$ rpki-client -vvf rpki.apnic.net/member_repository/A915EA8F/E3A35BB4242811ED8FD24C86C4F9AE02/LOCE4B2sa01jSTjXbOraWWNVvVM.mft File: LOCE4B2sa01jSTjXbOraWWNVvVM.mft (raw, json) Hash identifier: mMPCmgP6SlcVBwqr2eKxwFUXJRnE1b9mnihae+27Cd8= Subject key identifier: 7D:87:80:C9:7E:1D:9F:23:A7:23:45:0D:1D:F3:F4:86:B4:F8:68:45 Authority key identifier: 2C:E0:84:E0:1D:AC:6B:4D:63:49:38:D7:6C:EA:DA:59:63:55:BD:53 Certificate issuer: /CN=A915EA8F/serialNumber=2CE084E01DAC6B4D634938D76CEADA596355BD53 Certificate serial: 0240 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LOCE4B2sa01jSTjXbOraWWNVvVM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915EA8F/E3A35BB4242811ED8FD24C86C4F9AE02/LOCE4B2sa01jSTjXbOraWWNVvVM.mft Manifest number: 023D Signing time: Sun 01 Jun 2025 02:06:45 +0000 Manifest this update: Sun 01 Jun 2025 02:06:45 +0000 Manifest next update: Sun 08 Jun 2025 02:06:45 +0000 Files and hashes: 1: LOCE4B2sa01jSTjXbOraWWNVvVM.crl (hash: qPZmYD+I1Vz+N1LHjKveZp9yR6bJUuxRwLoSGkjJI30=) 2: 028640A8242B11ED9547B486C4F9AE02.roa (hash: DITeel3omkt/jAmQ2Y46ZSrzxcvWz4LWzu2U9pUQbEA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915EA8F/E3A35BB4242811ED8FD24C86C4F9AE02/LOCE4B2sa01jSTjXbOraWWNVvVM.crl rsync://rpki.apnic.net/member_repository/A915EA8F/E3A35BB4242811ED8FD24C86C4F9AE02/LOCE4B2sa01jSTjXbOraWWNVvVM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LOCE4B2sa01jSTjXbOraWWNVvVM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Jun 2025 02:06:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 576 (0x240) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915EA8F, serialNumber=2CE084E01DAC6B4D634938D76CEADA596355BD53 Validity Not Before: Jun 1 02:06:45 2025 GMT Not After : Jun 8 02:06:45 2025 GMT Subject: CN=683bb5b5-dc99 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:aa:7a:63:7a:4a:0e:fb:04:03:a1:92:7c:9a: d6:64:f5:7f:41:24:82:63:14:43:57:59:dd:aa:c4: b7:99:5c:cd:e0:a2:ce:d0:51:3c:80:e2:4b:c1:91: 13:a6:eb:fc:1f:fa:65:52:1b:13:d8:c4:ed:7e:ae: e1:a0:91:ca:56:1b:0b:b9:fc:8e:b0:42:9a:81:17: 45:ae:f2:1a:63:a5:dd:83:31:6b:15:37:59:e8:5d: b8:b0:07:5a:a2:65:33:3f:97:54:a2:00:16:49:04: f1:c7:b6:b8:5e:a6:6f:29:c7:1f:24:f8:83:ce:36: 37:cf:d1:48:de:59:b4:e5:bd:90:cf:52:d3:34:38: 33:87:8e:b8:4b:d7:c3:6d:e0:5e:fa:f9:8c:b1:09: 63:9d:1c:12:de:f9:c7:20:c6:63:e8:83:ed:6d:18: 2b:4e:3f:a5:99:2d:80:df:48:31:91:6a:ee:01:8c: 4c:4a:af:e0:f9:c0:ad:23:0d:e0:52:e1:63:0f:23: 6a:79:b5:db:8a:25:22:d4:04:ee:41:18:2d:1a:1d: 1c:77:2f:44:06:88:90:a1:c1:70:58:29:94:0b:bf: 4f:74:6c:3a:ec:c6:00:25:67:e5:fb:51:bd:7c:69: 52:4f:9d:15:ea:90:b6:f6:a6:c7:1f:b4:64:2a:15: 4c:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:87:80:C9:7E:1D:9F:23:A7:23:45:0D:1D:F3:F4:86:B4:F8:68:45 X509v3 Authority Key Identifier: keyid:2C:E0:84:E0:1D:AC:6B:4D:63:49:38:D7:6C:EA:DA:59:63:55:BD:53 