$ rpki-client -vvf rpki.apnic.net/member_repository/A91EDBB0/E653E51207ED11F0B0A68764C4F9AE02/_thOn-AVmpk3ohk6C326I7bCZbg.mft File: _thOn-AVmpk3ohk6C326I7bCZbg.mft (raw, json) Hash identifier: +uIP4dPTJyyGM8iaKNJttg/gYjgd4vaouT4SM0v8KMg= Subject key identifier: 46:05:7A:3B:84:52:1F:58:79:D6:E0:A4:CA:14:21:73:6F:07:29:C2 Authority key identifier: FE:D8:4E:9F:E0:15:9A:99:37:A2:19:3A:0B:7D:BA:23:B6:C2:65:B8 Certificate issuer: /CN=A91EDBB0/serialNumber=FED84E9FE0159A9937A2193A0B7DBA23B6C265B8 Certificate serial: 2E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_thOn-AVmpk3ohk6C326I7bCZbg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EDBB0/E653E51207ED11F0B0A68764C4F9AE02/_thOn-AVmpk3ohk6C326I7bCZbg.mft Manifest number: 2D Signing time: Sun 15 Jun 2025 06:49:14 +0000 Manifest this update: Sun 15 Jun 2025 06:49:14 +0000 Manifest next update: Sun 22 Jun 2025 06:49:14 +0000 Files and hashes: 1: _thOn-AVmpk3ohk6C326I7bCZbg.crl (hash: ldOsKbuLdqBRBuQGs5zgPEz7vIWFcE/nXcFUkI8ihvY=) 2: 18317928083911F0A2909A72C4F9AE02.roa (hash: fPnd9TCItmXimGuCENGl/4MsqPzHHL+sjFkQjjF93Kg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EDBB0/E653E51207ED11F0B0A68764C4F9AE02/_thOn-AVmpk3ohk6C326I7bCZbg.crl rsync://rpki.apnic.net/member_repository/A91EDBB0/E653E51207ED11F0B0A68764C4F9AE02/_thOn-AVmpk3ohk6C326I7bCZbg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_thOn-AVmpk3ohk6C326I7bCZbg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Jun 2025 02:50:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46 (0x2e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EDBB0, serialNumber=FED84E9FE0159A9937A2193A0B7DBA23B6C265B8 Validity Not Before: Jun 15 06:49:14 2025 GMT Not After : Jun 22 06:49:14 2025 GMT Subject: CN=684e6cea-33d3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:b0:08:d8:98:3f:cb:8b:65:dc:ff:23:3b:2e: a0:a8:7d:cb:3f:3b:53:02:70:33:0c:da:e0:42:3f: bc:45:4f:46:f3:02:08:98:7e:90:3a:37:98:57:93: 93:a1:2c:a9:df:fc:71:c4:88:8f:1b:b7:34:17:fb: 73:63:47:ab:f0:76:32:aa:a9:01:85:65:cc:65:26: c0:30:87:6e:fb:56:c9:4b:e7:53:b9:42:af:d9:4b: e3:ea:87:06:3c:2e:96:f6:23:69:1f:c1:b3:f3:72: 7c:77:ec:c1:92:08:b7:c0:e7:ab:16:1b:51:66:7b: d5:b5:0b:2e:93:b5:98:57:f4:59:38:22:72:2b:d9: 70:83:30:ec:10:d3:64:b4:c9:04:af:06:f9:c3:53: 78:fd:94:96:b4:42:26:4b:0e:6a:c3:d5:62:e2:04: 36:c6:f1:94:da:dc:04:4d:eb:16:c9:a6:e2:63:56: 31:35:fe:f9:2d:08:ca:53:2a:3a:2d:00:72:c8:41: 7a:b1:df:ac:f2:18:5a:cf:96:23:4d:ad:52:86:39: a5:d8:f2:3d:d8:df:45:43:78:51:5b:b2:38:7f:da: 0a:f0:57:f5:af:89:c0:a6:04:a5:dd:3c:8e:e5:b3: 1b:e1:4f:45:32:07:e0:6a:b0:7f:4a:99:59:26:6d: 3e:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:05:7A:3B:84:52:1F:58:79:D6:E0:A4:CA:14:21:73:6F:07:29:C2 X509v3 Authority Key Identifier: