$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7F6A/7A5298760AF011F08531D43CC4F9AE02/ldQuwvRot-OPlYyPupMYARfcJuA.mft File: ldQuwvRot-OPlYyPupMYARfcJuA.mft (raw, json) Hash identifier: XIvly47u0OvG0F0Ps6WivhgLmbfzu8LxjdB88ktd+R0= Subject key identifier: 3F:40:37:AA:8F:50:71:37:6C:26:02:03:C5:F4:B9:D5:D9:4A:71:2E Authority key identifier: 95:D4:2E:C2:F4:68:B7:E3:8F:95:8C:8F:BA:93:18:01:17:DC:26:E0 Certificate issuer: /CN=A91A7F6A/serialNumber=95D42EC2F468B7E38F958C8FBA93180117DC26E0 Certificate serial: 34 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ldQuwvRot-OPlYyPupMYARfcJuA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A7F6A/7A5298760AF011F08531D43CC4F9AE02/ldQuwvRot-OPlYyPupMYARfcJuA.mft Manifest number: 2C Signing time: Sat 31 May 2025 07:25:45 +0000 Manifest this update: Sat 31 May 2025 07:25:44 +0000 Manifest next update: Sat 07 Jun 2025 07:25:44 +0000 Files and hashes: 1: ldQuwvRot-OPlYyPupMYARfcJuA.crl (hash: fIvtsy6SOMFL5Q9SYVVdfkxVFA7XPnyiMZnA+nSosDk=) 2: F8C2A4E4359311F08C686E1BC4F9AE02.roa (hash: vSYTG4FiK7ZLm+rL5F5xQfklb4JbIfkyGEDj5czTJUY=) 3: B3849A9A359311F09B54926FC4F9AE02.roa (hash: Y+aC1xM6nmmoKwU/+TkwylgFTc7TBvkghCXTXAy84ng=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A7F6A/7A5298760AF011F08531D43CC4F9AE02/ldQuwvRot-OPlYyPupMYARfcJuA.crl rsync://rpki.apnic.net/member_repository/A91A7F6A/7A5298760AF011F08531D43CC4F9AE02/ldQuwvRot-OPlYyPupMYARfcJuA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ldQuwvRot-OPlYyPupMYARfcJuA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 07:25:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52 (0x34) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A7F6A, serialNumber=95D42EC2F468B7E38F958C8FBA93180117DC26E0 Validity Not Before: May 31 07:25:44 2025 GMT Not After : Jun 7 07:25:44 2025 GMT Subject: CN=683aaef8-ae27 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:86:59:99:b8:85:60:0b:79:b4:f5:b0:d6:80: 61:da:e7:f3:30:dd:9d:5c:cb:ec:3a:c6:fd:fd:cc: 35:e8:2e:1a:b0:ca:e3:ce:f2:62:d6:68:68:6f:ee: e0:94:11:82:d2:6d:41:d4:6f:0a:f8:d2:93:23:48: 94:07:b3:25:88:86:1c:e6:0b:b1:c9:11:ef:11:6f: 2f:ad:fd:22:c6:29:eb:07:4f:9f:9c:8f:73:dd:88: 96:3c:b4:68:c7:74:9d:cc:f2:ca:26:15:b2:ca:7a: 1d:ea:33:b1:d6:fc:11:55:07:00:31:8f:fb:7b:eb: 24:2e:4b:f0:01:71:9e:bc:86:02:00:f3:cd:c1:6b: b9:9f:40:a7:6b:f1:11:28:8f:36:ec:ee:64:f7:ac: a3:df:35:f8:84:9a:1e:03:ff:6b:8e:4a:6f:bf:a9: 2c:90:cc:4f:a1:6d:3c:26:58:72:8d:87:6d:c9:a1: af:c9:93:aa:3e:d9:7f:c6:a6:38:2f:b9:cd:33:00: 60:97:5e:2d:c8:eb:c7:f0:59:44:0a:24:d6:ba:e4: 76:72:ba:74:2f:f4:c0:50:f1:71:ab:e1:fc:30:bb: 4d:1b:51:46:87:25:de:c4:1f:8c:60:70:65:df:4b: 1c:a0:d9:68:46:23:0d:d2:5a:37:f5:fa:8f:1c:0b: 74:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:40:37:AA:8F:50:71:37:6C:26:02:03:C5:F4:B9:D5:D9:4A:71:2E X509v3 Authority Key Identifier: