$ rpki-client -vvf rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.mft File: R-lr-DG7PMQ7TweEJj5ylYddVRY.mft (raw, json) Hash identifier: Jdt46xkrFx6toBxqT0U8uYfgpegNvQm5wNH4c3dU0Bo= Subject key identifier: 3D:4A:DA:BC:CA:CA:6E:53:EA:AA:94:67:07:B8:5D:24:BC:5B:DF:17 Authority key identifier: 47:E9:6B:F8:31:BB:3C:C4:3B:4F:07:84:26:3E:72:95:87:5D:55:16 Certificate issuer: /CN=A91C4204/serialNumber=47E96BF831BB3CC43B4F0784263E7295875D5516 Certificate serial: 0F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/R-lr-DG7PMQ7TweEJj5ylYddVRY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.mft Manifest number: 0D Signing time: Tue 03 Jun 2025 07:59:02 +0000 Manifest this update: Tue 03 Jun 2025 07:59:02 +0000 Manifest next update: Tue 10 Jun 2025 07:59:02 +0000 Files and hashes: 1: R-lr-DG7PMQ7TweEJj5ylYddVRY.crl (hash: j0T1FON2zwSsABYMyahhchwOObCBaxuXU03a0YOqPP0=) 2: CA2D4952300911F0AB675D3EC4F9AE02.roa (hash: wSACUp5c4PrWddzrJcvj1KCwEmCFzuB6DHldOTgXN4E=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.crl rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/R-lr-DG7PMQ7TweEJj5ylYddVRY.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 10 Jun 2025 07:59:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15 (0xf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C4204, serialNumber=47E96BF831BB3CC43B4F0784263E7295875D5516 Validity Not Before: Jun 3 07:59:02 2025 GMT Not After : Jun 10 07:59:02 2025 GMT Subject: CN=683eab46-bd4a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:30:e4:dc:11:8c:6c:1b:b1:f4:17:f1:31:e9: a1:e9:f7:70:52:2a:59:d6:9f:e9:81:38:b9:6f:86: dd:da:71:1d:a7:65:46:b4:e3:52:1d:26:76:0f:b4: 5a:b4:8f:fc:51:4f:e8:0a:3d:9b:cb:e3:1e:0a:3b: 79:b4:bc:59:0f:3a:93:92:67:df:e3:d1:82:0d:6d: a8:b3:e7:ca:f6:13:59:9a:5e:5e:2e:48:e4:c9:a9: 17:ea:80:42:d3:ff:00:8d:1e:3f:2c:82:90:f5:a7: 20:a0:ed:5c:a2:ae:a9:52:c0:44:3e:20:4b:9e:aa: a8:4f:44:27:42:90:55:e2:01:45:13:5c:23:dd:50: ab:89:4d:19:73:91:e2:fd:88:96:b2:e8:fc:6d:a5: 9f:51:91:59:78:dd:3e:e0:1d:15:fd:6e:b4:b7:31: a6:47:64:d0:c1:37:95:9f:39:e3:d9:05:ce:26:31: f6:56:ad:51:c9:e8:68:9d:e7:66:8b:de:c6:64:93: 1b:75:a6:fb:6d:a1:14:6c:2c:36:05:e4:ea:e4:93: d7:fb:41:91:a3:46:45:8b:3f:b0:51:22:9b:f2:cc: 7b:9f:02:94:48:34:24:ce:14:42:5c:75:c8:8f:1d: b9:a6:9a:57:06:d7:cb:77:87:48:9d:84:98:92:53: 40:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:4A:DA:BC:CA:CA:6E:53:EA:AA:94:67:07:B8:5D:24:BC:5B:DF:17 X509v3 Authority Key Identifier: keyid:47:E9:6B:F8:31:BB:3C:C4:3B:4F:07:84:26:3E:72:95:87:5D:55:16 