$ rpki-client -vvf rpki.apnic.net/member_repository/A91818BD/414D5BDAFE8011EC9F317A3FC4F9AE02/lrgMN8ZhPRSpLNvsZighZD6K8Rs.mft File: lrgMN8ZhPRSpLNvsZighZD6K8Rs.mft (raw, json) Hash identifier: GXnBN5MX9NQDsVoJT5HeuLyAGbAN1nod4xslcyG+GS0= Subject key identifier: 3D:F6:16:DE:A7:49:51:26:FC:35:3B:68:85:43:B9:F7:39:F5:40:64 Authority key identifier: 96:B8:0C:37:C6:61:3D:14:A9:2C:DB:EC:66:28:21:64:3E:8A:F1:1B Certificate issuer: /CN=A91818BD/serialNumber=96B80C37C6613D14A92CDBEC662821643E8AF11B Certificate serial: 02AA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lrgMN8ZhPRSpLNvsZighZD6K8Rs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91818BD/414D5BDAFE8011EC9F317A3FC4F9AE02/lrgMN8ZhPRSpLNvsZighZD6K8Rs.mft Manifest number: 02A3 Signing time: Sat 31 May 2025 01:42:31 +0000 Manifest this update: Sat 31 May 2025 01:42:31 +0000 Manifest next update: Sat 07 Jun 2025 01:42:31 +0000 Files and hashes: 1: lrgMN8ZhPRSpLNvsZighZD6K8Rs.crl (hash: 0C86JdgEOSW+wiYqrLot9aTdCEKeAQ2/argHaQdWcac=) 2: B83B7E0C065511EDB3E94E54C4F9AE02.roa (hash: tal6R2lkJBoeIIUyi6mdxCD2dqzkhyqrKbW//gzTT04=) 3: 481545DEFE8211ECBAB0E13FC4F9AE02.roa (hash: Qlo4+mbKJCym2bywU9/+B9nSR/lgPkj3tiR7WBd3VEs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91818BD/414D5BDAFE8011EC9F317A3FC4F9AE02/lrgMN8ZhPRSpLNvsZighZD6K8Rs.crl rsync://rpki.apnic.net/member_repository/A91818BD/414D5BDAFE8011EC9F317A3FC4F9AE02/lrgMN8ZhPRSpLNvsZighZD6K8Rs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lrgMN8ZhPRSpLNvsZighZD6K8Rs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 01:42:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 682 (0x2aa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91818BD, serialNumber=96B80C37C6613D14A92CDBEC662821643E8AF11B Validity Not Before: May 31 01:42:31 2025 GMT Not After : Jun 7 01:42:31 2025 GMT Subject: CN=683a5e87-1056 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:d8:23:46:da:20:48:a5:fe:4f:a6:9d:2b:93: d8:62:15:16:cc:fe:57:1f:66:d7:39:71:62:91:41: b2:31:be:80:0b:ce:25:80:19:30:c7:a2:4b:15:06: 12:76:1b:c3:36:86:25:49:20:0d:05:3d:94:e1:50: fc:60:4c:51:47:e2:9e:4a:fd:b0:36:76:97:c5:21: 26:68:9d:5a:75:5f:1e:b7:61:37:c2:5a:c1:19:37: 6b:7f:d7:0f:20:d1:97:e7:06:b0:86:53:18:d3:ad: f6:5a:cf:cd:8a:ce:c2:cf:16:8f:eb:1f:bc:03:14: 6d:6c:8f:6e:56:7f:e6:5f:3f:62:ec:08:2d:75:99: 6a:78:81:ec:e9:cb:a0:f6:a4:de:37:2b:23:ed:40: 46:26:d9:f8:2d:ca:3e:9e:b3:df:c2:50:1c:71:0c: b0:6a:79:0e:c3:d8:a5:1c:28:da:c9:3b:7b:05:cd: 7f:7b:16:da:c7:62:dc:f7:f9:57:5d:6b:f5:ba:32: b4:57:26:09:c9:00:f9:a2:55:aa:dd:ae:3c:98:b5: ef:39:65:19:e0:77:60:45:eb:53:22:82:ad:7e:df: c7:58:a3:d5:5e:4c:36:fd:c1:79:b6:fc:0f:46:19: b9:39:f7:ae:d9:9f:4f:7c:83:d3:7b:6c:d8:db:db: 5d:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:F6:16:DE:A7:49:51:26:FC:35:3B:68:85:43:B9:F7:39:F5:40:64 X509v3 Authority Key Identifier: keyid:96:B8:0C:37:C6:61:3D:14:A9:2C:DB:EC:66:28:21:64:3E:8A:F1:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91818BD/414D5BDAFE8011EC9F317A3FC4F9AE02/lrgMN8ZhPRSpLNvsZighZD6K8Rs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lrgMN8ZhPRSpLNvsZighZD6K8Rs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91818BD/414D5BDAFE8011EC9F317A3FC4F9AE02/lrgMN8ZhPRSpLNvsZighZD6K8Rs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 34:5b:d4:cb:20:34:a5:33:9a:9d:bd:30:a3:29:3c:69:5a:8a: 5a:50:5b:82:3d:81:15:26:c8:af:77:4a:31:19:0a:65:61:8c: 7c:d9:6a:ce:fc:b4:0d:6d:57:19:74:d8:12:bb:5e:5f:c7:24: ac:8a:bc:87:f3:17:57:a2:9d:f9:46:ec:6c:15:63:71:1a:a9: c8:21:63:b7:70:8f:76:b3:78:5f:a6:70:7d:87:3a:9b:f2:5c: a1:9e:52:90:04:37:3b:da:ae:3a:c8:4a:cc:99:ec:8c:3f:c3: 7e:7d:7b:06:33:c5:1c:81:67:d4:01:f6:40:ec:53:6e:97:8f: 12:68:a0:b8:90:de:b6:96:39:7e:fc:4a:ad:e7:5d:ec:9d:3e: 28:0d:3f:1a:ea:59:3f:2e:c2:d8:a7:d9:d8:c6:c6:01:01:b1: 34:dd:7c:fb:15:d1:82:9d:39:54:c4:38:f2:48:a8:01:d6:a8: 91:d1:85:7b:59:b5:47:a3:be:04:ad:d0:ff:a4:05:1b:e9:52: 8a:44:3d:b9:05:1a:80:80:e1:17:d5:16:2c:1b:83:4e:76:42: 7c:df:90:f9:e1:81:d0:92:1c:96:da:cc:33:2a:1a:78:4c:9a: 71:05:4f:4f:b5:92:17:c3:e2:13:97:a9:8d:0a:c4:9a:62:1f: 7b:73:c2:01 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAqowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODE4QkQxMTAvBgNVBAUTKDk2QjgwQzM3QzY2MTNEMTRBOTJDREJFQzY2MjgyMTY0 M0U4QUYxMUIwHhcNMjUwNTMxMDE0MjMxWhcNMjUwNjA3MDE0MjMxWjAYMRYwFAYD VQQDEw02ODNhNWU4Ny0xMDU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsNgjRtogSKX+T6adK5PYYhUWzP5XH2bXOXFikUGyMb6AC84lgBkwx6JLFQYS dhvDNoYlSSANBT2U4VD8YExRR+KeSv2wNnaXxSEmaJ1adV8et2E3wlrBGTdrf9cP INGX5wawhlMY0632Ws/Nis7CzxaP6x+8AxRtbI9uVn/mXz9i7AgtdZlqeIHs6cug 9qTeNysj7UBGJtn4Lco+nrPfwlAccQywankOw9ilHCjayTt7Bc1/exbax2Lc9/lX XWv1ujK0VyYJyQD5olWq3a48mLXvOWUZ4HdgRetTIoKtft/HWKPVXkw2/cF5tvwP Rhm5Ofeu2Z9PfIPTe2zY29tdqQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD32Ft6n SVEm/DU7aIVDufc59UBkMB8GA1UdIwQYMBaAFJa4DDfGYT0UqSzb7GYoIWQ+ivEb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MThCRC80MTRENUJEQUZF ODAxMUVDOUYzMTdBM0ZDNEY5QUUwMi9scmdNTjhaaFBSU3BMTnZzWmlnaFpENks4 UnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xyZ01OOFpoUFJTcExOdnNaaWdoWkQ2SzhScy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 MThCRC80MTRENUJEQUZFODAxMUVDOUYzMTdBM0ZDNEY5QUUwMi9scmdNTjhaaFBS U3BMTnZzWmlnaFpENks4UnMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA0W9TLIDSlM5qdvTCjKTxpWopaUFuCPYEVJsivd0oxGQplYYx82WrO /LQNbVcZdNgSu15fxySsiryH8xdXop35RuxsFWNxGqnIIWO3cI92s3hfpnB9hzqb 8lyhnlKQBDc72q46yErMmeyMP8N+fXsGM8UcgWfUAfZA7FNul48SaKC4kN62ljl+ /Eqt513snT4oDT8a6lk/LsLYp9nYxsYBAbE03Xz7FdGCnTlUxDjySKgB1qiR0YV7 WbVHo74ErdD/pAUb6VKKRD25BRqAgOEX1RYsG4NOdkJ835D54YHQkhyW2swzKhp4 TJpxBU9PtZIXw+ITl6mNCsSaYh97c8IB -----END CERTIFICATE-----Generated at Sat May 31 16:52:17 2025 by rpki-client