$ rpki-client -vvf rpki.apnic.net/member_repository/A91818BD/414D5BDAFE8011EC9F317A3FC4F9AE02/lrgMN8ZhPRSpLNvsZighZD6K8Rs.mft File: lrgMN8ZhPRSpLNvsZighZD6K8Rs.mft (raw, json) Hash identifier: wbpNHmw+b7QCDX59GaoISICV9tTrnWFLuYgl17BDXDw= Subject key identifier: 07:07:94:28:D8:3C:40:0B:16:0A:19:F9:81:11:AE:D4:AD:2D:B6:DA Authority key identifier: 96:B8:0C:37:C6:61:3D:14:A9:2C:DB:EC:66:28:21:64:3E:8A:F1:1B Certificate issuer: /CN=A91818BD/serialNumber=96B80C37C6613D14A92CDBEC662821643E8AF11B Certificate serial: 02B3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lrgMN8ZhPRSpLNvsZighZD6K8Rs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91818BD/414D5BDAFE8011EC9F317A3FC4F9AE02/lrgMN8ZhPRSpLNvsZighZD6K8Rs.mft Manifest number: 02AC Signing time: Tue 17 Jun 2025 01:04:09 +0000 Manifest this update: Tue 17 Jun 2025 01:04:08 +0000 Manifest next update: Tue 24 Jun 2025 01:04:08 +0000 Files and hashes: 1: lrgMN8ZhPRSpLNvsZighZD6K8Rs.crl (hash: WA4L2Sx0Im4KVLhz7nSnnfV93oLWxeuLuDjloZ72WOg=) 2: B83B7E0C065511EDB3E94E54C4F9AE02.roa (hash: tal6R2lkJBoeIIUyi6mdxCD2dqzkhyqrKbW//gzTT04=) 3: 481545DEFE8211ECBAB0E13FC4F9AE02.roa (hash: Qlo4+mbKJCym2bywU9/+B9nSR/lgPkj3tiR7WBd3VEs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91818BD/414D5BDAFE8011EC9F317A3FC4F9AE02/lrgMN8ZhPRSpLNvsZighZD6K8Rs.crl rsync://rpki.apnic.net/member_repository/A91818BD/414D5BDAFE8011EC9F317A3FC4F9AE02/lrgMN8ZhPRSpLNvsZighZD6K8Rs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lrgMN8ZhPRSpLNvsZighZD6K8Rs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 24 Jun 2025 01:04:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 691 (0x2b3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91818BD, serialNumber=96B80C37C6613D14A92CDBEC662821643E8AF11B Validity Not Before: Jun 17 01:04:08 2025 GMT Not After : Jun 24 01:04:08 2025 GMT Subject: CN=6850bf08-ddfe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:65:b2:32:dc:77:75:35:72:bb:b4:b5:34:d3: 88:79:5d:a7:fa:68:f7:44:66:8b:3d:75:0c:bc:80: 29:8c:0c:59:16:a5:41:e3:56:89:12:9e:21:1d:03: 64:12:91:72:b2:90:cf:4c:40:c9:a8:85:72:8f:aa: b8:d0:c6:15:66:47:5d:49:32:94:c2:69:62:40:8a: 4f:3a:14:b2:9a:53:50:2c:87:58:08:8b:6a:60:03: 12:04:81:4a:a5:72:a0:41:09:b0:ba:d4:b8:87:59: dc:3d:10:5f:5b:22:67:3a:73:35:55:19:7e:51:b8: b7:09:d5:45:98:b3:e7:0e:b8:8b:b5:a2:c0:62:4e: 08:ea:e6:c1:66:cb:42:25:22:37:00:ee:ba:ac:d6: 92:da:94:e3:60:ba:7b:a4:89:f5:c6:20:94:31:3c: be:6d:b4:7e:56:a7:31:e6:4e:97:07:8e:d0:45:77: 3c:31:98:89:e8:ea:47:1a:9d:bc:0f:4e:d3:f3:c7: 72:44:4a:00:da:9e:42:31:33:9e:e6:b2:6a:fe:3b: 25:d2:5d:bc:73:d8:67:39:6f:f6:5d:36:0f:ee:dc: c5:7e:1e:df:35:00:b7:59:2f:c3:7f:e7:b9:91:21: e7:53:35:4e:b3:6d:fd:ee:21:a6:fd:a3:61:67:33: 3d:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:07:94:28:D8:3C:40:0B:16:0A:19:F9:81:11:AE:D4:AD:2D:B6:DA X509v3 Authority Key Identifier: