$ rpki-client -vvf rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.mft File: R-lr-DG7PMQ7TweEJj5ylYddVRY.mft (raw, json) Hash identifier: 1v3rDpvzwf1652qwNHyOQi0+0ehE/zhQeg3/fpTJ/Tw= Subject key identifier: 77:D3:BB:C8:24:AE:E2:32:FF:22:12:8E:B1:59:B6:C5:38:8B:86:8D Authority key identifier: 47:E9:6B:F8:31:BB:3C:C4:3B:4F:07:84:26:3E:72:95:87:5D:55:16 Certificate issuer: /CN=A91C4204/serialNumber=47E96BF831BB3CC43B4F0784263E7295875D5516 Certificate serial: 26 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/R-lr-DG7PMQ7TweEJj5ylYddVRY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.mft Manifest number: 24 Signing time: Sat 19 Jul 2025 08:05:17 +0000 Manifest this update: Sat 19 Jul 2025 08:05:17 +0000 Manifest next update: Sat 26 Jul 2025 08:05:17 +0000 Files and hashes: 1: R-lr-DG7PMQ7TweEJj5ylYddVRY.crl (hash: L3dq8mthWQz9DPTbYhUwwnKRhkF8YAe/yUyP5jJ2lto=) 2: CA2D4952300911F0AB675D3EC4F9AE02.roa (hash: wSACUp5c4PrWddzrJcvj1KCwEmCFzuB6DHldOTgXN4E=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.crl rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/R-lr-DG7PMQ7TweEJj5ylYddVRY.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 08:05:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38 (0x26) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C4204, serialNumber=47E96BF831BB3CC43B4F0784263E7295875D5516 Validity Not Before: Jul 19 08:05:17 2025 GMT Not After : Jul 26 08:05:17 2025 GMT Subject: CN=687b51bd-2b2f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:37:86:51:57:2b:58:9c:0b:aa:2c:9a:0d:ec: 2e:79:e7:79:8e:67:19:14:08:15:ac:e0:1d:3e:51: 44:83:81:e6:08:62:83:84:1a:89:d2:08:57:db:db: 65:58:1f:95:f4:43:83:3a:26:d7:ba:6e:c7:2b:d7: 8a:4f:17:19:c3:68:f6:b1:f9:9e:c4:32:72:7d:bc: 2f:2e:a1:f3:b5:2b:ab:83:bc:6d:ec:3e:e6:ec:4f: cd:7d:eb:84:94:a2:19:7b:d4:f4:fd:39:a8:86:f3: 86:ce:23:a5:64:e2:f9:1d:f9:95:fe:d8:dc:36:e9: ee:29:29:ae:af:4d:28:77:f9:9c:56:ef:d6:9a:cf: 00:76:b0:7f:3e:99:7b:6b:a0:74:da:63:7e:fb:8b: 6b:70:01:39:71:7f:54:6b:f7:af:45:68:f5:af:9f: e7:8e:ea:19:d9:62:fb:30:9d:36:39:f8:9d:15:73: c2:ad:21:0e:83:1c:ae:a1:1d:e5:20:c3:ab:9c:80: 49:e0:15:fa:af:5e:b7:3e:f2:dd:56:13:86:1d:53: f3:20:b1:b4:c3:9c:88:f0:90:6f:c3:41:35:66:c5: eb:a8:9c:d4:99:bf:db:2f:e5:b4:67:a2:9f:3f:7d: a1:e0:9e:6c:e8:7a:4c:2a:61:4d:0f:91:6b:5f:74: ec:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:D3:BB:C8:24:AE:E2:32:FF:22:12:8E:B1:59:B6:C5:38:8B:86:8D X509v3 Authority Key Identifier: keyid:47:E9:6B:F8:31:BB:3C:C4:3B:4F:07:84:26:3E:72:95:87:5D:55:16 