$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC271/724BDAA2D58E11EBB79D3984C4F9AE02/LFTOW3Q5yME3PII5T2B5FwVy9_0.mft File: LFTOW3Q5yME3PII5T2B5FwVy9_0.mft (raw, json) Hash identifier: nbyzT+0NOi9RFRsVwXFJMb2keKC2jBtp0Gktd3abVi0= Subject key identifier: 88:8F:DE:2E:65:DA:17:38:18:AB:25:5D:F7:4F:AE:26:C6:3A:A4:0B Authority key identifier: 2C:54:CE:5B:74:39:C8:C1:37:3C:82:39:4F:60:79:17:05:72:F7:FD Certificate issuer: /CN=A91DC271/serialNumber=2C54CE5B7439C8C1373C82394F6079170572F7FD Certificate serial: 0582 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LFTOW3Q5yME3PII5T2B5FwVy9_0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC271/724BDAA2D58E11EBB79D3984C4F9AE02/LFTOW3Q5yME3PII5T2B5FwVy9_0.mft Manifest number: 057D Signing time: Thu 24 Apr 2025 23:04:13 +0000 Manifest this update: Thu 24 Apr 2025 23:04:12 +0000 Manifest next update: Thu 01 May 2025 23:04:12 +0000 Files and hashes: 1: LFTOW3Q5yME3PII5T2B5FwVy9_0.crl (hash: Imdfo+iGu7+Rw8MSknCch57Cav3c4cMY5EotnsAMDLA=) 2: 26DDF9C4D59311EB9DBD350EC4F9AE02.roa (hash: r1nvlMobRn7ox8IKXb1KWmQHrNC+PsGByKMD0/kqGOI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC271/724BDAA2D58E11EBB79D3984C4F9AE02/LFTOW3Q5yME3PII5T2B5FwVy9_0.crl rsync://rpki.apnic.net/member_repository/A91DC271/724BDAA2D58E11EBB79D3984C4F9AE02/LFTOW3Q5yME3PII5T2B5FwVy9_0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LFTOW3Q5yME3PII5T2B5FwVy9_0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 23:04:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1410 (0x582) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC271, serialNumber=2C54CE5B7439C8C1373C82394F6079170572F7FD Validity Not Before: Apr 24 23:04:12 2025 GMT Not After : May 1 23:04:12 2025 GMT Subject: CN=680ac36d-07ea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:21:c4:fe:11:ea:47:fc:51:5b:e6:3e:58:76: 08:79:8c:84:1a:7d:24:29:7c:ff:07:b5:db:34:a7: dc:fd:d9:ee:b5:59:d5:01:b9:f1:48:61:5c:f8:99: e4:a4:6f:28:68:ab:cb:1a:e3:4e:9e:37:77:96:8e: 1e:6b:2a:07:8e:ce:ab:ae:71:7b:01:60:be:e0:d6: 71:09:5e:4e:ed:6b:70:dd:f7:30:84:b6:da:29:11: 2d:88:45:83:b3:a4:8d:77:76:28:2b:85:b3:1b:d6: 3e:f8:9d:34:b0:62:fa:b3:d0:cd:b1:31:fd:e2:30: 1b:16:ca:72:6d:d7:ad:9b:f3:a2:d7:34:44:4c:30: 33:fe:96:c1:f8:e6:3d:7c:5f:32:35:e4:32:02:5a: a8:49:46:66:c8:09:df:46:88:49:9d:49:4f:f4:a3: 23:67:6b:2c:74:dd:ea:1a:9f:d8:ea:00:77:63:df: 95:ad:59:49:24:7a:ac:f1:26:04:bc:5b:d6:37:fd: 65:fd:27:fd:a1:ae:bd:5a:4a:a2:dc:48:b0:ed:c6: 3e:1f:9e:73:ca:af:7a:60:4b:fb:af:5c:af:6d:60: 34:05:9e:6b:78:6e:10:1f:95:0d:9a:6d:77:d4:69: 5a:4b:1b:55:34:45:c4:52:1d:9b:00:8a:66:ef:ad: 62:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:8F:DE:2E:65:DA:17:38:18:AB:25:5D:F7:4F:AE:26:C6:3A:A4:0B X509v3 Authority Key Identifier: