$ rpki-client -vvf rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/lHDnYQgGPk98ZK1D0Ha8Ea4f210.mft File: lHDnYQgGPk98ZK1D0Ha8Ea4f210.mft (raw, json) Hash identifier: JD6kmPYFDXTMomO3c4puDxSoQAcP1knG06mqg8yeh88= Subject key identifier: A8:96:6B:D3:7F:5C:19:CF:62:B3:F0:F1:1A:23:9B:51:0A:79:E1:38 Authority key identifier: 94:70:E7:61:08:06:3E:4F:7C:64:AD:43:D0:76:BC:11:AE:1F:DB:5D Certificate issuer: /CN=A91E41C9/serialNumber=9470E76108063E4F7C64AD43D076BC11AE1FDB5D Certificate serial: 0873 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lHDnYQgGPk98ZK1D0Ha8Ea4f210.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/lHDnYQgGPk98ZK1D0Ha8Ea4f210.mft Manifest number: 086D Signing time: Thu 24 Apr 2025 20:32:11 +0000 Manifest this update: Thu 24 Apr 2025 20:32:11 +0000 Manifest next update: Thu 01 May 2025 20:32:11 +0000 Files and hashes: 1: lHDnYQgGPk98ZK1D0Ha8Ea4f210.crl (hash: QVGDXgvvsgktnmgE+zMb5MhMwcNH/cAOSypyuDm+irA=) 2: 2C74B00CF70011EA8EFF4C67C4F9AE02.roa (hash: tCsERzsAtsk+5phQVU01aXCd1wv6EXGawIRg0i0oP6k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/lHDnYQgGPk98ZK1D0Ha8Ea4f210.crl rsync://rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/lHDnYQgGPk98ZK1D0Ha8Ea4f210.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lHDnYQgGPk98ZK1D0Ha8Ea4f210.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:32:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2163 (0x873) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E41C9, serialNumber=9470E76108063E4F7C64AD43D076BC11AE1FDB5D Validity Not Before: Apr 24 20:32:11 2025 GMT Not After : May 1 20:32:11 2025 GMT Subject: CN=680a9fcb-d3ec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:3e:12:b1:c7:37:29:03:94:a5:ab:45:21:af: 23:a8:0f:ec:17:52:30:59:f1:3c:0a:d1:cc:87:5d: 73:18:4b:8d:f7:49:f8:c4:67:9d:b8:3f:09:0e:d9: cb:3d:0d:92:dd:bf:13:84:9d:9c:03:a7:09:62:d8: 54:ad:1f:38:a1:52:25:f7:6d:93:70:78:7b:41:ad: 61:d0:95:eb:74:89:23:a8:e3:a3:51:fd:53:d7:2f: 01:33:3e:1c:b4:80:ea:35:9b:2b:c7:8a:5e:93:8b: 37:cf:1f:2e:53:65:cb:c9:14:6a:a8:4a:83:86:a8: a6:04:a0:01:aa:62:32:c6:2d:a4:aa:43:3f:95:0b: 2e:1d:47:92:36:48:f7:90:8f:d4:76:c6:71:c0:ba: ca:45:59:a7:c1:d5:da:f0:9d:6f:ca:e3:3a:6e:ac: d1:53:5b:30:e4:59:be:f2:54:97:c6:e5:83:f6:e0: cc:0b:57:ce:57:af:0c:47:d3:69:d5:fc:52:d2:6d: 69:f7:8d:40:36:be:73:cb:4f:b2:63:03:64:a2:5c: 6a:4e:41:61:1e:5e:cb:32:2b:db:26:e8:33:03:bd: 37:16:7c:fd:f8:96:d3:68:73:49:73:8e:8c:c9:1c: d1:1d:80:af:94:4a:1f:db:d0:c5:9b:62:80:64:df: 72:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:96:6B:D3:7F:5C:19:CF:62:B3:F0:F1:1A:23:9B:51:0A:79:E1:38 X509v3 Authority Key Identifier: keyid:94:70:E7:61:08:06:3E:4F:7C:64:AD:43:D0:76:BC:11:AE:1F:DB:5D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/lHDnYQgGPk98ZK1D0Ha8Ea4f210.