$ rpki-client -vvf rpki.apnic.net/member_repository/A91F104D/21C2A08C585F11EA8A1B8753C4F9AE02/TrnMSjh3s_-dQLwbs-YMkK36zVM.mft File: TrnMSjh3s_-dQLwbs-YMkK36zVM.mft (raw, json) Hash identifier: CokqjoXGML1eeTEGarver/cDiK679OCFovU+BVU/KA0= Subject key identifier: 4E:2F:03:A1:D0:FE:49:33:EC:8C:BA:2A:28:3A:F5:AC:95:96:1F:99 Authority key identifier: 4E:B9:CC:4A:38:77:B3:FF:9D:40:BC:1B:B3:E6:0C:90:AD:FA:CD:53 Certificate issuer: /CN=A91F104D/serialNumber=4EB9CC4A3877B3FF9D40BC1BB3E60C90ADFACD53 Certificate serial: 0AAE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TrnMSjh3s_-dQLwbs-YMkK36zVM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F104D/21C2A08C585F11EA8A1B8753C4F9AE02/TrnMSjh3s_-dQLwbs-YMkK36zVM.mft Manifest number: 0AA7 Signing time: Mon 30 Jun 2025 19:40:30 +0000 Manifest this update: Mon 30 Jun 2025 19:40:30 +0000 Manifest next update: Mon 07 Jul 2025 19:40:30 +0000 Files and hashes: 1: TrnMSjh3s_-dQLwbs-YMkK36zVM.crl (hash: fSgK/YSA8w/xXMaBP6VmeKxdT2RXYbod1785cyHdBOQ=) 2: 1979A7C0586111EA9FC98555C4F9AE02.roa (hash: ZDs2CUVgufghQf+Lc8A/Bot+97mQvkMQ7xGXz6nIftU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F104D/21C2A08C585F11EA8A1B8753C4F9AE02/TrnMSjh3s_-dQLwbs-YMkK36zVM.crl rsync://rpki.apnic.net/member_repository/A91F104D/21C2A08C585F11EA8A1B8753C4F9AE02/TrnMSjh3s_-dQLwbs-YMkK36zVM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TrnMSjh3s_-dQLwbs-YMkK36zVM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 19:40:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2734 (0xaae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F104D, serialNumber=4EB9CC4A3877B3FF9D40BC1BB3E60C90ADFACD53 Validity Not Before: Jun 30 19:40:30 2025 GMT Not After : Jul 7 19:40:30 2025 GMT Subject: CN=6862e82e-e1a7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:08:d8:2c:2c:5d:b0:b9:3a:f6:53:1c:5c:9f: 25:66:b1:97:65:8d:82:3f:bb:22:f5:05:59:a5:ad: f1:17:a2:59:20:ff:6a:df:de:10:d4:ac:38:da:1c: a4:52:9a:77:6e:3d:ef:c7:18:22:8b:3f:af:5c:a9: 8a:1e:fd:26:f9:88:88:b1:b0:a0:d3:3c:6f:07:b7: d6:3c:bf:ed:f6:03:12:63:f4:0e:27:0e:f5:06:0f: e3:46:34:c2:1d:5d:9e:98:d2:a6:3d:f3:84:35:ef: ff:d9:71:99:6d:9a:89:76:4b:47:66:13:62:4c:8b: 54:ce:65:a8:18:34:60:f5:df:67:ea:aa:b3:04:34: 05:27:b3:e3:21:9e:4f:38:1a:e7:18:de:04:fd:7b: 71:3d:de:e2:33:6e:bb:58:a1:cd:45:c6:3e:d4:5d: 86:f2:13:3b:fe:41:07:a5:bc:71:41:23:24:f3:cf: cf:aa:45:08:fb:fd:b0:a5:ad:52:78:c1:6b:86:3b: b6:af:1a:f4:34:2c:10:d2:d7:ac:ac:51:24:c0:0d: 6f:d7:aa:b5:50:10:d1:33:be:99:20:17:9a:9c:a4: c1:6d:0c:f5:f0:75:3b:98:da:b1:b3:10:c0:29:70: 58:68:44:00:0b:d4:6c:d0:5f:80:4c:2a:d3:a2:49: b8:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:2F:03:A1:D0:FE:49:33:EC:8C:BA:2A:28:3A:F5:AC:95:96:1F:99 X509v3 Authority Key Identifier: keyid:4E:B9:CC:4A:38:77:B3:FF:9D:40:BC:1B:B3:E6:0C:90:AD:FA:CD:53 