$ rpki-client -vvf rpki.apnic.net/member_repository/A912CB7D/B2B3D77C1B4411EEA3578E29C4F9AE02/lATO33S5SXRR7zK7ehK-1x0sI-U.mft File: lATO33S5SXRR7zK7ehK-1x0sI-U.mft (raw, json) Hash identifier: w2rZKSgtWsGYsG+i99iwQ3ZgN6v4SXx8TnO+v8jPLTY= Subject key identifier: 49:AA:C7:A7:80:D8:10:48:F2:C8:1C:9B:39:5D:84:6D:AD:64:85:E0 Authority key identifier: 94:04:CE:DF:74:B9:49:74:51:EF:32:BB:7A:12:BE:D7:1D:2C:23:E5 Certificate issuer: /CN=A912CB7D/serialNumber=9404CEDF74B9497451EF32BB7A12BED71D2C23E5 Certificate serial: 015B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lATO33S5SXRR7zK7ehK-1x0sI-U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912CB7D/B2B3D77C1B4411EEA3578E29C4F9AE02/lATO33S5SXRR7zK7ehK-1x0sI-U.mft Manifest number: 0157 Signing time: Fri 25 Apr 2025 03:14:58 +0000 Manifest this update: Fri 25 Apr 2025 03:14:57 +0000 Manifest next update: Fri 02 May 2025 03:14:57 +0000 Files and hashes: 1: lATO33S5SXRR7zK7ehK-1x0sI-U.crl (hash: snNixFtpIsArmRaE9KV0FHSO9LXJ+M9zxyavmu5tYik=) 2: AFF53F96556211EE9C34E435C4F9AE02.roa (hash: LM315PXaZ9khTUzGflBEPkGQjhCerawkLIiZZc3Qylg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912CB7D/B2B3D77C1B4411EEA3578E29C4F9AE02/lATO33S5SXRR7zK7ehK-1x0sI-U.crl rsync://rpki.apnic.net/member_repository/A912CB7D/B2B3D77C1B4411EEA3578E29C4F9AE02/lATO33S5SXRR7zK7ehK-1x0sI-U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lATO33S5SXRR7zK7ehK-1x0sI-U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 03:14:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 347 (0x15b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912CB7D, serialNumber=9404CEDF74B9497451EF32BB7A12BED71D2C23E5 Validity Not Before: Apr 25 03:14:57 2025 GMT Not After : May 2 03:14:57 2025 GMT Subject: CN=680afe31-20c8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:b1:12:0a:28:53:5f:91:b3:88:1d:bb:c4:f8: 72:ff:e2:0b:d2:01:d2:18:76:93:d4:48:81:54:fe: 4d:d6:ad:5d:47:f6:28:53:8b:49:f6:87:18:70:59: 51:40:b7:8e:6d:39:30:c0:f4:5e:83:62:df:38:29: cb:c1:25:fa:4c:bf:17:68:07:cd:b0:00:ca:10:6d: 79:96:61:db:52:56:1a:d5:3a:14:8e:d6:df:60:36: 10:6c:9d:b4:ee:f7:96:5a:7a:b9:ea:8a:69:eb:23: 82:3b:1a:52:32:46:f9:89:9c:71:c3:bf:66:74:9e: 4c:94:e4:cd:05:25:26:df:3f:07:d4:53:f3:57:6e: 66:71:3d:cc:14:9c:42:0b:c7:47:09:18:c8:db:0b: d5:97:a4:ee:ac:ef:3a:70:03:28:31:80:f9:0e:bd: 35:42:27:ba:db:37:58:ac:5c:ad:5f:5e:6a:6f:b1: c5:f4:12:0b:58:9d:99:37:e3:e8:5b:41:39:60:21: 31:3b:98:c6:e1:07:95:0d:2d:c9:f6:b7:1d:18:db: 45:c3:59:ca:72:40:39:94:53:3b:a2:83:cc:8b:ee: 3d:42:ca:d7:82:d5:93:64:81:8a:50:58:59:87:98: f3:d7:5a:56:f8:4a:1b:8c:d2:fc:50:00:39:5f:61: 70:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:AA:C7:A7:80:D8:10:48:F2:C8:1C:9B:39:5D:84:6D:AD:64:85:E0 X509v3 Authority Key Identifier: keyid:94:04:CE:DF:74:B9:49:74:51:EF:32:BB:7A:12:BE:D7:1D:2C:23:E5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912CB7D/B2B3D77C1B4411EEA3578E29C4F9AE02/lATO33S5SXRR7zK7ehK-1x0sI-U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lATO33S5SXRR7zK7ehK-1x0sI-U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912CB7D/B2B3D77C1B4411EEA3578E29C4F9AE02/lATO33S5SXRR7zK7ehK-1x0sI-U.