$ rpki-client -vvf rpki.apnic.net/member_repository/A91957C9/C359E75EAC1911E983F2FC62C4F9AE02/TzFe71rLLtp6NynnnhNZkMAecHQ.mft File: TzFe71rLLtp6NynnnhNZkMAecHQ.mft (raw, json) Hash identifier: vfPlaaWHhHLHaQCJGowlsQrL6FXP2F1cNf5KxZu0aAM= Subject key identifier: 19:10:A8:48:47:D8:03:CD:D1:91:42:C7:D5:4A:E7:59:F8:9D:9D:F4 Authority key identifier: 4F:31:5E:EF:5A:CB:2E:DA:7A:37:29:E7:9E:13:59:90:C0:1E:70:74 Certificate issuer: /CN=A91957C9/serialNumber=4F315EEF5ACB2EDA7A3729E79E135990C01E7074 Certificate serial: 0E02 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TzFe71rLLtp6NynnnhNZkMAecHQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91957C9/C359E75EAC1911E983F2FC62C4F9AE02/TzFe71rLLtp6NynnnhNZkMAecHQ.mft Manifest number: 0DF7 Signing time: Thu 24 Apr 2025 17:48:30 +0000 Manifest this update: Thu 24 Apr 2025 17:48:30 +0000 Manifest next update: Thu 01 May 2025 17:48:30 +0000 Files and hashes: 1: TzFe71rLLtp6NynnnhNZkMAecHQ.crl (hash: Xd9hTGQqKH+2favxFvjhXWAMi/wH/EUWzndmUU9FJD4=) 2: B55EC19EAC2B11E996F6E511C4F9AE02.roa (hash: IPMEsK43QEDeAXz8+s8RcYoTW9W3k8flG+M7sbwxamA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91957C9/C359E75EAC1911E983F2FC62C4F9AE02/TzFe71rLLtp6NynnnhNZkMAecHQ.crl rsync://rpki.apnic.net/member_repository/A91957C9/C359E75EAC1911E983F2FC62C4F9AE02/TzFe71rLLtp6NynnnhNZkMAecHQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TzFe71rLLtp6NynnnhNZkMAecHQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:48:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3586 (0xe02) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91957C9, serialNumber=4F315EEF5ACB2EDA7A3729E79E135990C01E7074 Validity Not Before: Apr 24 17:48:30 2025 GMT Not After : May 1 17:48:30 2025 GMT Subject: CN=680a796e-ed1a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:4a:08:31:d1:7a:a8:5a:2e:2b:19:a5:bc:e0: 17:af:ff:40:25:bd:51:af:53:f4:7e:a3:6b:cd:31: 91:a5:fb:d6:29:72:0a:08:8e:dd:3a:2f:db:2c:2f: 8c:62:90:cb:5d:13:40:ef:ea:04:30:77:e0:c0:63: be:18:72:d0:4f:c1:41:9a:10:21:d9:a9:b1:3d:5a: 5f:11:bc:20:26:e5:48:4c:32:3f:8e:f6:e4:b2:78: 34:76:91:2e:65:c3:b5:cd:a0:57:99:1e:79:0e:8d: e9:e5:80:26:88:9a:a5:80:84:12:39:ba:17:1f:a2: 92:60:24:58:9e:2e:02:fd:bf:9b:95:e1:9d:1a:63: d3:0c:9c:7f:6a:59:f8:f7:94:5b:8c:6f:76:6e:94: 09:ef:c9:f2:f4:73:4b:ed:0c:b1:57:e3:16:af:b6: bf:e6:d7:81:ac:ec:9b:9b:8a:e7:f5:a7:84:55:86: 15:54:81:63:8e:20:57:a4:4b:18:b1:5e:f6:43:3c: c7:65:29:0b:e0:11:b4:51:04:70:e7:2f:ab:17:87: 99:22:f6:22:d5:6a:df:32:7b:80:b6:ff:dd:47:f4: 6a:8d:de:f1:b8:43:02:1f:c6:39:76:cb:43:d6:a9: aa:9e:40:e5:5b:5f:bb:83:fd:0c:47:0f:c2:c5:38: 8d:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:10:A8:48:47:D8:03:CD:D1:91:42:C7:D5:4A:E7:59:F8:9D:9D:F4 X509v3 Authority Key Identifier: keyid:4F:31:5E:EF:5A:CB:2E:DA:7A:37:29:E7:9E:13:59:90:C0:1E:70:74 