$ rpki-client -vvf rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.mft File: R-lr-DG7PMQ7TweEJj5ylYddVRY.mft (raw, json) Hash identifier: dOsMnavA2VxrEuazPuGpEWwu/XEv22kMczWY2PvFoMs= Subject key identifier: BC:0A:30:62:85:D7:C0:AB:9D:83:D0:A2:47:AA:D1:8F:3C:9E:F1:66 Authority key identifier: 47:E9:6B:F8:31:BB:3C:C4:3B:4F:07:84:26:3E:72:95:87:5D:55:16 Certificate issuer: /CN=A91C4204/serialNumber=47E96BF831BB3CC43B4F0784263E7295875D5516 Certificate serial: 2F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/R-lr-DG7PMQ7TweEJj5ylYddVRY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.mft Manifest number: 2D Signing time: Tue 05 Aug 2025 08:21:33 +0000 Manifest this update: Tue 05 Aug 2025 08:21:33 +0000 Manifest next update: Tue 12 Aug 2025 08:21:33 +0000 Files and hashes: 1: R-lr-DG7PMQ7TweEJj5ylYddVRY.crl (hash: jgxc0m8VNb39t6ObLQIgjQL6h3XGti0Lvcb/JmeFxzY=) 2: CA2D4952300911F0AB675D3EC4F9AE02.roa (hash: wSACUp5c4PrWddzrJcvj1KCwEmCFzuB6DHldOTgXN4E=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.crl rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/R-lr-DG7PMQ7TweEJj5ylYddVRY.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 12 Aug 2025 08:21:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47 (0x2f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C4204, serialNumber=47E96BF831BB3CC43B4F0784263E7295875D5516 Validity Not Before: Aug 5 08:21:33 2025 GMT Not After : Aug 12 08:21:33 2025 GMT Subject: CN=6891bf0d-503b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:da:51:45:29:60:52:13:62:c0:8a:76:c3:ba: 35:ca:86:0f:fe:5a:4b:97:d9:5c:38:ac:c5:11:e8: 55:5a:9b:7d:ec:e2:9a:64:e0:3d:d3:e4:89:db:ca: 11:8a:03:a2:57:3e:0e:c3:86:ff:11:27:5f:f9:45: 8c:a5:f9:7b:08:9f:3c:8d:8d:af:67:11:24:a3:35: 97:8c:d2:03:62:1d:7c:e7:40:a4:74:e3:19:2d:ea: eb:b8:ed:91:77:61:a4:06:40:11:f5:07:cb:b9:29: 28:af:bb:02:86:91:77:5a:03:34:db:8e:58:17:0a: 2e:62:28:de:45:f0:ab:bd:e9:f3:19:56:01:69:eb: 15:0f:17:82:e0:d5:5c:da:ce:c1:70:68:ed:fd:b4: 22:9b:90:cc:8c:a6:18:54:2c:43:a5:3f:e5:94:83: 33:d8:0c:8d:d8:5e:53:2c:bf:96:53:62:a5:3f:33: 2e:d2:6f:40:87:5f:91:32:09:5b:62:02:c2:da:65: cc:97:9a:5c:68:46:a5:f6:1a:d1:2c:fa:8b:2c:0c: 37:f2:b0:8c:39:4e:27:f8:70:c0:0e:b5:9f:da:a8: 37:92:75:37:dd:9c:63:78:ad:a0:7e:29:3d:96:b7: ca:81:43:d4:6a:0d:03:71:35:54:a6:99:12:55:eb: 1c:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:0A:30:62:85:D7:C0:AB:9D:83:D0:A2:47:AA:D1:8F:3C:9E:F1:66 X509v3 Authority Key Identifier: keyid:47:E9:6B:F8:31:BB:3C:C4:3B:4F:07:84:26:3E:72:95:87:5D:55:16 