$ rpki-client -vvf rpki.apnic.net/member_repository/A9145B13/50BD230EB12811EFB750A52BC4F9AE02/tNIXk5onUZOOB2WaeUiFqciEGRk.mft File: tNIXk5onUZOOB2WaeUiFqciEGRk.mft (raw, json) Hash identifier: 4wkNUbsApDeb2G+q3sCEvvtbktSXU68UliOge7WsMvw= Subject key identifier: D2:ED:C8:15:83:B2:E9:B5:7B:DD:9D:1C:32:6D:62:54:12:5D:5F:74 Authority key identifier: B4:D2:17:93:9A:27:51:93:8E:07:65:9A:79:48:85:A9:C8:84:19:19 Certificate issuer: /CN=A9145B13/serialNumber=B4D217939A2751938E07659A794885A9C8841919 Certificate serial: 55 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNIXk5onUZOOB2WaeUiFqciEGRk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9145B13/50BD230EB12811EFB750A52BC4F9AE02/tNIXk5onUZOOB2WaeUiFqciEGRk.mft Manifest number: 54 Signing time: Sun 11 May 2025 05:59:22 +0000 Manifest this update: Sun 11 May 2025 05:59:22 +0000 Manifest next update: Sun 18 May 2025 05:59:22 +0000 Files and hashes: 1: tNIXk5onUZOOB2WaeUiFqciEGRk.crl (hash: 6OQ0Iahy+hrV4ihY2CRUHdUuX0f86cSzZbI57H1zWjo=) 2: 793486E0C11A11EF99C19012C4F9AE02.roa (hash: pawwhpt8xl4Jm5tUlNLFvNNRwT1g8ks5JKIz2Wod4KM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9145B13/50BD230EB12811EFB750A52BC4F9AE02/tNIXk5onUZOOB2WaeUiFqciEGRk.crl rsync://rpki.apnic.net/member_repository/A9145B13/50BD230EB12811EFB750A52BC4F9AE02/tNIXk5onUZOOB2WaeUiFqciEGRk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNIXk5onUZOOB2WaeUiFqciEGRk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 05:59:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 85 (0x55) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9145B13, serialNumber=B4D217939A2751938E07659A794885A9C8841919 Validity Not Before: May 11 05:59:22 2025 GMT Not After : May 18 05:59:22 2025 GMT Subject: CN=68203cba-4857 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:20:d1:1c:33:ad:ab:a6:9c:0b:26:73:01:aa: d7:93:f0:d0:3c:1d:9a:d1:b9:fb:82:40:57:31:e3: 2d:45:a8:68:ef:32:2a:47:f1:f2:39:59:1b:99:5d: 07:78:ac:12:0c:4e:5a:00:61:c0:d7:22:44:7c:b8: 76:fb:9c:a6:48:15:26:2b:c8:39:0b:d9:66:76:e9: 67:b7:fe:25:f9:fc:9d:78:38:e8:03:30:11:14:15: 64:d5:6e:73:6f:f4:50:ef:77:37:b4:0b:d5:2c:9f: 01:d7:f7:b5:3e:55:a4:f6:69:d1:5b:7c:08:bc:a1: d3:06:13:1a:f6:8c:45:5e:13:0a:10:49:2d:fe:54: cc:0a:fc:2c:d6:62:63:25:c1:b6:56:b4:d1:01:dd: 68:da:57:8a:28:51:da:f4:98:8c:59:43:54:3c:c6: d6:ce:c3:fe:60:63:c6:fd:81:45:bb:5a:58:4e:7b: b2:41:13:0b:66:5b:c9:48:a4:3c:fb:8b:df:76:ef: b6:00:86:9b:78:31:87:06:8c:83:a3:45:ee:d8:dc: 6f:3c:58:66:c3:57:86:20:33:3e:27:02:ff:8a:1d: bc:78:3b:a4:4d:0f:30:27:c2:60:8b:4a:29:7f:31: 2b:e1:13:50:13:cd:05:87:bf:12:7f:8e:21:a5:21: 52:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:ED:C8:15:83:B2:E9:B5:7B:DD:9D:1C:32:6D:62:54:12:5D:5F:74 X509v3 Authority Key Identifier: keyid:B4:D2:17:93:9A:27:51:93:8E:07:65:9A:79:48:85:A9:C8:84:19:19 