$ rpki-client -vvf rpki.apnic.net/member_repository/A91FD64D/370786C8999411ED8567311FC4F9AE02/tLGKJT-2KTQ3EWY13d0ZlCi2jVs.mft File: tLGKJT-2KTQ3EWY13d0ZlCi2jVs.mft (raw, json) Hash identifier: Av0UByATXWZNF3elxa/AQvrIAznDNhOg8gOsJqH7gNI= Subject key identifier: 41:6F:9D:FD:87:85:94:45:E4:10:94:D0:BF:69:B0:AA:C8:BF:66:5D Authority key identifier: B4:B1:8A:25:3F:B6:29:34:37:11:66:35:DD:DD:19:94:28:B6:8D:5B Certificate issuer: /CN=A91FD64D/serialNumber=B4B18A253FB6293437116635DDDD199428B68D5B Certificate serial: 01D3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tLGKJT-2KTQ3EWY13d0ZlCi2jVs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FD64D/370786C8999411ED8567311FC4F9AE02/tLGKJT-2KTQ3EWY13d0ZlCi2jVs.mft Manifest number: 01CB Signing time: Tue 01 Jul 2025 03:20:18 +0000 Manifest this update: Tue 01 Jul 2025 03:20:17 +0000 Manifest next update: Tue 08 Jul 2025 03:20:17 +0000 Files and hashes: 1: tLGKJT-2KTQ3EWY13d0ZlCi2jVs.crl (hash: DEKiznzjRy686szUkFWjJpjCIe1lMW6dF2iBK93yHKM=) 2: 66D00EB2449C11EE86105C41C4F9AE02.roa (hash: sFUlSAs686BHpBPHFZ6jJXEM4AvroBrl/QL/VRc6YMo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FD64D/370786C8999411ED8567311FC4F9AE02/tLGKJT-2KTQ3EWY13d0ZlCi2jVs.crl rsync://rpki.apnic.net/member_repository/A91FD64D/370786C8999411ED8567311FC4F9AE02/tLGKJT-2KTQ3EWY13d0ZlCi2jVs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tLGKJT-2KTQ3EWY13d0ZlCi2jVs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 03:20:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 467 (0x1d3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FD64D, serialNumber=B4B18A253FB6293437116635DDDD199428B68D5B Validity Not Before: Jul 1 03:20:17 2025 GMT Not After : Jul 8 03:20:17 2025 GMT Subject: CN=686353f2-e660 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:be:ac:7a:a2:d6:5c:b0:92:b0:f6:1e:46:49: 65:b3:7c:c5:0b:26:15:09:db:8f:ca:40:fd:e0:80: 7f:e0:ee:af:72:1f:64:0a:f9:1d:72:be:62:bb:1b: cd:a3:73:4b:39:b9:64:f1:e3:86:1a:ee:bc:4d:8a: e6:a8:95:ea:c2:4b:04:18:81:5b:92:aa:94:36:b7: d6:68:18:a7:ff:85:4e:5e:36:e6:74:a9:7c:c6:f9: 10:16:ea:f0:e9:1e:2b:c1:fb:e9:52:9a:7b:35:d6: 47:ce:6a:f1:51:bb:73:51:0a:cc:d9:a1:b9:c6:3f: ed:c3:b1:5a:05:e1:55:85:b8:d6:9a:fc:ee:64:23: c9:37:97:03:08:d9:bf:5e:e6:e1:19:84:08:3d:be: 51:85:2e:99:bd:a7:a5:91:fd:14:8f:01:c6:e5:f7: f3:84:ad:45:07:8a:ff:ff:70:7b:c8:59:80:13:dc: 51:22:2d:45:dd:27:f2:27:6a:bf:82:e8:e5:cf:f5: ae:dc:07:a2:ae:d1:d9:10:05:6b:79:d5:c1:f9:8b: 3e:55:88:12:e6:5c:70:b7:93:2d:6e:ca:da:18:1c: 75:73:64:9c:76:37:0b:6d:3e:fb:0b:d1:99:b2:dc: 44:21:19:7f:5e:c2:b6:8f:02:a8:3d:91:90:5c:aa: 71:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:6F:9D:FD:87:85:94:45:E4:10:94:D0:BF:69:B0:AA:C8:BF:66:5D X509v3 Authority Key Identifier: