$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.mft File: LBkXUyWl82wLtY-SEZ5lggyP1Xs.mft (raw, json) Hash identifier: yLuXF5QPCwlacv5fz31uFSkpSYZI7rm1Rbfs0bF2srQ= Subject key identifier: AE:BF:9E:A6:37:40:E8:E6:28:0D:5B:00:4C:88:B0:F0:37:A8:96:EE Authority key identifier: 2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B Certificate issuer: /CN=A91ACD72/serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B Certificate serial: 053E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.mft Manifest number: 0503 Signing time: Wed 18 Jun 2025 23:38:01 +0000 Manifest this update: Wed 18 Jun 2025 23:38:00 +0000 Manifest next update: Wed 25 Jun 2025 23:38:00 +0000 Files and hashes: 1: LBkXUyWl82wLtY-SEZ5lggyP1Xs.crl (hash: cg39PCJmCb7XUvsZsH1Xs/D+8XFgaK9d/4cHtz7Fq3s=) 2: CE988D80FB7311EC97CD7F85C4F9AE02.roa (hash: c5X0bRS1v3BmM8+viPXYxx/gJz2nVR8k5o+BxqMhvNI=) 3: BD4E85B09E6311ECA6EC8071C4F9AE02.roa (hash: 2jfJLAfv4sSmTjn+t4R2DbosLO6LZGV4JERzq1/IuT0=) 4: F88F642285E411EEB951413BC4F9AE02.roa (hash: 5XS7gAJ1w57LGdHifEwdGpT41QuHVgx3tURmBIG/Ph0=) 5: 1CD7BEFC4D0E11EEA09FBF12C4F9AE02.roa (hash: ZVXIXb68LMeIyoHASYy5oVFyflHWdmoVD7FAYMUQOp4=) 6: BBDA9B429E6311ECA6EC8071C4F9AE02.roa (hash: WiSL38A4AfTZxujdbevnM0BHhlMtOQknr2QyeEfpbeg=) 7: 95C12B8E21A111EE8360C139C4F9AE02.roa (hash: ANarnw7th2betqTUJ1dSr/6kmM20Z4BPNu0RmkGVouY=) 8: D6C060C27E1811EEB9B4FE4AC4F9AE02.roa (hash: H6lUECWs/LnmCnEJB/ye5BlXZoehdKlxdmR5+P/1VOY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.crl rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 25 Jun 2025 23:37:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1342 (0x53e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ACD72, serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B Validity Not Before: Jun 18 23:38:00 2025 GMT Not After : Jun 25 23:38:00 2025 GMT Subject: CN=68534dd8-0145 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:9b:bc:a3:91:17:1a:50:3a:19:26:9e:80:9e: 3e:83:cc:5c:2c:c5:c1:4b:d2:6b:9a:70:86:80:2c: c3:d8:61:51:f6:80:5d:bd:19:25:61:73:54:58:8a: 74:69:1a:6c:68:74:72:11:b0:ce:f4:6b:f0:fd:3e: ad:78:d9:91:84:da:3a:cb:8e:41:40:52:15:24:4a: c1:d2:a6:fa:e6:46:35:59:7f:1c:f1:9d:eb:3e:b5: a1:4c:26:30:96:8e:04:64:70:ea:7b:50:27:36:28: b5:c6:73:81:98:ab:d4:ff:38:e1:0d:88:e8:1e:66: 85:ee:10:e2:b6:4b:b3:39:20:13:d4:aa:2b:64:88: cf:8a:d8:e0:b9:6f:23:74:0a:33:5d:c8:fa:12:ed: ea:c1:55:56:46:6f:50:ae:d2:b2:b1:90:12:60:6e: 11:c5:42:90:fe:a3:8d:e0:a6:82:59:cc:71:fd:8e: 36:a5:92:2d:4a:87:5f:6f:27:64:c6:e3:4c:c9:3b: 33:7c:c5:e5:dc:9e:bc:08:16:fd:6b:18:12:50:e8: fa:2e:3f:86:99:ba:41:51:b7:11:d5:63:d5:cd:a8: 7d:63:ca:8b:ae:67:51:4d:e5:7f:65:e7:e3:f0:e7: 