$ rpki-client -vvf rpki.apnic.net/member_repository/A91A5533/061151F21A4E11EA9E09CC82C4F9AE02/TIHwGTocVyRFf1LgThHyUnPm_uA.mft File: TIHwGTocVyRFf1LgThHyUnPm_uA.mft (raw, json) Hash identifier: UDlBrofSzyUd4cem6HGsgsb2mLRuK0EMMfKN3zZRIOY= Subject key identifier: 85:43:B4:F3:7D:17:67:FB:70:56:96:5C:FD:81:06:FF:21:99:10:92 Authority key identifier: 4C:81:F0:19:3A:1C:57:24:45:7F:52:E0:4E:11:F2:52:73:E6:FE:E0 Certificate issuer: /CN=A91A5533/serialNumber=4C81F0193A1C5724457F52E04E11F25273E6FEE0 Certificate serial: 0BC9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TIHwGTocVyRFf1LgThHyUnPm_uA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A5533/061151F21A4E11EA9E09CC82C4F9AE02/TIHwGTocVyRFf1LgThHyUnPm_uA.mft Manifest number: 0BC2 Signing time: Thu 24 Apr 2025 18:46:29 +0000 Manifest this update: Thu 24 Apr 2025 18:46:29 +0000 Manifest next update: Thu 01 May 2025 18:46:29 +0000 Files and hashes: 1: TIHwGTocVyRFf1LgThHyUnPm_uA.crl (hash: k2R23xaEFgxD5s70yKb1hYAsHdwEHWtjcnJ4wUQv4wg=) 2: 637A6FCC1AEE11EAAEFD5871C4F9AE02.roa (hash: fuEIOJZ2g7nFL90Iih/ZQree35PAM4VcWuWuu09soDc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A5533/061151F21A4E11EA9E09CC82C4F9AE02/TIHwGTocVyRFf1LgThHyUnPm_uA.crl rsync://rpki.apnic.net/member_repository/A91A5533/061151F21A4E11EA9E09CC82C4F9AE02/TIHwGTocVyRFf1LgThHyUnPm_uA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TIHwGTocVyRFf1LgThHyUnPm_uA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 18:46:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3017 (0xbc9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A5533, serialNumber=4C81F0193A1C5724457F52E04E11F25273E6FEE0 Validity Not Before: Apr 24 18:46:29 2025 GMT Not After : May 1 18:46:29 2025 GMT Subject: CN=680a8705-6c55 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:ce:0b:7d:64:27:a6:93:cb:65:5c:4f:c6:09: 38:44:1e:d8:2b:e6:aa:74:bb:dc:6f:03:8c:76:83: 8f:f9:ac:cd:4c:da:92:06:37:2b:90:7c:b5:1c:4b: cf:45:23:ff:77:f2:ff:c2:ac:d0:c3:89:22:20:62: 08:ce:06:3b:ce:fc:51:a0:f0:2b:a9:6d:44:f9:b7: e7:ef:89:6f:9b:18:0f:ce:f3:7e:6c:99:78:92:c9: 92:3b:17:f2:b0:2e:a4:0f:06:84:0f:1a:41:ad:16: 28:e3:0d:b9:11:99:33:81:f6:81:44:01:0d:5a:67: f8:7b:c7:f8:d5:eb:78:b3:a4:c7:84:1b:2b:77:0f: cb:76:84:4f:f0:5e:1c:1c:eb:b5:f3:c3:ca:18:6c: 2b:ba:19:f7:4d:1c:31:23:2b:b7:2b:16:06:83:5d: df:6c:c5:70:85:12:87:19:aa:3d:b9:25:f1:ef:fb: da:fb:87:cd:d8:2c:52:af:7a:4d:e2:21:17:1c:30: c4:ee:f0:05:fd:d6:a4:cc:54:a8:46:b3:58:6e:71: 54:50:68:5f:a4:dc:88:a0:30:14:b6:e5:e2:8e:62: 7f:b1:63:9c:2f:da:d0:15:fb:81:dc:af:e8:8c:8f: b6:b6:2e:54:00:52:bb:09:ec:a3:13:98:e7:1b:d3: 0f:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:43:B4:F3:7D:17:67:FB:70:56:96:5C:FD:81:06:FF:21:99:10:92 X509v3 Authority Key Identifier: keyid:4C:81:F0:19:3A:1C:57:24:45:7F:52:E0:4E:11:F2:52:73:E6:FE:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A5533/061151F21A4E11EA9E09CC82C4F9AE02/TIHwGTocVyRFf1LgThHyUnPm_uA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TIHwGTocVyRFf1LgThHyUnPm_uA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A5533/061151F21A4E11EA9E09CC82C4F9AE02/TIHwGTocVyRFf1LgThHyUnPm_uA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 64:f1:7e:c9:9f:d7:f3:18:72:fb:ae:c7:b8:cf:fd:44:2d:27: 06:24:76:1e:0b:ac:46:df:de:a7:43:9e:63:db:c3:7a:d8:4f: 17:a1:9d:f4:2e:9a:b8:88:f3:2c:bb:ec:34:2c:ef:12:8e:cb: d7:81:cd:55:e1:b9:37:f9:f9:3d:b1:4b:c2:32:f7:08:e2:8a: db:16:f7:e1:3f:90:60:d2:95:44:73:c6:54:d4:1f:d2:7a:e4: 94:e9:84:00:6f:93:b3:cc:0b:13:65:26:a0:f4:93:c1:4c:4f: 9a:8f:6e:6d:1b:56:1b:c8:38:31:77:e3:85:ac:a4:6f:89:db: 68:21:85:76:a1:fa:63:0c:c6:91:f8:96:ae:d6:a5:7c:56:55: 23:e5:b6:69:44:52:f6:17:f2:5a:56:6d:0a:c6:a2:c1:fa:33: b0:59:b3:26:0c:73:c5:61:94:23:a5:c3:a8:fa:00:ee:bb:c9: cb:e3:dd:3c:fc:a4:ed:f6:52:bd:98:5f:e6:0f:87:a1:44:2d: a5:28:0b:fe:20:f8:57:d4:10:2d:c8:48:94:95:0d:47:f8:b4: ad:46:65:cc:9e:10:75:23:ac:ce:2c:d1:a7:40:62:7d:d2:28: 1c:13:68:52:ac:4b:d5:db:21:3f:cb:d8:87:c1:aa:16:20:fd: 52:b6:72:86 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC8kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU1MzMxMTAvBgNVBAUTKDRDODFGMDE5M0ExQzU3MjQ0NTdGNTJFMDRFMTFGMjUy NzNFNkZFRTAwHhcNMjUwNDI0MTg0NjI5WhcNMjUwNTAxMTg0NjI5WjAYMRYwFAYD VQQDEw02ODBhODcwNS02YzU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAm84LfWQnppPLZVxPxgk4RB7YK+aqdLvcbwOMdoOP+azNTNqSBjcrkHy1HEvP RSP/d/L/wqzQw4kiIGIIzgY7zvxRoPArqW1E+bfn74lvmxgPzvN+bJl4ksmSOxfy sC6kDwaEDxpBrRYo4w25EZkzgfaBRAENWmf4e8f41et4s6THhBsrdw/LdoRP8F4c HOu188PKGGwruhn3TRwxIyu3KxYGg13fbMVwhRKHGao9uSXx7/va+4fN2CxSr3pN 4iEXHDDE7vAF/dakzFSoRrNYbnFUUGhfpNyIoDAUtuXijmJ/sWOcL9rQFfuB3K/o jI+2ti5UAFK7CeyjE5jnG9MPTQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIVDtPN9 F2f7cFaWXP2BBv8hmRCSMB8GA1UdIwQYMBaAFEyB8Bk6HFckRX9S4E4R8lJz5v7g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTUzMy8wNjExNTFGMjFB NEUxMUVBOUUwOUNDODJDNEY5QUUwMi9USUh3R1RvY1Z5UkZmMUxnVGhIeVVuUG1f dUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1RJSHdHVG9jVnlSRmYxTGdUaEh5VW5QbV91QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NTUzMy8wNjExNTFGMjFBNEUxMUVBOUUwOUNDODJDNEY5QUUwMi9USUh3R1RvY1Z5 UkZmMUxnVGhIeVVuUG1fdUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBk8X7Jn9fzGHL7rse4z/1ELScGJHYeC6xG396nQ55j28N62E8XoZ30 Lpq4iPMsu+w0LO8SjsvXgc1V4bk3+fk9sUvCMvcI4orbFvfhP5Bg0pVEc8ZU1B/S euSU6YQAb5OzzAsTZSag9JPBTE+aj25tG1YbyDgxd+OFrKRvidtoIYV2ofpjDMaR +Jau1qV8VlUj5bZpRFL2F/JaVm0KxqLB+jOwWbMmDHPFYZQjpcOo+gDuu8nL4908 /KTt9lK9mF/mD4ehRC2lKAv+IPhX1BAtyEiUlQ1H+LStRmXMnhB1I6zOLNGnQGJ9 0igcE2hSrEvV2yE/y9iHwaoWIP1StnKG -----END CERTIFICATE-----Generated at Sat Apr 26 12:54:50 2025 by rpki-client