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91957C9/C359E75EAC1911E983F2FC62C4F9AE02/TzFe71rLLtp6NynnnhNZkMAecHQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TzFe71rLLtp6NynnnhNZkMAecHQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91957C9/C359E75EAC1911E983F2FC62C4F9AE02/TzFe71rLLtp6NynnnhNZkMAecHQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a7:d6:ce:fd:4e:49:72:41:94:2c:2a:6e:9e:1c:3c:16:7e:d2: 39:36:b8:99:e3:6c:0a:a5:1d:fd:65:52:35:60:b0:fa:1a:19: 6a:fe:19:75:86:8f:3b:62:43:43:1c:23:a7:c5:d8:0d:22:4e: 49:9f:8a:51:fb:19:96:cd:26:1c:39:70:23:f4:ff:fc:e2:52: 9e:c8:22:b1:b3:b6:d5:a6:1a:0d:04:be:55:86:35:65:25:36: b5:2c:35:dc:12:30:2a:96:f7:9e:8b:d0:9d:80:67:08:c9:0c: 90:2c:b2:d5:28:81:98:70:60:23:d8:ca:bd:86:e6:3a:2d:c3: 3c:82:07:a5:6d:18:5c:6e:e2:72:3b:1d:3c:11:d4:be:1a:c5: d7:f2:13:73:95:31:c8:63:59:64:e1:d2:43:d2:27:62:7a:6d: ec:6b:42:e1:0d:4c:01:45:e3:e3:84:ae:51:67:ba:18:b2:94: 18:05:6e:96:0a:49:de:c7:07:6e:8a:e5:b1:0b:fa:de:55:c5: 81:97:2d:b7:b2:21:1a:f4:48:f0:a1:47:e8:fc:db:8d:8e:0b: 55:51:70:f1:b5:24:be:05:bc:4f:43:70:32:a5:bd:6a:3f:ff: af:ab:0d:d8:9f:a4:fb:b9:bf:1b:61:57:c6:b2:80:d5:b5:b4: b1:5c:a2:96 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDgIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTU3QzkxMTAvBgNVBAUTKDRGMzE1RUVGNUFDQjJFREE3QTM3MjlFNzlFMTM1OTkw QzAxRTcwNzQwHhcNMjUwNDI0MTc0ODMwWhcNMjUwNTAxMTc0ODMwWjAYMRYwFAYD VQQDEw02ODBhNzk2ZS1lZDFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8EoIMdF6qFouKxmlvOAXr/9AJb1Rr1P0fqNrzTGRpfvWKXIKCI7dOi/bLC+M YpDLXRNA7+oEMHfgwGO+GHLQT8FBmhAh2amxPVpfEbwgJuVITDI/jvbksng0dpEu ZcO1zaBXmR55Do3p5YAmiJqlgIQSOboXH6KSYCRYni4C/b+bleGdGmPTDJx/aln4 95RbjG92bpQJ78ny9HNL7QyxV+MWr7a/5teBrOybm4rn9aeEVYYVVIFjjiBXpEsY sV72QzzHZSkL4BG0UQRw5y+rF4eZIvYi1WrfMnuAtv/dR/Rqjd7xuEMCH8Y5dstD 1qmqnkDlW1+7g/0MRw/CxTiN+QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBkQqEhH 2APN0ZFCx9VK51n4nZ30MB8GA1UdIwQYMBaAFE8xXu9ayy7aejcp554TWZDAHnB0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NTdDOS9DMzU5RTc1RUFD MTkxMUU5ODNGMkZDNjJDNEY5QUUwMi9UekZlNzFyTEx0cDZOeW5ubmhOWmtNQWVj SFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1R6RmU3MXJMTHRwNk55bm5uaE5aa01BZWNIUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NTdDOS9DMzU5RTc1RUFDMTkxMUU5ODNGMkZDNjJDNEY5QUUwMi9UekZlNzFyTEx0 cDZOeW5ubmhOWmtNQWVjSFEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCn1s79TklyQZQsKm6eHDwWftI5NriZ42wKpR39ZVI1YLD6Ghlq/hl1 ho87YkNDHCOnxdgNIk5Jn4pR+xmWzSYcOXAj9P/84lKeyCKxs7bVphoNBL5VhjVl JTa1LDXcEjAqlveei9CdgGcIyQyQLLLVKIGYcGAj2Mq9huY6LcM8ggelbRhcbuJy Ox08EdS+GsXX8hNzlTHIY1lk4dJD0idiem3sa0LhDUwBRePjhK5RZ7oYspQYBW6W CknexwduiuWxC/reVcWBly23siEa9EjwoUfo/NuNjgtVUXDxtSS+BbxPQ3Aypb1q P/+vqw3Yn6T7ub8bYVfGsoDVtbSxXKKW -----END CERTIFICATE-----Generated at Sat Apr 26 12:31:22 2025 by rpki-client