keyid:FE:D8:4E:9F:E0:15:9A:99:37:A2:19:3A:0B:7D:BA:23:B6:C2:65:B8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EDBB0/E653E51207ED11F0B0A68764C4F9AE02/_thOn-AVmpk3ohk6C326I7bCZbg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_thOn-AVmpk3ohk6C326I7bCZbg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EDBB0/E653E51207ED11F0B0A68764C4F9AE02/_thOn-AVmpk3ohk6C326I7bCZbg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 44:28:37:3d:b6:b4:72:02:ee:9a:3a:db:61:97:8e:01:b6:d4: 28:6b:28:8e:0c:eb:4b:34:c2:21:1f:dd:91:24:a1:38:97:d3: 95:e2:85:cc:e9:09:30:35:34:fb:08:10:a5:32:61:e4:1b:a7: 58:35:79:d9:0d:37:a9:1f:3f:c8:7b:92:a0:c1:1c:f7:a8:f9: 6d:d4:96:84:fe:a4:e4:3c:bc:3c:dd:1a:7e:dc:ea:1c:c3:d7: ca:e1:01:b8:de:da:1e:09:65:c8:0b:72:1e:d6:d5:a3:bd:fd: f7:50:49:72:4d:c5:44:7c:99:18:ad:52:39:c2:eb:61:d5:18: db:ff:79:aa:dd:af:31:cb:55:c6:22:74:d8:98:43:74:7c:cc: a0:03:3f:9e:ef:f5:ab:b8:41:45:12:22:37:cb:75:14:fa:20: 7b:5b:00:66:89:94:9f:ce:ce:15:84:78:e5:7c:c4:56:75:0f: 47:5d:0f:92:bc:38:a9:df:38:83:98:7a:16:84:3f:23:9d:a6: 7a:34:52:fc:c5:a4:b6:a6:08:38:4a:8d:33:31:dd:dd:de:2a: 7d:37:b4:40:d6:df:1e:b4:f1:55:b1:52:83:04:7d:9e:aa:26: 72:b2:10:3f:a0:ff:4f:7d:fb:e6:fb:67:be:78:df:38:db:6a: 1d:f3:3e:bd -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBLjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF REJCMDExMC8GA1UEBRMoRkVEODRFOUZFMDE1OUE5OTM3QTIxOTNBMEI3REJBMjNC NkMyNjVCODAeFw0yNTA2MTUwNjQ5MTRaFw0yNTA2MjIwNjQ5MTRaMBgxFjAUBgNV BAMTDTY4NGU2Y2VhLTMzZDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDisAjYmD/Li2Xc/yM7LqCofcs/O1MCcDMM2uBCP7xFT0bzAgiYfpA6N5hXk5Oh LKnf/HHEiI8btzQX+3NjR6vwdjKqqQGFZcxlJsAwh277VslL51O5Qq/ZS+PqhwY8 Lpb2I2kfwbPzcnx37MGSCLfA56sWG1Fme9W1Cy6TtZhX9Fk4InIr2XCDMOwQ02S0 yQSvBvnDU3j9lJa0QiZLDmrD1WLiBDbG8ZTa3ARN6xbJpuJjVjE1/vktCMpTKjot AHLIQXqx36zyGFrPliNNrVKGOaXY8j3Y30VDeFFbsjh/2grwV/WvicCmBKXdPI7l sxvhT0UyB+BqsH9KmVkmbT4VAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQURgV6O4RS H1h51uCkyhQhc28HKcIwHwYDVR0jBBgwFoAU/thOn+AVmpk3ohk6C326I7bCZbgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVEQkIwL0U2NTNFNTEyMDdF RDExRjBCMEE2ODc2NEM0RjlBRTAyL190aE9uLUFWbXBrM29oazZDMzI2STdiQ1pi Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvX3RoT24tQVZtcGszb2hrNkMzMjZJN2JDWmJnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVE QkIwL0U2NTNFNTEyMDdFRDExRjBCMEE2ODc2NEM0RjlBRTAyL190aE9uLUFWbXBr M29oazZDMzI2STdiQ1piZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEQoNz22tHIC7po622GXjgG21ChrKI4M60s0wiEf3ZEkoTiX05Xihczp CTA1NPsIEKUyYeQbp1g1edkNN6kfP8h7kqDBHPeo+W3UloT+pOQ8vDzdGn7c6hzD 18rhAbje2h4JZcgLch7W1aO9/fdQSXJNxUR8mRitUjnC62HVGNv/eardrzHLVcYi dNiYQ3R8zKADP57v9au4QUUSIjfLdRT6IHtbAGaJlJ/OzhWEeOV8xFZ1D0ddD5K8 OKnfOIOYehaEPyOdpno0UvzFpLamCDhKjTMx3d3eKn03tEDW3x608VWxUoMEfZ6q JnKyED+g/099++b7Z7543zjbah3zPr0= -----END CERTIFICATE-----Generated at Sun Jun 15 09:58:50 2025 by rpki-client