$ rpki-client -vvf rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/lfCdXluLzW9LTWm1yTbJEvd9LP0.mft File: lfCdXluLzW9LTWm1yTbJEvd9LP0.mft (raw, json) Hash identifier: HLGNnw6RUYaHxwNnRvcAIID6fS+WeDYIQXMrHdsGOm4= Subject key identifier: 30:A9:9C:B4:36:A2:33:47:C1:25:05:F5:F5:22:34:5E:29:E0:F0:B2 Authority key identifier: 95:F0:9D:5E:5B:8B:CD:6F:4B:4D:69:B5:C9:36:C9:12:F7:7D:2C:FD Certificate issuer: /CN=A91D44BE/serialNumber=95F09D5E5B8BCD6F4B4D69B5C936C912F77D2CFD Certificate serial: 95 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lfCdXluLzW9LTWm1yTbJEvd9LP0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/lfCdXluLzW9LTWm1yTbJEvd9LP0.mft Manifest number: 92 Signing time: Tue 03 Jun 2025 06:16:24 +0000 Manifest this update: Tue 03 Jun 2025 06:16:23 +0000 Manifest next update: Tue 10 Jun 2025 06:16:23 +0000 Files and hashes: 1: lfCdXluLzW9LTWm1yTbJEvd9LP0.crl (hash: POzJLXwfmkUgu46BO/CGvcKolYyRTsQqbGH3ed23fYU=) 2: B23569E2756511EFB018F20DC4F9AE02.roa (hash: r6mTJvt8SukGGtNb+WgynqBgaxV1KBCRpaFxjoCbFH8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/lfCdXluLzW9LTWm1yTbJEvd9LP0.crl rsync://rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/lfCdXluLzW9LTWm1yTbJEvd9LP0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lfCdXluLzW9LTWm1yTbJEvd9LP0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 10 Jun 2025 06:16:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 149 (0x95) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D44BE, serialNumber=95F09D5E5B8BCD6F4B4D69B5C936C912F77D2CFD Validity Not Before: Jun 3 06:16:23 2025 GMT Not After : Jun 10 06:16:23 2025 GMT Subject: CN=683e9337-1e04 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:8c:f7:f8:6a:ab:1f:c2:79:4f:b8:f0:b8:d9: fd:75:93:52:d1:8b:cd:a5:63:47:aa:b3:29:c9:17: ad:5b:19:4b:95:1e:ea:dc:cd:86:92:8d:88:3f:19: 9e:48:9d:29:fa:99:b6:e9:7d:78:de:68:38:87:e7: 8d:11:9f:6c:79:e6:54:83:b4:8f:3b:f5:db:93:d7: 5f:40:85:b1:4f:fb:e3:5d:a2:df:04:b9:2b:92:55: e8:be:b7:14:26:60:86:68:28:40:d6:7d:df:b1:ea: be:f5:3e:11:c1:9d:83:cd:5d:4a:51:08:b1:0f:15: 12:78:43:d6:80:07:76:5b:9f:51:6f:29:69:fe:01: c3:87:ee:ba:44:f5:3f:5a:ce:7f:fe:8f:c5:2e:6e: d4:2d:d3:f6:bd:c7:22:0c:e9:ba:ac:67:c1:d7:eb: e7:60:e1:9c:27:f8:6c:6d:6a:e3:ee:55:93:0d:8c: 49:89:84:91:71:48:96:e2:cd:f8:49:69:6a:60:bb: b1:8e:c5:db:98:7a:13:7c:fb:7f:c0:a7:ca:95:30: 1e:5a:e2:ee:b6:44:a5:ff:00:3c:44:d3:e0:74:af: 54:91:4d:62:47:45:d2:4a:9b:0e:e9:46:3a:7a:38: ad:61:35:c8:fc:37:fd:4c:98:57:58:b9:98:36:82: 9e:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:A9:9C:B4:36:A2:33:47:C1:25:05:F5:F5:22:34:5E:29:E0:F0:B2 X509v3 Authority Key Identifier: keyid:95:F0:9D:5E:5B:8B:CD:6F:4B:4D:69:B5:C9:36:C9:12:F7:7D:2C:FD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/lfCdXluLzW9LTWm1yTbJEvd9LP0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lfCdXluLzW9LTWm1yTbJEvd9LP0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/lfCdXluLzW9LTWm1yTbJEvd9LP0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 47:d1:af:b0:3d:1e:ac:aa:f1:28:e2:7f:65:40:3c:c1:ab:4a: 87:15:5b:ab:72:36:8d:4e:53:11:eb:de:cc:2a:72:fb:27:e8: 96:10:46:9a:2a:b3:2a:89:cf:a4:12:70:4e:52:af:6f:a9:ae: bf:dd:11:7f:2a:8a:7a:bf:d1:9b:3c:3a:72:ea:1f:e6:74:d2: c5:f5:c3:a8:06:05:02:18:50:6d:cd:bd:9f:53:41:ac:91:30: c4:ae:01:c5:3f:43:46:78:66:74:e1:e9:d4:ab:af:a4:d6:1b: c5:81:e4:3c:29:79:04:c6:d8:52:bc:d4:65:be:1b:f2:ea:2c: 63:83:08:0c:aa:cc:98:08:f6:a8:05:b0:c2:bf:af:44:bc:ce: c1:c9:1d:a7:23:b9:c2:d8:80:a6:7d:13:b7:87:df:5c:f0:5b: 94:f6:45:6c:5e:27:4d:b5:4b:7e:4e:b1:79:9d:20:2b:82:b2: 4d:15:a2:1b:22:97:92:a5:0f:c2:c1:a4:55:da:d1:7f:60:84: 31:7f:de:b6:d8:76:c8:bb:c2:14:05:53:3e:c1:3c:eb:a6:0a: 43:54:c7:6c:61:14:ed:bc:34:68:2e:92:e5:b5:8b:1e:09:be: ed:b3:5e:e7:4f:d7:e6:8f:76:96:b7:8b:8f:79:9e:f0:09:f6: cf:44:95:92 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDQ0QkUxMTAvBgNVBAUTKDk1RjA5RDVFNUI4QkNENkY0QjRENjlCNUM5MzZDOTEy Rjc3RDJDRkQwHhcNMjUwNjAzMDYxNjIzWhcNMjUwNjEwMDYxNjIzWjAYMRYwFAYD VQQDEw02ODNlOTMzNy0xZTA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt4z3+GqrH8J5T7jwuNn9dZNS0YvNpWNHqrMpyRetWxlLlR7q3M2Gko2IPxme SJ0p+pm26X143mg4h+eNEZ9seeZUg7SPO/Xbk9dfQIWxT/vjXaLfBLkrklXovrcU JmCGaChA1n3fseq+9T4RwZ2DzV1KUQixDxUSeEPWgAd2W59Rbylp/gHDh+66RPU/ Ws5//o/FLm7ULdP2vcciDOm6rGfB1+vnYOGcJ/hsbWrj7lWTDYxJiYSRcUiW4s34 SWlqYLuxjsXbmHoTfPt/wKfKlTAeWuLutkSl/wA8RNPgdK9UkU1iR0XSSpsO6UY6 ejitYTXI/Df9TJhXWLmYNoKeVwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDCpnLQ2 ojNHwSUF9fUiNF4p4PCyMB8GA1UdIwQYMBaAFJXwnV5bi81vS01ptck2yRL3fSz9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDRCRS8wMjhBQkU0MjY5 MjIxMUVGQkY4N0JCMEVDNEY5QUUwMi9sZkNkWGx1THpXOUxUV20xeVRiSkV2ZDlM UDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2xmQ2RYbHVMelc5TFRXbTF5VGJKRXZkOUxQMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NDRCRS8wMjhBQkU0MjY5MjIxMUVGQkY4N0JCMEVDNEY5QUUwMi9sZkNkWGx1THpX OUxUV20xeVRiSkV2ZDlMUDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBH0a+wPR6sqvEo4n9lQDzBq0qHFVurcjaNTlMR697MKnL7J+iWEEaa KrMqic+kEnBOUq9vqa6/3RF/Kop6v9GbPDpy6h/mdNLF9cOoBgUCGFBtzb2fU0Gs kTDErgHFP0NGeGZ04enUq6+k1hvFgeQ8KXkExthSvNRlvhvy6ixjgwgMqsyYCPao BbDCv69EvM7ByR2nI7nC2ICmfRO3h99c8FuU9kVsXidNtUt+TrF5nSArgrJNFaIb IpeSpQ/CwaRV2tF/YIQxf9622HbIu8IUBVM+wTzrpgpDVMdsYRTtvDRoLpLltYse Cb7ts17nT9fmj3aWt4uPeZ7wCfbPRJWS -----END CERTIFICATE-----Generated at Wed Jun 4 00:04:39 2025 by rpki-client