keyid:96:B8:0C:37:C6:61:3D:14:A9:2C:DB:EC:66:28:21:64:3E:8A:F1:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91818BD/414D5BDAFE8011EC9F317A3FC4F9AE02/lrgMN8ZhPRSpLNvsZighZD6K8Rs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lrgMN8ZhPRSpLNvsZighZD6K8Rs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91818BD/414D5BDAFE8011EC9F317A3FC4F9AE02/lrgMN8ZhPRSpLNvsZighZD6K8Rs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ae:f4:e6:9a:17:ae:7f:17:11:56:7f:6e:4b:85:dc:45:f3:16: c3:13:a4:3c:4f:35:9c:0a:1a:23:b5:41:b2:4c:66:91:1d:9a: 7e:cc:70:dc:6a:6b:4c:c6:ae:35:b1:5c:5a:66:66:16:f6:dd: 71:37:97:f8:0c:ce:69:4a:8e:0b:34:40:e6:8e:41:3e:82:29: d1:76:82:14:d8:d3:5f:89:39:7e:d4:4e:81:7d:ca:72:4f:4d: 8d:c9:f0:2c:c1:38:c8:90:1c:35:ce:7a:b7:96:0c:fe:6e:9c: ec:86:8b:fb:1d:25:7f:d6:db:0b:af:6d:25:ea:71:e2:27:df: e0:1e:0a:4d:53:5e:ba:a4:d5:32:d0:bf:27:52:00:b1:71:1f: 0a:e0:de:3b:85:7f:7a:1e:d7:55:3d:5d:4a:00:67:09:f7:49: 90:08:a6:87:b0:09:c2:11:7a:90:a3:68:6c:7e:86:07:92:33: 2f:73:24:4f:10:62:27:40:2d:04:70:23:78:f4:b5:ac:01:60: e2:12:2d:d6:32:30:bb:bc:46:10:63:21:78:fd:bb:d1:8a:a8: 25:08:3c:8f:b8:15:38:e0:5d:13:f1:58:6f:dc:01:d1:37:9c: 9c:a0:83:38:f5:3c:92:71:67:f7:b1:2c:5c:58:d8:ee:aa:f4: b7:45:6d:c6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICArMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODE4QkQxMTAvBgNVBAUTKDk2QjgwQzM3QzY2MTNEMTRBOTJDREJFQzY2MjgyMTY0 M0U4QUYxMUIwHhcNMjUwNjE3MDEwNDA4WhcNMjUwNjI0MDEwNDA4WjAYMRYwFAYD VQQDEw02ODUwYmYwOC1kZGZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp2WyMtx3dTVyu7S1NNOIeV2n+mj3RGaLPXUMvIApjAxZFqVB41aJEp4hHQNk EpFyspDPTEDJqIVyj6q40MYVZkddSTKUwmliQIpPOhSymlNQLIdYCItqYAMSBIFK pXKgQQmwutS4h1ncPRBfWyJnOnM1VRl+Ubi3CdVFmLPnDriLtaLAYk4I6ubBZstC JSI3AO66rNaS2pTjYLp7pIn1xiCUMTy+bbR+Vqcx5k6XB47QRXc8MZiJ6OpHGp28 D07T88dyREoA2p5CMTOe5rJq/jsl0l28c9hnOW/2XTYP7tzFfh7fNQC3WS/Df+e5 kSHnUzVOs2397iGm/aNhZzM91QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAcHlCjY PEALFgoZ+YERrtStLbbaMB8GA1UdIwQYMBaAFJa4DDfGYT0UqSzb7GYoIWQ+ivEb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MThCRC80MTRENUJEQUZF ODAxMUVDOUYzMTdBM0ZDNEY5QUUwMi9scmdNTjhaaFBSU3BMTnZzWmlnaFpENks4 UnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xyZ01OOFpoUFJTcExOdnNaaWdoWkQ2SzhScy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 MThCRC80MTRENUJEQUZFODAxMUVDOUYzMTdBM0ZDNEY5QUUwMi9scmdNTjhaaFBS U3BMTnZzWmlnaFpENks4UnMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCu9OaaF65/FxFWf25LhdxF8xbDE6Q8TzWcChojtUGyTGaRHZp+zHDc amtMxq41sVxaZmYW9t1xN5f4DM5pSo4LNEDmjkE+ginRdoIU2NNfiTl+1E6Bfcpy T02NyfAswTjIkBw1znq3lgz+bpzshov7HSV/1tsLr20l6nHiJ9/gHgpNU166pNUy 0L8nUgCxcR8K4N47hX96HtdVPV1KAGcJ90mQCKaHsAnCEXqQo2hsfoYHkjMvcyRP EGInQC0EcCN49LWsAWDiEi3WMjC7vEYQYyF4/bvRiqglCDyPuBU44F0T8Vhv3AHR N5ycoIM49TyScWf3sSxcWNjuqvS3RW3G -----END CERTIFICATE-----Generated at Wed Jun 18 08:22:16 2025 by rpki-client