$ rpki-client -vvf rpki.apnic.net/member_repository/A915C1AA/6C9D26307F2011EAB57D5732C4F9AE02/1lqglKUeKDl1O1khC2zyxUkVwB4.mft File: 1lqglKUeKDl1O1khC2zyxUkVwB4.mft (raw, json) Hash identifier: 8BGrlY6fzk+/s2+j+nMidoBY3KRD3We9OBkjdHRSwHQ= Subject key identifier: A4:37:39:82:5A:94:C8:46:AB:F3:BD:81:E7:C2:50:C7:7C:3B:E7:9B Authority key identifier: D6:5A:A0:94:A5:1E:28:39:75:3B:59:21:0B:6C:F2:C5:49:15:C0:1E Certificate issuer: /CN=A915C1AA/serialNumber=D65AA094A51E2839753B59210B6CF2C54915C01E Certificate serial: 09D8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1lqglKUeKDl1O1khC2zyxUkVwB4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915C1AA/6C9D26307F2011EAB57D5732C4F9AE02/1lqglKUeKDl1O1khC2zyxUkVwB4.mft Manifest number: 09D1 Signing time: Fri 30 May 2025 20:07:46 +0000 Manifest this update: Fri 30 May 2025 20:07:46 +0000 Manifest next update: Fri 06 Jun 2025 20:07:46 +0000 Files and hashes: 1: 1lqglKUeKDl1O1khC2zyxUkVwB4.crl (hash: p3NpQ7bAzmjuxXSzGsWR1kNAtjuNmNF3QVmmVyqCMPs=) 2: 220853047F2211EA8E730F35C4F9AE02.roa (hash: GncSpKfRZkeGl3QwfrF2wdsfNONCmDmNLMd0bZEde3M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915C1AA/6C9D26307F2011EAB57D5732C4F9AE02/1lqglKUeKDl1O1khC2zyxUkVwB4.crl rsync://rpki.apnic.net/member_repository/A915C1AA/6C9D26307F2011EAB57D5732C4F9AE02/1lqglKUeKDl1O1khC2zyxUkVwB4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1lqglKUeKDl1O1khC2zyxUkVwB4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 20:07:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2520 (0x9d8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915C1AA, serialNumber=D65AA094A51E2839753B59210B6CF2C54915C01E Validity Not Before: May 30 20:07:46 2025 GMT Not After : Jun 6 20:07:46 2025 GMT Subject: CN=683a1012-cff1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:b7:d8:eb:88:a0:de:20:98:0e:fa:09:3f:5f: 96:a0:36:d3:e7:27:2b:de:9c:c9:4a:ab:0c:d5:aa: b4:4f:f5:6d:ea:99:9e:81:ff:f2:99:90:69:2e:20: 9a:b1:ae:aa:24:bc:05:1d:00:7c:97:11:aa:a1:fd: 39:2b:62:97:78:b9:9e:7e:03:1d:ec:13:9d:04:75: b4:41:cc:69:36:cc:d3:9e:34:e2:32:ae:fe:b7:f0: eb:62:07:12:bf:c8:f0:fb:bd:7e:46:45:e4:5a:fb: e7:e6:b0:bc:c6:f0:54:4a:d3:d1:62:6e:8c:03:11: 74:87:42:73:3a:99:80:e6:e4:02:b4:41:dd:6c:3c: 01:0f:6b:e0:6d:53:77:11:4e:61:2f:9c:08:eb:ab: bf:61:1e:bc:65:c9:13:e1:57:c0:57:4d:d9:e0:c3: 54:a9:68:88:b4:21:26:e6:b5:32:84:c7:5f:c8:f1: af:5c:10:91:39:a3:ab:03:6d:60:c9:f2:95:57:1a: 03:cd:f6:b1:13:1c:8e:d0:fd:fd:cf:ab:7f:7f:07: b0:25:14:0c:92:9c:6c:bf:a5:36:c7:5e:f0:4e:dd: 41:21:30:94:01:f6:32:9f:d8:cb:c1:2b:bc:64:76: bc:26:cc:24:89:70:8b:a4:ea:a6:a0:fc:da:d0:ef: 4b:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:37:39:82:5A:94:C8:46:AB:F3:BD:81:E7:C2:50:C7:7C:3B:E7:9B X509v3 Authority Key Identifier: keyid:D6:5A:A0:94:A5:1E:28:39:75:3B:59:21:0B:6C:F2:C5:49:15:C0:1E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915C1AA/6C9D26307F2011EAB57D5732C4F9AE02/1lqglKUeKDl1O1khC2zyxUkVwB4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1lqglKUeKDl1O1khC2zyxUkVwB4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915C1AA/6C9D26307F2011EAB57D5732C4F9AE02/1lqglKUeKDl1O1khC2zyxUkVwB4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 94:7c:f5:ea:ff:a7:fa:ef:97:47:b3:a1:0d:4c:01:c5:02:63: a7:43:59:38:92:76:4e:7f:59:0b:07:1d:cd:90:4f:f4:4f:e8: 2a:3e:d9:41:70:fd:ed:b9:f3:79:c2:b3:81:fe:06:70:09:ca: f8:6e:46:77:35:9c:57:6c:98:e3:a5:a3:d5:19:28:71:74:47: 06:99:4f:df:7f:23:45:f4:54:84:39:07:9a:26:37:ce:5a:9b: 77:0f:f7:93:0a:93:f5:f7:da:1a:06:be:1b:21:4f:6b:2e:c7: 36:50:c7:c2:b9:46:c4:49:f4:c7:a5:3d:ae:b2:63:3b:d4:ae: b8:57:94:6f:66:9b:7f:b0:bf:91:5e:57:ca:04:d3:07:7e:db: 9d:a3:a0:95:56:4d:7e:25:ab:67:17:23:61:55:4d:85:7a:4b: 35:cc:39:a1:6e:a5:d5:ee:a7:a2:f3:f2:9a:05:bb:82:af:81: 80:fa:39:c2:23:bd:43:8e:c0:55:6c:52:56:a3:40:36:d3:65: 1a:d7:09:50:26:cd:65:5a:68:50:31:ba:51:ea:80:03:e7:0a: 89:80:32:13:5c:26:56:1b:c8:50:24:83:1f:48:57:a9:3b:0e: bd:1a:e6:75:ed:ab:76:8e:3a:ff:d2:a9:50:09:93:38:35:39: 66:c8:d4:ba -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCdgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUMxQUExMTAvBgNVBAUTKEQ2NUFBMDk0QTUxRTI4Mzk3NTNCNTkyMTBCNkNGMkM1 NDkxNUMwMUUwHhcNMjUwNTMwMjAwNzQ2WhcNMjUwNjA2MjAwNzQ2WjAYMRYwFAYD VQQDEw02ODNhMTAxMi1jZmYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1rfY64ig3iCYDvoJP1+WoDbT5ycr3pzJSqsM1aq0T/Vt6pmegf/ymZBpLiCa sa6qJLwFHQB8lxGqof05K2KXeLmefgMd7BOdBHW0QcxpNszTnjTiMq7+t/DrYgcS v8jw+71+RkXkWvvn5rC8xvBUStPRYm6MAxF0h0JzOpmA5uQCtEHdbDwBD2vgbVN3 EU5hL5wI66u/YR68ZckT4VfAV03Z4MNUqWiItCEm5rUyhMdfyPGvXBCROaOrA21g yfKVVxoDzfaxExyO0P39z6t/fwewJRQMkpxsv6U2x17wTt1BITCUAfYyn9jLwSu8 ZHa8JswkiXCLpOqmoPza0O9L0QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKQ3OYJa lMhGq/O9gefCUMd8O+ebMB8GA1UdIwQYMBaAFNZaoJSlHig5dTtZIQts8sVJFcAe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QzFBQS82QzlEMjYzMDdG MjAxMUVBQjU3RDU3MzJDNEY5QUUwMi8xbHFnbEtVZUtEbDFPMWtoQzJ6eXhVa1Z3 QjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFscWdsS1VlS0RsMU8xa2hDMnp5eFVrVndCNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 QzFBQS82QzlEMjYzMDdGMjAxMUVBQjU3RDU3MzJDNEY5QUUwMi8xbHFnbEtVZUtE bDFPMWtoQzJ6eXhVa1Z3QjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCUfPXq/6f675dHs6ENTAHFAmOnQ1k4knZOf1kLBx3NkE/0T+gqPtlB cP3tufN5wrOB/gZwCcr4bkZ3NZxXbJjjpaPVGShxdEcGmU/ffyNF9FSEOQeaJjfO Wpt3D/eTCpP199oaBr4bIU9rLsc2UMfCuUbESfTHpT2usmM71K64V5RvZpt/sL+R XlfKBNMHftudo6CVVk1+JatnFyNhVU2Feks1zDmhbqXV7qei8/KaBbuCr4GA+jnC I71DjsBVbFJWo0A202Ua1wlQJs1lWmhQMbpR6oAD5wqJgDITXCZWG8hQJIMfSFep Ow69GuZ17at2jjr/0qlQCZM4NTlmyNS6 -----END CERTIFICATE-----Generated at Sat May 31 17:45:00 2025 by rpki-client