$ rpki-client -vvf rpki.apnic.net/member_repository/A91EDBB0/E653E51207ED11F0B0A68764C4F9AE02/_thOn-AVmpk3ohk6C326I7bCZbg.mft File: _thOn-AVmpk3ohk6C326I7bCZbg.mft (raw, json) Hash identifier: Ym/WuQ+V1yD9ZoFmP9pSEDzKUi3Nai5IGJTotgrC3Bc= Subject key identifier: 87:01:D3:9E:AB:87:7F:56:7E:2E:33:5A:8A:BF:51:9A:AF:FE:38:F7 Authority key identifier: FE:D8:4E:9F:E0:15:9A:99:37:A2:19:3A:0B:7D:BA:23:B6:C2:65:B8 Certificate issuer: /CN=A91EDBB0/serialNumber=FED84E9FE0159A9937A2193A0B7DBA23B6C265B8 Certificate serial: 1E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_thOn-AVmpk3ohk6C326I7bCZbg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EDBB0/E653E51207ED11F0B0A68764C4F9AE02/_thOn-AVmpk3ohk6C326I7bCZbg.mft Manifest number: 1D Signing time: Tue 13 May 2025 07:10:08 +0000 Manifest this update: Tue 13 May 2025 07:10:07 +0000 Manifest next update: Tue 20 May 2025 07:10:07 +0000 Files and hashes: 1: _thOn-AVmpk3ohk6C326I7bCZbg.crl (hash: LUJeu4CAL4qpzACN3AYkJVQ+4qboC2bB9PtheP4TCUs=) 2: 18317928083911F0A2909A72C4F9AE02.roa (hash: fPnd9TCItmXimGuCENGl/4MsqPzHHL+sjFkQjjF93Kg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EDBB0/E653E51207ED11F0B0A68764C4F9AE02/_thOn-AVmpk3ohk6C326I7bCZbg.crl rsync://rpki.apnic.net/member_repository/A91EDBB0/E653E51207ED11F0B0A68764C4F9AE02/_thOn-AVmpk3ohk6C326I7bCZbg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_thOn-AVmpk3ohk6C326I7bCZbg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 07:10:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30 (0x1e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EDBB0, serialNumber=FED84E9FE0159A9937A2193A0B7DBA23B6C265B8 Validity Not Before: May 13 07:10:07 2025 GMT Not After : May 20 07:10:07 2025 GMT Subject: CN=6822f04f-ef9f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:c4:cc:81:a6:86:d6:83:5d:48:24:41:62:f0: f4:cb:3a:51:4e:7f:97:c3:37:d4:da:1e:5f:64:08: 9a:76:a0:91:cb:3c:27:a9:8f:a2:ea:36:a1:d8:97: f2:bc:f3:f3:ef:c2:fd:82:7d:fe:aa:1e:57:f5:99: 9c:fb:af:95:2e:92:0d:76:5c:13:f4:77:d5:3b:a1: f6:c7:5f:a9:af:a1:77:6d:93:99:8f:c4:01:d6:b9: 20:b2:fc:f5:d3:88:e7:ed:0f:37:40:ef:0b:98:06: 2e:99:b8:a5:7d:8f:d3:61:4e:ba:92:8c:82:67:f6: 20:e4:a4:a8:0d:e5:1d:c9:26:9d:fc:2b:37:d3:90: c2:40:50:2b:f1:05:96:ca:85:db:44:4c:d5:52:d4: e2:ad:68:3f:95:f8:6c:d4:07:a3:23:3d:4c:6f:c3: ec:74:fa:ba:19:a6:0f:35:e3:33:14:1b:a0:2e:0c: e3:b5:7f:fa:7d:ab:7e:94:9a:e3:a8:e8:95:1a:ab: 4e:5e:42:38:18:04:ac:65:0d:ff:48:95:05:ef:06: ad:e2:7c:a3:f1:68:e3:ff:70:1f:0a:70:ef:85:92: 9b:26:e3:7e:72:47:f3:1d:0f:6c:68:30:1d:11:c5: 1b:8c:68:e8:f4:9f:66:5c:20:a7:70:2d:f9:95:ac: 1f:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:01:D3:9E:AB:87:7F:56:7E:2E:33:5A:8A:BF:51:9A:AF:FE:38:F7 X509v3 Authority Key Identifier: keyid:FE:D8:4E:9F:E0:15:9A:99:37:A2:19:3A:0B:7D:BA:23:B6:C2:65:B8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EDBB0/E653E51207ED11F0B0A68764C4F9AE02/_thOn-AVmpk3ohk6C326I7bCZbg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_thOn-AVmpk3ohk6C326I7bCZbg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EDBB0/E653E51207ED11F0B0A68764C4F9AE02/_thOn-AVmpk3ohk6C326I7bCZbg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9d:fd:5b:e0:67:bf:79:2f:46:af:f2:25:31:36:df:e3:af:89: 5c:c1:d9:73:e2:1d:c9:50:e0:73:3e:19:b5:2b:c2:82:58:35: 85:d1:4c:06:3c:9a:d2:9e:73:af:54:76:f6:5d:4f:c1:0d:91: cc:c7:88:ca:00:b6:ee:f7:1f:63:ed:7f:7e:f6:b0:55:e8:7f: b4:f9:ff:42:c5:ba:5d:e9:7c:7c:08:b8:0f:5d:77:b2:63:ab: e6:25:b0:7c:09:e4:51:bc:7d:64:9d:8f:80:58:4c:a2:9a:54: 0b:c3:00:61:ba:31:43:3b:c3:7a:00:50:60:3e:1a:62:39:48: 6a:0f:10:f6:b7:18:1d:6b:0c:4b:4b:f1:24:e5:4b:7a:db:cd: 25:a9:bc:b1:33:34:50:64:17:9e:d7:fc:1b:60:50:b3:89:4b: f7:e4:f1:37:50:fe:d9:07:1b:ba:be:33:d1:2a:12:76:8d:47: 8e:08:f4:7e:77:5d:18:34:4c:b6:56:05:b8:1e:53:f3:fe:8d: 93:e3:ae:89:9e:48:70:c0:bb:18:a0:d1:32:ca:27:aa:23:79: d7:62:b3:6d:8a:50:4b:f5:9a:40:13:ab:88:ae:07:dd:3a:5c: bd:e1:0f:22:56:2f:6b:89:09:7a:40:fb:53:db:00:d4:dc:1b: dc:cc:ed:31 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBHjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF REJCMDExMC8GA1UEBRMoRkVEODRFOUZFMDE1OUE5OTM3QTIxOTNBMEI3REJBMjNC NkMyNjVCODAeFw0yNTA1MTMwNzEwMDdaFw0yNTA1MjAwNzEwMDdaMBgxFjAUBgNV BAMTDTY4MjJmMDRmLWVmOWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCvxMyBpobWg11IJEFi8PTLOlFOf5fDN9TaHl9kCJp2oJHLPCepj6LqNqHYl/K8 8/Pvwv2Cff6qHlf1mZz7r5Uukg12XBP0d9U7ofbHX6mvoXdtk5mPxAHWuSCy/PXT iOftDzdA7wuYBi6ZuKV9j9NhTrqSjIJn9iDkpKgN5R3JJp38KzfTkMJAUCvxBZbK hdtETNVS1OKtaD+V+GzUB6MjPUxvw+x0+roZpg814zMUG6AuDOO1f/p9q36UmuOo 6JUaq05eQjgYBKxlDf9IlQXvBq3ifKPxaOP/cB8KcO+Fkpsm435yR/MdD2xoMB0R xRuMaOj0n2ZcIKdwLfmVrB+fAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUhwHTnquH f1Z+LjNair9Rmq/+OPcwHwYDVR0jBBgwFoAU/thOn+AVmpk3ohk6C326I7bCZbgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVEQkIwL0U2NTNFNTEyMDdF RDExRjBCMEE2ODc2NEM0RjlBRTAyL190aE9uLUFWbXBrM29oazZDMzI2STdiQ1pi Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvX3RoT24tQVZtcGszb2hrNkMzMjZJN2JDWmJnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVE QkIwL0U2NTNFNTEyMDdFRDExRjBCMEE2ODc2NEM0RjlBRTAyL190aE9uLUFWbXBr M29oazZDMzI2STdiQ1piZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAJ39W+Bnv3kvRq/yJTE23+OviVzB2XPiHclQ4HM+GbUrwoJYNYXRTAY8 mtKec69UdvZdT8ENkczHiMoAtu73H2Ptf372sFXof7T5/0LFul3pfHwIuA9dd7Jj q+YlsHwJ5FG8fWSdj4BYTKKaVAvDAGG6MUM7w3oAUGA+GmI5SGoPEPa3GB1rDEtL 8STlS3rbzSWpvLEzNFBkF57X/BtgULOJS/fk8TdQ/tkHG7q+M9EqEnaNR44I9H53 XRg0TLZWBbgeU/P+jZPjromeSHDAuxig0TLKJ6ojeddis22KUEv1mkATq4iuB906 XL3hDyJWL2uJCXpA+1PbANTcG9zM7TE= -----END CERTIFICATE-----Generated at Thu May 15 06:42:06 2025 by rpki-client