$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.mft File: LBkXUyWl82wLtY-SEZ5lggyP1Xs.mft (raw, json) Hash identifier: TTekCRN8OhvBWGQt0ZrRJHHQFX//WNTwRxQfbURBTtw= Subject key identifier: 71:86:59:F4:75:16:F1:AB:32:9F:75:6B:2B:A5:FE:C4:6F:75:45:7A Authority key identifier: 2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B Certificate issuer: /CN=A91ACD72/serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B Certificate serial: 0523 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.mft Manifest number: 04E8 Signing time: Thu 24 Apr 2025 23:39:23 +0000 Manifest this update: Thu 24 Apr 2025 23:39:22 +0000 Manifest next update: Thu 01 May 2025 23:39:22 +0000 Files and hashes: 1: LBkXUyWl82wLtY-SEZ5lggyP1Xs.crl (hash: as3WHErDH5QO+y+K7slZd+VqsQWhH3iRthu+Nnu/+nw=) 2: CE988D80FB7311EC97CD7F85C4F9AE02.roa (hash: c5X0bRS1v3BmM8+viPXYxx/gJz2nVR8k5o+BxqMhvNI=) 3: BD4E85B09E6311ECA6EC8071C4F9AE02.roa (hash: 2jfJLAfv4sSmTjn+t4R2DbosLO6LZGV4JERzq1/IuT0=) 4: F88F642285E411EEB951413BC4F9AE02.roa (hash: 5XS7gAJ1w57LGdHifEwdGpT41QuHVgx3tURmBIG/Ph0=) 5: 1CD7BEFC4D0E11EEA09FBF12C4F9AE02.roa (hash: ZVXIXb68LMeIyoHASYy5oVFyflHWdmoVD7FAYMUQOp4=) 6: BBDA9B429E6311ECA6EC8071C4F9AE02.roa (hash: WiSL38A4AfTZxujdbevnM0BHhlMtOQknr2QyeEfpbeg=) 7: 95C12B8E21A111EE8360C139C4F9AE02.roa (hash: ANarnw7th2betqTUJ1dSr/6kmM20Z4BPNu0RmkGVouY=) 8: D6C060C27E1811EEB9B4FE4AC4F9AE02.roa (hash: H6lUECWs/LnmCnEJB/ye5BlXZoehdKlxdmR5+P/1VOY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.crl rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 23:39:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1315 (0x523) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ACD72, serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B Validity Not Before: Apr 24 23:39:22 2025 GMT Not After : May 1 23:39:22 2025 GMT Subject: CN=680acbab-c605 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:56:49:a4:76:57:13:7e:d4:a6:35:32:b3:8e: cd:59:1e:b4:bc:b0:fa:19:fa:9b:86:37:9d:45:cd: 4b:00:42:ac:4f:af:56:86:b5:a6:48:38:8e:77:bf: 76:b3:77:64:1f:f4:b0:78:ba:e3:71:df:02:2e:f7: 12:ad:4c:9b:f4:9e:60:c2:24:62:ce:21:99:09:a2: 01:7c:3f:04:3e:73:22:3f:02:57:0e:2f:dd:cf:21: 6e:49:2a:10:49:6b:c9:f4:5f:91:29:9b:83:da:6c: 38:b9:07:3e:fc:17:1f:45:88:0d:47:48:74:fc:66: 08:64:d2:bf:5c:45:19:12:c5:cb:4b:3d:1c:11:ed: 1a:39:d3:0f:18:55:ab:61:8d:a5:cf:56:88:47:f9: 47:e8:55:99:80:55:56:29:1e:59:ef:98:ab:8c:ea: 85:fa:e2:93:2a:ab:9a:fc:a5:24:9d:d6:f5:9f:ec: 45:e0:cd:d5:7f:a9:c3:18:0b:5c:70:ec:7d:08:d6: 6a:63:8d:62:b5:78:14:73:c0:cb:b7:fc:ff:ba:b5: 48:a0:dd:3b:f5:6f:c6:a1:1f:11:5c:f0:9b:fc:8f: 4d:16:81:47:f5:98:65:81:1e:23:e3:99:50:7c:09: