$ rpki-client -vvf rpki.apnic.net/member_repository/A9180D79/E18208BC6D9C11EEA02BBB0EC4F9AE02/TiH1qoySjAtnV8A-VbClkjxOSKs.mft File: TiH1qoySjAtnV8A-VbClkjxOSKs.mft (raw, json) Hash identifier: 2gSaZBfZN2kyMwYF3xRYJRppUPzH3Lx7onY31lelqug= Subject key identifier: F8:67:24:39:98:57:01:40:CC:D7:51:B7:F9:C4:41:3D:BA:D1:08:7D Authority key identifier: 4E:21:F5:AA:8C:92:8C:0B:67:57:C0:3E:55:B0:A5:92:3C:4E:48:AB Certificate issuer: /CN=A9180D79/serialNumber=4E21F5AA8C928C0B6757C03E55B0A5923C4E48AB Certificate serial: 0122 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TiH1qoySjAtnV8A-VbClkjxOSKs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9180D79/E18208BC6D9C11EEA02BBB0EC4F9AE02/TiH1qoySjAtnV8A-VbClkjxOSKs.mft Manifest number: 011F Signing time: Fri 25 Apr 2025 03:50:08 +0000 Manifest this update: Fri 25 Apr 2025 03:50:08 +0000 Manifest next update: Fri 02 May 2025 03:50:08 +0000 Files and hashes: 1: TiH1qoySjAtnV8A-VbClkjxOSKs.crl (hash: a0rTETBZt/B4vJhMFFmEfLUDx9CemVBwTyPe+IFk4iM=) 2: 25FE32B86D9D11EEB269D31CC4F9AE02.roa (hash: XBTNFChUOehrdQ5J3okPPPcp7T4Od1Rs1x+s2bvuzOk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9180D79/E18208BC6D9C11EEA02BBB0EC4F9AE02/TiH1qoySjAtnV8A-VbClkjxOSKs.crl rsync://rpki.apnic.net/member_repository/A9180D79/E18208BC6D9C11EEA02BBB0EC4F9AE02/TiH1qoySjAtnV8A-VbClkjxOSKs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TiH1qoySjAtnV8A-VbClkjxOSKs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 03:50:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 290 (0x122) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9180D79, serialNumber=4E21F5AA8C928C0B6757C03E55B0A5923C4E48AB Validity Not Before: Apr 25 03:50:08 2025 GMT Not After : May 2 03:50:08 2025 GMT Subject: CN=680b0670-1802 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:2f:05:5a:6f:d1:a8:59:0a:77:11:99:8c:f9: db:8c:5a:c8:62:f7:14:30:1f:27:e8:6b:74:37:58: 46:d1:5a:da:cf:c7:7c:ab:ff:b6:bd:31:5c:92:d4: 7a:57:85:ec:d1:27:32:43:2c:48:5a:62:ac:83:84: ae:a8:e8:01:41:65:5f:43:29:1e:54:aa:40:55:7e: 54:fa:3d:04:c5:6f:bc:29:f5:c4:b5:d0:43:d6:fb: 74:1e:5f:da:03:4c:c2:ec:f0:25:9e:fa:01:02:55: 18:bf:c4:36:f0:bd:46:a6:84:70:1d:dd:84:81:f9: d2:13:d9:b9:a5:59:41:73:90:72:10:cb:b8:2f:06: 6c:66:66:3c:6a:21:b2:6e:b1:07:fd:4d:5b:1a:e4: 4b:c2:2d:20:28:82:41:22:b2:18:e5:ae:b9:28:4a: 5f:d1:0e:8a:0d:ad:76:de:0f:1f:05:cc:aa:2f:a5: 2d:fc:06:de:88:e6:1f:ec:85:18:fc:4d:25:e8:bd: da:4d:fe:39:02:10:10:ba:b5:94:39:dd:50:58:7c: 17:9b:d1:e8:ed:1e:db:ac:20:2e:cf:f6:2a:3f:93: 43:23:d5:c9:32:9d:b5:58:09:bf:82:4f:83:e9:4c: 56:27:dd:8e:64:57:49:0c:09:bc:11:00:fe:f5:20: a8:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:67:24:39:98:57:01:40:CC:D7:51:B7:F9:C4:41:3D:BA:D1:08:7D X509v3 Authority Key Identifier: