$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF233/08F05260B37811EF88322B0FC4F9AE02/TnWast4kVGn4MRuSc7VVOH51CpA.mft File: TnWast4kVGn4MRuSc7VVOH51CpA.mft (raw, json) Hash identifier: DEHbegP/Yb1zCEegYrtDwKBxwSqBCXG1iTivxjJUuec= Subject key identifier: 5E:FE:5C:4D:E0:CC:78:4C:9B:51:81:E9:AA:2F:11:52:84:8D:F9:11 Authority key identifier: 4E:75:9A:B2:DE:24:54:69:F8:31:1B:92:73:B5:55:38:7E:75:0A:90 Certificate issuer: /CN=A91DF233/serialNumber=4E759AB2DE245469F8311B9273B555387E750A90 Certificate serial: 87 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/TnWast4kVGn4MRuSc7VVOH51CpA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DF233/08F05260B37811EF88322B0FC4F9AE02/TnWast4kVGn4MRuSc7VVOH51CpA.mft Manifest number: 86 Signing time: Sat 23 Aug 2025 06:51:40 +0000 Manifest this update: Sat 23 Aug 2025 06:51:39 +0000 Manifest next update: Sat 30 Aug 2025 06:51:39 +0000 Files and hashes: 1: TnWast4kVGn4MRuSc7VVOH51CpA.crl (hash: QfMMaHiW60BHz/G45glh90nuOoFfqH2Qr84bYQT1lBc=) 2: 1FE0E016B37D11EFBDE18263C4F9AE02.roa (hash: i4QqretrMrfllRlkSz0xUOac9qaskNbaHtNPO9MoQA0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DF233/08F05260B37811EF88322B0FC4F9AE02/TnWast4kVGn4MRuSc7VVOH51CpA.crl rsync://rpki.apnic.net/member_repository/A91DF233/08F05260B37811EF88322B0FC4F9AE02/TnWast4kVGn4MRuSc7VVOH51CpA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/TnWast4kVGn4MRuSc7VVOH51CpA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 06:10:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 135 (0x87) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DF233, serialNumber=4E759AB2DE245469F8311B9273B555387E750A90 Validity Not Before: Aug 23 06:51:39 2025 GMT Not After : Aug 30 06:51:39 2025 GMT Subject: CN=68a964fb-df93 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:13:44:60:47:61:a6:a1:cc:6c:8a:0d:62:3d: 33:eb:bf:7e:c4:7f:b2:cc:d0:37:36:5f:6c:d5:65: e2:07:16:cf:f1:e7:22:75:7e:d1:b2:ad:c1:4a:5f: 61:b9:03:f9:74:3e:d5:28:fb:73:6b:5d:51:2b:8f: 84:1c:c0:43:f6:f1:80:91:86:d4:80:b2:ad:1b:eb: ab:78:4c:58:e7:cf:0f:5a:e7:43:93:a1:7b:cc:8c: 1f:02:b3:83:ac:4c:cc:44:ac:29:97:e1:9c:fa:d4: c8:4a:54:93:8c:56:06:b6:41:9c:42:af:b2:b0:61: 9f:9f:f8:62:39:48:2c:f0:d3:73:25:f0:b1:70:c5: 54:84:c3:27:fa:86:be:05:f4:01:8e:3b:92:9f:03: 2c:0e:2c:1b:28:3f:a3:a7:80:64:29:dd:4d:51:ae: 69:39:36:f4:2f:33:5d:07:f1:c8:b1:8b:b0:58:e6: 6e:1c:5d:da:e8:a6:60:5b:1d:a2:fc:50:9b:71:4e: 06:86:e3:c7:8b:b7:24:4d:ba:55:76:52:ce:72:d0: d6:6f:a0:1d:54:f8:2b:88:78:e6:9e:e5:98:ba:17: 05:ea:77:2b:63:3f:75:79:73:55:80:6c:23:9a:2f: f8:28:ea:cd:54:9d:ab:19:c3:5c:e1:49:34:97:1b: 17:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:FE:5C:4D:E0:CC:78:4C:9B:51:81:E9:AA:2F:11:52:84:8D:F9:11 X509v3 Authority Key Identifier: keyid:4E:75:9A:B2:DE:24:54:69:F8:31:1B:92:73:B5:55:38:7E:75:0A:90 