$ rpki-client -vvf rpki.apnic.net/member_repository/A91D15A4/B34E6D50708A11E9AF0F8D21C4F9AE02/TUTi91KilQtrVSjAaZsUkOdXd0Q.mft File: TUTi91KilQtrVSjAaZsUkOdXd0Q.mft (raw, json) Hash identifier: XxxFoSxMBNW7Q1JyYVe+v5XBG8zgHXfh7cOLrR0ZSvg= Subject key identifier: 61:E1:0F:ED:CD:9E:2F:FA:B7:FE:B9:3D:61:35:C5:0A:CA:34:56:72 Authority key identifier: 4D:44:E2:F7:52:A2:95:0B:6B:55:28:C0:69:9B:14:90:E7:57:77:44 Certificate issuer: /CN=A91D15A4/serialNumber=4D44E2F752A2950B6B5528C0699B1490E7577744 Certificate serial: 0F33 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TUTi91KilQtrVSjAaZsUkOdXd0Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D15A4/B34E6D50708A11E9AF0F8D21C4F9AE02/TUTi91KilQtrVSjAaZsUkOdXd0Q.mft Manifest number: 0F29 Signing time: Thu 24 Apr 2025 17:36:25 +0000 Manifest this update: Thu 24 Apr 2025 17:36:24 +0000 Manifest next update: Thu 01 May 2025 17:36:24 +0000 Files and hashes: 1: TUTi91KilQtrVSjAaZsUkOdXd0Q.crl (hash: yBxCcJafBmfKn6JBLrYcwXiS6KJqVqSHBFIWJNEMuZU=) 2: 3D371C5C708F11E9B105E92CC4F9AE02.roa (hash: YkmY4q4YSypbm13HUH++xACjilqSAUGjIIEq3zMyNH8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D15A4/B34E6D50708A11E9AF0F8D21C4F9AE02/TUTi91KilQtrVSjAaZsUkOdXd0Q.crl rsync://rpki.apnic.net/member_repository/A91D15A4/B34E6D50708A11E9AF0F8D21C4F9AE02/TUTi91KilQtrVSjAaZsUkOdXd0Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TUTi91KilQtrVSjAaZsUkOdXd0Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:36:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3891 (0xf33) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D15A4, serialNumber=4D44E2F752A2950B6B5528C0699B1490E7577744 Validity Not Before: Apr 24 17:36:24 2025 GMT Not After : May 1 17:36:24 2025 GMT Subject: CN=680a7699-4dbd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:97:db:24:f3:96:02:53:23:60:82:66:ce:89: e2:fa:0d:83:3d:03:b1:08:37:51:23:fd:b1:6b:64: a9:e3:73:24:1d:65:1a:45:52:eb:d3:4d:43:6f:49: ac:7a:1c:56:5c:2d:d5:97:e4:e3:7c:6c:bc:27:ce: cf:ef:55:f7:98:af:93:1e:1a:ce:1e:b7:5b:bf:73: 6f:58:bc:1c:a3:93:fd:7d:3c:ad:7b:41:39:15:16: cd:f8:1a:a6:27:3f:23:c1:97:1a:72:98:4e:dc:b8: 94:54:81:7a:0b:ee:35:2a:70:f9:ea:06:d7:34:92: 24:a9:29:bb:a8:12:58:8a:34:fc:ca:42:04:b7:4a: fc:8d:7e:b7:bc:5c:ec:f9:ac:97:11:bd:a8:69:61: 75:8b:8c:cd:04:b0:a5:cb:c9:1d:54:0e:88:25:88: 17:ae:09:39:1c:db:4c:88:94:9a:42:cd:45:42:ed: db:12:73:65:2e:fc:ce:d8:d7:0f:83:e2:e9:a7:3c: a8:10:d0:4d:7c:de:d1:62:ea:80:21:34:3e:f8:fe: d1:21:14:ae:7e:7b:f4:4e:fc:a9:2a:56:6a:a7:56: d5:4f:2f:19:5e:af:3b:87:42:da:19:a1:46:8d:4d: 8e:56:68:0b:1f:46:77:38:cc:05:15:86:78:8c:78: 7a:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:E1:0F:ED:CD:9E:2F:FA:B7:FE:B9:3D:61:35:C5:0A:CA:34:56:72 X509v3 Authority Key Identifier: keyid:4D:44:E2:F7:52:A2:95:0B:6B:55:28:C0:69:9B:14:90:E7:57:77:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D15A4/B34E6D50708A11E9AF0F8D21C4F9AE02/TUTi91KilQtrVSjAaZsUkOdXd0Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TUTi91KilQtrVSjAaZsUkOdXd0Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D15A4/B34E6D50708A11E9AF0F8D21C4F9AE02/TUTi91KilQtrVSjAaZsUkOdXd0Q.