$ rpki-client -vvf rpki.apnic.net/member_repository/A91D01AF/CD7E70D8F17D11EAAB392578C4F9AE02/lVqjNNYHfBfALW18rdIVmRIeTvo.mft File: lVqjNNYHfBfALW18rdIVmRIeTvo.mft (raw, json) Hash identifier: MHmQ6BOjQGXzdev+/G6FEmJMvtZJpAeTWBYrCff+iFg= Subject key identifier: 20:24:60:77:9C:5D:3A:F8:F0:33:EE:7F:55:5A:1D:E0:54:56:6A:37 Authority key identifier: 95:5A:A3:34:D6:07:7C:17:C0:2D:6D:7C:AD:D2:15:99:12:1E:4E:FA Certificate issuer: /CN=A91D01AF/serialNumber=955AA334D6077C17C02D6D7CADD21599121E4EFA Certificate serial: 07C9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lVqjNNYHfBfALW18rdIVmRIeTvo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D01AF/CD7E70D8F17D11EAAB392578C4F9AE02/lVqjNNYHfBfALW18rdIVmRIeTvo.mft Manifest number: 07C2 Signing time: Thu 24 Apr 2025 20:54:50 +0000 Manifest this update: Thu 24 Apr 2025 20:54:50 +0000 Manifest next update: Thu 01 May 2025 20:54:50 +0000 Files and hashes: 1: lVqjNNYHfBfALW18rdIVmRIeTvo.crl (hash: xHc2K4528echQGjyurimHb+kqRsH40RL2irrCNIdCos=) 2: AD797FA2F17E11EAA3CC597BC4F9AE02.roa (hash: h5ITx5pXE/9NCEhkkWyRU4Y7R0J0MFf0GXuloXcx21g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D01AF/CD7E70D8F17D11EAAB392578C4F9AE02/lVqjNNYHfBfALW18rdIVmRIeTvo.crl rsync://rpki.apnic.net/member_repository/A91D01AF/CD7E70D8F17D11EAAB392578C4F9AE02/lVqjNNYHfBfALW18rdIVmRIeTvo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lVqjNNYHfBfALW18rdIVmRIeTvo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:54:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1993 (0x7c9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D01AF, serialNumber=955AA334D6077C17C02D6D7CADD21599121E4EFA Validity Not Before: Apr 24 20:54:50 2025 GMT Not After : May 1 20:54:50 2025 GMT Subject: CN=680aa51a-dbcf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:d1:e5:0d:8a:c0:a2:04:ca:cb:69:85:b3:d8: 53:8c:d7:95:72:be:74:46:82:9d:fb:e2:95:d7:e3: b9:8e:cb:97:04:6c:0b:43:34:95:2c:35:70:e6:1f: e7:c9:13:1f:34:60:b0:b1:37:c0:b1:30:a2:04:69: e8:ea:bd:e4:cd:c1:05:f5:59:f8:86:95:08:56:1a: c9:83:12:9b:7b:01:21:44:b4:63:97:d9:bd:0e:09: 1d:33:d6:86:b3:33:31:f8:bf:2b:bf:19:91:54:4e: 45:9f:ab:e8:f0:44:d2:25:c0:d5:19:6c:49:ad:27: 19:70:2d:85:8a:40:ff:1d:09:c6:8f:e0:d3:3e:8c: 3c:ff:c2:f7:62:69:c3:a1:7c:61:65:5e:0f:25:e0: 08:f9:23:c1:1d:e8:82:e4:1e:86:8a:df:84:bc:07: c1:ef:3a:2d:58:cc:c3:74:0d:b0:a4:66:f4:d8:26: c7:ad:ee:7f:05:9f:e8:5d:87:95:0d:f8:6a:e2:32: d7:bd:e7:11:cc:52:de:98:aa:8e:0c:10:a9:73:8c: a6:37:87:49:bd:d8:74:a8:cd:e4:83:08:a7:78:75: 84:17:50:c4:73:20:48:32:c5:e4:e0:87:d0:90:b6: c9:90:0b:57:d3:8b:4d:26:47:39:20:bc:52:71:1b: 8e:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:24:60:77:9C:5D:3A:F8:F0:33:EE:7F:55:5A:1D:E0:54:56:6A:37 X509v3 Authority Key Identifier: keyid:95:5A:A3:34:D6:07:7C:17:C0:2D:6D:7C:AD:D2:15:99:12:1E:4E:FA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D01AF/CD7E70D8F17D11EAAB392578C4F9AE02/lVqjNNYHfBfALW18rdIVmRIeTvo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lVqjNNYHfBfALW18rdIVmRIeTvo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D01AF/CD7E70D8F17D11EAAB392578C4F9AE02/lVqjNNYHfBfALW18rdIVmRIeTvo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 58:c3:31:49:15:6e:d8:5a:18:1a:03:11:d0:34:5d:dd:4d:3e: 29:da:cb:77:70:b5:fc:9f:d9:7a:1c:26:a5:e9:b1:c0:05:58: fd:9f:9f:d4:5d:24:52:74:0c:ae:c6:c7:ef:e7:3d:98:52:b9: 14:14:8a:7b:58:0e:7d:9c:01:1a:44:39:b3:2b:3d:d2:a2:46: 2a:d7:59:0f:0b:6a:21:bb:e5:39:e4:d0:81:a6:88:50:9c:1a: e5:e8:fe:2b:c2:79:93:a6:00:7a:d9:60:ed:9a:53:59:55:64: 48:ab:38:36:24:e4:23:e2:64:ad:2f:6a:7b:7b:a8:92:5b:48: 56:73:96:59:95:ef:ec:23:67:1f:7b:9b:e6:e1:8b:93:bd:3b: cd:c2:ad:ba:ae:87:e5:c4:9d:26:0c:48:9f:e5:4a:87:20:ff: 34:4b:a3:c7:55:8e:6e:e3:ec:36:a2:87:8d:e2:ec:be:3f:ba: ca:f2:11:12:e6:0b:18:ff:f7:23:d1:02:c6:70:35:4f:6a:04: 7c:b9:78:f4:cc:40:41:99:a1:46:a1:2a:b1:0f:4e:db:a3:94: e0:e4:56:7d:c9:36:60:84:65:08:b1:2a:3d:4f:1a:3f:a3:a9: f0:e9:b2:0c:95:db:b5:d7:5b:5b:f4:5e:b2:70:35:82:c9:90: c0:3a:43:68 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB8kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDAxQUYxMTAvBgNVBAUTKDk1NUFBMzM0RDYwNzdDMTdDMDJENkQ3Q0FERDIxNTk5 MTIxRTRFRkEwHhcNMjUwNDI0MjA1NDUwWhcNMjUwNTAxMjA1NDUwWjAYMRYwFAYD VQQDEw02ODBhYTUxYS1kYmNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArNHlDYrAogTKy2mFs9hTjNeVcr50RoKd++KV1+O5jsuXBGwLQzSVLDVw5h/n yRMfNGCwsTfAsTCiBGno6r3kzcEF9Vn4hpUIVhrJgxKbewEhRLRjl9m9DgkdM9aG szMx+L8rvxmRVE5Fn6vo8ETSJcDVGWxJrScZcC2FikD/HQnGj+DTPow8/8L3YmnD oXxhZV4PJeAI+SPBHeiC5B6Git+EvAfB7zotWMzDdA2wpGb02CbHre5/BZ/oXYeV Dfhq4jLXvecRzFLemKqODBCpc4ymN4dJvdh0qM3kgwineHWEF1DEcyBIMsXk4IfQ kLbJkAtX04tNJkc5ILxScRuOsQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCAkYHec XTr48DPuf1VaHeBUVmo3MB8GA1UdIwQYMBaAFJVaozTWB3wXwC1tfK3SFZkSHk76 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMDFBRi9DRDdFNzBEOEYx N0QxMUVBQUIzOTI1NzhDNEY5QUUwMi9sVnFqTk5ZSGZCZkFMVzE4cmRJVm1SSWVU dm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xWcWpOTllIZkJmQUxXMThyZElWbVJJZVR2by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MDFBRi9DRDdFNzBEOEYxN0QxMUVBQUIzOTI1NzhDNEY5QUUwMi9sVnFqTk5ZSGZC ZkFMVzE4cmRJVm1SSWVUdm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBYwzFJFW7YWhgaAxHQNF3dTT4p2st3cLX8n9l6HCal6bHABVj9n5/U XSRSdAyuxsfv5z2YUrkUFIp7WA59nAEaRDmzKz3SokYq11kPC2ohu+U55NCBpohQ nBrl6P4rwnmTpgB62WDtmlNZVWRIqzg2JOQj4mStL2p7e6iSW0hWc5ZZle/sI2cf e5vm4YuTvTvNwq26roflxJ0mDEif5UqHIP80S6PHVY5u4+w2ooeN4uy+P7rK8hES 5gsY//cj0QLGcDVPagR8uXj0zEBBmaFGoSqxD07bo5Tg5FZ9yTZghGUIsSo9Txo/ o6nw6bIMldu111tb9F6ycDWCyZDAOkNo -----END CERTIFICATE-----Generated at Sat Apr 26 03:24:55 2025 by rpki-client