$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1FA7/2D991CD0599F11EDB967AE39C4F9AE02/_10TK8Zqqiu89lw-X-iaDDcdizo.mft File: _10TK8Zqqiu89lw-X-iaDDcdizo.mft (raw, json) Hash identifier: CyEotD+1hM9V97xtGSo6m3+gyXbKLyUWO7H49euPmL4= Subject key identifier: 72:6B:F0:93:88:F5:96:14:EF:0F:90:3F:ED:82:52:05:37:9D:74:4E Authority key identifier: FF:5D:13:2B:C6:6A:AA:2B:BC:F6:5C:3E:5F:E8:9A:0C:37:1D:8B:3A Certificate issuer: /CN=A91C1FA7/serialNumber=FF5D132BC66AAA2BBCF65C3E5FE89A0C371D8B3A Certificate serial: 01DF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_10TK8Zqqiu89lw-X-iaDDcdizo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C1FA7/2D991CD0599F11EDB967AE39C4F9AE02/_10TK8Zqqiu89lw-X-iaDDcdizo.mft Manifest number: 01DA Signing time: Sun 11 May 2025 01:44:30 +0000 Manifest this update: Sun 11 May 2025 01:44:30 +0000 Manifest next update: Sun 18 May 2025 01:44:30 +0000 Files and hashes: 1: _10TK8Zqqiu89lw-X-iaDDcdizo.crl (hash: EFR0pVhT3b/VmVOIhaSLqEqTQK467sIYJMndD7xcg2c=) 2: 064042F259F511EDB22E3F2BC4F9AE02.roa (hash: JoMqVSrjZm4JfXMaz6xrPhG5LHTOXjmhXw4j9hZGE8w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C1FA7/2D991CD0599F11EDB967AE39C4F9AE02/_10TK8Zqqiu89lw-X-iaDDcdizo.crl rsync://rpki.apnic.net/member_repository/A91C1FA7/2D991CD0599F11EDB967AE39C4F9AE02/_10TK8Zqqiu89lw-X-iaDDcdizo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_10TK8Zqqiu89lw-X-iaDDcdizo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 01:44:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 479 (0x1df) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C1FA7, serialNumber=FF5D132BC66AAA2BBCF65C3E5FE89A0C371D8B3A Validity Not Before: May 11 01:44:30 2025 GMT Not After : May 18 01:44:30 2025 GMT Subject: CN=682000fe-d967 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:cf:fc:b7:7c:33:02:31:c9:06:e8:44:de:7c: d8:f1:ca:4f:67:aa:05:fc:21:8f:49:9f:88:18:4a: a5:d1:bf:95:f2:ef:61:5e:5c:b1:23:1f:fe:de:25: fb:80:4b:f0:87:6a:66:95:63:b7:89:8b:ab:17:af: 3d:d7:d3:fa:b1:c3:81:fd:b4:d5:ff:d1:ae:62:45: ef:6f:c4:d6:b3:17:f8:93:b2:1b:c4:70:3f:ca:2e: 7d:02:fd:64:12:b3:46:60:98:cb:47:fe:a7:39:28: 20:c0:83:63:71:09:c3:98:8b:6a:79:f6:34:d8:28: e4:ab:52:92:76:a5:29:06:ed:d7:6e:54:77:c4:fe: 57:5c:21:40:da:f6:80:aa:ef:fd:5a:fa:cb:60:1b: 92:a4:3c:21:5f:8d:80:3a:03:27:cd:6d:46:11:7c: 72:a9:3a:37:48:32:97:dc:0e:10:91:ff:72:82:dc: e6:c2:33:7a:af:fd:f2:1b:a2:9b:a6:45:30:f1:9e: 32:35:9c:5c:27:57:69:b0:89:3d:f8:3d:58:1d:d5: 8d:ee:66:7e:94:30:3d:f3:54:04:08:44:95:4e:d5: 77:49:57:26:53:27:d0:35:58:a1:7b:1a:50:b7:8a: d4:f7:d3:82:20:ac:ec:b0:cc:d3:81:8b:68:f2:e6: 92:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:6B:F0:93:88:F5:96:14:EF:0F:90:3F:ED:82:52:05:37:9D:74:4E X509v3 Authority Key Identifier: keyid:FF:5D:13:2B:C6:6A:AA:2B:BC:F6:5C:3E:5F:E8:9A:0C:37:1D:8B:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C1FA7/2D991CD0599F11EDB967AE39C4F9AE02/_10TK8Zqqiu89lw-X-iaDDcdizo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_10TK8Zqqiu89lw-X-iaDDcdizo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1FA7/2D991CD0599F11EDB967AE39C4F9AE02/_10TK8Zqqiu89lw-X-iaDDcdizo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b9:f8:79:b4:8d:0b:8e:0c:11:30:8b:70:4c:2a:89:db:1b:89: 07:6f:52:89:e6:87:f0:a5:c5:a9:f1:83:e0:9a:f4:ce:fa:20: fb:b4:f5:69:7d:75:34:a7:c8:13:3d:97:2f:99:14:c0:c8:31: a6:6d:f3:36:17:79:4a:01:fe:af:6a:9d:e1:e0:8a:e6:1a:5d: 1f:76:e2:d8:80:5b:e3:6a:e3:33:cd:0e:f1:fd:f5:1e:69:70: 35:9e:3a:b4:79:8c:08:ee:ce:b8:26:6c:df:96:ae:cf:13:f1: c0:0a:a8:ca:4e:91:85:1f:4f:8c:ca:be:89:9f:49:44:a6:7f: 1d:5e:29:7b:e1:a9:2b:51:b4:1c:fa:d5:5d:57:40:57:66:ad: 75:39:46:78:9f:f4:64:8f:8d:c2:99:2e:ff:26:1d:22:0e:7b: d0:57:0c:39:be:74:9c:16:8e:2a:22:1f:ea:3b:07:07:8a:16: 40:9e:a3:bb:d2:6d:c5:6b:88:28:34:c7:73:eb:fb:2c:64:50: 82:29:ef:19:95:be:eb:f4:ab:cb:29:98:e3:d8:a7:52:71:f2: 41:3c:1b:8d:90:9f:28:44:26:70:a4:67:d4:e4:8a:68:78:34: c1:47:50:47:47:c6:32:3c:5e:fb:7f:7b:3a:89:a9:21:ce:a6: f3:a2:6b:43 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAd8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzFGQTcxMTAvBgNVBAUTKEZGNUQxMzJCQzY2QUFBMkJCQ0Y2NUMzRTVGRTg5QTBD MzcxRDhCM0EwHhcNMjUwNTExMDE0NDMwWhcNMjUwNTE4MDE0NDMwWjAYMRYwFAYD VQQDEw02ODIwMDBmZS1kOTY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5M/8t3wzAjHJBuhE3nzY8cpPZ6oF/CGPSZ+IGEql0b+V8u9hXlyxIx/+3iX7 gEvwh2pmlWO3iYurF68919P6scOB/bTV/9GuYkXvb8TWsxf4k7IbxHA/yi59Av1k ErNGYJjLR/6nOSggwINjcQnDmItqefY02Cjkq1KSdqUpBu3XblR3xP5XXCFA2vaA qu/9WvrLYBuSpDwhX42AOgMnzW1GEXxyqTo3SDKX3A4Qkf9ygtzmwjN6r/3yG6Kb pkUw8Z4yNZxcJ1dpsIk9+D1YHdWN7mZ+lDA981QECESVTtV3SVcmUyfQNVihexpQ t4rU99OCIKzssMzTgYto8uaS5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHJr8JOI 9ZYU7w+QP+2CUgU3nXROMB8GA1UdIwQYMBaAFP9dEyvGaqorvPZcPl/omgw3HYs6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMUZBNy8yRDk5MUNEMDU5 OUYxMUVEQjk2N0FFMzlDNEY5QUUwMi9fMTBUSzhacXFpdTg5bHctWC1pYUREY2Rp em8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL18xMFRLOFpxcWl1ODlsdy1YLWlhRERjZGl6by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD MUZBNy8yRDk5MUNEMDU5OUYxMUVEQjk2N0FFMzlDNEY5QUUwMi9fMTBUSzhacXFp dTg5bHctWC1pYUREY2Rpem8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC5+Hm0jQuODBEwi3BMKonbG4kHb1KJ5ofwpcWp8YPgmvTO+iD7tPVp fXU0p8gTPZcvmRTAyDGmbfM2F3lKAf6vap3h4IrmGl0fduLYgFvjauMzzQ7x/fUe aXA1njq0eYwI7s64Jmzflq7PE/HACqjKTpGFH0+Myr6Jn0lEpn8dXil74akrUbQc +tVdV0BXZq11OUZ4n/Rkj43CmS7/Jh0iDnvQVww5vnScFo4qIh/qOwcHihZAnqO7 0m3Fa4goNMdz6/ssZFCCKe8Zlb7r9KvLKZjj2KdScfJBPBuNkJ8oRCZwpGfU5Ipo eDTBR1BHR8YyPF77f3s6iakhzqbzomtD -----END CERTIFICATE-----Generated at Mon May 12 07:32:40 2025 by rpki-client