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F104D/21C2A08C585F11EA8A1B8753C4F9AE02/TrnMSjh3s_-dQLwbs-YMkK36zVM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TrnMSjh3s_-dQLwbs-YMkK36zVM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F104D/21C2A08C585F11EA8A1B8753C4F9AE02/TrnMSjh3s_-dQLwbs-YMkK36zVM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 57:d4:7c:fa:9b:2a:9d:92:2c:83:a2:99:ec:e2:9e:a3:30:49: 3b:5c:60:54:22:2b:2d:bb:23:09:82:1f:db:86:77:62:29:d0: 92:62:6a:1c:fe:ed:9b:16:04:64:47:f3:bd:79:4c:8e:30:1b: df:af:f1:eb:f4:26:16:2b:7a:7d:0c:5a:01:d1:27:bd:ec:cc: 6e:4a:73:51:32:a6:cf:4d:f0:2c:59:7c:c8:45:76:d0:4b:9e: e1:d9:9a:6f:a1:fa:a2:59:cf:34:68:b1:b8:c8:c6:a0:24:02: c6:a9:20:7e:1f:a1:36:30:50:00:39:ea:1e:09:9b:a5:34:d1: 2b:f5:d1:8d:e6:fc:08:b7:f3:f3:e2:e8:c4:1c:bb:8b:1e:c3: 2d:c1:28:51:7e:31:c8:e1:74:68:a4:cc:cf:57:11:3b:88:ad: 75:60:34:bd:97:0a:fd:22:8e:74:7a:d6:58:59:88:82:99:41: 0f:66:83:2b:b0:2a:f0:54:d7:44:b2:73:e2:d8:c3:8a:73:06: 63:a7:23:1a:e7:a0:6b:a2:8e:01:69:5b:84:00:ed:36:96:a0: 38:33:5d:00:61:f8:57:66:c4:2d:8c:0a:d0:23:bf:44:e3:6b: 0c:d4:9b:16:47:a4:7e:c2:b4:81:43:30:05:24:07:43:15:c2: 12:95:e6:49 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCq4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjEwNEQxMTAvBgNVBAUTKDRFQjlDQzRBMzg3N0IzRkY5RDQwQkMxQkIzRTYwQzkw QURGQUNENTMwHhcNMjUwNjMwMTk0MDMwWhcNMjUwNzA3MTk0MDMwWjAYMRYwFAYD VQQDEw02ODYyZTgyZS1lMWE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0wjYLCxdsLk69lMcXJ8lZrGXZY2CP7si9QVZpa3xF6JZIP9q394Q1Kw42hyk Upp3bj3vxxgiiz+vXKmKHv0m+YiIsbCg0zxvB7fWPL/t9gMSY/QOJw71Bg/jRjTC HV2emNKmPfOENe//2XGZbZqJdktHZhNiTItUzmWoGDRg9d9n6qqzBDQFJ7PjIZ5P OBrnGN4E/XtxPd7iM267WKHNRcY+1F2G8hM7/kEHpbxxQSMk88/PqkUI+/2wpa1S eMFrhju2rxr0NCwQ0tesrFEkwA1v16q1UBDRM76ZIBeanKTBbQz18HU7mNqxsxDA KXBYaEQAC9Rs0F+ATCrTokm4FwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE4vA6HQ /kkz7Iy6Kig69ayVlh+ZMB8GA1UdIwQYMBaAFE65zEo4d7P/nUC8G7PmDJCt+s1T MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTA0RC8yMUMyQTA4QzU4 NUYxMUVBOEExQjg3NTNDNEY5QUUwMi9Ucm5NU2poM3NfLWRRTHdicy1ZTWtLMzZ6 Vk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1Rybk1Tamgzc18tZFFMd2JzLVlNa0szNnpWTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MTA0RC8yMUMyQTA4QzU4NUYxMUVBOEExQjg3NTNDNEY5QUUwMi9Ucm5NU2poM3Nf LWRRTHdicy1ZTWtLMzZ6Vk0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBX1Hz6myqdkiyDopns4p6jMEk7XGBUIistuyMJgh/bhndiKdCSYmoc /u2bFgRkR/O9eUyOMBvfr/Hr9CYWK3p9DFoB0Se97MxuSnNRMqbPTfAsWXzIRXbQ S57h2ZpvofqiWc80aLG4yMagJALGqSB+H6E2MFAAOeoeCZulNNEr9dGN5vwIt/Pz 4ujEHLuLHsMtwShRfjHI4XRopMzPVxE7iK11YDS9lwr9Io50etZYWYiCmUEPZoMr sCrwVNdEsnPi2MOKcwZjpyMa56Broo4BaVuEAO02lqA4M10AYfhXZsQtjArQI79E 42sM1JsWR6R+wrSBQzAFJAdDFcISleZJ -----END CERTIFICATE-----Generated at Wed Jul 2 20:02:16 2025 by rpki-client