$ rpki-client -vvf rpki.apnic.net/member_repository/A916C4FA/B89BCBF4BA6A11EC82AC0787C4F9AE02/lufMd6OOPhgL91JrodlTIYBONeY.mft File: lufMd6OOPhgL91JrodlTIYBONeY.mft (raw, json) Hash identifier: lHeHFko22fHDlv2mJThtmLfzR3Qj+7ZdzFu8c8CBeWI= Subject key identifier: 58:34:33:DC:80:F6:42:0E:24:F9:42:13:3F:0C:93:BB:E5:E8:0F:D9 Authority key identifier: 96:E7:CC:77:A3:8E:3E:18:0B:F7:52:6B:A1:D9:53:21:80:4E:35:E6 Certificate issuer: /CN=A916C4FA/serialNumber=96E7CC77A38E3E180BF7526BA1D95321804E35E6 Certificate serial: 01B1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lufMd6OOPhgL91JrodlTIYBONeY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916C4FA/B89BCBF4BA6A11EC82AC0787C4F9AE02/lufMd6OOPhgL91JrodlTIYBONeY.mft Manifest number: 04FD Signing time: Sat 31 May 2025 01:12:47 +0000 Manifest this update: Sat 31 May 2025 01:12:47 +0000 Manifest next update: Sat 07 Jun 2025 01:12:47 +0000 Files and hashes: 1: lufMd6OOPhgL91JrodlTIYBONeY.crl (hash: Ju+y77OSqT0QNTjcQ8WtPaSWeJwNxxGeTWWAlyQZ6Wg=) 2: C310EE5AACD311ED84BAA06EC4F9AE02.roa (hash: NPYNnjaBYs2qmRUfu8/y0KOBedXU4EghxnWja8r1cbI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916C4FA/B89BCBF4BA6A11EC82AC0787C4F9AE02/lufMd6OOPhgL91JrodlTIYBONeY.crl rsync://rpki.apnic.net/member_repository/A916C4FA/B89BCBF4BA6A11EC82AC0787C4F9AE02/lufMd6OOPhgL91JrodlTIYBONeY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lufMd6OOPhgL91JrodlTIYBONeY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 01:12:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 433 (0x1b1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916C4FA, serialNumber=96E7CC77A38E3E180BF7526BA1D95321804E35E6 Validity Not Before: May 31 01:12:47 2025 GMT Not After : Jun 7 01:12:47 2025 GMT Subject: CN=683a578f-e595 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:4c:a8:5b:47:79:ee:fd:66:48:b3:10:84:c3: 95:b5:fb:47:51:2a:12:f8:a1:12:00:2b:e4:e4:91: 88:97:44:f4:b6:e4:e6:c2:22:ae:9b:b7:41:0d:20: 14:f4:02:bc:e0:5c:a5:c8:66:db:ef:a8:2f:3b:ee: 91:a6:2f:ac:2a:90:b7:12:7c:dc:62:ee:e1:87:8f: 2a:82:c2:c3:ab:1d:a1:26:a0:d8:9c:ba:ad:3b:89: 75:cd:cc:b1:df:b1:e4:60:5c:ef:7b:4b:8b:c4:f9: 5f:99:93:68:ae:29:f5:66:f8:73:d9:8d:b4:0d:07: 06:b4:dc:42:99:94:7d:e8:8c:f6:5e:54:5f:64:9f: a4:49:02:9d:61:6f:c8:4d:d8:2f:8b:86:71:7e:89: 98:d6:71:34:bf:9d:df:54:65:e4:57:57:c8:6d:22: 4d:20:92:cd:1b:5d:0e:ae:29:1d:84:e2:ab:56:5f: 71:f5:83:77:5a:fe:24:e3:0e:f4:0d:28:54:cc:c4: 88:62:b8:4e:70:40:d6:92:39:69:1d:f8:ce:e5:f6: 99:f3:16:1d:f4:bc:bf:da:1f:e2:c6:e7:05:8d:02: d5:a6:31:2c:d4:f5:95:7a:ad:56:92:67:90:a3:cc: f8:ec:f8:3a:01:4d:6f:91:8c:f7:62:9c:5a:45:80: 94:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:34:33:DC:80:F6:42:0E:24:F9:42:13:3F:0C:93:BB:E5:E8:0F:D9 X509v3 Authority Key Identifier: