$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD174/51C3E5480B4D11EA92C28F20C4F9AE02/ldziG17K3rBp3IG5JAXUdN5BwgY.mft File: ldziG17K3rBp3IG5JAXUdN5BwgY.mft (raw, json) Hash identifier: pGKrBWnYG6ys3vFjcOMschzWSOi7efiGmxNr4vbY5ew= Subject key identifier: 8F:0B:97:38:8E:BB:1B:99:E5:D7:C7:B9:C9:EB:0B:C4:75:06:FA:60 Authority key identifier: 95:DC:E2:1B:5E:CA:DE:B0:69:DC:81:B9:24:05:D4:74:DE:41:C2:06 Certificate issuer: /CN=A91CD174/serialNumber=95DCE21B5ECADEB069DC81B92405D474DE41C206 Certificate serial: 0C37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ldziG17K3rBp3IG5JAXUdN5BwgY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CD174/51C3E5480B4D11EA92C28F20C4F9AE02/ldziG17K3rBp3IG5JAXUdN5BwgY.mft Manifest number: 0C2C Signing time: Sat 14 Jun 2025 18:27:44 +0000 Manifest this update: Sat 14 Jun 2025 18:27:43 +0000 Manifest next update: Sat 21 Jun 2025 18:27:43 +0000 Files and hashes: 1: ldziG17K3rBp3IG5JAXUdN5BwgY.crl (hash: ySiVCiYUIuvHZoxDe14VsiJ5nK1n18KgQ5VFIzPIYv4=) 2: 54AD60AE0C2E11EABBBFA158C4F9AE02.roa (hash: /1zN6Gwwi0zP2Xs45slEdMpw3TT72EUNYyQ6n/qRBPQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CD174/51C3E5480B4D11EA92C28F20C4F9AE02/ldziG17K3rBp3IG5JAXUdN5BwgY.crl rsync://rpki.apnic.net/member_repository/A91CD174/51C3E5480B4D11EA92C28F20C4F9AE02/ldziG17K3rBp3IG5JAXUdN5BwgY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ldziG17K3rBp3IG5JAXUdN5BwgY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 18:27:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3127 (0xc37) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD174, serialNumber=95DCE21B5ECADEB069DC81B92405D474DE41C206 Validity Not Before: Jun 14 18:27:43 2025 GMT Not After : Jun 21 18:27:43 2025 GMT Subject: CN=684dbf20-296d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:57:2b:85:e3:4f:29:33:06:ac:9e:48:b9:c6: 5a:32:fb:6d:d9:29:21:04:c9:e1:db:97:d8:ad:88: e1:e6:03:28:f8:4d:da:86:24:86:71:33:78:d4:0d: bd:23:66:78:70:11:93:fb:22:ff:d4:82:9d:fa:ad: 45:2c:27:e4:a5:21:11:a0:2d:0f:4e:67:83:c5:db: c3:ef:25:93:8c:09:92:57:e3:76:06:92:40:aa:91: c6:eb:4b:97:4e:c4:b6:66:a4:ba:5f:8f:88:4a:c9: 1b:a0:98:15:96:13:4a:68:26:21:48:a9:09:99:7d: 4e:1a:02:17:ca:84:0d:fd:13:47:5b:df:04:11:5a: 31:16:22:19:79:1b:e8:50:21:d6:1e:6a:6f:b4:92: 8a:43:4d:11:b5:3b:14:e2:c2:3b:ba:34:40:bb:5a: d9:22:ea:51:04:0c:70:6a:f7:7e:9f:66:52:d4:72: a7:4d:09:74:35:28:dc:bf:fe:e6:b1:c6:e5:4f:30: af:c2:0e:e9:c2:a0:26:9b:11:e5:ff:37:c2:0c:ed: b3:9e:d9:83:76:54:54:68:95:8a:80:39:ae:db:b6: 4b:96:24:13:46:28:0e:35:62:2e:e4:26:73:ef:05: e3:80:72:bd:07:4c:dc:b3:be:54:dd:ce:4f:d5:74: 36:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:0B:97:38:8E:BB:1B:99:E5:D7:C7:B9:C9:EB:0B:C4:75:06:FA:60 X509v3 Authority Key Identifier: keyid:95:DC:E2:1B:5E:CA:DE:B0:69:DC:81:B9:24:05:D4:74:DE:41:C2:06 