keyid:2C:54:CE:5B:74:39:C8:C1:37:3C:82:39:4F:60:79:17:05:72:F7:FD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC271/724BDAA2D58E11EBB79D3984C4F9AE02/LFTOW3Q5yME3PII5T2B5FwVy9_0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LFTOW3Q5yME3PII5T2B5FwVy9_0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC271/724BDAA2D58E11EBB79D3984C4F9AE02/LFTOW3Q5yME3PII5T2B5FwVy9_0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4d:35:65:a6:86:b0:cf:51:81:d3:ed:1c:ca:cc:b3:11:b8:7f: 52:8c:39:03:89:4a:99:ed:a5:95:e2:50:da:fb:a5:94:6a:5d: 38:c0:ca:37:b0:7e:dc:f8:72:18:54:ac:a7:7e:23:03:1e:c9: fc:ab:99:a1:1e:6c:ab:cb:37:e6:8c:e2:ae:7d:95:33:f9:8c: 8b:a7:f1:56:ca:ea:b4:93:a8:e2:9c:c5:cd:23:50:df:42:01: 0e:65:2b:21:70:7d:98:60:ef:c6:14:94:12:52:e4:de:cb:db: b8:cb:47:d7:b7:3d:76:f5:bf:f5:27:f7:81:1c:6c:77:9f:c4: af:cc:66:de:38:12:d1:64:3f:66:86:92:37:c5:49:39:be:00: 2f:5e:71:f8:14:b1:64:39:fe:00:c6:e7:b7:8d:8b:b0:eb:78: 7a:6e:37:c4:6e:44:83:36:cd:57:77:79:a1:31:a1:7a:56:ae: cb:2a:15:fd:6e:7b:a6:76:ce:62:6f:fa:3d:2b:7c:00:b6:66: 3e:56:57:1b:b5:b1:62:dd:f8:fb:dc:11:04:7f:89:a8:7e:f5: 14:92:f1:49:ad:b3:e8:4d:c4:74:46:f7:53:14:85:bb:25:8e: 2e:13:b1:c2:29:f0:44:96:bc:d5:0f:b9:eb:84:21:4a:5c:18: 57:8a:14:c3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBYIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REMyNzExMTAvBgNVBAUTKDJDNTRDRTVCNzQzOUM4QzEzNzNDODIzOTRGNjA3OTE3 MDU3MkY3RkQwHhcNMjUwNDI0MjMwNDEyWhcNMjUwNTAxMjMwNDEyWjAYMRYwFAYD VQQDEw02ODBhYzM2ZC0wN2VhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoyHE/hHqR/xRW+Y+WHYIeYyEGn0kKXz/B7XbNKfc/dnutVnVAbnxSGFc+Jnk pG8oaKvLGuNOnjd3lo4eayoHjs6rrnF7AWC+4NZxCV5O7Wtw3fcwhLbaKREtiEWD s6SNd3YoK4WzG9Y++J00sGL6s9DNsTH94jAbFspybdetm/Oi1zRETDAz/pbB+OY9 fF8yNeQyAlqoSUZmyAnfRohJnUlP9KMjZ2ssdN3qGp/Y6gB3Y9+VrVlJJHqs8SYE vFvWN/1l/Sf9oa69Wkqi3Eiw7cY+H55zyq96YEv7r1yvbWA0BZ5reG4QH5UNmm13 1GlaSxtVNEXEUh2bAIpm761igQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIiP3i5l 2hc4GKslXfdPribGOqQLMB8GA1UdIwQYMBaAFCxUzlt0OcjBNzyCOU9geRcFcvf9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzI3MS83MjRCREFBMkQ1 OEUxMUVCQjc5RDM5ODRDNEY5QUUwMi9MRlRPVzNRNXlNRTNQSUk1VDJCNUZ3Vnk5 XzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xGVE9XM1E1eU1FM1BJSTVUMkI1RndWeTlfMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QzI3MS83MjRCREFBMkQ1OEUxMUVCQjc5RDM5ODRDNEY5QUUwMi9MRlRPVzNRNXlN RTNQSUk1VDJCNUZ3Vnk5XzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBNNWWmhrDPUYHT7RzKzLMRuH9SjDkDiUqZ7aWV4lDa+6WUal04wMo3 sH7c+HIYVKynfiMDHsn8q5mhHmyryzfmjOKufZUz+YyLp/FWyuq0k6jinMXNI1Df QgEOZSshcH2YYO/GFJQSUuTey9u4y0fXtz129b/1J/eBHGx3n8SvzGbeOBLRZD9m hpI3xUk5vgAvXnH4FLFkOf4Axue3jYuw63h6bjfEbkSDNs1Xd3mhMaF6Vq7LKhX9 bnumds5ib/o9K3wAtmY+VlcbtbFi3fj73BEEf4mofvUUkvFJrbPoTcR0RvdTFIW7 JY4uE7HCKfBElrzVD7nrhCFKXBhXihTD -----END CERTIFICATE-----Generated at Sat Apr 26 19:07:44 2025 by rpki-client