$ rpki-client -vvf rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/lHDnYQgGPk98ZK1D0Ha8Ea4f210.mft File: lHDnYQgGPk98ZK1D0Ha8Ea4f210.mft (raw, json) Hash identifier: QYxPSt0TCwTdHgeU+MQt12OMgUysezX4tLQK0SgKptA= Subject key identifier: E3:94:3C:D5:6D:85:F9:DD:24:9B:0F:7E:2A:D2:A6:78:21:BC:00:B4 Authority key identifier: 94:70:E7:61:08:06:3E:4F:7C:64:AD:43:D0:76:BC:11:AE:1F:DB:5D Certificate issuer: /CN=A91E41C9/serialNumber=9470E76108063E4F7C64AD43D076BC11AE1FDB5D Certificate serial: 088C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lHDnYQgGPk98ZK1D0Ha8Ea4f210.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/lHDnYQgGPk98ZK1D0Ha8Ea4f210.mft Manifest number: 0886 Signing time: Sat 14 Jun 2025 20:24:54 +0000 Manifest this update: Sat 14 Jun 2025 20:24:53 +0000 Manifest next update: Sat 21 Jun 2025 20:24:53 +0000 Files and hashes: 1: lHDnYQgGPk98ZK1D0Ha8Ea4f210.crl (hash: VXRx/2NZsQVEXV17pwHg5SWOnppDpzfqwOFiYP+L+/k=) 2: 2C74B00CF70011EA8EFF4C67C4F9AE02.roa (hash: tCsERzsAtsk+5phQVU01aXCd1wv6EXGawIRg0i0oP6k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/lHDnYQgGPk98ZK1D0Ha8Ea4f210.crl rsync://rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/lHDnYQgGPk98ZK1D0Ha8Ea4f210.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lHDnYQgGPk98ZK1D0Ha8Ea4f210.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 20:24:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2188 (0x88c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E41C9, serialNumber=9470E76108063E4F7C64AD43D076BC11AE1FDB5D Validity Not Before: Jun 14 20:24:53 2025 GMT Not After : Jun 21 20:24:53 2025 GMT Subject: CN=684dda95-5c27 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:94:d6:89:fd:c4:7d:63:d5:09:ee:af:51:1f: 84:ba:13:db:17:fe:22:a6:79:c9:77:29:d8:19:a2: 71:ae:5d:0f:18:e4:41:ce:a5:99:9a:69:56:c6:2e: 6a:2a:5d:f1:e2:0e:82:f6:fd:d0:e6:f6:30:9e:f1: ef:1b:d6:45:62:b1:16:db:78:a7:70:8b:7a:3b:48: ef:76:ef:f5:6e:af:5b:81:52:f6:fa:70:20:f0:d0: a8:5e:e9:fc:36:19:cb:5e:8a:f7:55:0a:8f:41:33: 17:75:3d:42:9d:21:63:ed:47:99:f3:66:c3:07:45: c9:ab:9a:cd:ce:dd:9e:d1:ad:1c:5e:f4:d4:26:00: 2f:fd:b1:23:38:9f:df:ab:c4:ab:34:bd:b3:e0:a5: b2:c9:0c:d9:f7:fb:2f:c1:8c:a7:ba:1b:51:47:59: a0:26:71:01:84:df:e6:5f:88:3d:73:1a:ca:50:27: c3:d1:2c:7c:9e:40:91:a9:e3:c9:a8:de:75:7c:1b: d8:ac:bb:dd:e2:d1:f3:bd:fd:e1:e6:7c:d1:40:30: b9:65:eb:3b:f1:bc:87:bc:b4:5a:eb:52:61:92:9b: 6e:4a:6a:c5:84:07:e6:c0:43:3e:4e:4e:cf:41:89: 14:27:32:57:d8:e0:c4:42:3b:40:94:dd:b9:b2:10: 45:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:94:3C:D5:6D:85:F9:DD:24:9B:0F:7E:2A:D2:A6:78:21:BC:00:B4 X509v3 Authority Key Identifier: keyid:94:70:E7:61:08:06:3E:4F:7C:64:AD:43:D0:76:BC:11:AE:1F:DB:5D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/lHDnYQgGPk98ZK1D0Ha8Ea4f210.