71:9f:a1:9e:64:67:cd:23:bb:5b:2a:df:d7:27:8d: 8b:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:BF:9E:A6:37:40:E8:E6:28:0D:5B:00:4C:88:B0:F0:37:A8:96:EE X509v3 Authority Key Identifier: keyid:2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 96:bb:e8:16:fe:a5:86:a4:ad:2e:ac:3f:9f:fd:1c:eb:88:ee: 1b:dc:b4:fc:6d:06:f7:9f:76:06:25:9a:73:91:d7:56:76:66: fc:cd:2b:e9:4b:f1:9b:70:c9:0d:56:7b:14:f7:f1:6c:dd:b9: 39:fc:bc:c9:e6:66:65:cc:5f:89:91:10:6f:99:d9:56:e2:f2: d5:d6:7a:f6:1e:77:5f:78:72:c5:bb:60:35:ea:f8:39:a1:6d: f8:14:fd:02:4f:fa:e8:84:d4:31:58:ea:65:7d:5a:6f:77:10: e3:7f:e7:09:0d:7f:5a:8c:ca:7d:08:a1:8d:36:48:e9:69:04: f7:de:c3:c2:bf:64:03:15:1d:85:49:a5:7f:c9:90:f0:b0:ff: a6:ae:e4:37:44:3d:81:e3:42:3e:6e:a8:d1:42:55:53:54:88: 4b:66:62:02:55:36:5a:c0:d1:ce:fd:04:48:b5:66:8f:65:76: 07:f7:43:aa:c1:b4:e1:5b:e2:d8:d9:2d:75:9f:34:b6:75:c4: c7:74:8c:64:86:12:2e:6f:09:d9:66:32:e3:ba:5a:00:7e:06: 35:1f:3a:8b:06:ef:40:cf:e5:0a:fc:57:d6:73:39:20:5a:2a: fc:a7:be:8b:3b:87:a8:59:1e:14:4e:c5:91:36:2e:51:11:af: 7c:83:40:21 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBT4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUNENzIxMTAvBgNVBAUTKDJDMTkxNzUzMjVBNUYzNkMwQkI1OEY5MjExOUU2NTgy MEM4RkQ1N0IwHhcNMjUwNjE4MjMzODAwWhcNMjUwNjI1MjMzODAwWjAYMRYwFAYD VQQDEw02ODUzNGRkOC0wMTQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvJu8o5EXGlA6GSaegJ4+g8xcLMXBS9JrmnCGgCzD2GFR9oBdvRklYXNUWIp0 aRpsaHRyEbDO9Gvw/T6teNmRhNo6y45BQFIVJErB0qb65kY1WX8c8Z3rPrWhTCYw lo4EZHDqe1AnNii1xnOBmKvU/zjhDYjoHmaF7hDitkuzOSAT1KorZIjPitjguW8j dAozXcj6Eu3qwVVWRm9QrtKysZASYG4RxUKQ/qON4KaCWcxx/Y42pZItSodfbydk xuNMyTszfMXl3J68CBb9axgSUOj6Lj+GmbpBUbcR1WPVzah9Y8qLrmdRTeV/Zefj 8Odxn6GeZGfNI7tbKt/XJ42L2wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFK6/nqY3 QOjmKA1bAEyIsPA3qJbuMB8GA1UdIwQYMBaAFCwZF1MlpfNsC7WPkhGeZYIMj9V7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0Q3Mi80NTc2QTY3MjI2 MTIxMUVDQjkzMTk5NDJDNEY5QUUwMi9MQmtYVXlXbDgyd0x0WS1TRVo1bGdneVAx WHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xCa1hVeVdsODJ3THRZLVNFWjVsZ2d5UDFYcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB Q0Q3Mi80NTc2QTY3MjI2MTIxMUVDQjkzMTk5NDJDNEY5QUUwMi9MQmtYVXlXbDgy d0x0WS1TRVo1bGdneVAxWHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCWu+gW/qWGpK0urD+f/RzriO4b3LT8bQb3n3YGJZpzkddWdmb8zSvp S/GbcMkNVnsU9/Fs3bk5/LzJ5mZlzF+JkRBvmdlW4vLV1nr2HndfeHLFu2A16vg5 oW34FP0CT/rohNQxWOplfVpvdxDjf+cJDX9ajMp9CKGNNkjpaQT33sPCv2QDFR2F SaV/yZDwsP+mruQ3RD2B40I+bqjRQlVTVIhLZmICVTZawNHO/QRItWaPZXYH90Oq wbThW+LY2S11nzS2dcTHdIxkhhIubwnZZjLjuloAfgY1HzqLBu9Az+UK/FfWczkg Wir8p76LO4eoWR4UTsWRNi5REa98g0Ah -----END CERTIFICATE-----Generated at Fri Jun 20 16:52:15 2025 by rpki-client