keyid:4E:21:F5:AA:8C:92:8C:0B:67:57:C0:3E:55:B0:A5:92:3C:4E:48:AB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9180D79/E18208BC6D9C11EEA02BBB0EC4F9AE02/TiH1qoySjAtnV8A-VbClkjxOSKs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TiH1qoySjAtnV8A-VbClkjxOSKs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9180D79/E18208BC6D9C11EEA02BBB0EC4F9AE02/TiH1qoySjAtnV8A-VbClkjxOSKs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a7:3a:32:c9:c5:ee:8d:72:14:96:d8:3a:e3:5b:f2:e4:53:5a: 1e:30:32:06:b6:3f:8f:d9:d8:4d:c6:c5:46:66:f7:a9:c3:07: 5f:d5:fb:21:3b:4d:04:f8:5f:e8:67:d8:0b:1a:f5:a7:a3:86: fc:06:35:6c:e6:8f:2d:3e:8d:af:9f:42:23:b8:70:dc:70:81: 13:27:9a:01:b1:c6:f0:27:83:1b:9e:da:d2:60:66:88:4c:87: e6:47:55:83:2e:46:58:17:76:11:9c:56:2f:30:d5:7b:d7:ac: 53:d4:83:c4:b6:03:db:ca:3f:e0:bd:9f:a8:21:6a:96:0c:a0: f6:43:ee:a3:d6:7e:f7:cf:58:38:bc:67:ae:af:c3:8f:cf:58: 05:02:0f:e9:35:77:48:44:4d:8f:cd:b5:88:bf:04:9f:a6:65: a2:e0:7d:43:25:78:01:8f:08:71:d8:ed:47:a8:ed:9c:f3:fc: 9e:72:0e:81:e9:96:91:63:50:78:12:dc:56:3c:0c:5b:ac:fb: 7e:3e:75:93:f1:0f:26:c9:64:9c:e8:1d:a1:38:eb:a9:5c:e1: c4:51:07:c6:db:92:ad:ff:21:08:dd:25:61:50:70:ba:a4:61: f9:ff:96:62:a2:c9:ae:de:dd:1b:67:a8:af:d7:b4:44:fa:d3: 5d:1b:85:9b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODBENzkxMTAvBgNVBAUTKDRFMjFGNUFBOEM5MjhDMEI2NzU3QzAzRTU1QjBBNTky M0M0RTQ4QUIwHhcNMjUwNDI1MDM1MDA4WhcNMjUwNTAyMDM1MDA4WjAYMRYwFAYD VQQDEw02ODBiMDY3MC0xODAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5S8FWm/RqFkKdxGZjPnbjFrIYvcUMB8n6Gt0N1hG0Vraz8d8q/+2vTFcktR6 V4Xs0ScyQyxIWmKsg4SuqOgBQWVfQykeVKpAVX5U+j0ExW+8KfXEtdBD1vt0Hl/a A0zC7PAlnvoBAlUYv8Q28L1GpoRwHd2EgfnSE9m5pVlBc5ByEMu4LwZsZmY8aiGy brEH/U1bGuRLwi0gKIJBIrIY5a65KEpf0Q6KDa123g8fBcyqL6Ut/AbeiOYf7IUY /E0l6L3aTf45AhAQurWUOd1QWHwXm9Ho7R7brCAuz/YqP5NDI9XJMp21WAm/gk+D 6UxWJ92OZFdJDAm8EQD+9SCorwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPhnJDmY VwFAzNdRt/nEQT260Qh9MB8GA1UdIwQYMBaAFE4h9aqMkowLZ1fAPlWwpZI8Tkir MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MEQ3OS9FMTgyMDhCQzZE OUMxMUVFQTAyQkJCMEVDNEY5QUUwMi9UaUgxcW95U2pBdG5WOEEtVmJDbGtqeE9T S3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1RpSDFxb3lTakF0blY4QS1WYkNsa2p4T1NLcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 MEQ3OS9FMTgyMDhCQzZEOUMxMUVFQTAyQkJCMEVDNEY5QUUwMi9UaUgxcW95U2pB dG5WOEEtVmJDbGtqeE9TS3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCnOjLJxe6NchSW2DrjW/LkU1oeMDIGtj+P2dhNxsVGZvepwwdf1fsh O00E+F/oZ9gLGvWno4b8BjVs5o8tPo2vn0IjuHDccIETJ5oBscbwJ4MbntrSYGaI TIfmR1WDLkZYF3YRnFYvMNV716xT1IPEtgPbyj/gvZ+oIWqWDKD2Q+6j1n73z1g4 vGeur8OPz1gFAg/pNXdIRE2PzbWIvwSfpmWi4H1DJXgBjwhx2O1HqO2c8/yecg6B 6ZaRY1B4EtxWPAxbrPt+PnWT8Q8myWSc6B2hOOupXOHEUQfG25Kt/yEI3SVhUHC6 pGH5/5Ziosmu3t0bZ6iv17RE+tNdG4Wb -----END CERTIFICATE-----Generated at Sat Apr 26 13:49:36 2025 by rpki-client