$ rpki-client -vvf rpki.apnic.net/member_repository/A9153303/80BF1A623FE011EF8635D712C4F9AE02/llSi8IRZeiuRrAAqdgfhPBXQlJE.mft File: llSi8IRZeiuRrAAqdgfhPBXQlJE.mft (raw, json) Hash identifier: WVaWmAyFFzNc1BSsI1uYKe98ejPjKGt4D46qmwIy5VA= Subject key identifier: 07:92:0C:21:D6:9B:58:DE:84:D7:E8:0D:2E:1C:C5:5E:C1:79:8B:F8 Authority key identifier: 96:54:A2:F0:84:59:7A:2B:91:AC:00:2A:76:07:E1:3C:15:D0:94:91 Certificate issuer: /CN=A9153303/serialNumber=9654A2F084597A2B91AC002A7607E13C15D09491 Certificate serial: 95 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/llSi8IRZeiuRrAAqdgfhPBXQlJE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9153303/80BF1A623FE011EF8635D712C4F9AE02/llSi8IRZeiuRrAAqdgfhPBXQlJE.mft Manifest number: 94 Signing time: Fri 25 Apr 2025 05:22:19 +0000 Manifest this update: Fri 25 Apr 2025 05:22:18 +0000 Manifest next update: Fri 02 May 2025 05:22:18 +0000 Files and hashes: 1: llSi8IRZeiuRrAAqdgfhPBXQlJE.crl (hash: RZyjRCgv2qpuvsOg5WrBu87n0d593wbNB/JRel6TiBk=) 2: 29A436623FE111EFB5A50814C4F9AE02.roa (hash: i8BI9IvwuikO1+xMVefOXZH2ufnANITPzuMSdPax+Fg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9153303/80BF1A623FE011EF8635D712C4F9AE02/llSi8IRZeiuRrAAqdgfhPBXQlJE.crl rsync://rpki.apnic.net/member_repository/A9153303/80BF1A623FE011EF8635D712C4F9AE02/llSi8IRZeiuRrAAqdgfhPBXQlJE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/llSi8IRZeiuRrAAqdgfhPBXQlJE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 05:22:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 149 (0x95) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9153303, serialNumber=9654A2F084597A2B91AC002A7607E13C15D09491 Validity Not Before: Apr 25 05:22:18 2025 GMT Not After : May 2 05:22:18 2025 GMT Subject: CN=680b1c0a-f45a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:7b:36:e5:96:29:a9:8c:b3:49:5d:3f:fa:83: a5:6f:0a:2e:65:20:4c:c6:6a:a1:0f:8c:46:08:f1: 00:d5:e6:2d:23:82:57:4d:d8:3f:56:92:bd:48:30: e0:30:ce:c4:44:54:18:81:42:76:64:a8:6d:07:af: 1b:12:9b:02:f9:d0:64:df:b4:80:dd:9c:df:6c:4c: 69:07:d2:ce:6b:0d:a5:4c:50:7a:29:30:6d:1a:6e: 90:29:4f:94:79:db:1c:43:01:d0:f8:f7:83:9c:d0: 5b:00:28:be:34:33:6a:46:07:87:f5:85:43:90:83: ad:17:b8:8a:46:d8:cf:c8:e3:19:6d:f8:14:24:ba: 6d:00:92:d7:ae:eb:e0:db:19:91:cb:1a:53:83:14: 74:b7:2b:11:50:0e:ae:44:89:af:26:0c:8f:37:e9: 83:f9:87:2c:50:02:a9:2e:d0:a4:ff:64:f8:81:42: 87:41:fe:99:f7:89:26:07:1f:61:01:a5:f1:89:ef: d1:8b:2b:d4:4f:1e:fb:ab:b8:fd:d3:b5:91:ed:e7: 38:71:83:01:a9:fd:cb:da:df:60:a2:b7:17:5e:aa: 94:4c:91:49:8e:4a:cc:cf:5f:44:22:61:f3:00:21: e4:32:f4:3d:25:67:d7:d7:18:2d:d1:e3:77:59:f9: c9:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:92:0C:21:D6:9B:58:DE:84:D7:E8:0D:2E:1C:C5:5E:C1:79:8B:F8 X509v3 Authority Key Identifier: keyid:96:54:A2:F0:84:59:7A:2B:91:AC:00:2A:76:07:E1:3C:15:D0:94:91 