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915EA8F/E3A35BB4242811ED8FD24C86C4F9AE02/LOCE4B2sa01jSTjXbOraWWNVvVM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LOCE4B2sa01jSTjXbOraWWNVvVM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915EA8F/E3A35BB4242811ED8FD24C86C4F9AE02/LOCE4B2sa01jSTjXbOraWWNVvVM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9b:47:12:84:52:88:f6:6c:50:6a:04:63:0d:d0:66:d9:bc:85: 9c:00:d0:de:1d:07:64:cc:73:55:f2:aa:e9:b4:49:62:55:82: 73:af:df:76:8a:24:44:be:e7:00:23:3e:60:93:f8:c0:bf:66: d6:10:a1:4b:cc:15:f4:95:41:25:19:64:94:41:c9:ae:8e:c7: 3f:ad:98:8f:68:76:63:ba:b1:8a:08:b1:65:a5:d6:1c:ed:5c: 06:e4:54:00:93:1e:08:4c:bf:03:81:1c:0b:2f:03:35:ee:29: 33:cf:1b:c5:6a:fd:e8:83:b5:ba:cd:d7:39:a8:5a:5e:26:26: d4:08:78:84:e3:55:fc:3b:97:71:a6:d7:b9:b6:31:c6:79:6b: 97:57:e1:ea:2f:f6:95:03:d2:7a:59:0f:88:c8:9b:b3:48:d4: a4:1c:ff:f2:c9:f4:39:65:b0:2d:80:ab:6a:79:e9:c8:2b:06: ca:35:f0:58:bf:04:58:58:88:e7:64:22:c8:93:da:d2:b1:51: 32:88:8f:6a:15:c5:d2:95:a3:12:8b:06:3e:39:01:59:49:60: e3:21:6b:7c:a7:ef:f3:80:89:d3:4f:6e:0f:ca:e9:e4:16:ff: 91:98:54:3b:87:51:ae:f4:24:93:be:e9:fa:45:86:24:da:f5: 3f:57:ed:ab -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAkAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUVBOEYxMTAvBgNVBAUTKDJDRTA4NEUwMURBQzZCNEQ2MzQ5MzhENzZDRUFEQTU5 NjM1NUJENTMwHhcNMjUwNjAxMDIwNjQ1WhcNMjUwNjA4MDIwNjQ1WjAYMRYwFAYD VQQDEw02ODNiYjViNS1kYzk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApKp6Y3pKDvsEA6GSfJrWZPV/QSSCYxRDV1ndqsS3mVzN4KLO0FE8gOJLwZET puv8H/plUhsT2MTtfq7hoJHKVhsLufyOsEKagRdFrvIaY6XdgzFrFTdZ6F24sAda omUzP5dUogAWSQTxx7a4XqZvKccfJPiDzjY3z9FI3lm05b2Qz1LTNDgzh464S9fD beBe+vmMsQljnRwS3vnHIMZj6IPtbRgrTj+lmS2A30gxkWruAYxMSq/g+cCtIw3g UuFjDyNqebXbiiUi1ATuQRgtGh0cdy9EBoiQocFwWCmUC79PdGw67MYAJWfl+1G9 fGlST50V6pC29qbHH7RkKhVM0wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH2HgMl+ HZ8jpyNFDR3z9Ia0+GhFMB8GA1UdIwQYMBaAFCzghOAdrGtNY0k412zq2lljVb1T MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RUE4Ri9FM0EzNUJCNDI0 MjgxMUVEOEZEMjRDODZDNEY5QUUwMi9MT0NFNEIyc2EwMWpTVGpYYk9yYVdXTlZ2 Vk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xPQ0U0QjJzYTAxalNUalhiT3JhV1dOVnZWTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 RUE4Ri9FM0EzNUJCNDI0MjgxMUVEOEZEMjRDODZDNEY5QUUwMi9MT0NFNEIyc2Ew MWpTVGpYYk9yYVdXTlZ2Vk0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCbRxKEUoj2bFBqBGMN0GbZvIWcANDeHQdkzHNV8qrptEliVYJzr992 iiREvucAIz5gk/jAv2bWEKFLzBX0lUElGWSUQcmujsc/rZiPaHZjurGKCLFlpdYc 7VwG5FQAkx4ITL8DgRwLLwM17ikzzxvFav3og7W6zdc5qFpeJibUCHiE41X8O5dx pte5tjHGeWuXV+HqL/aVA9J6WQ+IyJuzSNSkHP/yyfQ5ZbAtgKtqeenIKwbKNfBY vwRYWIjnZCLIk9rSsVEyiI9qFcXSlaMSiwY+OQFZSWDjIWt8p+/zgInTT24Pyunk Fv+RmFQ7h1Gu9CSTvun6RYYk2vU/V+2r -----END CERTIFICATE-----Generated at Mon Jun 2 04:58:44 2025 by rpki-client