$ rpki-client -vvf rpki.apnic.net/member_repository/A9185B6D/181B8220E78E11EE9831EB7EC4F9AE02/Lfmh43Whe46lYCe0WovWb5Z0fYY.mft File: Lfmh43Whe46lYCe0WovWb5Z0fYY.mft (raw, json) Hash identifier: /ZtH7Jfl9gsI3nGqkwWDYlAfS5GIaYJde5W9hMjPAtM= Subject key identifier: 6C:C0:33:0D:7A:84:DE:A3:EE:14:91:97:45:9D:56:F1:3D:6F:21:8B Authority key identifier: 2D:F9:A1:E3:75:A1:7B:8E:A5:60:27:B4:5A:8B:D6:6F:96:74:7D:86 Certificate issuer: /CN=A9185B6D/serialNumber=2DF9A1E375A17B8EA56027B45A8BD66F96747D86 Certificate serial: 011A Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Lfmh43Whe46lYCe0WovWb5Z0fYY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9185B6D/181B8220E78E11EE9831EB7EC4F9AE02/Lfmh43Whe46lYCe0WovWb5Z0fYY.mft Manifest number: 0107 Signing time: Tue 01 Jul 2025 05:50:10 +0000 Manifest this update: Tue 01 Jul 2025 05:50:09 +0000 Manifest next update: Tue 08 Jul 2025 05:50:09 +0000 Files and hashes: 1: Lfmh43Whe46lYCe0WovWb5Z0fYY.crl (hash: ZFOVIlTJZdD/lvvXkyb6xC67Wg5R6bNcAQpnJW7oIpw=) 2: BA6555344DEE11F0B209371DC4F9AE02.roa (hash: CQr2hobxwoFHY9a4Ev/A2yb3z142YhpnnpTJ8f2F528=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9185B6D/181B8220E78E11EE9831EB7EC4F9AE02/Lfmh43Whe46lYCe0WovWb5Z0fYY.crl rsync://rpki.apnic.net/member_repository/A9185B6D/181B8220E78E11EE9831EB7EC4F9AE02/Lfmh43Whe46lYCe0WovWb5Z0fYY.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Lfmh43Whe46lYCe0WovWb5Z0fYY.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 05:50:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 282 (0x11a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9185B6D, serialNumber=2DF9A1E375A17B8EA56027B45A8BD66F96747D86 Validity Not Before: Jul 1 05:50:09 2025 GMT Not After : Jul 8 05:50:09 2025 GMT Subject: CN=68637711-f0be Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:d0:35:c2:e5:56:cd:53:f0:d0:54:2a:b8:3b: 5f:26:fd:ea:44:58:ac:a4:7a:7e:db:bd:d9:87:04: 7c:65:70:5a:84:14:be:59:b6:2b:6a:ef:ee:90:86: 27:29:34:6c:a4:4f:cd:7a:ad:73:80:26:68:2b:6c: fb:46:72:9f:11:1a:27:0c:67:c2:07:9f:ca:2e:8c: 18:91:63:e1:b2:77:90:6a:94:e0:a1:54:15:cc:ba: 53:36:78:bf:a6:e2:97:65:22:66:10:74:be:70:e5: 22:9d:f4:d9:0a:64:57:05:41:f2:ef:ba:41:a6:c6: 9b:23:00:72:16:09:a2:46:38:85:5d:cb:d7:86:5d: 5c:d7:f8:22:d2:f2:b7:40:96:6a:2a:d8:04:9d:db: fa:c7:c2:8b:53:d0:8d:05:dc:c6:4a:b5:aa:a0:8b: 64:a8:b8:be:c2:64:52:de:8c:f4:01:51:4c:c5:8a: 8d:e7:f4:24:18:b4:be:81:70:eb:2c:90:10:99:58: 6d:3b:ca:51:95:03:60:83:0f:d8:8d:eb:b8:61:ba: 25:5d:91:67:65:16:c4:d6:ff:c1:d4:4b:ee:a4:81: 0f:3c:d7:4e:91:58:7b:23:4a:f5:98:13:d1:19:cc: 7e:0d:dd:78:82:28:39:f4:89:0d:ca:da:c5:77:c6: 78:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:C0:33:0D:7A:84:DE:A3:EE:14:91:97:45:9D:56:F1:3D:6F:21:8B X509v3 Authority Key Identifier: keyid:2D:F9:A1:E3:75:A1:7B:8E:A5:60:27:B4:5A:8B:D6:6F:96:74:7D:86 