$ rpki-client -vvf rpki.apnic.net/member_repository/A914E2B2/2B46EA580DE311EF803F6F0EC4F9AE02/tw3qbHe56OzOWDkTKBnvkTc_xSc.mft File: tw3qbHe56OzOWDkTKBnvkTc_xSc.mft (raw, json) Hash identifier: aiHi+cLlK2AtayfNathjKNYpPOrScos93h1T60tQd8E= Subject key identifier: 2F:5B:D6:35:34:D9:07:A2:04:34:5D:F6:0B:A4:80:33:E4:2A:0A:9F Authority key identifier: B7:0D:EA:6C:77:B9:E8:EC:CE:58:39:13:28:19:EF:91:37:3F:C5:27 Certificate issuer: /CN=A914E2B2/serialNumber=B70DEA6C77B9E8ECCE5839132819EF91373FC527 Certificate serial: D1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tw3qbHe56OzOWDkTKBnvkTc_xSc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914E2B2/2B46EA580DE311EF803F6F0EC4F9AE02/tw3qbHe56OzOWDkTKBnvkTc_xSc.mft Manifest number: CF Signing time: Sun 15 Jun 2025 04:48:15 +0000 Manifest this update: Sun 15 Jun 2025 04:48:15 +0000 Manifest next update: Sun 22 Jun 2025 04:48:15 +0000 Files and hashes: 1: tw3qbHe56OzOWDkTKBnvkTc_xSc.crl (hash: 4YVG62obeAPhwVhdxwboHN4mP8vCjsnrNwOu76kz5EE=) 2: D6AEA2D20DE311EFA1E24F25C4F9AE02.roa (hash: 60v1AWfkB6F13z3L2Xfn7BvrHJoskGA1iG8Ca5+EvSE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914E2B2/2B46EA580DE311EF803F6F0EC4F9AE02/tw3qbHe56OzOWDkTKBnvkTc_xSc.crl rsync://rpki.apnic.net/member_repository/A914E2B2/2B46EA580DE311EF803F6F0EC4F9AE02/tw3qbHe56OzOWDkTKBnvkTc_xSc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tw3qbHe56OzOWDkTKBnvkTc_xSc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Jun 2025 04:48:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 209 (0xd1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914E2B2, serialNumber=B70DEA6C77B9E8ECCE5839132819EF91373FC527 Validity Not Before: Jun 15 04:48:15 2025 GMT Not After : Jun 22 04:48:15 2025 GMT Subject: CN=684e508f-836b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:81:f4:c1:ae:cf:4f:33:23:f1:82:63:5d:9c: 9e:e0:2e:d6:1e:7c:e6:58:99:79:5d:df:50:e7:61: bb:2e:b8:b6:60:54:ba:ed:55:f6:7f:d1:c8:77:67: e3:ca:c3:fb:fa:a3:25:53:2d:e7:10:58:f5:e0:7e: 2d:70:29:07:f3:c6:81:44:e7:5d:73:29:b7:8d:2a: ed:f4:11:71:1e:fa:c8:a6:06:63:fb:6e:c3:e5:26: a0:f1:43:32:6c:f1:49:e9:97:14:e6:f4:c3:f5:cb: 46:0a:ee:c9:8f:2d:0d:6c:c0:54:32:4f:33:25:18: 3a:f8:77:c5:b1:d1:bd:38:af:46:bf:1f:4c:02:24: 49:a7:db:4b:26:5b:b8:6a:e1:d1:0f:80:52:84:c8: 5b:8b:87:73:1f:fe:4f:f8:eb:1d:5d:32:84:06:c2: 61:18:65:df:28:cb:32:10:69:66:58:2b:22:1e:f3: 55:2b:eb:9d:08:e3:37:4a:73:e7:28:58:20:47:c3: c3:c9:28:6e:2c:08:a7:86:a9:fe:12:d9:10:90:59: d9:ed:8b:72:a6:6e:1c:92:f4:b4:1f:fa:a8:ae:8b: de:4b:c3:75:35:8b:9c:7e:27:f5:bc:78:81:b8:71: 1d:e5:a2:c6:15:f7:02:22:dc:87:6c:94:03:fa:f4: ae:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:5B:D6:35:34:D9:07:A2:04:34:5D:F6:0B:A4:80:33:E4:2A:0A:9F X509v3 Authority Key Identifier: keyid:B7:0D:EA:6C:77:B9:E8:EC:CE:58:39:13:28:19:EF:91:37:3F:C5:27 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914E2B2/2B46EA580DE311EF803F6F0EC4F9AE02/tw3qbHe56OzOWDkTKBnvkTc_xSc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tw3qbHe56OzOWDkTKBnvkTc_xSc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914E2B2/2B46EA580DE311EF803F6F0EC4F9AE02/tw3qbHe56OzOWDkTKBnvkTc_xSc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 04:91:83:bb:09:1b:d2:18:8f:75:58:85:fa:95:c6:50:df:01: c0:f4:9f:c4:0b:96:b7:62:a1:59:2a:c2:00:69:a5:1d:8a:a0: 7a:14:b3:d0:70:4a:c8:a6:73:32:d0:13:de:8a:44:a1:fd:a2: 4f:c6:24:a7:5c:a2:44:fa:93:89:ba:0a:8f:05:26:c6:f6:67: b9:d5:5b:86:77:64:c6:f7:07:53:fb:f5:73:02:ca:6c:e7:10: 85:28:d5:75:69:79:24:8e:82:b9:ce:9b:a8:5f:58:04:ef:4a: 97:75:d6:36:fe:4e:20:54:38:10:78:6d:52:6b:f4:77:ef:51: c6:24:40:e9:2a:3a:0c:24:24:14:bc:39:51:6b:5b:39:04:02: 51:33:5e:a0:11:3c:6f:e5:a6:76:be:ef:1b:f8:23:e7:22:8d: 89:9f:22:60:76:96:85:5b:cc:75:6b:a6:13:3a:14:ce:12:27: 11:98:a3:cb:09:bf:40:aa:5d:5a:4f:37:a9:57:ca:6c:51:46: 8e:79:f4:75:fd:9c:1f:05:01:d6:6d:29:21:9f:aa:ab:1e:37: 2c:73:e1:d8:e2:65:2f:2c:0b:1f:a9:02:6e:9e:97:b7:6b:df: 3f:dc:72:ed:fb:ee:9b:90:09:22:28:cc:de:21:b6:7e:f3:a6: a5:eb:99:b3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEUyQjIxMTAvBgNVBAUTKEI3MERFQTZDNzdCOUU4RUNDRTU4MzkxMzI4MTlFRjkx MzczRkM1MjcwHhcNMjUwNjE1MDQ0ODE1WhcNMjUwNjIyMDQ0ODE1WjAYMRYwFAYD VQQDEw02ODRlNTA4Zi04MzZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoIH0wa7PTzMj8YJjXZye4C7WHnzmWJl5Xd9Q52G7Lri2YFS67VX2f9HId2fj ysP7+qMlUy3nEFj14H4tcCkH88aBROddcym3jSrt9BFxHvrIpgZj+27D5Sag8UMy bPFJ6ZcU5vTD9ctGCu7Jjy0NbMBUMk8zJRg6+HfFsdG9OK9Gvx9MAiRJp9tLJlu4 auHRD4BShMhbi4dzH/5P+OsdXTKEBsJhGGXfKMsyEGlmWCsiHvNVK+udCOM3SnPn KFggR8PDyShuLAinhqn+EtkQkFnZ7Ytypm4ckvS0H/qoroveS8N1NYucfif1vHiB uHEd5aLGFfcCItyHbJQD+vSuZQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC9b1jU0 2QeiBDRd9gukgDPkKgqfMB8GA1UdIwQYMBaAFLcN6mx3uejszlg5EygZ75E3P8Un MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RTJCMi8yQjQ2RUE1ODBE RTMxMUVGODAzRjZGMEVDNEY5QUUwMi90dzNxYkhlNTZPek9XRGtUS0JudmtUY194 U2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3R3M3FiSGU1Nk96T1dEa1RLQm52a1RjX3hTYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RTJCMi8yQjQ2RUE1ODBERTMxMUVGODAzRjZGMEVDNEY5QUUwMi90dzNxYkhlNTZP ek9XRGtUS0JudmtUY194U2MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAEkYO7CRvSGI91WIX6lcZQ3wHA9J/EC5a3YqFZKsIAaaUdiqB6FLPQ cErIpnMy0BPeikSh/aJPxiSnXKJE+pOJugqPBSbG9me51VuGd2TG9wdT+/VzAsps 5xCFKNV1aXkkjoK5zpuoX1gE70qXddY2/k4gVDgQeG1Sa/R371HGJEDpKjoMJCQU vDlRa1s5BAJRM16gETxv5aZ2vu8b+CPnIo2JnyJgdpaFW8x1a6YTOhTOEicRmKPL Cb9Aql1aTzepV8psUUaOefR1/ZwfBQHWbSkhn6qrHjcsc+HY4mUvLAsfqQJunpe3 a98/3HLt++6bkAkiKMzeIbZ+86al65mz -----END CERTIFICATE-----Generated at Tue Jun 17 01:31:21 2025 by rpki-client