$ rpki-client -vvf rpki.apnic.net/member_repository/A911F753/7809DA02BC0D11EF9B4AD649C4F9AE02/LUmzrm2hi2NGSjF3qzIQGULmpRo.mft File: LUmzrm2hi2NGSjF3qzIQGULmpRo.mft (raw, json) Hash identifier: i99HbqeZAj8RvdKIoIyfYhhnTissPyHpiidgn+2XLUI= Subject key identifier: E4:0E:AE:9A:22:36:4D:83:26:B1:02:E5:E8:4A:5F:89:63:A9:31:AC Authority key identifier: 2D:49:B3:AE:6D:A1:8B:63:46:4A:31:77:AB:32:10:19:42:E6:A5:1A Certificate issuer: /CN=A911F753/serialNumber=2D49B3AE6DA18B63464A3177AB32101942E6A51A Certificate serial: 4E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/LUmzrm2hi2NGSjF3qzIQGULmpRo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911F753/7809DA02BC0D11EF9B4AD649C4F9AE02/LUmzrm2hi2NGSjF3qzIQGULmpRo.mft Manifest number: 4A Signing time: Sun 27 Apr 2025 06:14:09 +0000 Manifest this update: Sun 27 Apr 2025 06:14:08 +0000 Manifest next update: Sun 04 May 2025 06:14:08 +0000 Files and hashes: 1: LUmzrm2hi2NGSjF3qzIQGULmpRo.crl (hash: 3ph/ZCKwD4gLs98qy+3RRLQW+MlGyILVlwjCcIdsGy4=) 2: E454A324EC5811EF80EABF18C4F9AE02.roa (hash: YHG5dJrgWguVVX0TqVGNfIMAFQq1FZHSymYvBAi+Egs=) 3: C48E5CA6EC5811EFB20A8A18C4F9AE02.roa (hash: vLgyAt4VKcLI4TYUSdqX2oSSFdxzy2+HjS3FIN16Cr8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911F753/7809DA02BC0D11EF9B4AD649C4F9AE02/LUmzrm2hi2NGSjF3qzIQGULmpRo.crl rsync://rpki.apnic.net/member_repository/A911F753/7809DA02BC0D11EF9B4AD649C4F9AE02/LUmzrm2hi2NGSjF3qzIQGULmpRo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/LUmzrm2hi2NGSjF3qzIQGULmpRo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 04 May 2025 02:50:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78 (0x4e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911F753, serialNumber=2D49B3AE6DA18B63464A3177AB32101942E6A51A Validity Not Before: Apr 27 06:14:08 2025 GMT Not After : May 4 06:14:08 2025 GMT Subject: CN=680dcb30-b1df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:ac:e6:a8:52:6a:25:b1:20:0c:c5:45:a5:c4: 9e:a0:e4:7e:6b:2a:13:5d:a4:29:6c:c0:00:4c:5a: 9c:91:23:56:12:a4:8a:18:79:78:dd:00:1e:d5:a8: bf:f6:e4:ae:19:92:e2:24:81:db:a6:ac:68:64:ea: 67:c1:32:3e:62:76:86:37:e6:4a:e8:27:0a:47:6f: be:15:b2:0f:04:c3:92:47:aa:e3:2e:0e:23:fc:9b: a3:72:de:4b:4b:49:75:83:4a:96:4d:90:2d:1e:32: fa:8b:54:14:46:aa:8d:e5:8e:07:c4:64:ec:fa:d5: 82:0f:4b:c5:a5:1c:ac:e0:a8:06:47:bf:72:18:e1: ad:5e:3c:ba:95:72:68:33:ba:09:65:71:20:45:f3: 0e:39:8a:85:7d:70:cd:e6:61:49:dc:a2:56:dd:0b: 2b:a2:b6:e0:c9:f6:d4:da:c2:76:b2:ef:af:2e:cb: c6:9d:aa:36:fc:87:08:b4:8d:12:c1:79:2a:27:0e: 0a:e2:41:4a:19:cb:5f:9a:52:b4:99:8a:69:81:65: b8:37:b6:96:76:4a:86:91:63:b3:2a:74:da:6d:13: f5:64:7c:23:cd:1b:59:be:9e:5f:c8:56:8c:2f:a6: 27:9b:d0:9a:dc:21:a2:d5:85:88:67:ba:80:c0:d5: 95:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:0E:AE:9A:22:36:4D:83:26:B1:02:E5:E8:4A:5F:89:63:A9:31:AC X509v3 Authority Key Identifier: keyid:2D:49:B3:AE:6D:A1:8B:63:46:4A:31:77:AB:32:10:19:42:E6:A5:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911F753/7809DA02BC0D11EF9B4AD649C4F9AE02/LUmzrm2hi2NGSjF3qzIQGULmpRo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/LUmzrm2hi2NGSjF3qzIQGULmpRo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911F753/7809DA02BC0D11EF9B4AD649C4F9AE02/LUmzrm2hi2NGSjF3qzIQGULmpRo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 88:17:09:10:5c:28:ab:54:b3:52:b3:fa:d8:d6:dc:33:c6:9b: b9:4c:e8:d6:2a:2b:e0:6f:43:c3:81:fc:3a:76:7c:2f:a0:d6: c8:26:ae:56:67:66:f9:6f:03:94:e3:8d:1e:8a:7e:01:e2:2d: e8:a5:6b:b3:c5:e1:98:0b:87:73:24:59:aa:04:bc:e4:50:33: 7f:c5:1d:13:26:dc:00:fa:e5:22:90:2b:e7:49:50:41:ae:59: 52:aa:12:85:8b:2e:4e:d1:e4:16:67:93:26:04:ff:94:5c:3a: 31:b0:b8:6e:d0:fc:53:04:8f:53:31:e8:b9:07:f1:de:05:2f: 58:31:21:a4:bb:5d:d9:5b:12:6a:79:37:99:b4:2b:1d:36:57: be:83:1c:f1:20:b7:9b:02:7f:24:16:be:52:86:37:37:8e:72: 26:1e:ae:e1:19:dd:72:82:f6:8f:86:dd:ec:f5:f6:3c:ec:94: 9c:cb:1f:d6:cf:28:36:92:34:fa:7d:2b:bb:f4:b0:95:02:23: 28:67:4c:0e:83:c2:db:e5:e1:79:fc:f6:28:ba:31:e5:0f:39: 32:4d:c8:cd:3b:a1:fd:4c:5b:a8:f4:63:bd:35:b5:f3:ea:f0: 64:8f:0c:8d:d3:a1:82:d4:01:39:fa:95:cf:ca:62:4e:fd:09: d9:74:de:3d -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBTjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx Rjc1MzExMC8GA1UEBRMoMkQ0OUIzQUU2REExOEI2MzQ2NEEzMTc3QUIzMjEwMTk0 MkU2QTUxQTAeFw0yNTA0MjcwNjE0MDhaFw0yNTA1MDQwNjE0MDhaMBgxFjAUBgNV BAMTDTY4MGRjYjMwLWIxZGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC9rOaoUmolsSAMxUWlxJ6g5H5rKhNdpClswABMWpyRI1YSpIoYeXjdAB7VqL/2 5K4ZkuIkgdumrGhk6mfBMj5idoY35kroJwpHb74Vsg8Ew5JHquMuDiP8m6Ny3ktL SXWDSpZNkC0eMvqLVBRGqo3ljgfEZOz61YIPS8WlHKzgqAZHv3IY4a1ePLqVcmgz ugllcSBF8w45ioV9cM3mYUncolbdCyuituDJ9tTawnay768uy8adqjb8hwi0jRLB eSonDgriQUoZy1+aUrSZimmBZbg3tpZ2SoaRY7MqdNptE/VkfCPNG1m+nl/IVowv pieb0JrcIaLVhYhnuoDA1ZWNAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU5A6umiI2 TYMmsQLl6EpfiWOpMawwHwYDVR0jBBgwFoAULUmzrm2hi2NGSjF3qzIQGULmpRow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFGNzUzLzc4MDlEQTAyQkMw RDExRUY5QjRBRDY0OUM0RjlBRTAyL0xVbXpybTJoaTJOR1NqRjNxeklRR1VMbXBS by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvTFVtenJtMmhpMk5HU2pGM3F6SVFHVUxtcFJvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFG NzUzLzc4MDlEQTAyQkMwRDExRUY5QjRBRDY0OUM0RjlBRTAyL0xVbXpybTJoaTJO R1NqRjNxeklRR1VMbXBSby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAIgXCRBcKKtUs1Kz+tjW3DPGm7lM6NYqK+BvQ8OB/Dp2fC+g1sgmrlZn ZvlvA5TjjR6KfgHiLeila7PF4ZgLh3MkWaoEvORQM3/FHRMm3AD65SKQK+dJUEGu WVKqEoWLLk7R5BZnkyYE/5RcOjGwuG7Q/FMEj1Mx6LkH8d4FL1gxIaS7XdlbEmp5 N5m0Kx02V76DHPEgt5sCfyQWvlKGNzeOciYeruEZ3XKC9o+G3ez19jzslJzLH9bP KDaSNPp9K7v0sJUCIyhnTA6Dwtvl4Xn89ii6MeUPOTJNyM07of1MW6j0Y701tfPq 8GSPDI3ToYLUATn6lc/KYk79Cdl03j0= -----END CERTIFICATE-----Generated at Sun Apr 27 08:07:41 2025 by rpki-client on console.sobornost.net