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/R-lr-DG7PMQ7TweEJj5ylYddVRY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 77:ed:93:4a:cc:e7:67:60:ff:17:fc:20:be:2a:0f:65:7d:6e: bb:a8:77:79:0a:2d:02:3d:0e:19:ab:6b:c1:61:22:0d:1e:e8: 14:2c:31:c0:0d:ff:b0:16:9c:f7:6a:e1:a0:d2:22:90:c1:a3: 3f:92:93:27:49:3e:a2:6b:ca:1c:33:72:67:60:73:77:65:e3: d0:84:9f:1f:7b:f8:c1:b1:f1:68:e4:1f:b6:eb:af:05:86:22: 37:90:a9:08:85:b8:61:ec:16:9c:d3:ec:df:7c:98:be:89:9f: 13:8d:a3:99:ab:0d:12:68:ca:d5:4c:37:f8:5a:d5:1b:55:de: ac:5e:ac:89:df:1d:51:f1:db:1f:48:03:07:5c:94:3e:2b:da: 41:01:a3:ec:9f:2f:96:a0:42:0e:b9:4f:3a:46:af:b3:a2:e9: 6d:e3:4c:bd:fa:b2:2d:1d:33:1d:4a:36:bd:46:01:c9:5b:c3: c9:12:bb:fc:8f:3b:1a:5b:4c:e8:a7:c2:23:83:76:51:fe:e7: 73:5b:12:e3:43:ae:fe:6a:48:48:7b:76:80:70:af:d1:6e:73: 37:0d:ce:c6:e7:01:64:35:5b:65:85:8f:b7:94:63:6c:6b:88: e6:eb:9b:62:39:6d:b1:d8:27:4a:a3:04:8c:8d:87:72:e3:df: 63:a6:b9:b9 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBLzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD NDIwNDExMC8GA1UEBRMoNDdFOTZCRjgzMUJCM0NDNDNCNEYwNzg0MjYzRTcyOTU4 NzVENTUxNjAeFw0yNTA4MDUwODIxMzNaFw0yNTA4MTIwODIxMzNaMBgxFjAUBgNV BAMTDTY4OTFiZjBkLTUwM2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCt2lFFKWBSE2LAinbDujXKhg/+WkuX2Vw4rMUR6FVam33s4ppk4D3T5InbyhGK A6JXPg7Dhv8RJ1/5RYyl+XsInzyNja9nESSjNZeM0gNiHXznQKR04xkt6uu47ZF3 YaQGQBH1B8u5KSivuwKGkXdaAzTbjlgXCi5iKN5F8Ku96fMZVgFp6xUPF4Lg1Vza zsFwaO39tCKbkMyMphhULEOlP+WUgzPYDI3YXlMsv5ZTYqU/My7Sb0CHX5EyCVti AsLaZcyXmlxoRqX2GtEs+ossDDfysIw5Tif4cMAOtZ/aqDeSdTfdnGN4raB+KT2W t8qBQ9RqDQNxNVSmmRJV6xxPAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUvAowYoXX wKudg9CiR6rRjzye8WYwHwYDVR0jBBgwFoAUR+lr+DG7PMQ7TweEJj5ylYddVRYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM0MjA0LzQ0MUI1MDUyMzAw OTExRjBBMEFBN0QzREM0RjlBRTAyL1ItbHItREc3UE1RN1R3ZUVKajV5bFlkZFZS WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvUi1sci1ERzdQTVE3VHdlRUpqNXlsWWRkVlJZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM0 MjA0LzQ0MUI1MDUyMzAwOTExRjBBMEFBN0QzREM0RjlBRTAyL1ItbHItREc3UE1R N1R3ZUVKajV5bFlkZFZSWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHftk0rM52dg/xf8IL4qD2V9bruod3kKLQI9Dhmra8FhIg0e6BQsMcAN /7AWnPdq4aDSIpDBoz+SkydJPqJryhwzcmdgc3dl49CEnx97+MGx8WjkH7brrwWG IjeQqQiFuGHsFpzT7N98mL6JnxONo5mrDRJoytVMN/ha1RtV3qxerInfHVHx2x9I AwdclD4r2kEBo+yfL5agQg65TzpGr7Oi6W3jTL36si0dMx1KNr1GAclbw8kSu/yP OxpbTOinwiODdlH+53NbEuNDrv5qSEh7doBwr9FuczcNzsbnAWQ1W2WFj7eUY2xr iObrm2I5bbHYJ0qjBIyNh3Lj32Omubk= -----END CERTIFICATE-----Generated at Thu Aug 7 04:42:24 2025 by rpki-client