$ rpki-client -vvf rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.mft File: R-lr-DG7PMQ7TweEJj5ylYddVRY.mft (raw, json) Hash identifier: uEjqCgAjRsFFReuAdB1G7Y/yCSm8f3IUoUg0hXPJTxg= Subject key identifier: 46:2E:18:D6:2D:01:1F:E2:D3:36:DA:CA:F7:67:54:D9:38:F1:07:F3 Authority key identifier: 47:E9:6B:F8:31:BB:3C:C4:3B:4F:07:84:26:3E:72:95:87:5D:55:16 Certificate issuer: /CN=A91C4204/serialNumber=47E96BF831BB3CC43B4F0784263E7295875D5516 Certificate serial: 3F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/R-lr-DG7PMQ7TweEJj5ylYddVRY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.mft Manifest number: 3D Signing time: Fri 05 Sep 2025 08:01:06 +0000 Manifest this update: Fri 05 Sep 2025 08:01:05 +0000 Manifest next update: Fri 12 Sep 2025 08:01:05 +0000 Files and hashes: 1: R-lr-DG7PMQ7TweEJj5ylYddVRY.crl (hash: 102O7Kb+oVS3dmgnrc8h8jBxmCOlcEEd6u0IG3ULDwY=) 2: CA2D4952300911F0AB675D3EC4F9AE02.roa (hash: wSACUp5c4PrWddzrJcvj1KCwEmCFzuB6DHldOTgXN4E=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.crl rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/R-lr-DG7PMQ7TweEJj5ylYddVRY.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Sep 2025 08:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63 (0x3f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C4204, serialNumber=47E96BF831BB3CC43B4F0784263E7295875D5516 Validity Not Before: Sep 5 08:01:05 2025 GMT Not After : Sep 12 08:01:05 2025 GMT Subject: CN=68ba98c2-515b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:14:f8:6c:d6:ec:25:d7:ed:f6:14:b5:8b:9e: ba:8c:12:18:cc:0f:02:c7:b3:00:49:e5:cd:04:b6: 3c:93:63:56:48:1a:bb:96:c1:e1:95:2b:1d:93:57: 9d:64:f4:47:c2:09:71:af:cd:82:c9:89:ac:dc:74: 0a:19:99:0f:54:3f:91:a0:33:91:32:77:77:56:7e: 87:a4:a1:b1:c3:21:35:33:29:b5:3b:31:74:77:f0: b3:8a:2c:86:78:52:fe:a6:2e:45:bf:a6:0a:62:30: 20:54:f1:2c:ba:f5:98:97:66:25:64:ca:df:2b:3b: a3:91:0a:d4:79:27:42:a4:32:20:6d:39:bc:c8:75: ba:8f:ae:aa:60:68:f2:b4:ef:40:f5:50:fb:34:f2: ef:93:5b:c5:5e:1f:44:00:62:81:c9:00:9a:1c:13: 5b:3e:00:47:cf:e2:0f:a0:9a:5a:db:31:57:b1:60: f9:f2:68:cc:b1:12:45:d6:ef:18:d7:22:26:87:02: e1:cb:9e:63:c9:10:c3:e0:cf:35:8d:bb:74:81:30: 8c:d2:56:8a:36:b7:95:46:f0:71:2b:43:a8:3d:18: 80:72:40:47:e0:3f:39:d8:8b:9c:ac:cf:80:26:ae: 52:98:fa:82:dc:62:54:12:f3:66:55:37:4d:e2:69: ee:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:2E:18:D6:2D:01:1F:E2:D3:36:DA:CA:F7:67:54:D9:38:F1:07:F3 X509v3 Authority Key Identifier: keyid:47:E9:6B:F8:31:BB:3C:C4:3B:4F:07:84:26:3E:72:95:87:5D:55:16 