$ rpki-client -vvf rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.mft File: LbxGXaaBtbMRiXq2xGjCVHBuXS8.mft (raw, json) Hash identifier: /NW56vnUlZjcRr/JJxeN0mdzLAyGLqwRbAczJ7lfakE= Subject key identifier: DC:3A:B2:CD:32:23:2F:E5:7C:5D:9F:90:2E:15:03:EB:B1:B0:37:7B Authority key identifier: 2D:BC:46:5D:A6:81:B5:B3:11:89:7A:B6:C4:68:C2:54:70:6E:5D:2F Certificate issuer: /CN=A9153D75/serialNumber=2DBC465DA681B5B311897AB6C468C254706E5D2F Certificate serial: 01E6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LbxGXaaBtbMRiXq2xGjCVHBuXS8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.mft Manifest number: 01E2 Signing time: Fri 13 Jun 2025 01:42:49 +0000 Manifest this update: Fri 13 Jun 2025 01:42:48 +0000 Manifest next update: Fri 20 Jun 2025 01:42:48 +0000 Files and hashes: 1: LbxGXaaBtbMRiXq2xGjCVHBuXS8.crl (hash: /xzi3QGjyuUKk6nZArdRiVFqiV/SfBdHxhGgZE51km8=) 2: 552D155464A711ED99D40117C4F9AE02.roa (hash: 23rCyoR4WnNChFU7ymH391h0HiIrF4JQy1l5v2pbquM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.crl rsync://rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LbxGXaaBtbMRiXq2xGjCVHBuXS8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 20 Jun 2025 01:42:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 486 (0x1e6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9153D75, serialNumber=2DBC465DA681B5B311897AB6C468C254706E5D2F Validity Not Before: Jun 13 01:42:48 2025 GMT Not After : Jun 20 01:42:48 2025 GMT Subject: CN=684b8219-1f4c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:32:2f:70:45:73:27:12:bb:13:64:50:4f:78: e5:99:32:c4:e7:aa:5c:5a:c6:88:1a:ce:49:a0:04: 72:60:5e:e2:9d:ac:61:37:66:5a:11:e1:06:51:b4: 7a:a9:ed:66:37:f4:77:14:1d:57:3c:f8:a2:e7:cb: 9c:35:bc:4f:09:91:ab:6a:a5:50:50:f0:a8:7b:20: 44:3c:f2:53:85:3f:88:3b:fd:b1:22:0c:85:6b:60: 46:bd:cd:5e:60:3b:f3:76:dd:8c:4e:e6:39:00:e0: 54:65:84:6e:72:9d:2a:bb:5e:00:c5:80:c6:be:9b: 64:1b:57:33:e2:7a:55:23:47:79:54:72:07:e7:cb: 10:9a:83:c3:09:86:38:da:fe:24:c7:c8:aa:7e:46: 82:d2:fa:30:13:8a:35:f0:ea:69:65:c4:fa:07:8b: 5a:64:13:a6:5c:6c:06:0d:d7:13:13:df:66:af:6c: 79:17:e1:a1:3f:b6:08:63:a0:8d:01:9e:bc:f5:31: 07:ea:71:1b:57:a2:a0:8b:b4:49:54:a7:4e:e3:26: aa:53:d2:ff:d8:b7:e9:e2:c9:ec:68:7e:f9:24:6a: ff:3b:07:8e:76:8e:eb:ac:85:df:a2:ce:a6:b9:e1: 3b:77:4a:6d:20:88:d4:c7:f1:87:e2:ee:99:7e:a4: f0:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:3A:B2:CD:32:23:2F:E5:7C:5D:9F:90:2E:15:03:EB:B1:B0:37:7B X509v3 Authority Key Identifier: keyid:2D:BC:46:5D:A6:81:B5:B3:11:89:7A:B6:C4:68:C2:54:70:6E:5D:2F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LbxGXaaBtbMRiXq2xGjCVHBuXS8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6f:18:10:11:f0:58:f6:71:c3:cd:36:f2:b5:94:f3:6a:93:08: cd:21:2b:94:ab:61:8b:19:31:a4:de:8e:20:8e:c1:45:66:b1: e3:27:d3:e6:18:6c:7d:56:27:73:ac:4e:dd:6c:f1:6d:6f:14: 8d:af:44:bb:d4:d8:7a:d5:a5:38:64:c2:4c:01:0e:b0:f7:e4: 19:1c:e7:be:df:b2:8b:30:85:de:e1:c1:6a:a2:22:aa:e8:13: 4b:32:8f:c7:24:5c:54:5e:b9:ff:d3:ba:d3:14:46:4e:b4:b5: 83:f8:66:22:09:c0:3c:d8:80:71:71:1a:8c:40:26:e8:3e:b8: 22:a2:45:2f:db:12:4b:82:46:fa:4c:bf:9c:cc:c4:cb:7b:ef: a7:4e:4b:35:db:79:71:3a:77:ee:e1:f6:68:7a:54:9d:76:c1: ba:7f:48:df:ec:ac:96:bb:0a:0a:c9:dd:89:a8:a4:13:b5:3a: 8e:90:93:8d:68:99:85:86:27:ee:2a:be:f0:b3:1b:1c:f4:62: 97:67:67:5e:d6:79:37:8a:27:16:3c:a5:69:c3:f4:0d:7d:d8: 80:3c:0a:3d:9e:cf:c8:9b:01:5c:44:a4:8a:e7:c8:73:a5:c3: 07:27:18:85:f5:47:21:a5:61:d7:89:d8:4f:fe:6b:5a:ea:9e: a5:da:8d:60 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAeYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTNENzUxMTAvBgNVBAUTKDJEQkM0NjVEQTY4MUI1QjMxMTg5N0FCNkM0NjhDMjU0 NzA2RTVEMkYwHhcNMjUwNjEzMDE0MjQ4WhcNMjUwNjIwMDE0MjQ4WjAYMRYwFAYD VQQDEw02ODRiODIxOS0xZjRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvDIvcEVzJxK7E2RQT3jlmTLE56pcWsaIGs5JoARyYF7inaxhN2ZaEeEGUbR6 qe1mN/R3FB1XPPii58ucNbxPCZGraqVQUPCoeyBEPPJThT+IO/2xIgyFa2BGvc1e YDvzdt2MTuY5AOBUZYRucp0qu14AxYDGvptkG1cz4npVI0d5VHIH58sQmoPDCYY4 2v4kx8iqfkaC0vowE4o18OppZcT6B4taZBOmXGwGDdcTE99mr2x5F+GhP7YIY6CN AZ689TEH6nEbV6Kgi7RJVKdO4yaqU9L/2Lfp4snsaH75JGr/OweOdo7rrIXfos6m ueE7d0ptIIjUx/GH4u6ZfqTwgQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNw6ss0y Iy/lfF2fkC4VA+uxsDd7MB8GA1UdIwQYMBaAFC28Rl2mgbWzEYl6tsRowlRwbl0v MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1M0Q3NS81MkRFNEM0QTY0 QTMxMUVEODIyMDI0MTJDNEY5QUUwMi9MYnhHWGFhQnRiTVJpWHEyeEdqQ1ZIQnVY UzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xieEdYYWFCdGJNUmlYcTJ4R2pDVkhCdVhTOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 M0Q3NS81MkRFNEM0QTY0QTMxMUVEODIyMDI0MTJDNEY5QUUwMi9MYnhHWGFhQnRi TVJpWHEyeEdqQ1ZIQnVYUzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBvGBAR8Fj2ccPNNvK1lPNqkwjNISuUq2GLGTGk3o4gjsFFZrHjJ9Pm GGx9VidzrE7dbPFtbxSNr0S71Nh61aU4ZMJMAQ6w9+QZHOe+37KLMIXe4cFqoiKq 6BNLMo/HJFxUXrn/07rTFEZOtLWD+GYiCcA82IBxcRqMQCboPrgiokUv2xJLgkb6 TL+czMTLe++nTks123lxOnfu4fZoelSddsG6f0jf7KyWuwoKyd2JqKQTtTqOkJON aJmFhifuKr7wsxsc9GKXZ2de1nk3iicWPKVpw/QNfdiAPAo9ns/ImwFcRKSK58hz pcMHJxiF9UchpWHXidhP/mta6p6l2o1g -----END CERTIFICATE-----Generated at Sat Jun 14 19:42:23 2025 by rpki-client