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/R-lr-DG7PMQ7TweEJj5ylYddVRY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9e:4e:7b:96:8a:c2:62:c6:65:99:30:6a:a7:75:74:b9:71:db: 9d:d7:62:96:32:20:13:06:8a:71:9e:9a:00:ca:a1:0c:52:80: 5a:0c:20:43:02:d1:02:ff:8b:af:01:58:d8:36:23:01:22:77: 06:b8:17:c6:54:24:60:ba:68:6b:ac:c5:6d:51:48:dd:2d:26: 12:34:36:5e:25:a9:26:1d:de:df:f4:23:fa:ce:6e:88:94:bf: c0:44:d9:cd:17:99:ba:06:2b:6f:65:d2:b5:8f:e6:cd:94:35: 81:5d:ff:bd:14:40:15:e0:e2:6f:a5:b6:07:69:3a:d5:3a:a7: df:84:62:df:7c:97:16:41:33:70:a4:47:a8:20:5c:56:c7:14: e4:30:d4:90:36:e5:74:08:5b:a7:e0:fa:14:58:47:4b:94:d6: 98:6c:d6:f7:5e:b2:64:e5:35:b3:d3:6f:9e:18:52:6d:26:83: cd:7c:19:8e:f9:53:19:bb:4c:d7:9b:68:a5:85:8b:b9:0f:89: 9c:3f:f8:eb:9f:f5:29:9a:c6:c6:06:86:d2:14:c9:62:82:f1: a9:ff:76:a2:b8:9f:e2:ab:9d:85:66:19:aa:7b:50:b3:e8:54: 21:99:99:85:28:c2:aa:0e:de:a3:67:52:df:6b:88:5d:aa:69: d4:d1:7d:96 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBJjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD NDIwNDExMC8GA1UEBRMoNDdFOTZCRjgzMUJCM0NDNDNCNEYwNzg0MjYzRTcyOTU4 NzVENTUxNjAeFw0yNTA3MTkwODA1MTdaFw0yNTA3MjYwODA1MTdaMBgxFjAUBgNV BAMTDTY4N2I1MWJkLTJiMmYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDON4ZRVytYnAuqLJoN7C5553mOZxkUCBWs4B0+UUSDgeYIYoOEGonSCFfb22VY H5X0Q4M6Jte6bscr14pPFxnDaPax+Z7EMnJ9vC8uofO1K6uDvG3sPubsT81964SU ohl71PT9OaiG84bOI6Vk4vkd+ZX+2Nw26e4pKa6vTSh3+ZxW79aazwB2sH8+mXtr oHTaY377i2twATlxf1Rr969FaPWvn+eO6hnZYvswnTY5+J0Vc8KtIQ6DHK6hHeUg w6ucgEngFfqvXrc+8t1WE4YdU/MgsbTDnIjwkG/DQTVmxeuonNSZv9sv5bRnop8/ faHgnmzoekwqYU0PkWtfdOznAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUd9O7yCSu 4jL/IhKOsVm2xTiLho0wHwYDVR0jBBgwFoAUR+lr+DG7PMQ7TweEJj5ylYddVRYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM0MjA0LzQ0MUI1MDUyMzAw OTExRjBBMEFBN0QzREM0RjlBRTAyL1ItbHItREc3UE1RN1R3ZUVKajV5bFlkZFZS WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvUi1sci1ERzdQTVE3VHdlRUpqNXlsWWRkVlJZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM0 MjA0LzQ0MUI1MDUyMzAwOTExRjBBMEFBN0QzREM0RjlBRTAyL1ItbHItREc3UE1R N1R3ZUVKajV5bFlkZFZSWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAJ5Oe5aKwmLGZZkwaqd1dLlx253XYpYyIBMGinGemgDKoQxSgFoMIEMC 0QL/i68BWNg2IwEidwa4F8ZUJGC6aGusxW1RSN0tJhI0Nl4lqSYd3t/0I/rOboiU v8BE2c0XmboGK29l0rWP5s2UNYFd/70UQBXg4m+ltgdpOtU6p9+EYt98lxZBM3Ck R6ggXFbHFOQw1JA25XQIW6fg+hRYR0uU1phs1vdesmTlNbPTb54YUm0mg818GY75 Uxm7TNebaKWFi7kPiZw/+Ouf9SmaxsYGhtIUyWKC8an/dqK4n+KrnYVmGap7ULPo VCGZmYUowqoO3qNnUt9riF2qadTRfZY= -----END CERTIFICATE-----Generated at Sun Jul 20 18:39:01 2025 by rpki-client