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lHDnYQgGPk98ZK1D0Ha8Ea4f210.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/lHDnYQgGPk98ZK1D0Ha8Ea4f210.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a8:1e:04:88:97:ae:ab:2e:7f:ff:30:b9:22:55:5f:1f:92:4d: f0:7e:7b:b3:ab:41:0f:d9:64:4a:f5:b7:bc:9d:51:53:d2:fb: ab:5a:7b:01:6d:14:9d:ad:80:d3:97:95:b0:82:83:b7:14:1f: 3a:84:9b:e3:f2:6d:e5:56:cc:b9:7e:4f:0a:13:78:dc:d7:f6: b4:04:2c:2f:98:39:7c:e8:d5:0c:25:9b:30:b7:de:bf:a6:79: 50:2d:68:f3:27:2b:45:e5:4d:ec:8b:68:e2:68:96:0c:98:4f: 3b:69:b2:fd:c6:2f:90:b0:67:8f:6b:92:06:2a:19:55:f6:7d: 1c:0e:97:39:27:4d:ea:bb:67:7f:49:a8:ff:37:37:4f:70:df: db:ab:f5:18:34:79:f8:c2:a4:1a:91:00:c2:9e:a1:56:e0:8b: 9b:21:7c:8f:db:28:b8:5c:72:f1:14:bc:5a:cf:38:fb:fc:42: 55:fb:e0:ac:19:83:6e:2d:ff:19:c1:8d:f4:46:de:08:36:68: bc:3b:cf:8e:7b:ba:0f:0a:93:26:26:8b:4c:3f:fd:02:15:42: 1c:40:d6:71:28:3a:bd:d5:85:17:d8:07:8b:ff:a4:d3:0d:47: 0a:f8:7f:48:66:38:b1:be:f8:80:d2:a3:c0:4c:9b:52:0d:ee: ae:43:4d:8d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCIwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTQxQzkxMTAvBgNVBAUTKDk0NzBFNzYxMDgwNjNFNEY3QzY0QUQ0M0QwNzZCQzEx QUUxRkRCNUQwHhcNMjUwNjE0MjAyNDUzWhcNMjUwNjIxMjAyNDUzWjAYMRYwFAYD VQQDEw02ODRkZGE5NS01YzI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAlZTWif3EfWPVCe6vUR+EuhPbF/4ipnnJdynYGaJxrl0PGORBzqWZmmlWxi5q Kl3x4g6C9v3Q5vYwnvHvG9ZFYrEW23incIt6O0jvdu/1bq9bgVL2+nAg8NCoXun8 NhnLXor3VQqPQTMXdT1CnSFj7UeZ82bDB0XJq5rNzt2e0a0cXvTUJgAv/bEjOJ/f q8SrNL2z4KWyyQzZ9/svwYynuhtRR1mgJnEBhN/mX4g9cxrKUCfD0Sx8nkCRqePJ qN51fBvYrLvd4tHzvf3h5nzRQDC5Zes78byHvLRa61JhkptuSmrFhAfmwEM+Tk7P QYkUJzJX2ODEQjtAlN25shBFHwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOOUPNVt hfndJJsPfirSpnghvAC0MB8GA1UdIwQYMBaAFJRw52EIBj5PfGStQ9B2vBGuH9td MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNDFDOS80OUJEOURBNkMw RjgxMUVBOEFDNkM0NkNDNEY5QUUwMi9sSERuWVFnR1BrOThaSzFEMEhhOEVhNGYy MTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xIRG5ZUWdHUGs5OFpLMUQwSGE4RWE0ZjIxMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NDFDOS80OUJEOURBNkMwRjgxMUVBOEFDNkM0NkNDNEY5QUUwMi9sSERuWVFnR1Br OThaSzFEMEhhOEVhNGYyMTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCoHgSIl66rLn//MLkiVV8fkk3wfnuzq0EP2WRK9be8nVFT0vurWnsB bRSdrYDTl5WwgoO3FB86hJvj8m3lVsy5fk8KE3jc1/a0BCwvmDl86NUMJZswt96/ pnlQLWjzJytF5U3si2jiaJYMmE87abL9xi+QsGePa5IGKhlV9n0cDpc5J03qu2d/ Saj/NzdPcN/bq/UYNHn4wqQakQDCnqFW4IubIXyP2yi4XHLxFLxazzj7/EJV++Cs GYNuLf8ZwY30Rt4INmi8O8+Oe7oPCpMmJotMP/0CFUIcQNZxKDq91YUX2AeL/6TT DUcK+H9IZjixvviA0qPATJtSDe6uQ02N -----END CERTIFICATE-----Generated at Sun Jun 15 09:56:34 2025 by rpki-client