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lHDnYQgGPk98ZK1D0Ha8Ea4f210.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/lHDnYQgGPk98ZK1D0Ha8Ea4f210.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 72:28:d4:b1:06:12:93:59:51:ab:53:8a:7b:9c:16:66:dc:35: ec:21:24:4f:31:7a:f0:ff:fc:a4:31:17:82:0d:63:bf:6e:6e: 8f:3a:69:57:9d:ad:64:60:76:6f:06:27:d3:b0:f2:3d:c2:32: 99:ef:17:23:8a:bf:80:91:a0:6a:80:00:53:30:71:84:08:12: fe:7b:17:72:b3:a3:fb:5e:38:d6:e1:a8:de:da:88:8d:3a:22: e8:8f:ee:a0:14:e1:b1:37:30:89:78:0f:5e:d3:f9:b6:f1:e2: c2:ca:69:1d:fb:a5:cd:88:2d:cd:6e:a9:7f:e1:c4:35:75:b0: 71:78:78:07:68:b7:80:84:33:d3:ea:56:f2:5a:a0:91:a8:ab: d4:bf:99:37:1d:32:99:4c:7d:7a:da:9a:ba:10:f9:db:7b:a4: 3e:f3:ec:aa:33:1f:0a:8f:af:70:16:d0:6b:b1:4f:17:a0:83: dc:08:a9:85:3b:62:7e:df:2b:d2:a1:27:67:f5:c4:f3:7f:49: ea:ce:0f:46:68:6e:f8:cf:e9:4e:03:1e:fa:2f:0a:6e:8b:e7: 54:8e:10:74:ef:26:75:8c:9d:02:79:c2:1c:a3:9d:38:23:b4: dd:57:79:4a:6d:67:72:b6:03:0e:bd:7c:4b:65:a4:a1:69:f5: ab:7e:da:74 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCHMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTQxQzkxMTAvBgNVBAUTKDk0NzBFNzYxMDgwNjNFNEY3QzY0QUQ0M0QwNzZCQzEx QUUxRkRCNUQwHhcNMjUwNDI0MjAzMjExWhcNMjUwNTAxMjAzMjExWjAYMRYwFAYD VQQDEw02ODBhOWZjYi1kM2VjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1j4Sscc3KQOUpatFIa8jqA/sF1IwWfE8CtHMh11zGEuN90n4xGeduD8JDtnL PQ2S3b8ThJ2cA6cJYthUrR84oVIl922TcHh7Qa1h0JXrdIkjqOOjUf1T1y8BMz4c tIDqNZsrx4pek4s3zx8uU2XLyRRqqEqDhqimBKABqmIyxi2kqkM/lQsuHUeSNkj3 kI/UdsZxwLrKRVmnwdXa8J1vyuM6bqzRU1sw5Fm+8lSXxuWD9uDMC1fOV68MR9Np 1fxS0m1p941ANr5zy0+yYwNkolxqTkFhHl7LMivbJugzA703Fnz9+JbTaHNJc46M yRzRHYCvlEof29DFm2KAZN9yjwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKiWa9N/ XBnPYrPw8Rojm1EKeeE4MB8GA1UdIwQYMBaAFJRw52EIBj5PfGStQ9B2vBGuH9td MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNDFDOS80OUJEOURBNkMw RjgxMUVBOEFDNkM0NkNDNEY5QUUwMi9sSERuWVFnR1BrOThaSzFEMEhhOEVhNGYy MTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xIRG5ZUWdHUGs5OFpLMUQwSGE4RWE0ZjIxMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NDFDOS80OUJEOURBNkMwRjgxMUVBOEFDNkM0NkNDNEY5QUUwMi9sSERuWVFnR1Br OThaSzFEMEhhOEVhNGYyMTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQByKNSxBhKTWVGrU4p7nBZm3DXsISRPMXrw//ykMReCDWO/bm6POmlX na1kYHZvBifTsPI9wjKZ7xcjir+AkaBqgABTMHGECBL+exdys6P7XjjW4aje2oiN OiLoj+6gFOGxNzCJeA9e0/m28eLCymkd+6XNiC3Nbql/4cQ1dbBxeHgHaLeAhDPT 6lbyWqCRqKvUv5k3HTKZTH162pq6EPnbe6Q+8+yqMx8Kj69wFtBrsU8XoIPcCKmF O2J+3yvSoSdn9cTzf0nqzg9GaG74z+lOAx76Lwpui+dUjhB07yZ1jJ0CecIco504 I7TdV3lKbWdytgMOvXxLZaShafWrftp0 -----END CERTIFICATE-----Generated at Sat Apr 26 17:02:58 2025 by rpki-client