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1b:8d:e5:c3:30:fa:93:ef:d1:bd:2f:2e:55:c5:14:a4:05:a3: b3:0d:5b:32:4d:15:33:3c:30:4c:97:f6:42:b9:e9:5d:1f:ad: e2:30:83:c0:0f:7d:24:d0:20:e8:df:bf:d2:cf:7c:5a:e9:d0: 76:4b:5a:e1:f6:1c:cc:a2:53:6e:a3:03:67:65:68:3e:80:84: 0d:21:02:fc:7a:71:bf:38:ad:93:89:a9:ac:72:06:d3:63:75: 49:43:68:42:b0:de:5b:29:01:67:1b:85:03:b9:a4:ef:a1:48: 28:7f:df:99:fc:f0:92:bb:14:76:8e:2e:8e:24:8b:30:ed:95: e0:6d:b3:75:16:c3:f6:b8:ca:7b:d4:95:64:1e:0c:c8:bf:41: 0c:5a:38:82:41:dc:83:e5:e2:4a:a5:c8:dd:65:43:86:8b:35: 2f:cd:43:24:b1:eb:8b:2a:a1:4e:dd:ad:5f:53:d5:94:b5:1c: 8f:c7:29:e2:0c:6b:94:1e:15:87:3c:5e:cc:1d:bf:76:50:3d: 8d:95:0f:03:a8:ed:e8:25:ac:89:6b:85:19:a3:93:d0:63:44: 28:4c:78:a0:cc:e5:c8:f9:7d:34:cd:04:4f:a0:06:b4:86:59: a8:3c:d5:74:10:f2:1d:46:0e:45:67:a2:a2:d0:cb:77:59:76: 2d:f3:6b:14 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAVswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkNCN0QxMTAvBgNVBAUTKDk0MDRDRURGNzRCOTQ5NzQ1MUVGMzJCQjdBMTJCRUQ3 MUQyQzIzRTUwHhcNMjUwNDI1MDMxNDU3WhcNMjUwNTAyMDMxNDU3WjAYMRYwFAYD VQQDEw02ODBhZmUzMS0yMGM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwLESCihTX5GziB27xPhy/+IL0gHSGHaT1EiBVP5N1q1dR/YoU4tJ9ocYcFlR QLeObTkwwPReg2LfOCnLwSX6TL8XaAfNsADKEG15lmHbUlYa1ToUjtbfYDYQbJ20 7veWWnq56opp6yOCOxpSMkb5iZxxw79mdJ5MlOTNBSUm3z8H1FPzV25mcT3MFJxC C8dHCRjI2wvVl6TurO86cAMoMYD5Dr01Qie62zdYrFytX15qb7HF9BILWJ2ZN+Po W0E5YCExO5jG4QeVDS3J9rcdGNtFw1nKckA5lFM7ooPMi+49QsrXgtWTZIGKUFhZ h5jz11pW+EobjNL8UAA5X2FwzwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEmqx6eA 2BBI8sgcmzldhG2tZIXgMB8GA1UdIwQYMBaAFJQEzt90uUl0Ue8yu3oSvtcdLCPl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQ0I3RC9CMkIzRDc3QzFC NDQxMUVFQTM1NzhFMjlDNEY5QUUwMi9sQVRPMzNTNVNYUlI3eks3ZWhLLTF4MHNJ LVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xBVE8zM1M1U1hSUjd6SzdlaEstMXgwc0ktVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy Q0I3RC9CMkIzRDc3QzFCNDQxMUVFQTM1NzhFMjlDNEY5QUUwMi9sQVRPMzNTNVNY UlI3eks3ZWhLLTF4MHNJLVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAbjeXDMPqT79G9Ly5VxRSkBaOzDVsyTRUzPDBMl/ZCueldH63iMIPA D30k0CDo37/Sz3xa6dB2S1rh9hzMolNuowNnZWg+gIQNIQL8enG/OK2TiamscgbT Y3VJQ2hCsN5bKQFnG4UDuaTvoUgof9+Z/PCSuxR2ji6OJIsw7ZXgbbN1FsP2uMp7 1JVkHgzIv0EMWjiCQdyD5eJKpcjdZUOGizUvzUMkseuLKqFO3a1fU9WUtRyPxyni DGuUHhWHPF7MHb92UD2NlQ8DqO3oJayJa4UZo5PQY0QoTHigzOXI+X00zQRPoAa0 hlmoPNV0EPIdRg5FZ6Ki0Mt3WXYt82sU -----END CERTIFICATE-----Generated at Sat Apr 26 04:27:05 2025 by rpki-client