4pl9pgcmAmBq+Ek4GNpZfC9vPODWSwrP322DC1b9CR8P3YfqaJ6+BWBRIRx r+TUt+vYbKMp9k75dPh6NHEUZYzoGTT7RMhDy0jmw6nbUY1LA9BhQ/kKDqUrIGQm GNIUebJlmnbHcLzLeOmPB53RiqsYL9izb0KTd7xPb/F6ghQ3aQIQqoGwjFXd6ZuQ nipECj3DFZzBLzlIFM2L66TbW6A9k/bA0cCguoZ5LnMwWx5EksN5F7zcO5ZZjJ/6 UYldIVjwHbjRtd1KAlKIHG2CIKWE5EsXi7n7Gjf/CFWTQDkNL6ih5VqCbo4kh2z+ X1iwFGbZt1XWepAKIBXW8bQGlQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHHNjEVg TgJE3ryUmxP/YNK1UIEsMB8GA1UdIwQYMBaAFC28Rl2mgbWzEYl6tsRowlRwbl0v MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1M0Q3NS81MkRFNEM0QTY0 QTMxMUVEODIyMDI0MTJDNEY5QUUwMi9MYnhHWGFhQnRiTVJpWHEyeEdqQ1ZIQnVY UzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xieEdYYWFCdGJNUmlYcTJ4R2pDVkhCdVhTOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 M0Q3NS81MkRFNEM0QTY0QTMxMUVEODIyMDI0MTJDNEY5QUUwMi9MYnhHWGFhQnRi TVJpWHEyeEdqQ1ZIQnVYUzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAgaAfLoAiRKJcdfajY996K4ilwiw6K3keGL5K0MPb9nnhzAaqYkezd ooFNAyGUfwvbOMrRm295oc0zu2Tl9d2eZPb2fP/gOv4BG2NMinjdM40mOp7EUKzY yJbzpaHXpnHiAkTOKgYidPYcuKKMVhoyn8Sc0U0JrK53iNnMBBDtULmj8F5+/hZw cw7EsyrLD4nYQHTHpJ0XD379Xf1dVjx/l1x3uifRnCXaaNauHCrcrISbWOQuK0st BcvnJnNzpdbkxiqmIbwcSXbsnVQfPt8E+JyDJHgs8UOLp3Zd2Etytd1jXJ6+eQD1 A7TDgW7TZxLrNAQxOYZcXZbQpwiGn7VG -----END CERTIFICATE-----Generated at Fri Aug 22 16:36:05 2025 by rpki-client