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9153303/80BF1A623FE011EF8635D712C4F9AE02/llSi8IRZeiuRrAAqdgfhPBXQlJE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/llSi8IRZeiuRrAAqdgfhPBXQlJE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9153303/80BF1A623FE011EF8635D712C4F9AE02/llSi8IRZeiuRrAAqdgfhPBXQlJE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 81:7b:5b:7f:1d:55:86:52:ae:be:1c:87:ac:6e:6c:58:ed:15: 96:38:00:03:ae:74:22:7e:4b:f1:69:b0:92:bd:74:47:c1:6b: de:74:ff:55:03:18:51:05:cf:b3:a1:9f:3b:1f:92:a3:36:42: 01:2c:9c:c9:08:fe:e4:f0:45:30:bd:81:04:24:7e:70:01:8a: 17:0b:ec:3c:6b:d0:3b:4a:0d:f2:1b:41:ea:fd:ff:d9:23:83: 4e:ac:e4:9e:67:8d:e5:77:15:1a:54:47:c8:93:a6:25:1c:d6: 15:a3:2e:a9:16:b1:b5:83:23:18:4e:af:4b:35:81:cf:9b:39: 71:37:0d:a1:fa:5a:46:36:71:f2:7b:ea:26:79:5f:b9:51:20: a4:f3:b7:56:a2:5f:95:84:a6:ef:32:0c:df:5c:18:27:4b:6a: 81:bb:f2:42:13:46:0e:d4:d3:23:3f:03:30:26:94:8a:b9:e6: 00:d6:e3:7e:42:97:b5:c6:33:43:89:6f:09:19:ff:bd:6c:8a: 72:a8:09:4c:b7:e8:c9:2c:88:c2:98:55:85:9f:4c:88:78:e5: 41:4a:fa:bd:35:06:06:5d:c5:b3:ba:6f:ba:98:8b:9c:29:f8: e0:a9:60:ef:6c:cf:4e:86:3d:70:f5:9c:36:81:4c:a7:04:79: d2:75:70:7e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTMzMDMxMTAvBgNVBAUTKDk2NTRBMkYwODQ1OTdBMkI5MUFDMDAyQTc2MDdFMTND MTVEMDk0OTEwHhcNMjUwNDI1MDUyMjE4WhcNMjUwNTAyMDUyMjE4WjAYMRYwFAYD VQQDEw02ODBiMWMwYS1mNDVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmHs25ZYpqYyzSV0/+oOlbwouZSBMxmqhD4xGCPEA1eYtI4JXTdg/VpK9SDDg MM7ERFQYgUJ2ZKhtB68bEpsC+dBk37SA3ZzfbExpB9LOaw2lTFB6KTBtGm6QKU+U edscQwHQ+PeDnNBbACi+NDNqRgeH9YVDkIOtF7iKRtjPyOMZbfgUJLptAJLXruvg 2xmRyxpTgxR0tysRUA6uRImvJgyPN+mD+YcsUAKpLtCk/2T4gUKHQf6Z94kmBx9h AaXxie/RiyvUTx77q7j907WR7ec4cYMBqf3L2t9gorcXXqqUTJFJjkrMz19EImHz ACHkMvQ9JWfX1xgt0eN3WfnJlwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAeSDCHW m1jehNfoDS4cxV7BeYv4MB8GA1UdIwQYMBaAFJZUovCEWXorkawAKnYH4TwV0JSR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MzMwMy84MEJGMUE2MjNG RTAxMUVGODYzNUQ3MTJDNEY5QUUwMi9sbFNpOElSWmVpdVJyQUFxZGdmaFBCWFFs SkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xsU2k4SVJaZWl1UnJBQXFkZ2ZoUEJYUWxKRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 MzMwMy84MEJGMUE2MjNGRTAxMUVGODYzNUQ3MTJDNEY5QUUwMi9sbFNpOElSWmVp dVJyQUFxZGdmaFBCWFFsSkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCBe1t/HVWGUq6+HIesbmxY7RWWOAADrnQifkvxabCSvXRHwWvedP9V AxhRBc+zoZ87H5KjNkIBLJzJCP7k8EUwvYEEJH5wAYoXC+w8a9A7Sg3yG0Hq/f/Z I4NOrOSeZ43ldxUaVEfIk6YlHNYVoy6pFrG1gyMYTq9LNYHPmzlxNw2h+lpGNnHy e+omeV+5USCk87dWol+VhKbvMgzfXBgnS2qBu/JCE0YO1NMjPwMwJpSKueYA1uN+ Qpe1xjNDiW8JGf+9bIpyqAlMt+jJLIjCmFWFn0yIeOVBSvq9NQYGXcWzum+6mIuc KfjgqWDvbM9Ohj1w9Zw2gUynBHnSdXB+ -----END CERTIFICATE-----Generated at Sat Apr 26 14:36:49 2025 by rpki-client