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DF233/08F05260B37811EF88322B0FC4F9AE02/TnWast4kVGn4MRuSc7VVOH51CpA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/TnWast4kVGn4MRuSc7VVOH51CpA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF233/08F05260B37811EF88322B0FC4F9AE02/TnWast4kVGn4MRuSc7VVOH51CpA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4d:48:3e:25:a6:31:04:be:d2:de:9d:9c:ac:79:d4:30:55:4d: 3e:0e:32:b5:53:67:2d:95:69:ec:b4:91:de:4a:51:af:f2:cc: 4d:4a:6d:5a:2e:a4:4f:57:f3:95:f3:f2:a0:12:dd:8d:8b:6a: d0:b0:93:1b:8e:43:0f:ce:3f:ff:c2:4b:0c:f7:0a:96:bc:47: 44:64:6e:c0:50:17:79:cf:cb:95:cb:76:93:02:fa:02:39:16: f9:e9:d3:f7:7c:e7:0b:b4:90:ea:27:a5:55:c7:8d:a5:20:d4: ad:8c:89:ef:37:eb:8f:78:36:18:ef:1d:5e:bd:77:69:d7:ef: 63:7e:70:6a:d8:d2:db:8e:05:4d:c2:8e:5e:92:2a:62:c6:98: 56:7f:03:4a:7a:0f:a3:25:ec:63:90:e8:e8:bd:4d:b5:37:7a: 4f:5e:dd:7d:e9:ac:6c:8e:a5:84:8d:ef:c8:89:a1:2d:54:94: 05:81:05:0e:fa:d6:a5:1c:6d:cb:e4:0c:3a:22:b1:03:61:37: ba:e4:78:a2:ee:2d:df:a7:fc:b0:0d:4e:a3:8b:1e:78:87:51: ab:10:70:8e:af:14:4c:a6:e4:33:2b:f6:9f:5d:9b:8e:ae:64: c5:07:cc:ab:2b:b6:59:f1:63:d9:1f:1a:50:da:91:e0:8c:b7: 97:df:e3:69 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REYyMzMxMTAvBgNVBAUTKDRFNzU5QUIyREUyNDU0NjlGODMxMUI5MjczQjU1NTM4 N0U3NTBBOTAwHhcNMjUwODIzMDY1MTM5WhcNMjUwODMwMDY1MTM5WjAYMRYwFAYD VQQDEw02OGE5NjRmYi1kZjkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvRNEYEdhpqHMbIoNYj0z679+xH+yzNA3Nl9s1WXiBxbP8ecidX7Rsq3BSl9h uQP5dD7VKPtza11RK4+EHMBD9vGAkYbUgLKtG+ureExY588PWudDk6F7zIwfArOD rEzMRKwpl+Gc+tTISlSTjFYGtkGcQq+ysGGfn/hiOUgs8NNzJfCxcMVUhMMn+oa+ BfQBjjuSnwMsDiwbKD+jp4BkKd1NUa5pOTb0LzNdB/HIsYuwWOZuHF3a6KZgWx2i /FCbcU4GhuPHi7ckTbpVdlLOctDWb6AdVPgriHjmnuWYuhcF6ncrYz91eXNVgGwj mi/4KOrNVJ2rGcNc4Uk0lxsXEwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF7+XE3g zHhMm1GB6aovEVKEjfkRMB8GA1UdIwQYMBaAFE51mrLeJFRp+DEbknO1VTh+dQqQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERjIzMy8wOEYwNTI2MEIz NzgxMUVGODgzMjJCMEZDNEY5QUUwMi9Ubldhc3Q0a1ZHbjRNUnVTYzdWVk9INTFD cEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1RuV2FzdDRrVkduNE1SdVNjN1ZWT0g1MUNwQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE RjIzMy8wOEYwNTI2MEIzNzgxMUVGODgzMjJCMEZDNEY5QUUwMi9Ubldhc3Q0a1ZH bjRNUnVTYzdWVk9INTFDcEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBNSD4lpjEEvtLenZysedQwVU0+DjK1U2ctlWnstJHeSlGv8sxNSm1a LqRPV/OV8/KgEt2Ni2rQsJMbjkMPzj//wksM9wqWvEdEZG7AUBd5z8uVy3aTAvoC ORb56dP3fOcLtJDqJ6VVx42lINStjInvN+uPeDYY7x1evXdp1+9jfnBq2NLbjgVN wo5ekipixphWfwNKeg+jJexjkOjovU21N3pPXt196axsjqWEje/IiaEtVJQFgQUO +talHG3L5Aw6IrEDYTe65Hii7i3fp/ywDU6jix54h1GrEHCOrxRMpuQzK/afXZuO rmTFB8yrK7ZZ8WPZHxpQ2pHgjLeX3+Np -----END CERTIFICATE-----Generated at Sat Aug 23 10:25:08 2025 by rpki-client