$ rpki-client -vvf rpki.apnic.net/member_repository/A91D6AB2/0AF2EAAACF7011EA8AE55D48C4F9AE02/TZAcNCU7ylsnTusQaZPe9yCiUqw.mft File: TZAcNCU7ylsnTusQaZPe9yCiUqw.mft (raw, json) Hash identifier: hfSFTuueZGUPBfcPzSP+fFzZDRDZxSsl1Dj6R3/AyZU= Subject key identifier: E9:C5:AC:43:4E:95:10:CB:5C:6B:40:6A:CB:00:49:3B:9C:7C:6C:FE Authority key identifier: 4D:90:1C:34:25:3B:CA:5B:27:4E:EB:10:69:93:DE:F7:20:A2:52:AC Certificate issuer: /CN=A91D6AB2/serialNumber=4D901C34253BCA5B274EEB106993DEF720A252AC Certificate serial: 0410 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TZAcNCU7ylsnTusQaZPe9yCiUqw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D6AB2/0AF2EAAACF7011EA8AE55D48C4F9AE02/TZAcNCU7ylsnTusQaZPe9yCiUqw.mft Manifest number: 0C2F Signing time: Sat 10 May 2025 20:29:44 +0000 Manifest this update: Sat 10 May 2025 20:29:44 +0000 Manifest next update: Sat 17 May 2025 20:29:44 +0000 Files and hashes: 1: TZAcNCU7ylsnTusQaZPe9yCiUqw.crl (hash: LisALYtHR4o2JniRqPN7LZdhlMFBckCIisiB61uK7aw=) 2: 8E4BBF50F5C511EF89110646C4F9AE02.roa (hash: S0EFM1LlMU93Q/SmaTsXJfrCySvLdm2xsJllc0bdMTA=) 3: A1B8D10EF5C511EF83B21246C4F9AE02.roa (hash: qJqe7xZLrZpale4qfa8dX4Bwzzbb4MiCN1zRa6JcZMs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D6AB2/0AF2EAAACF7011EA8AE55D48C4F9AE02/TZAcNCU7ylsnTusQaZPe9yCiUqw.crl rsync://rpki.apnic.net/member_repository/A91D6AB2/0AF2EAAACF7011EA8AE55D48C4F9AE02/TZAcNCU7ylsnTusQaZPe9yCiUqw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TZAcNCU7ylsnTusQaZPe9yCiUqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 20:29:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1040 (0x410) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D6AB2, serialNumber=4D901C34253BCA5B274EEB106993DEF720A252AC Validity Not Before: May 10 20:29:44 2025 GMT Not After : May 17 20:29:44 2025 GMT Subject: CN=681fb738-7ef5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:a0:fd:cb:14:52:32:3e:74:fd:3f:43:c7:6d: e8:ce:54:36:06:3b:5b:fd:26:32:1a:d9:c7:82:3d: 85:f1:0d:0d:2a:a1:46:db:ec:03:e2:89:13:37:77: 61:a8:c0:83:f5:14:39:c6:c3:86:61:8a:75:ab:23: d9:67:f0:53:6d:46:15:36:4e:1c:90:7c:90:66:68: 68:10:bf:51:8d:8d:63:b5:03:ae:37:6d:ba:6e:1b: 32:f1:ad:ed:db:7b:59:04:d3:9e:b4:ac:c6:38:66: ca:c2:59:b6:3d:7b:9b:c2:ff:ac:18:d9:33:35:23: c1:bf:1c:d9:ea:26:60:ae:00:8b:35:75:54:ef:6d: 69:79:5f:a8:85:51:56:cb:47:ee:f6:1f:c7:39:f9: 76:84:8a:e5:21:ea:b2:87:4f:c3:a4:3f:db:e8:a0: 43:f6:72:5c:13:69:24:16:2d:3c:f8:ff:4d:ed:da: 8a:dc:e4:86:ee:62:57:5e:35:d5:7f:95:83:05:72: 30:ae:9b:0c:d3:e4:73:75:5b:a5:f1:e1:f2:93:77: 54:e0:a4:64:a7:7f:8c:a0:fe:8c:d2:bb:4e:56:c6: bf:b3:5d:ff:cf:4c:a4:f7:22:4a:e8:35:bf:c8:5b: 0f:ee:12:00:e9:bd:ac:56:b2:80:30:1f:74:6e:23: 30:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:C5:AC:43:4E:95:10:CB:5C:6B:40:6A:CB:00:49:3B:9C:7C:6C:FE X509v3 Authority Key Identifier: keyid:4D:90:1C:34:25:3B:CA:5B:27:4E:EB:10:69:93:DE:F7:20:A2:52:AC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D6AB2/0AF2EAAACF7011EA8AE55D48C4F9AE02/TZAcNCU7ylsnTusQaZPe9yCiUqw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TZAcNCU7ylsnTusQaZPe9yCiUqw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D6AB2/0AF2EAAACF7011EA8AE55D48C4F9AE02/TZAcNCU7ylsnTusQaZPe9yCiUqw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8d:e4:40:92:9d:b8:ab:9a:8a:36:3d:bb:cc:31:fb:e4:bf:b5: 98:1e:87:50:0e:d7:6c:08:f3:89:37:ea:6c:4b:29:da:36:f4: 47:ad:57:4c:65:77:d7:7e:4d:5c:0a:0c:06:6a:9e:f9:74:28: bc:60:c5:67:cc:d8:02:ca:95:b3:8f:39:f7:83:6c:86:8a:d3: 0d:71:7f:7d:f7:07:ff:72:d7:76:63:77:a8:27:cc:c8:9c:93: ed:d4:d0:43:d1:d3:fd:cb:a8:1c:42:ac:e5:bd:d2:dd:f9:c3: de:ac:f9:9e:d8:54:6e:82:2c:75:4a:94:3b:36:30:db:f5:dc: d4:d0:93:50:ff:a1:d2:02:3f:12:f4:4e:f4:ed:27:5a:32:eb: 6a:57:a4:ae:e1:82:d6:a1:8f:c8:0b:68:f4:44:48:2f:0b:79: 0e:97:60:b9:1a:1b:17:79:28:7f:55:4a:00:39:6e:8c:e3:d8: 10:c9:d1:81:dd:0a:9e:c1:f0:ab:21:a0:74:dc:83:20:ca:13: c6:27:fc:3e:75:d4:d3:16:21:6e:45:a7:f9:37:2c:c0:b7:dd: b8:c5:d9:05:14:2d:d1:95:64:a1:38:ba:41:69:d2:88:3b:79: cc:bd:84:4b:f6:92:c5:32:8b:63:d3:20:c6:bb:fb:80:8a:b0: 85:25:8a:70 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBBAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDZBQjIxMTAvBgNVBAUTKDREOTAxQzM0MjUzQkNBNUIyNzRFRUIxMDY5OTNERUY3 MjBBMjUyQUMwHhcNMjUwNTEwMjAyOTQ0WhcNMjUwNTE3MjAyOTQ0WjAYMRYwFAYD VQQDEw02ODFmYjczOC03ZWY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuaD9yxRSMj50/T9Dx23ozlQ2Bjtb/SYyGtnHgj2F8Q0NKqFG2+wD4okTN3dh qMCD9RQ5xsOGYYp1qyPZZ/BTbUYVNk4ckHyQZmhoEL9RjY1jtQOuN226bhsy8a3t 23tZBNOetKzGOGbKwlm2PXubwv+sGNkzNSPBvxzZ6iZgrgCLNXVU721peV+ohVFW y0fu9h/HOfl2hIrlIeqyh0/DpD/b6KBD9nJcE2kkFi08+P9N7dqK3OSG7mJXXjXV f5WDBXIwrpsM0+RzdVul8eHyk3dU4KRkp3+MoP6M0rtOVsa/s13/z0yk9yJK6DW/ yFsP7hIA6b2sVrKAMB90biMwhQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOnFrENO lRDLXGtAassASTucfGz+MB8GA1UdIwQYMBaAFE2QHDQlO8pbJ07rEGmT3vcgolKs MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENkFCMi8wQUYyRUFBQUNG NzAxMUVBOEFFNTVENDhDNEY5QUUwMi9UWkFjTkNVN3lsc25UdXNRYVpQZTl5Q2lV cXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1RaQWNOQ1U3eWxzblR1c1FhWlBlOXlDaVVxdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NkFCMi8wQUYyRUFBQUNGNzAxMUVBOEFFNTVENDhDNEY5QUUwMi9UWkFjTkNVN3ls c25UdXNRYVpQZTl5Q2lVcXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCN5ECSnbirmoo2PbvMMfvkv7WYHodQDtdsCPOJN+psSynaNvRHrVdM ZXfXfk1cCgwGap75dCi8YMVnzNgCypWzjzn3g2yGitMNcX999wf/ctd2Y3eoJ8zI nJPt1NBD0dP9y6gcQqzlvdLd+cPerPme2FRugix1SpQ7NjDb9dzU0JNQ/6HSAj8S 9E707SdaMutqV6Su4YLWoY/IC2j0REgvC3kOl2C5GhsXeSh/VUoAOW6M49gQydGB 3QqewfCrIaB03IMgyhPGJ/w+ddTTFiFuRaf5NyzAt924xdkFFC3RlWShOLpBadKI O3nMvYRL9pLFMotj0yDGu/uAirCFJYpw -----END CERTIFICATE-----Generated at Mon May 12 13:05:52 2025 by rpki-client