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9145B13/50BD230EB12811EFB750A52BC4F9AE02/tNIXk5onUZOOB2WaeUiFqciEGRk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNIXk5onUZOOB2WaeUiFqciEGRk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9145B13/50BD230EB12811EFB750A52BC4F9AE02/tNIXk5onUZOOB2WaeUiFqciEGRk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3f:66:ee:0f:c7:db:ad:c8:2f:20:64:7f:ee:0f:1d:10:b0:52: 7a:34:5c:09:86:43:14:c4:68:0b:ae:7e:c6:bb:14:ff:4f:f4: 33:d3:d8:cb:16:91:ef:5e:f8:1e:ca:5d:cf:cf:d3:a0:3a:d0: 08:23:40:4f:82:3b:e0:7d:59:99:ee:c8:60:08:fa:6f:2b:ac: 99:52:d4:1d:cd:68:64:f8:47:93:11:18:12:24:e7:08:9b:c2: 48:c5:08:da:41:b0:37:6b:89:55:e2:a5:54:47:5a:1b:72:d7: 14:aa:4f:08:66:e4:d8:f7:6e:34:4f:2c:05:e0:6f:3a:77:a5: cd:b8:36:79:0b:3a:21:b5:db:ab:24:4a:01:b8:47:ee:b7:95: d4:5e:25:bb:f4:9c:4a:a4:0b:74:ff:f1:36:c3:31:58:00:be: c0:a5:b7:2b:4d:0b:7a:9e:db:5d:97:82:1a:47:a5:81:88:e1: 3d:5e:91:e5:16:36:c3:9f:73:41:53:b4:45:e5:43:a2:6e:3e: ed:b4:4c:19:fb:63:95:c8:97:e7:37:26:7e:e8:b5:b4:17:ad: af:f9:2d:4c:4e:89:97:a2:85:38:c9:87:5e:2c:08:93:5b:da: 6d:25:58:11:98:c8:87:00:12:93:e8:f7:3a:be:61:7e:9a:1b: 68:ef:7f:4e -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBVTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 NUIxMzExMC8GA1UEBRMoQjREMjE3OTM5QTI3NTE5MzhFMDc2NTlBNzk0ODg1QTlD ODg0MTkxOTAeFw0yNTA1MTEwNTU5MjJaFw0yNTA1MTgwNTU5MjJaMBgxFjAUBgNV BAMTDTY4MjAzY2JhLTQ4NTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCsINEcM62rppwLJnMBqteT8NA8HZrRufuCQFcx4y1FqGjvMipH8fI5WRuZXQd4 rBIMTloAYcDXIkR8uHb7nKZIFSYryDkL2WZ26We3/iX5/J14OOgDMBEUFWTVbnNv 9FDvdze0C9UsnwHX97U+VaT2adFbfAi8odMGExr2jEVeEwoQSS3+VMwK/CzWYmMl wbZWtNEB3WjaV4ooUdr0mIxZQ1Q8xtbOw/5gY8b9gUW7WlhOe7JBEwtmW8lIpDz7 i99277YAhpt4MYcGjIOjRe7Y3G88WGbDV4YgMz4nAv+KHbx4O6RNDzAnwmCLSil/ MSvhE1ATzQWHvxJ/jiGlIVJjAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU0u3IFYOy 6bV73Z0cMm1iVBJdX3QwHwYDVR0jBBgwFoAUtNIXk5onUZOOB2WaeUiFqciEGRkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ1QjEzLzUwQkQyMzBFQjEy ODExRUZCNzUwQTUyQkM0RjlBRTAyL3ROSVhrNW9uVVpPT0IyV2FlVWlGcWNpRUdS ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvdE5JWGs1b25VWk9PQjJXYWVVaUZxY2lFR1JrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ1 QjEzLzUwQkQyMzBFQjEyODExRUZCNzUwQTUyQkM0RjlBRTAyL3ROSVhrNW9uVVpP T0IyV2FlVWlGcWNpRUdSay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAD9m7g/H263ILyBkf+4PHRCwUno0XAmGQxTEaAuufsa7FP9P9DPT2MsW ke9e+B7KXc/P06A60AgjQE+CO+B9WZnuyGAI+m8rrJlS1B3NaGT4R5MRGBIk5wib wkjFCNpBsDdriVXipVRHWhty1xSqTwhm5Nj3bjRPLAXgbzp3pc24NnkLOiG126sk SgG4R+63ldReJbv0nEqkC3T/8TbDMVgAvsCltytNC3qe212XghpHpYGI4T1ekeUW NsOfc0FTtEXlQ6JuPu20TBn7Y5XIl+c3Jn7otbQXra/5LUxOiZeihTjJh14sCJNb 2m0lWBGYyIcAEpPo9zq+YX6aG2jvf04= -----END CERTIFICATE-----Generated at Sun May 11 22:43:52 2025 by rpki-client