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9185B6D/181B8220E78E11EE9831EB7EC4F9AE02/Lfmh43Whe46lYCe0WovWb5Z0fYY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Lfmh43Whe46lYCe0WovWb5Z0fYY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9185B6D/181B8220E78E11EE9831EB7EC4F9AE02/Lfmh43Whe46lYCe0WovWb5Z0fYY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 27:e6:b9:a1:29:e6:34:04:18:42:d0:30:96:94:51:b9:e1:4b: ef:0f:09:b0:cb:5a:a4:ea:57:61:19:e8:ab:c9:4e:5f:2f:67: bc:f0:68:45:96:ca:d6:4a:26:d3:0f:96:d6:7a:e9:a2:36:df: 4d:60:61:e5:9d:25:f3:6e:af:fd:09:33:ac:5d:83:c7:3d:88: 59:9c:09:2f:8c:25:f6:ab:62:45:cc:30:c8:02:f5:20:19:d1: 07:9d:7d:f1:49:33:04:f4:2d:3f:73:33:03:81:3c:f7:f3:d6: 0b:55:4f:66:64:ce:61:d0:db:d6:f0:a5:96:8d:86:e7:af:07: 35:d4:02:51:c5:80:64:9e:ca:fe:94:bf:60:04:6c:d5:03:bd: 64:38:50:fa:05:30:0e:e2:06:a4:d5:08:35:8d:e7:c2:3a:93: 36:3d:e0:39:fa:d4:fd:2f:a9:e5:b1:00:73:af:06:75:e1:d4: ee:ab:f0:21:90:15:71:64:8b:18:fd:7d:c2:fd:9f:f9:c5:a8: 12:b1:85:68:db:27:c2:7e:ef:18:cc:86:b7:c9:c6:0c:ed:1e: c8:a2:d0:0e:cf:5c:73:a6:e6:c4:2a:51:3b:e1:67:09:54:57: d6:14:03:43:f2:1a:a5:7f:81:06:8d:e2:da:62:71:0b:55:83: 8b:39:5c:35 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICARowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODVCNkQxMTAvBgNVBAUTKDJERjlBMUUzNzVBMTdCOEVBNTYwMjdCNDVBOEJENjZG OTY3NDdEODYwHhcNMjUwNzAxMDU1MDA5WhcNMjUwNzA4MDU1MDA5WjAYMRYwFAYD VQQDEw02ODYzNzcxMS1mMGJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8NA1wuVWzVPw0FQquDtfJv3qRFispHp+273ZhwR8ZXBahBS+WbYrau/ukIYn KTRspE/Neq1zgCZoK2z7RnKfERonDGfCB5/KLowYkWPhsneQapTgoVQVzLpTNni/ puKXZSJmEHS+cOUinfTZCmRXBUHy77pBpsabIwByFgmiRjiFXcvXhl1c1/gi0vK3 QJZqKtgEndv6x8KLU9CNBdzGSrWqoItkqLi+wmRS3oz0AVFMxYqN5/QkGLS+gXDr LJAQmVhtO8pRlQNggw/Yjeu4YbolXZFnZRbE1v/B1EvupIEPPNdOkVh7I0r1mBPR Gcx+Dd14gig59IkNytrFd8Z4IQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGzAMw16 hN6j7hSRl0WdVvE9byGLMB8GA1UdIwQYMBaAFC35oeN1oXuOpWAntFqL1m+WdH2G MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NUI2RC8xODFCODIyMEU3 OEUxMUVFOTgzMUVCN0VDNEY5QUUwMi9MZm1oNDNXaGU0NmxZQ2UwV292V2I1WjBm WVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0xmbWg0M1doZTQ2bFlDZTBXb3ZXYjVaMGZZWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 NUI2RC8xODFCODIyMEU3OEUxMUVFOTgzMUVCN0VDNEY5QUUwMi9MZm1oNDNXaGU0 NmxZQ2UwV292V2I1WjBmWVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAn5rmhKeY0BBhC0DCWlFG54UvvDwmwy1qk6ldhGeiryU5fL2e88GhF lsrWSibTD5bWeumiNt9NYGHlnSXzbq/9CTOsXYPHPYhZnAkvjCX2q2JFzDDIAvUg GdEHnX3xSTME9C0/czMDgTz389YLVU9mZM5h0NvW8KWWjYbnrwc11AJRxYBknsr+ lL9gBGzVA71kOFD6BTAO4gak1Qg1jefCOpM2PeA5+tT9L6nlsQBzrwZ14dTuq/Ah kBVxZIsY/X3C/Z/5xagSsYVo2yfCfu8YzIa3ycYM7R7IotAOz1xzpubEKlE74WcJ VFfWFAND8hqlf4EGjeLaYnELVYOLOVw1 -----END CERTIFICATE-----Generated at Tue Jul 1 16:46:40 2025 by rpki-client