$ rpki-client -vvf rpki.apnic.net/member_repository/A91346B1/9A0ECE10D0F011EC8ECDBF63C4F9AE02/Lz71uQE3FOMXTGcArgSCTi8FwjA.mft File: Lz71uQE3FOMXTGcArgSCTi8FwjA.mft (raw, json) Hash identifier: TKxRSUUaz8KMNEd/W3ScpZjvotiRVrc43iJXAgL+OhM= Subject key identifier: 1B:3F:06:A9:7A:29:A5:A3:D8:C5:18:BB:A3:92:E9:51:B0:F8:FF:C6 Authority key identifier: 2F:3E:F5:B9:01:37:14:E3:17:4C:67:00:AE:04:82:4E:2F:05:C2:30 Certificate issuer: /CN=A91346B1/serialNumber=2F3EF5B9013714E3174C6700AE04824E2F05C230 Certificate serial: 0353 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Lz71uQE3FOMXTGcArgSCTi8FwjA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91346B1/9A0ECE10D0F011EC8ECDBF63C4F9AE02/Lz71uQE3FOMXTGcArgSCTi8FwjA.mft Manifest number: 0337 Signing time: Tue 05 Aug 2025 01:41:55 +0000 Manifest this update: Tue 05 Aug 2025 01:41:54 +0000 Manifest next update: Tue 12 Aug 2025 01:41:54 +0000 Files and hashes: 1: Lz71uQE3FOMXTGcArgSCTi8FwjA.crl (hash: TZnYKVvze1cECfQ8xJQs7ZGMveZtamK+y0o1Z7Q+qcM=) 2: 19E46D60D0F711EC8673072FC4F9AE02.roa (hash: MW8b0lzbn7akooUbZ8tV+oRNYmXktBHymwJPvbPr0T4=) 3: 69C96612D0F411EC8DAD6D11C4F9AE02.roa (hash: zRGHLr8o7A/D/r9KWR7LY3IvuquDXPxtjtwrPymfsx8=) 4: 196C52A8D0F711EC8673072FC4F9AE02.roa (hash: pmgvt39f/aMkunvyVMO6rfLmljyqEtakdw2Wz0MGd3o=) 5: 6A430D5AD0F411EC8DAD6D11C4F9AE02.roa (hash: Vk4lMkqK5ng6B+iZp/Sl6mPlRDRoZ3QpBy8plRdehn4=) 6: 1BC3E9F8D0F711EC8673072FC4F9AE02.roa (hash: RV0bq4XHGKUuOS8T3WS7G4aUlSWl2to/4furDRifxYQ=) 7: 6920E4D8D0F411EC8DAD6D11C4F9AE02.roa (hash: 6/3DevyJRKnv1xx6SHWcr3LVBgvTH0u4H55ECTrHATk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91346B1/9A0ECE10D0F011EC8ECDBF63C4F9AE02/Lz71uQE3FOMXTGcArgSCTi8FwjA.crl rsync://rpki.apnic.net/member_repository/A91346B1/9A0ECE10D0F011EC8ECDBF63C4F9AE02/Lz71uQE3FOMXTGcArgSCTi8FwjA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Lz71uQE3FOMXTGcArgSCTi8FwjA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 12 Aug 2025 01:41:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 851 (0x353) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91346B1, serialNumber=2F3EF5B9013714E3174C6700AE04824E2F05C230 Validity Not Before: Aug 5 01:41:54 2025 GMT Not After : Aug 12 01:41:54 2025 GMT Subject: CN=68916163-e3dc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:5a:b9:2f:48:56:f1:f5:a5:5b:d7:01:15:ef: ae:c7:68:ce:3f:62:bc:82:97:73:d6:78:13:4a:60: 59:28:f1:dd:9e:26:6d:72:66:09:01:e1:b5:28:c3: e2:eb:42:ef:81:38:f8:72:09:22:0d:42:64:a6:92: fd:06:64:26:45:3e:43:0d:2c:8a:62:2f:da:e7:5d: e7:a4:46:87:a9:a6:6e:40:bc:62:21:3b:8d:5b:dc: 1a:d4:4c:69:71:e0:c8:66:83:0e:80:6a:c1:9f:4d: cb:e2:c9:fc:ab:8f:d7:b8:3c:87:dd:5c:01:09:c5: 94:2d:3f:9b:ef:86:d8:57:36:7f:21:73:09:f4:c6: 15:64:3d:7b:96:48:81:9d:2c:44:8c:0e:24:ab:f2: 20:49:c2:c0:44:de:5a:ef:b9:ca:25:6a:1c:3e:48: 89:6f:cd:19:b8:ae:5f:30:90:f4:dd:30:d7:9a:39: 0c:3e:c0:1e:5d:b5:1c:ca:05:4e:c3:50:b9:5b:f1: 40:b4:1e:69:a3:9f:79:45:71:27:da:33:3c:03:73: 98:90:74:c2:3e:8a:4a:bf:6d:fd:30:0c:79:21:df: 12:a9:e3:2e:80:76:64:3e:34:0a:56:57:7f:3c:61: 