keyid:95:D4:2E:C2:F4:68:B7:E3:8F:95:8C:8F:BA:93:18:01:17:DC:26:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A7F6A/7A5298760AF011F08531D43CC4F9AE02/ldQuwvRot-OPlYyPupMYARfcJuA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ldQuwvRot-OPlYyPupMYARfcJuA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7F6A/7A5298760AF011F08531D43CC4F9AE02/ldQuwvRot-OPlYyPupMYARfcJuA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ae:29:95:42:de:cf:89:bb:42:c5:df:45:41:14:8a:53:79:bc: f3:90:6f:b3:a9:85:f3:17:ea:d4:07:76:0d:e6:89:c7:14:fe: 51:a8:21:3a:65:11:df:76:0c:64:a8:5f:c8:94:b7:6d:f7:ae: 72:03:92:31:af:93:27:6e:c5:3f:25:fc:52:a9:28:77:d9:6f: aa:ec:f1:41:75:ec:ba:f3:4e:78:ca:f3:72:1e:ba:b9:dd:05: bb:4a:c9:98:7e:3b:ba:31:14:47:df:2b:1d:58:9e:4d:75:7a: c4:5f:1f:65:eb:cb:fc:3f:da:02:84:d4:60:cf:8d:d3:f9:52: 99:7b:61:27:ba:5f:ce:2a:04:6d:78:ec:cc:fe:5f:79:a2:9a: cf:38:da:a5:35:74:05:25:57:47:b9:ba:fa:b9:22:93:aa:54: 6e:d3:29:58:9f:36:e1:5a:f7:86:30:1d:0d:2e:bf:3d:9f:f4: 72:2a:fc:e5:f7:fc:2e:ba:be:b0:98:86:72:90:68:7e:65:aa: 55:8c:7b:00:69:da:4d:db:0c:ef:96:85:5d:60:d2:6f:ee:e4: 1b:ca:ca:95:19:f7:a7:91:d7:5f:85:a2:2c:b2:2d:d7:1a:5e: 10:01:49:d3:54:04:9d:6c:8d:16:cc:c7:3f:00:e3:d5:b5:6a: d9:ec:e4:23 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBNDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB N0Y2QTExMC8GA1UEBRMoOTVENDJFQzJGNDY4QjdFMzhGOTU4QzhGQkE5MzE4MDEx N0RDMjZFMDAeFw0yNTA1MzEwNzI1NDRaFw0yNTA2MDcwNzI1NDRaMBgxFjAUBgNV BAMTDTY4M2FhZWY4LWFlMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDMhlmZuIVgC3m09bDWgGHa5/Mw3Z1cy+w6xv39zDXoLhqwyuPO8mLWaGhv7uCU EYLSbUHUbwr40pMjSJQHsyWIhhzmC7HJEe8Rby+t/SLGKesHT5+cj3PdiJY8tGjH dJ3M8somFbLKeh3qM7HW/BFVBwAxj/t76yQuS/ABcZ68hgIA883Ba7mfQKdr8REo jzbs7mT3rKPfNfiEmh4D/2uOSm+/qSyQzE+hbTwmWHKNh23Joa/Jk6o+2X/Gpjgv uc0zAGCXXi3I68fwWUQKJNa65HZyunQv9MBQ8XGr4fwwu00bUUaHJd7EH4xgcGXf Sxyg2WhGIw3SWjf1+o8cC3TlAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUP0A3qo9Q cTdsJgIDxfS51dlKcS4wHwYDVR0jBBgwFoAUldQuwvRot+OPlYyPupMYARfcJuAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE3RjZBLzdBNTI5ODc2MEFG MDExRjA4NTMxRDQzQ0M0RjlBRTAyL2xkUXV3dlJvdC1PUGxZeVB1cE1ZQVJmY0p1 QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvbGRRdXd2Um90LU9QbFl5UHVwTVlBUmZjSnVBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE3 RjZBLzdBNTI5ODc2MEFGMDExRjA4NTMxRDQzQ0M0RjlBRTAyL2xkUXV3dlJvdC1P UGxZeVB1cE1ZQVJmY0p1QS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAK4plULez4m7QsXfRUEUilN5vPOQb7OphfMX6tQHdg3miccU/lGoITpl Ed92DGSoX8iUt233rnIDkjGvkyduxT8l/FKpKHfZb6rs8UF17LrzTnjK83Ieurnd BbtKyZh+O7oxFEffKx1Ynk11esRfH2Xry/w/2gKE1GDPjdP5Upl7YSe6X84qBG14 7Mz+X3mims842qU1dAUlV0e5uvq5IpOqVG7TKVifNuFa94YwHQ0uvz2f9HIq/OX3 /C66vrCYhnKQaH5lqlWMewBp2k3bDO+WhV1g0m/u5BvKypUZ96eR11+FoiyyLdca XhABSdNUBJ1sjRbMxz8A49W1atns5CM= -----END CERTIFICATE-----Generated at Sat May 31 16:40:49 2025 by rpki-client