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2f:8d:9c:0e:06:ad:6a:4d:12:42:72:2a:0a:fc:70:ba:5b:c6: 2c:ec:d4:3f:90:db:e9:e9:bb:53:98:93:5b:83:81:73:7a:70: f5:94:b6:d1:aa:1c:53:c6:0e:d0:64:51:20:c6:4b:52:96:5d: 51:c5:93:62:3b:b4:61:3e:ad:82:24:b2:41:ca:ab:bd:3a:72: f3:2b:f1:ba:89:2d:12:d8:c5:b4:f5:c4:f1:40:da:5c:00:d0: 48:de:20:c6:e2:5e:a6:cd:e8:9c:b7:6b:6b:3f:68:a4:6f:42: 1d:a9:a9:8a:ae:23:eb:f5:10:db:61:14:d3:c2:29:98:25:45: 3f:02:d3:cd:93:06:8e:0f:7e:73:a1:b8:3a:8e:fe:cd:ec:7f: 1d:21:23:a2:b2:5a:bc:24:c2:cc:14:dd:d8:fe:5a:cb:51:f2: 14:52:54:7b:73:79:c5:00:8e:02:d2:7f:ff:8e:43:0e:14:96: 22:d7:2b:71:58:05:e8:16:a9:dc:22:63:29:2c:8c:8d:e5:bf: a8:c3:9a:52:66:f8:5b:7f:44:a9:c8:dd:fa:17:22:99:08:24: 2a:4f:ac:5a:0d:44:ec:8b:2d:19:8b:dd:8d:a5:8d:f5:8c:7e: b3:10:7f:1b:eb:6d:26:2c:59:1a:e6:83:bf:5e:c8:d2:7c:f6: 6f:ad:03:b5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDzMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDE1QTQxMTAvBgNVBAUTKDRENDRFMkY3NTJBMjk1MEI2QjU1MjhDMDY5OUIxNDkw RTc1Nzc3NDQwHhcNMjUwNDI0MTczNjI0WhcNMjUwNTAxMTczNjI0WjAYMRYwFAYD VQQDEw02ODBhNzY5OS00ZGJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvJfbJPOWAlMjYIJmzoni+g2DPQOxCDdRI/2xa2Sp43MkHWUaRVLr001Db0ms ehxWXC3Vl+TjfGy8J87P71X3mK+THhrOHrdbv3NvWLwco5P9fTyte0E5FRbN+Bqm Jz8jwZcacphO3LiUVIF6C+41KnD56gbXNJIkqSm7qBJYijT8ykIEt0r8jX63vFzs +ayXEb2oaWF1i4zNBLCly8kdVA6IJYgXrgk5HNtMiJSaQs1FQu3bEnNlLvzO2NcP g+LppzyoENBNfN7RYuqAITQ++P7RIRSufnv0TvypKlZqp1bVTy8ZXq87h0LaGaFG jU2OVmgLH0Z3OMwFFYZ4jHh6CwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGHhD+3N ni/6t/65PWE1xQrKNFZyMB8GA1UdIwQYMBaAFE1E4vdSopULa1UowGmbFJDnV3dE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTVBNC9CMzRFNkQ1MDcw OEExMUU5QUYwRjhEMjFDNEY5QUUwMi9UVVRpOTFLaWxRdHJWU2pBYVpzVWtPZFhk MFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1RVVGk5MUtpbFF0clZTakFhWnNVa09kWGQwUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MTVBNC9CMzRFNkQ1MDcwOEExMUU5QUYwRjhEMjFDNEY5QUUwMi9UVVRpOTFLaWxR dHJWU2pBYVpzVWtPZFhkMFEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAvjZwOBq1qTRJCcioK/HC6W8Ys7NQ/kNvp6btTmJNbg4FzenD1lLbR qhxTxg7QZFEgxktSll1RxZNiO7RhPq2CJLJByqu9OnLzK/G6iS0S2MW09cTxQNpc ANBI3iDG4l6mzeict2trP2ikb0IdqamKriPr9RDbYRTTwimYJUU/AtPNkwaOD35z obg6jv7N7H8dISOislq8JMLMFN3Y/lrLUfIUUlR7c3nFAI4C0n//jkMOFJYi1ytx WAXoFqncImMpLIyN5b+ow5pSZvhbf0SpyN36FyKZCCQqT6xaDUTsiy0Zi92NpY31 jH6zEH8b620mLFka5oO/XsjSfPZvrQO1 -----END CERTIFICATE-----Generated at Sat Apr 26 15:07:10 2025 by rpki-client