$ rpki-client -vvf rpki.apnic.net/member_repository/A9165A58/DF694BA67BFD11EFA7B8EB5CC4F9AE02/LRgGu3n37GppfLCmWiHlyxIv3nY.mft File: LRgGu3n37GppfLCmWiHlyxIv3nY.mft (raw, json) Hash identifier: Fy4Fq8PdzTu9g/OkqpmCsgEi5B+eMsr7OQrYuoLv4oE= Subject key identifier: 1D:EC:8F:DF:FA:1E:69:59:DB:71:9D:53:F3:46:60:D6:AB:DE:F2:87 Authority key identifier: 2D:18:06:BB:79:F7:EC:6A:69:7C:B0:A6:5A:21:E5:CB:12:2F:DE:76 Certificate issuer: /CN=A9165A58/serialNumber=2D1806BB79F7EC6A697CB0A65A21E5CB122FDE76 Certificate serial: A2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LRgGu3n37GppfLCmWiHlyxIv3nY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9165A58/DF694BA67BFD11EFA7B8EB5CC4F9AE02/LRgGu3n37GppfLCmWiHlyxIv3nY.mft Manifest number: A1 Signing time: Tue 05 Aug 2025 06:46:44 +0000 Manifest this update: Tue 05 Aug 2025 06:46:44 +0000 Manifest next update: Tue 12 Aug 2025 06:46:44 +0000 Files and hashes: 1: LRgGu3n37GppfLCmWiHlyxIv3nY.crl (hash: tOYbz0l0LV/3ny2wjqV2uZoZAMWMeLXkLdU8WIpzJcs=) 2: BDBEED967C0011EFB63C7076C4F9AE02.roa (hash: Nz2FGej23dIiDwRtV6Sp50mpW+TP9HnxQFOScAwf8wk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9165A58/DF694BA67BFD11EFA7B8EB5CC4F9AE02/LRgGu3n37GppfLCmWiHlyxIv3nY.crl rsync://rpki.apnic.net/member_repository/A9165A58/DF694BA67BFD11EFA7B8EB5CC4F9AE02/LRgGu3n37GppfLCmWiHlyxIv3nY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LRgGu3n37GppfLCmWiHlyxIv3nY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 12 Aug 2025 06:46:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 162 (0xa2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9165A58, serialNumber=2D1806BB79F7EC6A697CB0A65A21E5CB122FDE76 Validity Not Before: Aug 5 06:46:44 2025 GMT Not After : Aug 12 06:46:44 2025 GMT Subject: CN=6891a8d4-f94f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:86:9c:19:bb:7b:4d:e5:35:a1:7f:2c:42:79: fb:84:e1:c0:4d:b7:bc:fc:06:cc:65:07:42:60:65: c1:df:65:d6:5c:5c:b6:1a:c5:af:98:29:7d:43:af: 86:c1:f2:b1:2f:4d:b3:b0:43:53:3a:a3:2a:48:67: 09:b9:3b:76:a4:c7:b3:f4:62:7a:02:71:48:31:d3: f2:90:f8:93:a8:3f:1e:74:a4:65:6c:07:da:f3:3b: 39:3d:b1:2e:09:75:10:0a:3b:a0:09:83:2b:fb:c1: 81:d7:59:04:1a:47:b6:e3:11:fd:62:83:07:e7:55: 4f:6a:e9:52:86:30:2f:e6:5c:78:96:a4:d2:87:5e: 35:e2:7a:fd:c3:71:46:51:98:30:e7:ec:ce:04:67: f5:d1:5d:31:e0:c5:44:cd:9f:a6:27:bb:86:85:12: 3e:15:f4:aa:5d:09:ac:2f:b1:cf:ed:73:6e:8e:30: 27:2d:87:dc:b0:af:8c:28:4b:b0:26:84:7e:d1:33: 4a:d8:c9:b9:fe:11:bb:ec:74:3c:c9:6a:78:85:cf: c1:e9:bc:54:f6:e1:3d:94:24:28:51:1f:0b:bf:12: 18:30:0a:ea:a2:f9:48:52:6e:77:40:00:76:72:67: b4:9e:9a:60:d0:5d:1b:9b:bf:18:85:60:d6:6d:30: cd:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:EC:8F:DF:FA:1E:69:59:DB:71:9D:53:F3:46:60:D6:AB:DE:F2:87 X509v3 Authority Key Identifier: keyid:2D:18:06:BB:79:F7:EC:6A:69:7C:B0:A6:5A:21:E5:CB:12:2F:DE:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9165A58/DF694BA67BFD11EFA7B8EB5CC4F9AE02/LRgGu3n37GppfLCmWiHlyxIv3nY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LRgGu3n37GppfLCmWiHlyxIv3nY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9165A58/DF694BA67BFD11EFA7B8EB5CC4F9AE02/LRgGu3n37GppfLCmWiHlyxIv3nY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 16:c3:a3:e3:80:67:a4:fd:e6:e7:c9:c8:67:96:9d:1e:87:67: 8f:b9:86:78:49:b7:59:d8:05:59:d9:07:c9:07:8e:ea:31:2f: e0:52:03:ae:f6:0d:06:82:2e:9b:09:16:62:d2:a6:de:b2:ad: 8a:c4:1f:f8:f1:b4:8b:f4:8e:12:82:db:1b:6d:7f:13:b9:22: f3:29:fa:a3:d2:28:f7:a8:dd:d9:ff:12:6e:61:be:6c:85:49: 8f:b3:31:93:1d:23:be:0c:cc:c5:69:84:0f:8e:e3:dc:2f:cf: 5f:97:4f:b6:4e:33:c0:6e:bd:78:bb:d4:69:18:b2:43:53:8c: 2e:7e:84:bb:f6:9e:0c:b1:a5:02:c5:0e:f4:c8:e9:71:6a:a1: a1:79:92:f3:94:1f:29:d5:e3:c6:d5:80:fa:c2:92:47:3a:47: 0a:a2:92:e6:92:b9:de:4c:a6:92:c6:b3:ca:9d:b5:3f:3e:70: 81:57:01:a5:6d:84:18:eb:be:e4:a4:70:a7:e3:91:ac:15:98: 18:57:e4:65:52:03:4a:2c:2d:18:a6:f7:73:4d:eb:69:94:6d: db:65:de:48:24:bb:0b:95:5b:ef:62:0c:00:9e:54:bd:e6:77: 7a:f3:0a:11:b8:26:c2:55:9f:c5:dc:38:a0:af:b0:d0:be:c8: 0a:44:62:0f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjVBNTgxMTAvBgNVBAUTKDJEMTgwNkJCNzlGN0VDNkE2OTdDQjBBNjVBMjFFNUNC MTIyRkRFNzYwHhcNMjUwODA1MDY0NjQ0WhcNMjUwODEyMDY0NjQ0WjAYMRYwFAYD VQQDEw02ODkxYThkNC1mOTRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2IacGbt7TeU1oX8sQnn7hOHATbe8/AbMZQdCYGXB32XWXFy2GsWvmCl9Q6+G wfKxL02zsENTOqMqSGcJuTt2pMez9GJ6AnFIMdPykPiTqD8edKRlbAfa8zs5PbEu CXUQCjugCYMr+8GB11kEGke24xH9YoMH51VPaulShjAv5lx4lqTSh1414nr9w3FG UZgw5+zOBGf10V0x4MVEzZ+mJ7uGhRI+FfSqXQmsL7HP7XNujjAnLYfcsK+MKEuw JoR+0TNK2Mm5/hG77HQ8yWp4hc/B6bxU9uE9lCQoUR8LvxIYMArqovlIUm53QAB2 cme0nppg0F0bm78YhWDWbTDNqQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB3sj9/6 HmlZ23GdU/NGYNar3vKHMB8GA1UdIwQYMBaAFC0YBrt59+xqaXywploh5csSL952 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NUE1OC9ERjY5NEJBNjdC RkQxMUVGQTdCOEVCNUNDNEY5QUUwMi9MUmdHdTNuMzdHcHBmTENtV2lIbHl4SXYz blkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xSZ0d1M24zN0dwcGZMQ21XaUhseXhJdjNuWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 NUE1OC9ERjY5NEJBNjdCRkQxMUVGQTdCOEVCNUNDNEY5QUUwMi9MUmdHdTNuMzdH cHBmTENtV2lIbHl4SXYzblkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAWw6PjgGek/ebnychnlp0eh2ePuYZ4SbdZ2AVZ2QfJB47qMS/gUgOu 9g0Ggi6bCRZi0qbesq2KxB/48bSL9I4SgtsbbX8TuSLzKfqj0ij3qN3Z/xJuYb5s hUmPszGTHSO+DMzFaYQPjuPcL89fl0+2TjPAbr14u9RpGLJDU4wufoS79p4MsaUC xQ70yOlxaqGheZLzlB8p1ePG1YD6wpJHOkcKopLmkrneTKaSxrPKnbU/PnCBVwGl bYQY677kpHCn45GsFZgYV+RlUgNKLC0YpvdzTetplG3bZd5IJLsLlVvvYgwAnlS9 5nd68woRuCbCVZ/F3Digr7DQvsgKRGIP -----END CERTIFICATE-----Generated at Tue Aug 5 17:08:30 2025 by rpki-client