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/R-lr-DG7PMQ7TweEJj5ylYddVRY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6d:62:d0:91:57:f9:ee:74:04:de:95:3c:41:92:c1:4b:27:c6: fa:82:bb:32:2e:7f:94:fd:d4:f5:d9:c5:96:d4:04:0b:6f:dc: 91:21:84:41:68:85:30:b8:07:f2:fc:71:43:63:35:43:4e:6b: 6b:f3:0b:70:09:28:36:1c:b1:bd:18:10:e8:dc:f8:0f:4b:1f: 7e:dd:41:a6:61:4e:41:d0:8d:f2:38:96:74:a4:e4:35:09:b3: 45:81:22:0b:92:8a:ed:24:12:c5:20:75:dc:b1:37:4d:18:dc: d7:2f:5d:48:7f:f3:e1:0e:0b:01:b2:27:ce:25:c9:00:9c:3f: 8e:65:66:de:37:f4:99:04:74:73:63:87:02:a7:72:e8:0b:65: f5:c8:aa:91:08:d7:7f:90:59:66:a4:85:10:a9:a4:93:ba:41: 2c:97:43:97:9f:c5:11:13:27:6e:f7:a8:7d:7b:d5:bf:d2:66: 14:04:f2:6f:02:48:66:de:b4:83:aa:d2:0e:66:7e:8e:b2:92: 19:6d:b6:39:cd:04:ec:76:42:20:c1:8a:9f:18:9a:aa:5d:38: 41:9a:54:77:76:d7:08:aa:fc:3f:fd:38:2e:b5:20:f2:ff:74: cf:68:d7:65:7f:43:67:fb:0d:d7:0f:68:36:3c:3a:91:ef:da: 8d:8c:d6:38 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBDzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD NDIwNDExMC8GA1UEBRMoNDdFOTZCRjgzMUJCM0NDNDNCNEYwNzg0MjYzRTcyOTU4 NzVENTUxNjAeFw0yNTA2MDMwNzU5MDJaFw0yNTA2MTAwNzU5MDJaMBgxFjAUBgNV BAMTDTY4M2VhYjQ2LWJkNGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDhMOTcEYxsG7H0F/Ex6aHp93BSKlnWn+mBOLlvht3acR2nZUa041IdJnYPtFq0 j/xRT+gKPZvL4x4KO3m0vFkPOpOSZ9/j0YINbaiz58r2E1maXl4uSOTJqRfqgELT /wCNHj8sgpD1pyCg7VyirqlSwEQ+IEueqqhPRCdCkFXiAUUTXCPdUKuJTRlzkeL9 iJay6PxtpZ9RkVl43T7gHRX9brS3MaZHZNDBN5WfOePZBc4mMfZWrVHJ6Gid52aL 3sZkkxt1pvttoRRsLDYF5Orkk9f7QZGjRkWLP7BRIpvyzHufApRINCTOFEJcdciP HbmmmlcG18t3h0idhJiSU0CjAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUPUravMrK blPqqpRnB7hdJLxb3xcwHwYDVR0jBBgwFoAUR+lr+DG7PMQ7TweEJj5ylYddVRYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM0MjA0LzQ0MUI1MDUyMzAw OTExRjBBMEFBN0QzREM0RjlBRTAyL1ItbHItREc3UE1RN1R3ZUVKajV5bFlkZFZS WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvUi1sci1ERzdQTVE3VHdlRUpqNXlsWWRkVlJZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM0 MjA0LzQ0MUI1MDUyMzAwOTExRjBBMEFBN0QzREM0RjlBRTAyL1ItbHItREc3UE1R N1R3ZUVKajV5bFlkZFZSWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAG1i0JFX+e50BN6VPEGSwUsnxvqCuzIuf5T91PXZxZbUBAtv3JEhhEFo hTC4B/L8cUNjNUNOa2vzC3AJKDYcsb0YEOjc+A9LH37dQaZhTkHQjfI4lnSk5DUJ s0WBIguSiu0kEsUgddyxN00Y3NcvXUh/8+EOCwGyJ84lyQCcP45lZt439JkEdHNj hwKncugLZfXIqpEI13+QWWakhRCppJO6QSyXQ5efxRETJ273qH171b/SZhQE8m8C SGbetIOq0g5mfo6ykhlttjnNBOx2QiDBip8YmqpdOEGaVHd21wiq/D/9OC61IPL/ dM9o12V/Q2f7DdcPaDY8OpHv2o2M1jg= -----END CERTIFICATE-----Generated at Tue Jun 3 23:44:24 2025 by rpki-client