$ rpki-client -vvf rpki.apnic.net/member_repository/A9120E21/A5E950D4427311E9BAC00065C4F9AE02/lMnUO1O12FDZjg2i1e88ThwxIEU.mft File: lMnUO1O12FDZjg2i1e88ThwxIEU.mft (raw, json) Hash identifier: 1cNN6aJ+yNrZuJnJ9Ln6uuPK6L/5ryaDyQvEWNTeunM= Subject key identifier: 9F:79:80:ED:5A:0C:DF:3D:93:0C:6E:DA:0F:4E:6D:6D:6E:3D:B7:5F Authority key identifier: 94:C9:D4:3B:53:B5:D8:50:D9:8E:0D:A2:D5:EF:3C:4E:1C:31:20:45 Certificate issuer: /CN=A9120E21/serialNumber=94C9D43B53B5D850D98E0DA2D5EF3C4E1C312045 Certificate serial: 1026 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lMnUO1O12FDZjg2i1e88ThwxIEU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9120E21/A5E950D4427311E9BAC00065C4F9AE02/lMnUO1O12FDZjg2i1e88ThwxIEU.mft Manifest number: 1025 Signing time: Sat 14 Jun 2025 17:21:29 +0000 Manifest this update: Sat 14 Jun 2025 17:21:29 +0000 Manifest next update: Sat 21 Jun 2025 17:21:29 +0000 Files and hashes: 1: lMnUO1O12FDZjg2i1e88ThwxIEU.crl (hash: 5WI1pXUaUu8wBnD4Ml651Kvgxyxcsr8TeR47hvX3Ezg=) 2: 90FBBCBEB3F311EFA5A0C630C4F9AE02.roa (hash: fjbjZHBA/FnAxnWN8e7Z/ROBTRwA1nOrCoj5zv4PAPA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9120E21/A5E950D4427311E9BAC00065C4F9AE02/lMnUO1O12FDZjg2i1e88ThwxIEU.crl rsync://rpki.apnic.net/member_repository/A9120E21/A5E950D4427311E9BAC00065C4F9AE02/lMnUO1O12FDZjg2i1e88ThwxIEU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lMnUO1O12FDZjg2i1e88ThwxIEU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 17:13:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4134 (0x1026) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9120E21, serialNumber=94C9D43B53B5D850D98E0DA2D5EF3C4E1C312045 Validity Not Before: Jun 14 17:21:29 2025 GMT Not After : Jun 21 17:21:29 2025 GMT Subject: CN=684daf99-1a20 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:6d:b3:c1:ea:01:8b:03:37:ee:63:cc:8d:33: 48:5f:e3:5b:f8:2c:7d:c1:1e:c9:ee:33:d3:dd:fa: 62:72:59:43:80:53:6f:34:89:1a:71:99:af:c6:95: 7c:88:92:ac:65:f9:5c:ae:7a:65:19:22:0f:6b:3c: 17:5a:d0:e8:af:f6:cd:03:26:3e:7a:c0:89:03:e4: 0e:5e:b5:6e:c7:ea:10:03:5f:6f:5b:e7:7e:4f:91: 0e:4d:ef:07:7e:00:06:71:3c:ae:97:ca:5a:84:30: d2:27:0c:af:84:5d:a5:b4:77:30:29:e1:d9:e8:4d: b5:b6:e6:ec:40:0a:3b:e3:23:87:68:27:bf:71:c5: 8a:7d:ae:b0:03:d2:31:25:82:b2:76:79:54:a1:30: c4:67:ea:64:df:2e:5f:d3:6c:2f:cd:32:57:47:36: cd:1e:d3:01:e4:88:92:c2:f5:73:b7:59:9e:c7:28: 0e:ac:36:70:aa:70:16:d8:c2:19:ec:c1:c1:81:8c: 61:15:83:c7:2f:19:b6:44:11:7b:ed:47:03:7d:f3: aa:b5:05:84:67:01:df:5a:8b:2e:d9:63:7e:4f:96: a5:2e:6e:9b:b1:7a:eb:77:9c:1d:df:59:25:64:c6: 35:50:3c:b6:41:0d:bb:e5:1e:ad:7d:eb:e4:68:a7: 9b:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:79:80:ED:5A:0C:DF:3D:93:0C:6E:DA:0F:4E:6D:6D:6E:3D:B7:5F X509v3 Authority Key Identifier: keyid:94:C9:D4:3B:53:B5:D8:50:D9:8E:0D:A2:D5:EF:3C:4E:1C:31:20:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9120E21/A5E950D4427311E9BAC00065C4F9AE02/lMnUO1O12FDZjg2i1e88ThwxIEU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lMnUO1O12FDZjg2i1e88ThwxIEU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9120E21/A5E950D4427311E9BAC00065C4F9AE02/lMnUO1O12FDZjg2i1e88ThwxIEU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 24:2b:91:96:71:18:c4:58:26:8f:23:e2:f5:ea:41:ea:6e:e8: ee:7b:85:7e:1d:50:72:e2:f4:09:78:ed:fe:87:9b:d4:7b:f2: 01:d9:e1:e7:77:bb:31:4f:28:bb:36:cf:2a:ee:24:f2:7c:76: 38:12:ee:f2:41:d0:ef:de:6a:14:81:bf:4b:c4:40:42:a9:a2: b0:56:5c:40:a8:3b:ed:29:be:4d:ce:50:6d:04:70:14:2f:26: f6:26:38:bf:0a:b6:f9:f3:38:82:05:dd:53:00:a5:62:99:55: 01:5f:5b:6c:4d:b3:95:4a:81:c4:5c:98:f2:74:84:ea:d2:21: 2e:42:ff:52:00:7f:df:48:cc:0b:2f:bb:31:70:3b:60:24:c6: ea:e2:af:1a:72:b8:18:d2:0e:e9:e7:ce:b9:33:f6:8d:4c:e7: 4b:42:3b:2c:4b:12:65:dd:48:14:b3:e0:2b:79:b0:15:6a:71: 8c:70:11:a5:52:45:d8:9f:5d:15:81:07:47:c7:17:fc:a3:ef: a3:7f:13:99:16:2f:30:1d:fe:8e:93:70:5b:13:00:21:e5:08: f8:51:e6:ed:81:b9:53:46:5d:ff:48:f8:b1:1d:f3:b0:b5:90: 6a:ba:af:3f:63:af:2c:ee:49:c3:78:86:bb:eb:8d:20:5f:ca: ee:50:ea:29 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICECYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjBFMjExMTAvBgNVBAUTKDk0QzlENDNCNTNCNUQ4NTBEOThFMERBMkQ1RUYzQzRF MUMzMTIwNDUwHhcNMjUwNjE0MTcyMTI5WhcNMjUwNjIxMTcyMTI5WjAYMRYwFAYD VQQDEw02ODRkYWY5OS0xYTIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArW2zweoBiwM37mPMjTNIX+Nb+Cx9wR7J7jPT3fpicllDgFNvNIkacZmvxpV8 iJKsZflcrnplGSIPazwXWtDor/bNAyY+esCJA+QOXrVux+oQA19vW+d+T5EOTe8H fgAGcTyul8pahDDSJwyvhF2ltHcwKeHZ6E21tubsQAo74yOHaCe/ccWKfa6wA9Ix JYKydnlUoTDEZ+pk3y5f02wvzTJXRzbNHtMB5IiSwvVzt1mexygOrDZwqnAW2MIZ 7MHBgYxhFYPHLxm2RBF77UcDffOqtQWEZwHfWosu2WN+T5alLm6bsXrrd5wd31kl ZMY1UDy2QQ275R6tfevkaKeb2wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ95gO1a DN89kwxu2g9ObW1uPbdfMB8GA1UdIwQYMBaAFJTJ1DtTtdhQ2Y4NotXvPE4cMSBF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMEUyMS9BNUU5NTBENDQy NzMxMUU5QkFDMDAwNjVDNEY5QUUwMi9sTW5VTzFPMTJGRFpqZzJpMWU4OFRod3hJ RVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xNblVPMU8xMkZEWmpnMmkxZTg4VGh3eElFVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MEUyMS9BNUU5NTBENDQyNzMxMUU5QkFDMDAwNjVDNEY5QUUwMi9sTW5VTzFPMTJG RFpqZzJpMWU4OFRod3hJRVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAkK5GWcRjEWCaPI+L16kHqbujue4V+HVBy4vQJeO3+h5vUe/IB2eHn d7sxTyi7Ns8q7iTyfHY4Eu7yQdDv3moUgb9LxEBCqaKwVlxAqDvtKb5NzlBtBHAU Lyb2Jji/Crb58ziCBd1TAKVimVUBX1tsTbOVSoHEXJjydITq0iEuQv9SAH/fSMwL L7sxcDtgJMbq4q8acrgY0g7p5865M/aNTOdLQjssSxJl3UgUs+ArebAVanGMcBGl UkXYn10VgQdHxxf8o++jfxOZFi8wHf6Ok3BbEwAh5Qj4UebtgblTRl3/SPixHfOw tZBquq8/Y68s7knDeIa7640gX8ruUOop -----END CERTIFICATE-----Generated at Sat Jun 14 19:26:28 2025 by rpki-client