d6:6c:35:53:80:b2:41:80:a3:31:4d:15:63:87:f0: 75:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:86:59:F4:75:16:F1:AB:32:9F:75:6B:2B:A5:FE:C4:6F:75:45:7A X509v3 Authority Key Identifier: keyid:2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 36:d8:bc:38:4b:47:43:1e:d2:de:14:63:ac:a1:98:28:55:48: 0e:1c:27:21:10:2e:d0:47:c4:9c:37:da:b5:82:ef:43:af:ed: 9c:42:ef:c7:48:5d:be:e7:32:a5:6f:74:8a:54:f3:57:11:86: bd:c6:4e:8b:77:4e:b4:5d:ca:c4:c4:92:15:b6:62:8f:59:5d: f3:1c:42:25:34:96:07:87:ba:16:7a:79:21:81:eb:4e:62:dc: dd:28:9d:3e:75:c2:ba:9a:fe:ea:0f:f3:8a:23:bf:f7:bc:0f: 15:29:93:56:17:4a:d1:a9:bd:f4:b2:d3:ee:2a:64:78:01:a1: 33:1c:c8:b1:51:97:6d:6b:55:f5:17:1a:86:ce:b4:45:5d:09: 26:29:ec:9c:85:46:f5:4b:da:cc:c6:cb:c9:aa:93:24:18:60: 75:0a:de:ff:9c:88:4a:8b:3f:9b:97:e7:22:73:1b:35:87:09: 8d:02:d4:cd:aa:0f:56:16:75:37:b3:a1:cf:31:dc:24:7f:b3: 05:6c:41:bc:4a:f8:59:2a:91:71:dc:37:95:0b:ca:18:1e:aa: 8b:7e:54:eb:dd:cc:d7:dc:f9:cc:6e:6b:df:03:a4:f1:02:e3: 6a:c2:22:72:61:26:d3:32:e8:da:75:b1:0e:f0:63:48:92:2f: 5f:40:0a:00 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBSMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUNENzIxMTAvBgNVBAUTKDJDMTkxNzUzMjVBNUYzNkMwQkI1OEY5MjExOUU2NTgy MEM4RkQ1N0IwHhcNMjUwNDI0MjMzOTIyWhcNMjUwNTAxMjMzOTIyWjAYMRYwFAYD VQQDEw02ODBhY2JhYi1jNjA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtVZJpHZXE37UpjUys47NWR60vLD6GfqbhjedRc1LAEKsT69WhrWmSDiOd792 s3dkH/SweLrjcd8CLvcSrUyb9J5gwiRiziGZCaIBfD8EPnMiPwJXDi/dzyFuSSoQ SWvJ9F+RKZuD2mw4uQc+/BcfRYgNR0h0/GYIZNK/XEUZEsXLSz0cEe0aOdMPGFWr YY2lz1aIR/lH6FWZgFVWKR5Z75irjOqF+uKTKqua/KUkndb1n+xF4M3Vf6nDGAtc cOx9CNZqY41itXgUc8DLt/z/urVIoN079W/GoR8RXPCb/I9NFoFH9ZhlgR4j45lQ fAnWbDVTgLJBgKMxTRVjh/B1gQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHGGWfR1 FvGrMp91ayul/sRvdUV6MB8GA1UdIwQYMBaAFCwZF1MlpfNsC7WPkhGeZYIMj9V7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0Q3Mi80NTc2QTY3MjI2 MTIxMUVDQjkzMTk5NDJDNEY5QUUwMi9MQmtYVXlXbDgyd0x0WS1TRVo1bGdneVAx WHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xCa1hVeVdsODJ3THRZLVNFWjVsZ2d5UDFYcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB Q0Q3Mi80NTc2QTY3MjI2MTIxMUVDQjkzMTk5NDJDNEY5QUUwMi9MQmtYVXlXbDgy d0x0WS1TRVo1bGdneVAxWHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA22Lw4S0dDHtLeFGOsoZgoVUgOHCchEC7QR8ScN9q1gu9Dr+2cQu/H SF2+5zKlb3SKVPNXEYa9xk6Ld060XcrExJIVtmKPWV3zHEIlNJYHh7oWenkhgetO YtzdKJ0+dcK6mv7qD/OKI7/3vA8VKZNWF0rRqb30stPuKmR4AaEzHMixUZdta1X1 FxqGzrRFXQkmKeychUb1S9rMxsvJqpMkGGB1Ct7/nIhKiz+bl+cicxs1hwmNAtTN qg9WFnU3s6HPMdwkf7MFbEG8SvhZKpFx3DeVC8oYHqqLflTr3czX3PnMbmvfA6Tx AuNqwiJyYSbTMujadbEO8GNIki9fQAoA -----END CERTIFICATE-----Generated at Sat Apr 26 04:36:49 2025 by rpki-client