keyid:96:E7:CC:77:A3:8E:3E:18:0B:F7:52:6B:A1:D9:53:21:80:4E:35:E6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916C4FA/B89BCBF4BA6A11EC82AC0787C4F9AE02/lufMd6OOPhgL91JrodlTIYBONeY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lufMd6OOPhgL91JrodlTIYBONeY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C4FA/B89BCBF4BA6A11EC82AC0787C4F9AE02/lufMd6OOPhgL91JrodlTIYBONeY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c0:7e:bd:56:4f:07:24:1f:59:2a:68:93:f4:d3:96:12:d2:98: 14:c5:1f:7f:69:8d:3c:80:ec:38:cb:95:7f:8a:74:c7:77:a8: c3:d2:34:c1:c1:88:42:dc:a9:4c:94:03:32:2a:64:ae:ea:65: 7f:f8:33:74:08:23:88:f5:9c:06:bc:9c:b3:97:d4:11:e7:c5: d2:23:dc:f7:17:2f:04:1b:31:60:3d:81:f4:61:d1:12:f0:2c: e9:21:2d:22:ef:bf:16:55:0c:1f:8e:3c:8e:35:62:61:98:06: b0:3d:a9:45:d9:35:4d:2f:a0:70:64:c3:04:3b:64:13:20:e2: 95:b6:16:0d:43:16:64:63:0e:52:b5:ea:81:2b:7b:a2:16:b8: e7:68:e5:22:fb:1c:6f:7b:b7:f2:95:79:90:79:65:cc:ed:bf: 3a:cb:5e:6d:14:e7:1a:d9:ba:6e:3d:7c:bb:21:6a:fe:48:99: 24:a6:77:3d:d7:18:0f:b7:de:34:e1:b1:bc:86:f2:c0:18:c0: b8:6d:2a:dc:c7:3b:f7:4b:23:85:84:8a:c6:cc:82:10:ea:7b: 8c:bd:41:c1:7a:a1:80:e4:08:5d:76:6d:7d:bd:6d:b4:12:67: c8:89:ae:93:df:bf:06:ec:47:c1:f9:4c:f0:d5:d2:9e:e0:f9: b5:55:c2:af -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAbEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkM0RkExMTAvBgNVBAUTKDk2RTdDQzc3QTM4RTNFMTgwQkY3NTI2QkExRDk1MzIx ODA0RTM1RTYwHhcNMjUwNTMxMDExMjQ3WhcNMjUwNjA3MDExMjQ3WjAYMRYwFAYD VQQDEw02ODNhNTc4Zi1lNTk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvEyoW0d57v1mSLMQhMOVtftHUSoS+KESACvk5JGIl0T0tuTmwiKum7dBDSAU 9AK84FylyGbb76gvO+6Rpi+sKpC3EnzcYu7hh48qgsLDqx2hJqDYnLqtO4l1zcyx 37HkYFzve0uLxPlfmZNorin1Zvhz2Y20DQcGtNxCmZR96Iz2XlRfZJ+kSQKdYW/I Tdgvi4ZxfomY1nE0v53fVGXkV1fIbSJNIJLNG10OrikdhOKrVl9x9YN3Wv4k4w70 DShUzMSIYrhOcEDWkjlpHfjO5faZ8xYd9Ly/2h/ixucFjQLVpjEs1PWVeq1WkmeQ o8z47Pg6AU1vkYz3YpxaRYCU5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFg0M9yA 9kIOJPlCEz8Mk7vl6A/ZMB8GA1UdIwQYMBaAFJbnzHejjj4YC/dSa6HZUyGATjXm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzRGQS9CODlCQ0JGNEJB NkExMUVDODJBQzA3ODdDNEY5QUUwMi9sdWZNZDZPT1BoZ0w5MUpyb2RsVElZQk9O ZVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2x1Zk1kNk9PUGhnTDkxSnJvZGxUSVlCT05lWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 QzRGQS9CODlCQ0JGNEJBNkExMUVDODJBQzA3ODdDNEY5QUUwMi9sdWZNZDZPT1Bo Z0w5MUpyb2RsVElZQk9OZVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDAfr1WTwckH1kqaJP005YS0pgUxR9/aY08gOw4y5V/inTHd6jD0jTB wYhC3KlMlAMyKmSu6mV/+DN0CCOI9ZwGvJyzl9QR58XSI9z3Fy8EGzFgPYH0YdES 8CzpIS0i778WVQwfjjyONWJhmAawPalF2TVNL6BwZMMEO2QTIOKVthYNQxZkYw5S teqBK3uiFrjnaOUi+xxve7fylXmQeWXM7b86y15tFOca2bpuPXy7IWr+SJkkpnc9 1xgPt9404bG8hvLAGMC4bSrcxzv3SyOFhIrGzIIQ6nuMvUHBeqGA5Ahddm19vW20 EmfIia6T378G7EfB+Uzw1dKe4Pm1VcKv -----END CERTIFICATE-----Generated at Sat May 31 17:22:14 2025 by rpki-client