$ rpki-client -vvf rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.mft File: LbxGXaaBtbMRiXq2xGjCVHBuXS8.mft (raw, json) Hash identifier: vs9DiI8DRUCOIau1dFRWT40GadplFiHdTmRjkP5x49o= Subject key identifier: C8:91:ED:6F:1F:74:D5:EA:74:D9:0C:B7:A1:65:42:58:5E:EB:2F:7B Authority key identifier: 2D:BC:46:5D:A6:81:B5:B3:11:89:7A:B6:C4:68:C2:54:70:6E:5D:2F Certificate issuer: /CN=A9153D75/serialNumber=2DBC465DA681B5B311897AB6C468C254706E5D2F Certificate serial: 0204 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LbxGXaaBtbMRiXq2xGjCVHBuXS8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.mft Manifest number: 0200 Signing time: Mon 11 Aug 2025 02:24:59 +0000 Manifest this update: Mon 11 Aug 2025 02:24:58 +0000 Manifest next update: Mon 18 Aug 2025 02:24:58 +0000 Files and hashes: 1: LbxGXaaBtbMRiXq2xGjCVHBuXS8.crl (hash: 543S4k4OkU4sAz4u5tk5fH3ZePb0dgFBiIvIuAj3qkA=) 2: 552D155464A711ED99D40117C4F9AE02.roa (hash: 23rCyoR4WnNChFU7ymH391h0HiIrF4JQy1l5v2pbquM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.crl rsync://rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LbxGXaaBtbMRiXq2xGjCVHBuXS8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 516 (0x204) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9153D75, serialNumber=2DBC465DA681B5B311897AB6C468C254706E5D2F Validity Not Before: Aug 11 02:24:58 2025 GMT Not After : Aug 18 02:24:58 2025 GMT Subject: CN=6899547b-1df4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:8b:95:3f:ae:75:6c:31:b4:f6:ce:c9:39:12: 83:d5:b1:da:d2:7b:3a:77:00:91:18:64:27:3f:f6: 49:3b:c5:30:eb:21:fb:83:4e:36:09:fc:8a:6b:c7: 16:4a:e3:22:4f:b7:08:a8:a0:78:b3:81:77:99:11: b7:49:ac:ef:ca:3f:e1:06:2d:ff:68:22:e4:7e:d7: a1:88:c7:57:be:90:c0:5b:9f:ab:5a:5f:17:4d:5e: 22:0a:68:84:3a:9d:f4:82:7d:9c:86:2c:23:ba:34: 08:36:83:62:b2:93:6e:87:e8:13:b8:10:bb:8b:ae: 20:be:24:98:e7:e3:d6:e3:4d:88:f5:c9:ee:47:98: 0f:58:3e:d4:b7:19:48:d5:46:bc:84:2b:db:ba:55: e8:9a:15:a6:f3:7d:1a:8e:6e:e9:a4:a3:e1:da:cd: 72:6c:de:ab:a4:30:50:f5:10:57:5c:bd:09:6f:38: 5c:ef:a4:87:ef:0c:33:cc:9b:b1:77:13:26:0d:b8: 5d:47:73:53:ca:3e:f4:f0:63:0a:53:2b:f1:4d:d2: 1a:d7:8a:7b:c3:eb:83:40:62:77:ed:e3:8b:40:86: a9:0e:7c:55:54:da:6b:29:95:2c:b6:43:5d:76:98: 89:1e:01:7b:29:df:d8:8d:ae:a6:da:27:d8:e2:c2: ca:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:91:ED:6F:1F:74:D5:EA:74:D9:0C:B7:A1:65:42:58:5E:EB:2F:7B X509v3 Authority Key Identifier: keyid:2D:BC:46:5D:A6:81:B5:B3:11:89:7A:B6:C4:68:C2:54:70:6E:5D:2F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LbxGXaaBtbMRiXq2xGjCVHBuXS8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5d:31:ba:3d:27:d3:4d:38:7a:d8:ff:f6:df:76:0c:52:5c:8c: c2:4f:6b:31:3d:f9:ba:60:27:b8:9e:d3:86:a1:56:1a:85:fd: f4:3d:c0:1b:62:1f:a5:ea:8c:9f:c2:47:49:cc:8b:e8:56:4b: 5a:38:5a:a1:41:92:45:38:26:0b:8b:92:19:f4:b3:4b:64:ee: 69:b5:b7:18:86:da:c9:2c:ba:07:e4:83:ae:30:39:85:3d:f1: 97:58:92:14:f8:7f:87:c1:10:98:be:ff:e0:cf:6d:07:ab:f4: 32:96:b0:e2:06:42:81:e3:ac:c9:94:6e:04:80:35:55:57:a9: 3e:25:d9:9e:79:14:8c:31:43:1d:1f:2d:e5:5f:49:26:fe:b7: 2a:ab:e1:fe:0d:b0:b8:e0:60:ae:e0:39:e8:00:66:95:99:62: aa:d4:5b:4b:16:58:4b:38:8c:16:41:db:17:22:b2:5d:a1:1f: 0b:98:7d:3d:f6:7e:a7:dc:22:14:e2:d7:3e:20:b9:93:e9:d6: 3b:d9:d6:66:af:b2:31:95:61:df:b8:18:25:2c:fb:f7:35:75: 23:be:21:40:a2:b0:22:de:54:67:2b:6c:fd:e8:1d:37:68:4e: 1b:95:ff:3a:fd:c2:ac:82:2c:22:cf:41:8f:99:d0:6c:d0:70: 66:eb:38:7d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAgQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTNENzUxMTAvBgNVBAUTKDJEQkM0NjVEQTY4MUI1QjMxMTg5N0FCNkM0NjhDMjU0 NzA2RTVEMkYwHhcNMjUwODExMDIyNDU4WhcNMjUwODE4MDIyNDU4WjAYMRYwFAYD VQQDEw02ODk5NTQ3Yi0xZGY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsIuVP651bDG09s7JORKD1bHa0ns6dwCRGGQnP/ZJO8Uw6yH7g042CfyKa8cW SuMiT7cIqKB4s4F3mRG3Sazvyj/hBi3/aCLkftehiMdXvpDAW5+rWl8XTV4iCmiE Op30gn2chiwjujQINoNispNuh+gTuBC7i64gviSY5+PW402I9cnuR5gPWD7UtxlI 1Ua8hCvbulXomhWm830ajm7ppKPh2s1ybN6rpDBQ9RBXXL0Jbzhc76SH7wwzzJux dxMmDbhdR3NTyj708GMKUyvxTdIa14p7w+uDQGJ37eOLQIapDnxVVNprKZUstkNd dpiJHgF7Kd/Yja6m2ifY4sLKZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMiR7W8f dNXqdNkMt6FlQlhe6y97MB8GA1UdIwQYMBaAFC28Rl2mgbWzEYl6tsRowlRwbl0v MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1M0Q3NS81MkRFNEM0QTY0 QTMxMUVEODIyMDI0MTJDNEY5QUUwMi9MYnhHWGFhQnRiTVJpWHEyeEdqQ1ZIQnVY UzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xieEdYYWFCdGJNUmlYcTJ4R2pDVkhCdVhTOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 M0Q3NS81MkRFNEM0QTY0QTMxMUVEODIyMDI0MTJDNEY5QUUwMi9MYnhHWGFhQnRi TVJpWHEyeEdqQ1ZIQnVYUzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBdMbo9J9NNOHrY//bfdgxSXIzCT2sxPfm6YCe4ntOGoVYahf30PcAb Yh+l6oyfwkdJzIvoVktaOFqhQZJFOCYLi5IZ9LNLZO5ptbcYhtrJLLoH5IOuMDmF PfGXWJIU+H+HwRCYvv/gz20Hq/QylrDiBkKB46zJlG4EgDVVV6k+JdmeeRSMMUMd Hy3lX0km/rcqq+H+DbC44GCu4DnoAGaVmWKq1FtLFlhLOIwWQdsXIrJdoR8LmH09 9n6n3CIU4tc+ILmT6dY72dZmr7IxlWHfuBglLPv3NXUjviFAorAi3lRnK2z96B03 aE4blf86/cKsgiwiz0GPmdBs0HBm6zh9 -----END CERTIFICATE-----Generated at Mon Aug 11 07:58:26 2025 by rpki-client