keyid:B4:B1:8A:25:3F:B6:29:34:37:11:66:35:DD:DD:19:94:28:B6:8D:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FD64D/370786C8999411ED8567311FC4F9AE02/tLGKJT-2KTQ3EWY13d0ZlCi2jVs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tLGKJT-2KTQ3EWY13d0ZlCi2jVs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FD64D/370786C8999411ED8567311FC4F9AE02/tLGKJT-2KTQ3EWY13d0ZlCi2jVs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 44:8e:3f:7c:11:3f:b4:be:3a:ee:5b:c6:eb:77:2b:49:33:32: 99:84:57:57:d5:da:2d:96:e6:bc:0d:15:de:44:b8:81:3b:2a: 41:37:60:03:1c:a1:cd:f7:e2:97:84:68:15:d8:63:e6:47:d5: 1a:2f:ec:41:dd:98:ec:b5:6f:1d:16:c2:22:e2:f7:a4:60:68: dc:92:31:9b:7f:a2:75:31:aa:26:2c:f3:48:61:63:52:5e:e0: d3:45:92:b2:96:32:3d:63:6a:78:71:fc:ff:24:a1:d7:de:3c: 13:4f:4e:4c:35:f7:22:d8:7c:f8:68:67:1d:71:14:b5:59:f1: 6c:09:63:d1:63:c9:48:96:d1:05:c3:28:10:e7:dd:78:df:5f: 74:b0:9f:47:04:dd:e7:cb:2e:1c:b1:a8:c7:6c:9b:d4:4b:68: a7:6a:27:8c:b4:ea:70:55:cd:4c:3f:8c:f4:60:bc:9e:d7:78: b7:86:18:93:c8:ea:54:ee:11:45:72:c4:05:9f:4d:61:4a:9e: cb:3e:93:44:a7:2f:6f:06:b3:fe:70:d4:4a:32:a3:55:73:63: 83:50:19:c0:31:ba:96:62:6d:c7:1e:38:d4:21:40:5d:a4:a4: e6:23:ba:33:79:cf:17:38:d6:70:f0:7a:eb:cd:4c:8e:8a:87: 56:8e:fa:e1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAdMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkQ2NEQxMTAvBgNVBAUTKEI0QjE4QTI1M0ZCNjI5MzQzNzExNjYzNUREREQxOTk0 MjhCNjhENUIwHhcNMjUwNzAxMDMyMDE3WhcNMjUwNzA4MDMyMDE3WjAYMRYwFAYD VQQDEw02ODYzNTNmMi1lNjYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwL6seqLWXLCSsPYeRklls3zFCyYVCduPykD94IB/4O6vch9kCvkdcr5iuxvN o3NLOblk8eOGGu68TYrmqJXqwksEGIFbkqqUNrfWaBin/4VOXjbmdKl8xvkQFurw 6R4rwfvpUpp7NdZHzmrxUbtzUQrM2aG5xj/tw7FaBeFVhbjWmvzuZCPJN5cDCNm/ XubhGYQIPb5RhS6Zvaelkf0UjwHG5ffzhK1FB4r//3B7yFmAE9xRIi1F3SfyJ2q/ gujlz/Wu3AeirtHZEAVredXB+Ys+VYgS5lxwt5MtbsraGBx1c2ScdjcLbT77C9GZ stxEIRl/XsK2jwKoPZGQXKpx6wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEFvnf2H hZRF5BCU0L9psKrIv2ZdMB8GA1UdIwQYMBaAFLSxiiU/tik0NxFmNd3dGZQoto1b MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRDY0RC8zNzA3ODZDODk5 OTQxMUVEODU2NzMxMUZDNEY5QUUwMi90TEdLSlQtMktUUTNFV1kxM2QwWmxDaTJq VnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RMR0tKVC0yS1RRM0VXWTEzZDBabENpMmpWcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG RDY0RC8zNzA3ODZDODk5OTQxMUVEODU2NzMxMUZDNEY5QUUwMi90TEdLSlQtMktU UTNFV1kxM2QwWmxDaTJqVnMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBEjj98ET+0vjruW8brdytJMzKZhFdX1dotlua8DRXeRLiBOypBN2AD HKHN9+KXhGgV2GPmR9UaL+xB3ZjstW8dFsIi4vekYGjckjGbf6J1MaomLPNIYWNS XuDTRZKyljI9Y2p4cfz/JKHX3jwTT05MNfci2Hz4aGcdcRS1WfFsCWPRY8lIltEF wygQ59143190sJ9HBN3nyy4csajHbJvUS2inaieMtOpwVc1MP4z0YLye13i3hhiT yOpU7hFFcsQFn01hSp7LPpNEpy9vBrP+cNRKMqNVc2ODUBnAMbqWYm3HHjjUIUBd pKTmI7ozec8XONZw8HrrzUyOiodWjvrh -----END CERTIFICATE-----Generated at Tue Jul 1 17:52:27 2025 by rpki-client