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CD174/51C3E5480B4D11EA92C28F20C4F9AE02/ldziG17K3rBp3IG5JAXUdN5BwgY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ldziG17K3rBp3IG5JAXUdN5BwgY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD174/51C3E5480B4D11EA92C28F20C4F9AE02/ldziG17K3rBp3IG5JAXUdN5BwgY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 01:19:73:6a:1d:ed:b2:a9:be:e2:70:e9:31:4f:af:d2:f8:80: ef:b1:9a:08:8f:74:de:07:bc:16:cf:af:e1:cd:d2:f9:ec:b9: 46:31:18:35:9b:79:9a:a8:46:40:3f:f8:30:04:0a:42:d3:df: 32:79:ee:8b:da:f2:f9:98:bb:1b:10:c8:0c:e9:69:96:6d:9f: 1b:86:48:9e:c8:95:e8:8e:ee:4f:7a:fb:22:cd:35:86:a8:4f: ca:2c:9b:04:e7:d4:2a:f0:01:08:f8:6e:5b:32:39:dd:0f:e5: 14:04:49:32:79:3d:9d:11:c0:2a:c0:43:b5:12:e8:92:b6:1b: c0:b6:99:c1:93:08:33:e9:39:35:ff:4f:8b:7f:34:f7:3a:e1: 82:55:a2:f6:85:d9:0c:f0:4d:ba:25:4d:5f:5f:3a:7a:52:4a: a6:67:d6:89:ff:6b:8c:af:53:51:58:85:33:89:28:0b:2b:e2: f5:85:10:df:29:35:57:c0:68:28:f5:a4:c8:47:dc:92:7a:35: db:ad:45:e0:c5:80:0a:c7:fd:ef:44:f2:c3:e7:3b:a3:7e:03: 2d:91:7c:a3:22:32:35:c5:c1:7b:40:96:34:e5:a5:94:ad:e3: 54:fe:f5:f5:6e:a3:d6:e1:fb:47:57:da:81:79:7a:ec:2d:bf: e4:87:6b:af -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDDcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0QxNzQxMTAvBgNVBAUTKDk1RENFMjFCNUVDQURFQjA2OURDODFCOTI0MDVENDc0 REU0MUMyMDYwHhcNMjUwNjE0MTgyNzQzWhcNMjUwNjIxMTgyNzQzWjAYMRYwFAYD VQQDEw02ODRkYmYyMC0yOTZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs1crheNPKTMGrJ5IucZaMvtt2SkhBMnh25fYrYjh5gMo+E3ahiSGcTN41A29 I2Z4cBGT+yL/1IKd+q1FLCfkpSERoC0PTmeDxdvD7yWTjAmSV+N2BpJAqpHG60uX TsS2ZqS6X4+ISskboJgVlhNKaCYhSKkJmX1OGgIXyoQN/RNHW98EEVoxFiIZeRvo UCHWHmpvtJKKQ00RtTsU4sI7ujRAu1rZIupRBAxwavd+n2ZS1HKnTQl0NSjcv/7m scblTzCvwg7pwqAmmxHl/zfCDO2zntmDdlRUaJWKgDmu27ZLliQTRigONWIu5CZz 7wXjgHK9B0zcs75U3c5P1XQ26QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFI8LlziO uxuZ5dfHucnrC8R1BvpgMB8GA1UdIwQYMBaAFJXc4hteyt6wadyBuSQF1HTeQcIG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRDE3NC81MUMzRTU0ODBC NEQxMUVBOTJDMjhGMjBDNEY5QUUwMi9sZHppRzE3SzNyQnAzSUc1SkFYVWRONUJ3 Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xkemlHMTdLM3JCcDNJRzVKQVhVZE41QndnWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RDE3NC81MUMzRTU0ODBCNEQxMUVBOTJDMjhGMjBDNEY5QUUwMi9sZHppRzE3SzNy QnAzSUc1SkFYVWRONUJ3Z1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQABGXNqHe2yqb7icOkxT6/S+IDvsZoIj3TeB7wWz6/hzdL57LlGMRg1 m3maqEZAP/gwBApC098yee6L2vL5mLsbEMgM6WmWbZ8bhkieyJXoju5PevsizTWG qE/KLJsE59Qq8AEI+G5bMjndD+UUBEkyeT2dEcAqwEO1EuiSthvAtpnBkwgz6Tk1 /0+LfzT3OuGCVaL2hdkM8E26JU1fXzp6UkqmZ9aJ/2uMr1NRWIUziSgLK+L1hRDf KTVXwGgo9aTIR9ySejXbrUXgxYAKx/3vRPLD5zujfgMtkXyjIjI1xcF7QJY05aWU reNU/vX1bqPW4ftHV9qBeXrsLb/kh2uv -----END CERTIFICATE-----Generated at Sun Jun 15 09:46:22 2025 by rpki-client