$ rpki-client -vvf rpki.apnic.net/member_repository/A91346B1/9A0ECE10D0F011EC8ECDBF63C4F9AE02/Lz71uQE3FOMXTGcArgSCTi8FwjA.mft File: Lz71uQE3FOMXTGcArgSCTi8FwjA.mft (raw, json) Hash identifier: MukxiyhiSVYC3orlZ1RI1ev/Wy1PPv8dkGQGX3T292Q= Subject key identifier: 9F:F7:49:68:EB:9A:33:68:5B:6D:E6:DB:FC:63:2A:AA:56:CE:51:8A Authority key identifier: 2F:3E:F5:B9:01:37:14:E3:17:4C:67:00:AE:04:82:4E:2F:05:C2:30 Certificate issuer: /CN=A91346B1/serialNumber=2F3EF5B9013714E3174C6700AE04824E2F05C230 Certificate serial: 0320 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Lz71uQE3FOMXTGcArgSCTi8FwjA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91346B1/9A0ECE10D0F011EC8ECDBF63C4F9AE02/Lz71uQE3FOMXTGcArgSCTi8FwjA.mft Manifest number: 0304 Signing time: Fri 25 Apr 2025 01:01:23 +0000 Manifest this update: Fri 25 Apr 2025 01:01:22 +0000 Manifest next update: Fri 02 May 2025 01:01:22 +0000 Files and hashes: 1: Lz71uQE3FOMXTGcArgSCTi8FwjA.crl (hash: YPoWofiI+Jb+vJHwhcqyntsQbb6qOtD6pfOy+NAGYWU=) 2: 19E46D60D0F711EC8673072FC4F9AE02.roa (hash: MW8b0lzbn7akooUbZ8tV+oRNYmXktBHymwJPvbPr0T4=) 3: 69C96612D0F411EC8DAD6D11C4F9AE02.roa (hash: zRGHLr8o7A/D/r9KWR7LY3IvuquDXPxtjtwrPymfsx8=) 4: 196C52A8D0F711EC8673072FC4F9AE02.roa (hash: pmgvt39f/aMkunvyVMO6rfLmljyqEtakdw2Wz0MGd3o=) 5: 6A430D5AD0F411EC8DAD6D11C4F9AE02.roa (hash: Vk4lMkqK5ng6B+iZp/Sl6mPlRDRoZ3QpBy8plRdehn4=) 6: 1BC3E9F8D0F711EC8673072FC4F9AE02.roa (hash: RV0bq4XHGKUuOS8T3WS7G4aUlSWl2to/4furDRifxYQ=) 7: 6920E4D8D0F411EC8DAD6D11C4F9AE02.roa (hash: 6/3DevyJRKnv1xx6SHWcr3LVBgvTH0u4H55ECTrHATk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91346B1/9A0ECE10D0F011EC8ECDBF63C4F9AE02/Lz71uQE3FOMXTGcArgSCTi8FwjA.crl rsync://rpki.apnic.net/member_repository/A91346B1/9A0ECE10D0F011EC8ECDBF63C4F9AE02/Lz71uQE3FOMXTGcArgSCTi8FwjA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Lz71uQE3FOMXTGcArgSCTi8FwjA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 01:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 800 (0x320) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91346B1, serialNumber=2F3EF5B9013714E3174C6700AE04824E2F05C230 Validity Not Before: Apr 25 01:01:22 2025 GMT Not After : May 2 01:01:22 2025 GMT Subject: CN=680adee2-3570 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:a7:9b:0c:cf:66:a8:1f:4e:ff:fe:ad:86:5f: 78:89:0d:1c:79:90:26:55:51:c0:68:55:b3:87:82: 9b:8b:ed:e2:f4:0d:a3:35:2e:8c:11:46:6d:48:8a: 37:d8:c4:d3:f1:7f:ca:5c:59:33:33:62:be:66:ee: 0f:0a:f4:cf:ab:dc:8b:20:b9:0b:6f:95:b5:28:5f: 15:98:1e:2e:be:e3:54:55:ab:10:fa:f1:be:aa:87: 4a:24:11:be:81:6f:d8:18:7a:fc:d3:a8:f1:35:55: f8:c7:3d:73:1a:f4:d0:e6:f3:28:38:0b:9d:8b:e8: d9:79:dc:f3:fa:fd:64:3f:82:5f:3c:bb:0a:82:d5: d0:b7:61:44:b4:68:01:1c:1b:21:7a:c1:1c:ae:18: 7d:fd:38:2d:d4:aa:f1:7e:af:0c:69:b2:b5:57:73: 7f:d7:a8:a7:4f:78:cd:76:ac:c8:f5:1e:0b:0c:67: 51:74:64:d5:7b:47:ae:11:df:e2:58:93:18:33:18: 86:5b:8b:8d:04:6e:b4:b5:b8:60:a4:84:01:87:6f: a9:3e:10:8d:44:07:8c:b2:af:c6:d0:9e:f6:f1:42: 2a:f8:ac:5a:8b:b9:d2:67:ed:6c:08:08:15:62:6c: f7:6a:79:56:38:5d:b3:3f:1e:c3:93:79:8e:e4:19: 31:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:F7:49:68:EB:9A:33:68:5B:6D:E6:DB:FC:63:2A:AA:56:CE:51:8A X509v3 Authority Key Identifier: keyid:2F:3E:F5:B9:01:37:14:E3:17:4C:67:00:AE:04:82:4E:2F:05:C2:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91346B1/9A0ECE10D0F011EC8ECDBF63C4F9AE02/Lz71uQE3FOMXTGcArgSCTi8FwjA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Lz71uQE3FOMXTGcArgSCTi8FwjA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91346B1/9A0ECE10D0F011EC8ECDBF63C4F9AE02/Lz71uQE3FOMXTGcArgSCTi8FwjA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 75:d2:97:7e:71:c2:3e:81:88:94:37:68:26:08:78:49:eb:b5: 66:18:b4:0e:6b:7c:80:9a:96:50:08:e7:be:88:5f:d2:24:a8: 4a:d4:a4:6f:79:48:fb:79:2c:a5:bc:79:5b:d9:09:81:3a:a6: 0f:5e:e3:36:6f:9f:4c:19:38:cd:3b:a2:41:1c:45:3c:9f:be: 6a:1f:64:cf:83:ea:77:e5:57:48:80:7e:e2:da:c4:4f:94:55: cc:74:d6:00:19:57:5b:09:eb:fc:2c:82:ec:32:c6:5b:24:c2: 46:02:46:64:2b:2f:bf:ca:cb:6c:29:0d:e3:77:03:dc:6e:8f: 26:4a:90:53:65:f2:f9:82:21:71:8d:15:28:0b:38:b1:59:64: de:df:1a:72:7d:90:23:59:9e:17:52:59:b2:eb:7c:c9:b1:60: b5:8d:a3:3c:d0:1d:6d:6a:12:af:b7:16:c1:35:f4:bb:1b:2d: 0b:65:7a:e8:7b:9d:50:19:1b:6f:98:19:40:c9:c2:03:a4:d1: 79:98:08:d3:a1:b1:c5:29:7f:a8:d2:0d:45:1a:af:58:9d:4d: 9a:73:18:f6:86:93:7b:ec:30:fa:41:51:ba:0d:ca:8b:da:c3: db:4f:18:e7:07:68:43:98:a7:71:d1:97:9a:77:b3:92:f1:ed: fa:40:94:17 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAyAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzQ2QjExMTAvBgNVBAUTKDJGM0VGNUI5MDEzNzE0RTMxNzRDNjcwMEFFMDQ4MjRF MkYwNUMyMzAwHhcNMjUwNDI1MDEwMTIyWhcNMjUwNTAyMDEwMTIyWjAYMRYwFAYD VQQDEw02ODBhZGVlMi0zNTcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwaebDM9mqB9O//6thl94iQ0ceZAmVVHAaFWzh4Kbi+3i9A2jNS6MEUZtSIo3 2MTT8X/KXFkzM2K+Zu4PCvTPq9yLILkLb5W1KF8VmB4uvuNUVasQ+vG+qodKJBG+ gW/YGHr806jxNVX4xz1zGvTQ5vMoOAudi+jZedzz+v1kP4JfPLsKgtXQt2FEtGgB HBshesEcrhh9/Tgt1Krxfq8MabK1V3N/16inT3jNdqzI9R4LDGdRdGTVe0euEd/i WJMYMxiGW4uNBG60tbhgpIQBh2+pPhCNRAeMsq/G0J728UIq+Kxai7nSZ+1sCAgV Ymz3anlWOF2zPx7Dk3mO5BkxnwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ/3SWjr mjNoW23m2/xjKqpWzlGKMB8GA1UdIwQYMBaAFC8+9bkBNxTjF0xnAK4Egk4vBcIw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNDZCMS85QTBFQ0UxMEQw RjAxMUVDOEVDREJGNjNDNEY5QUUwMi9MejcxdVFFM0ZPTVhUR2NBcmdTQ1RpOEZ3 akEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0x6NzF1UUUzRk9NWFRHY0FyZ1NDVGk4RndqQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NDZCMS85QTBFQ0UxMEQwRjAxMUVDOEVDREJGNjNDNEY5QUUwMi9MejcxdVFFM0ZP TVhUR2NBcmdTQ1RpOEZ3akEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB10pd+ccI+gYiUN2gmCHhJ67VmGLQOa3yAmpZQCOe+iF/SJKhK1KRv eUj7eSylvHlb2QmBOqYPXuM2b59MGTjNO6JBHEU8n75qH2TPg+p35VdIgH7i2sRP lFXMdNYAGVdbCev8LILsMsZbJMJGAkZkKy+/ystsKQ3jdwPcbo8mSpBTZfL5giFx jRUoCzixWWTe3xpyfZAjWZ4XUlmy63zJsWC1jaM80B1tahKvtxbBNfS7Gy0LZXro e51QGRtvmBlAycIDpNF5mAjTobHFKX+o0g1FGq9YnU2acxj2hpN77DD6QVG6DcqL 2sPbTxjnB2hDmKdx0Zead7OS8e36QJQX -----END CERTIFICATE-----Generated at Sat Apr 26 04:52:17 2025 by rpki-client