$ rpki-client -vvf rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.mft File: LbxGXaaBtbMRiXq2xGjCVHBuXS8.mft (raw, json) Hash identifier: g3Zfz/N56OhAWuiP2FQ/2MZezBuA8ENCEeZ42z9JpRw= Subject key identifier: F1:ED:73:08:E0:B9:43:D2:E1:97:3A:63:B2:12:D8:BD:20:87:56:46 Authority key identifier: 2D:BC:46:5D:A6:81:B5:B3:11:89:7A:B6:C4:68:C2:54:70:6E:5D:2F Certificate issuer: /CN=A9153D75/serialNumber=2DBC465DA681B5B311897AB6C468C254706E5D2F Certificate serial: 01DF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LbxGXaaBtbMRiXq2xGjCVHBuXS8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.mft Manifest number: 01DB Signing time: Sat 31 May 2025 02:30:29 +0000 Manifest this update: Sat 31 May 2025 02:30:28 +0000 Manifest next update: Sat 07 Jun 2025 02:30:28 +0000 Files and hashes: 1: LbxGXaaBtbMRiXq2xGjCVHBuXS8.crl (hash: qanN3e2GcDfxG7hYgfM+4vcxW4SYf3IP3GbxPeWhBWQ=) 2: 552D155464A711ED99D40117C4F9AE02.roa (hash: 23rCyoR4WnNChFU7ymH391h0HiIrF4JQy1l5v2pbquM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.crl rsync://rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LbxGXaaBtbMRiXq2xGjCVHBuXS8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 02:30:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 479 (0x1df) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9153D75, serialNumber=2DBC465DA681B5B311897AB6C468C254706E5D2F Validity Not Before: May 31 02:30:28 2025 GMT Not After : Jun 7 02:30:28 2025 GMT Subject: CN=683a69c4-c978 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:e7:8d:d8:8f:c8:59:58:bb:d5:14:28:0f:94: 4e:c4:1c:d6:03:e7:1c:b5:b6:a7:1f:75:f7:36:3f: b0:d6:0f:b4:93:7e:e1:ea:50:3c:a9:b8:4e:f1:1d: ce:30:5f:c1:26:ff:11:d4:d2:68:7a:9b:e6:49:58: 9c:26:00:a0:1c:1c:16:b6:dc:98:be:28:53:f4:f8: e4:3e:8f:b2:63:6f:00:d5:43:1c:ca:00:ca:97:93: 79:3e:0e:ff:bc:bb:30:e4:99:6c:24:a2:d4:3e:19: 46:4c:5c:c0:33:de:a2:c9:3d:23:03:ce:44:5c:7c: 89:fb:c8:58:62:e5:f8:26:e5:b4:52:84:88:0f:46: d3:f1:31:40:b6:fa:a1:a3:a3:3b:92:c0:48:8f:e5: c8:bf:3f:79:72:a4:41:c2:e5:ed:4e:84:5e:6a:00: a4:2b:ab:84:e6:dc:96:24:e3:29:02:23:18:c6:35: 77:c0:d8:80:84:20:d8:22:73:76:86:3c:e9:db:f2: f5:26:b6:21:a9:74:04:82:cd:82:64:51:95:ce:8a: 00:2b:53:60:3f:30:67:c4:ca:1c:be:2b:7f:8e:64: e0:01:65:0f:45:91:51:fc:fb:c7:fe:52:17:c3:b9: d1:ab:99:d4:31:1a:41:7b:c6:3c:e6:36:c4:3e:17: fa:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:ED:73:08:E0:B9:43:D2:E1:97:3A:63:B2:12:D8:BD:20:87:56:46 X509v3 Authority Key Identifier: keyid:2D:BC:46:5D:A6:81:B5:B3:11:89:7A:B6:C4:68:C2:54:70:6E:5D:2F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LbxGXaaBtbMRiXq2xGjCVHBuXS8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b7:4a:aa:b9:76:f4:08:71:82:b4:fc:2f:69:80:f8:cd:a0:64: 7a:ab:c6:85:5d:8e:29:97:ad:af:e2:34:b1:06:62:4e:1c:21: 83:8c:ed:a4:81:2f:f3:a7:90:98:b7:b5:7b:ac:3a:bc:a3:40: b8:8f:b8:01:0c:56:be:97:ec:f1:b0:0b:17:0c:2f:9f:65:ae: ef:59:57:cd:8f:84:32:43:60:fa:80:87:5e:9f:18:14:c5:1f: e5:96:7b:ea:09:bc:de:3a:53:99:cb:d8:54:fb:54:26:d4:99: b0:a2:5e:e3:bc:cb:01:a0:31:e9:4e:4d:54:21:f2:56:fc:0f: 8b:6e:29:9e:05:34:49:4d:fe:41:96:a2:39:6e:c4:7b:41:16: 88:dd:f5:4e:75:5b:95:34:f1:f1:f4:c1:65:aa:f0:a1:49:7a: 4b:b1:41:7a:21:03:4d:47:67:35:46:ee:9e:a8:70:93:5f:04: 49:a7:c0:f6:c4:e0:f0:ba:99:3e:b1:3a:af:31:01:94:39:c2: 33:9c:a8:86:ac:30:29:49:bb:fb:5b:cf:ab:a1:ef:d0:8a:ea: fc:9d:0c:29:86:dd:f6:5c:b7:92:a8:22:5f:fa:5e:69:39:c5: 2d:e5:37:bc:45:84:a4:e2:3c:b4:d4:4e:9a:41:ff:8a:f0:e8: 2f:b3:b4:03 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAd8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTNENzUxMTAvBgNVBAUTKDJEQkM0NjVEQTY4MUI1QjMxMTg5N0FCNkM0NjhDMjU0 NzA2RTVEMkYwHhcNMjUwNTMxMDIzMDI4WhcNMjUwNjA3MDIzMDI4WjAYMRYwFAYD VQQDEw02ODNhNjljNC1jOTc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvueN2I/IWVi71RQoD5ROxBzWA+cctbanH3X3Nj+w1g+0k37h6lA8qbhO8R3O MF/BJv8R1NJoepvmSVicJgCgHBwWttyYvihT9PjkPo+yY28A1UMcygDKl5N5Pg7/ vLsw5JlsJKLUPhlGTFzAM96iyT0jA85EXHyJ+8hYYuX4JuW0UoSID0bT8TFAtvqh o6M7ksBIj+XIvz95cqRBwuXtToReagCkK6uE5tyWJOMpAiMYxjV3wNiAhCDYInN2 hjzp2/L1JrYhqXQEgs2CZFGVzooAK1NgPzBnxMocvit/jmTgAWUPRZFR/PvH/lIX w7nRq5nUMRpBe8Y85jbEPhf6mwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPHtcwjg uUPS4Zc6Y7IS2L0gh1ZGMB8GA1UdIwQYMBaAFC28Rl2mgbWzEYl6tsRowlRwbl0v MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1M0Q3NS81MkRFNEM0QTY0 QTMxMUVEODIyMDI0MTJDNEY5QUUwMi9MYnhHWGFhQnRiTVJpWHEyeEdqQ1ZIQnVY UzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xieEdYYWFCdGJNUmlYcTJ4R2pDVkhCdVhTOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 M0Q3NS81MkRFNEM0QTY0QTMxMUVEODIyMDI0MTJDNEY5QUUwMi9MYnhHWGFhQnRi TVJpWHEyeEdqQ1ZIQnVYUzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC3Sqq5dvQIcYK0/C9pgPjNoGR6q8aFXY4pl62v4jSxBmJOHCGDjO2k gS/zp5CYt7V7rDq8o0C4j7gBDFa+l+zxsAsXDC+fZa7vWVfNj4QyQ2D6gIdenxgU xR/llnvqCbzeOlOZy9hU+1Qm1Jmwol7jvMsBoDHpTk1UIfJW/A+LbimeBTRJTf5B lqI5bsR7QRaI3fVOdVuVNPHx9MFlqvChSXpLsUF6IQNNR2c1Ru6eqHCTXwRJp8D2 xODwupk+sTqvMQGUOcIznKiGrDApSbv7W8+roe/Qiur8nQwpht32XLeSqCJf+l5p OcUt5Te8RYSk4jy01E6aQf+K8Ogvs7QD -----END CERTIFICATE-----Generated at Sat May 31 17:58:42 2025 by rpki-client