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/R-lr-DG7PMQ7TweEJj5ylYddVRY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6d:b2:06:bb:0b:9c:1d:2a:59:48:83:20:bc:ea:9b:10:96:a5: 54:87:8b:53:cd:60:40:13:9e:13:22:e1:ae:89:31:84:8e:aa: da:4f:6d:c1:a8:e4:19:b6:00:36:b7:60:c7:00:ba:d6:ff:06: 59:0d:cf:34:4b:fa:72:61:60:78:58:49:ca:0c:60:09:50:0a: 91:c6:e6:6a:a1:ae:70:71:96:7b:68:8c:c2:89:49:12:8b:b2: 56:dc:0c:a5:66:ac:b6:c5:0b:99:e1:3f:e9:5d:c4:1a:11:b2: b7:a9:b8:ab:78:e7:1e:be:47:4e:d0:f5:6f:91:3b:5c:d6:5d: 45:ac:28:42:73:d1:34:e3:06:e1:04:4c:f8:b2:1a:70:7e:28: 54:e8:42:04:1f:0c:a7:53:b6:7e:66:8e:30:61:8c:06:6e:01: a4:55:6b:53:d4:5b:22:1d:20:a1:0c:db:b4:9a:5b:1a:5f:d6: fe:6e:35:7d:d8:6c:9f:2a:ae:00:5d:6c:94:37:75:16:6e:f1: f7:93:40:14:c6:7e:7c:7b:8b:45:69:3c:4b:22:7f:03:dd:fc: 47:d9:35:b6:b0:28:a7:c1:2e:68:06:07:83:d0:8d:1e:d1:ce: fd:ec:87:1d:ef:5a:83:9e:c0:21:02:6b:8a:53:20:27:5f:36: b3:f5:82:e3 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBPzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD NDIwNDExMC8GA1UEBRMoNDdFOTZCRjgzMUJCM0NDNDNCNEYwNzg0MjYzRTcyOTU4 NzVENTUxNjAeFw0yNTA5MDUwODAxMDVaFw0yNTA5MTIwODAxMDVaMBgxFjAUBgNV BAMTDTY4YmE5OGMyLTUxNWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCqFPhs1uwl1+32FLWLnrqMEhjMDwLHswBJ5c0EtjyTY1ZIGruWweGVKx2TV51k 9EfCCXGvzYLJiazcdAoZmQ9UP5GgM5Eyd3dWfoekobHDITUzKbU7MXR38LOKLIZ4 Uv6mLkW/pgpiMCBU8Sy69ZiXZiVkyt8rO6ORCtR5J0KkMiBtObzIdbqPrqpgaPK0 70D1UPs08u+TW8VeH0QAYoHJAJocE1s+AEfP4g+gmlrbMVexYPnyaMyxEkXW7xjX IiaHAuHLnmPJEMPgzzWNu3SBMIzSVoo2t5VG8HErQ6g9GIByQEfgPznYi5ysz4Am rlKY+oLcYlQS82ZVN03iae7RAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQURi4Y1i0B H+LTNtrK92dU2TjxB/MwHwYDVR0jBBgwFoAUR+lr+DG7PMQ7TweEJj5ylYddVRYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM0MjA0LzQ0MUI1MDUyMzAw OTExRjBBMEFBN0QzREM0RjlBRTAyL1ItbHItREc3UE1RN1R3ZUVKajV5bFlkZFZS WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvUi1sci1ERzdQTVE3VHdlRUpqNXlsWWRkVlJZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM0 MjA0LzQ0MUI1MDUyMzAwOTExRjBBMEFBN0QzREM0RjlBRTAyL1ItbHItREc3UE1R N1R3ZUVKajV5bFlkZFZSWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAG2yBrsLnB0qWUiDILzqmxCWpVSHi1PNYEATnhMi4a6JMYSOqtpPbcGo 5Bm2ADa3YMcAutb/BlkNzzRL+nJhYHhYScoMYAlQCpHG5mqhrnBxlntojMKJSRKL slbcDKVmrLbFC5nhP+ldxBoRsrepuKt45x6+R07Q9W+RO1zWXUWsKEJz0TTjBuEE TPiyGnB+KFToQgQfDKdTtn5mjjBhjAZuAaRVa1PUWyIdIKEM27SaWxpf1v5uNX3Y bJ8qrgBdbJQ3dRZu8feTQBTGfnx7i0VpPEsifwPd/EfZNbawKKfBLmgGB4PQjR7R zv3shx3vWoOewCECa4pTICdfNrP1guM= -----END CERTIFICATE-----Generated at Sat Sep 6 21:01:54 2025 by rpki-client