68:48:7a:2b:be:4f:d3:b6:83:33:59:c8:80:7f:3d: 4d:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:3F:06:A9:7A:29:A5:A3:D8:C5:18:BB:A3:92:E9:51:B0:F8:FF:C6 X509v3 Authority Key Identifier: keyid:2F:3E:F5:B9:01:37:14:E3:17:4C:67:00:AE:04:82:4E:2F:05:C2:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91346B1/9A0ECE10D0F011EC8ECDBF63C4F9AE02/Lz71uQE3FOMXTGcArgSCTi8FwjA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Lz71uQE3FOMXTGcArgSCTi8FwjA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91346B1/9A0ECE10D0F011EC8ECDBF63C4F9AE02/Lz71uQE3FOMXTGcArgSCTi8FwjA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 71:b0:8b:b6:61:e2:34:44:87:97:d0:9f:95:ec:7d:d1:b3:27: 2c:e0:dd:7b:d7:cd:45:0f:4a:12:12:38:ae:d8:ce:e3:be:45: 0a:10:a1:22:a0:4e:b4:03:6d:5e:ef:d4:ec:8c:08:3d:b8:a9: 89:d1:1f:10:ec:21:b7:00:80:09:29:3e:c9:4c:60:54:6c:b0: 40:80:89:13:ed:24:a2:91:91:e6:1d:d5:dc:82:0a:f2:ed:31: 68:fc:f3:3a:20:4f:fc:b0:c5:39:bc:a4:1c:4e:a5:09:27:89: 19:fd:e9:5e:61:13:52:aa:b1:95:4c:38:93:3a:b7:8c:5e:ed: f3:8b:3c:2c:9b:dd:7e:dc:0e:cf:82:76:82:80:ae:a1:ed:dd: 73:8e:4c:76:95:ce:40:7e:4d:af:2b:f2:e5:9e:43:35:dc:2e: a6:d8:90:82:a5:c0:96:61:de:08:41:87:dd:91:e3:36:24:4d: 13:c8:d9:7a:98:04:df:1b:26:f8:03:27:ba:a8:6b:96:10:c3: 93:c8:22:70:82:6f:74:db:1e:4f:4b:0d:3e:76:02:85:b0:68: d4:77:2a:60:ab:75:63:14:76:05:1d:2d:da:ab:99:a9:0d:87: 01:63:65:4c:a1:b3:1d:d0:f7:25:63:36:b1:e8:92:91:6e:bc: 48:4e:fa:19 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA1MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzQ2QjExMTAvBgNVBAUTKDJGM0VGNUI5MDEzNzE0RTMxNzRDNjcwMEFFMDQ4MjRF MkYwNUMyMzAwHhcNMjUwODA1MDE0MTU0WhcNMjUwODEyMDE0MTU0WjAYMRYwFAYD VQQDEw02ODkxNjE2My1lM2RjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0Fq5L0hW8fWlW9cBFe+ux2jOP2K8gpdz1ngTSmBZKPHdniZtcmYJAeG1KMPi 60LvgTj4cgkiDUJkppL9BmQmRT5DDSyKYi/a513npEaHqaZuQLxiITuNW9wa1Exp ceDIZoMOgGrBn03L4sn8q4/XuDyH3VwBCcWULT+b74bYVzZ/IXMJ9MYVZD17lkiB nSxEjA4kq/IgScLARN5a77nKJWocPkiJb80ZuK5fMJD03TDXmjkMPsAeXbUcygVO w1C5W/FAtB5po595RXEn2jM8A3OYkHTCPopKv239MAx5Id8SqeMugHZkPjQKVld/ PGFoSHorvk/TtoMzWciAfz1N+QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBs/Bql6 KaWj2MUYu6OS6VGw+P/GMB8GA1UdIwQYMBaAFC8+9bkBNxTjF0xnAK4Egk4vBcIw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNDZCMS85QTBFQ0UxMEQw RjAxMUVDOEVDREJGNjNDNEY5QUUwMi9MejcxdVFFM0ZPTVhUR2NBcmdTQ1RpOEZ3 akEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0x6NzF1UUUzRk9NWFRHY0FyZ1NDVGk4RndqQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NDZCMS85QTBFQ0UxMEQwRjAxMUVDOEVDREJGNjNDNEY5QUUwMi9MejcxdVFFM0ZP TVhUR2NBcmdTQ1RpOEZ3akEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBxsIu2YeI0RIeX0J+V7H3Rsycs4N17181FD0oSEjiu2M7jvkUKEKEi oE60A21e79TsjAg9uKmJ0R8Q7CG3AIAJKT7JTGBUbLBAgIkT7SSikZHmHdXcggry 7TFo/PM6IE/8sMU5vKQcTqUJJ4kZ/eleYRNSqrGVTDiTOreMXu3zizwsm91+3A7P gnaCgK6h7d1zjkx2lc5Afk2vK/LlnkM13C6m2JCCpcCWYd4IQYfdkeM2JE0TyNl6 mATfGyb4Aye6qGuWEMOTyCJwgm902x5PSw0+dgKFsGjUdypgq3VjFHYFHS3aq5mp DYcBY2VMobMd0PclYzax6JKRbrxITvoZ -----END CERTIFICATE-----Generated at Tue Aug 5 23:04:24 2025 by rpki-client