$ rpki-client -vvf rpki.apnic.net/member_repository/A917DD85/846F4A684BC311EE8C657319C4F9AE02/lEN-3cyNBpieCVAFQ8kb3w0_SOU.mft File: lEN-3cyNBpieCVAFQ8kb3w0_SOU.mft (raw, json) Hash identifier: LTx1KjSqROh0lTYLkh0/3NjE6wTTUGxWQm1pCdkHayg= Subject key identifier: 4A:FD:87:D0:3D:96:1B:50:B4:71:6A:AB:D2:04:F0:00:5A:66:63:1E Authority key identifier: 94:43:7E:DD:CC:8D:06:98:9E:09:50:05:43:C9:1B:DF:0D:3F:48:E5 Certificate issuer: /CN=A917DD85/serialNumber=94437EDDCC8D06989E09500543C91BDF0D3F48E5 Certificate serial: 014E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lEN-3cyNBpieCVAFQ8kb3w0_SOU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917DD85/846F4A684BC311EE8C657319C4F9AE02/lEN-3cyNBpieCVAFQ8kb3w0_SOU.mft Manifest number: 0148 Signing time: Sat 31 May 2025 03:55:55 +0000 Manifest this update: Sat 31 May 2025 03:55:54 +0000 Manifest next update: Sat 07 Jun 2025 03:55:54 +0000 Files and hashes: 1: lEN-3cyNBpieCVAFQ8kb3w0_SOU.crl (hash: 6jd1njqhhurKNmbmG0uUpIMgMccQXMP6sz9J6wETVjE=) 2: A155911C4BCA11EEBC8C8B82C4F9AE02.roa (hash: hWNFLgRLV5rq9DJdXOOCkETTtq81cKwNe+EsCM4by08=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917DD85/846F4A684BC311EE8C657319C4F9AE02/lEN-3cyNBpieCVAFQ8kb3w0_SOU.crl rsync://rpki.apnic.net/member_repository/A917DD85/846F4A684BC311EE8C657319C4F9AE02/lEN-3cyNBpieCVAFQ8kb3w0_SOU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lEN-3cyNBpieCVAFQ8kb3w0_SOU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 03:55:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 334 (0x14e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917DD85, serialNumber=94437EDDCC8D06989E09500543C91BDF0D3F48E5 Validity Not Before: May 31 03:55:54 2025 GMT Not After : Jun 7 03:55:54 2025 GMT Subject: CN=683a7dcb-b07b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:46:a8:aa:f0:a5:be:a0:2b:2b:f8:7e:71:14: 17:23:3f:c6:25:bd:6c:95:20:17:89:8d:7a:a4:98: 4b:cc:c3:a2:ba:fe:b1:58:8f:01:ea:65:97:b5:85: 62:ae:96:db:e5:49:1d:b2:d8:a0:49:c2:3a:a9:99: c4:5d:f4:ea:6a:69:56:06:03:7a:2f:2b:8d:2a:ca: 30:74:f9:2e:68:68:24:56:9c:e0:ae:cd:52:9d:ec: 4b:b0:76:b8:9e:a7:ef:ef:c8:40:ce:6b:4b:83:66: 1d:0f:aa:b1:99:e7:44:3f:cd:b3:52:a6:27:51:04: 5b:f1:ac:96:82:34:af:ba:94:2d:cb:a2:00:4c:eb: 9c:71:54:e6:ff:94:c0:74:ac:b4:b2:f5:76:66:56: 8d:34:7b:33:33:bd:a2:00:da:71:bf:6f:cc:d5:27: 62:cc:dc:4c:ea:b9:68:93:6d:37:11:b9:a8:51:37: d0:83:d6:a5:7e:26:98:ab:69:a4:76:6c:c1:16:23: 27:6a:9f:e1:77:0a:0f:76:5f:d2:77:9c:5f:a6:fe: 21:2a:4e:99:be:70:c7:19:dd:45:00:50:fb:1a:e7: 08:5a:41:e2:c7:4d:1b:fe:48:88:88:b5:b2:ae:08: 25:97:70:8e:b5:dd:51:1a:46:54:dc:66:d5:89:96: af:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:FD:87:D0:3D:96:1B:50:B4:71:6A:AB:D2:04:F0:00:5A:66:63:1E X509v3 Authority Key Identifier: keyid:94:43:7E:DD:CC:8D:06:98:9E:09:50:05:43:C9:1B:DF:0D:3F:48:E5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917DD85/846F4A684BC311EE8C657319C4F9AE02/lEN-3cyNBpieCVAFQ8kb3w0_SOU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lEN-3cyNBpieCVAFQ8kb3w0_SOU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DD85/846F4A684BC311EE8C657319C4F9AE02/lEN-3cyNBpieCVAFQ8kb3w0_SOU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 71:7a:c9:f2:6a:be:20:ba:72:82:13:15:41:b3:a0:7e:7d:fd: 9f:91:5f:40:02:fb:8c:8a:a2:c6:50:c4:5a:17:cd:68:36:36: 23:0a:89:f1:1b:85:f2:e6:c4:7e:ba:fb:18:63:4c:02:61:c7: b5:48:ec:3e:3b:51:af:14:3b:2e:40:d0:06:8b:51:89:68:4c: 62:14:cc:0d:b2:82:98:98:6a:ab:c8:79:63:ba:26:d3:e9:53: a3:92:ee:6d:94:9c:73:48:c1:3c:11:f0:34:eb:19:6f:2d:61: 6f:63:9b:07:82:99:ae:39:52:8e:6f:ce:4d:df:81:f7:53:9a: 69:be:12:c3:b4:94:0a:ae:91:c6:7d:bc:ae:67:0a:b1:d8:83: dc:53:8d:5d:cc:bd:04:0b:c3:27:32:a5:96:79:17:d6:67:f9: 11:5e:4d:d0:0e:65:47:d2:e6:3f:84:d5:58:dd:38:93:08:63: c4:b7:c7:35:1b:05:47:61:fb:07:04:da:1c:27:b4:84:e4:f8: 7b:5c:89:a8:50:10:9a:10:b8:01:25:a6:2f:a7:2c:dd:57:8d: 01:07:db:2a:ef:ce:e2:21:d4:0b:2b:17:bf:e4:dc:75:81:59: 6b:92:46:60:12:6b:10:cf:ef:95:f6:7f:7e:3c:72:b4:a9:8c: 38:db:37:4a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAU4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0REODUxMTAvBgNVBAUTKDk0NDM3RUREQ0M4RDA2OTg5RTA5NTAwNTQzQzkxQkRG MEQzRjQ4RTUwHhcNMjUwNTMxMDM1NTU0WhcNMjUwNjA3MDM1NTU0WjAYMRYwFAYD VQQDEw02ODNhN2RjYi1iMDdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA40aoqvClvqArK/h+cRQXIz/GJb1slSAXiY16pJhLzMOiuv6xWI8B6mWXtYVi rpbb5UkdstigScI6qZnEXfTqamlWBgN6LyuNKsowdPkuaGgkVpzgrs1SnexLsHa4 nqfv78hAzmtLg2YdD6qxmedEP82zUqYnUQRb8ayWgjSvupQty6IATOuccVTm/5TA dKy0svV2ZlaNNHszM72iANpxv2/M1SdizNxM6rlok203EbmoUTfQg9alfiaYq2mk dmzBFiMnap/hdwoPdl/Sd5xfpv4hKk6ZvnDHGd1FAFD7GucIWkHix00b/kiIiLWy rggll3COtd1RGkZU3GbViZavTQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEr9h9A9 lhtQtHFqq9IE8ABaZmMeMB8GA1UdIwQYMBaAFJRDft3MjQaYnglQBUPJG98NP0jl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REQ4NS84NDZGNEE2ODRC QzMxMUVFOEM2NTczMTlDNEY5QUUwMi9sRU4tM2N5TkJwaWVDVkFGUThrYjN3MF9T T1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xFTi0zY3lOQnBpZUNWQUZROGtiM3cwX1NPVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 REQ4NS84NDZGNEE2ODRCQzMxMUVFOEM2NTczMTlDNEY5QUUwMi9sRU4tM2N5TkJw aWVDVkFGUThrYjN3MF9TT1UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBxesnyar4gunKCExVBs6B+ff2fkV9AAvuMiqLGUMRaF81oNjYjConx G4Xy5sR+uvsYY0wCYce1SOw+O1GvFDsuQNAGi1GJaExiFMwNsoKYmGqryHljuibT 6VOjku5tlJxzSME8EfA06xlvLWFvY5sHgpmuOVKOb85N34H3U5ppvhLDtJQKrpHG fbyuZwqx2IPcU41dzL0EC8MnMqWWeRfWZ/kRXk3QDmVH0uY/hNVY3TiTCGPEt8c1 GwVHYfsHBNocJ7SE5Ph7XImoUBCaELgBJaYvpyzdV40BB9sq787iIdQLKxe/5Nx1 gVlrkkZgEmsQz++V9n9+PHK0qYw42zdK -----END CERTIFICATE-----Generated at Sat May 31 17:09:00 2025 by rpki-client