$ rpki-client -vvf rpki.apnic.net/member_repository/A91EDBB0/E653E51207ED11F0B0A68764C4F9AE02/_thOn-AVmpk3ohk6C326I7bCZbg.mft File: _thOn-AVmpk3ohk6C326I7bCZbg.mft (raw, json) Hash identifier: DdLzszT9ErSwVogU4Slbhg65ZUbtAJ70qvllPNfuwsE= Subject key identifier: 7C:EF:8B:74:37:C0:C1:3A:8B:38:63:86:A2:5D:55:D9:5C:96:FF:ED Authority key identifier: FE:D8:4E:9F:E0:15:9A:99:37:A2:19:3A:0B:7D:BA:23:B6:C2:65:B8 Certificate issuer: /CN=A91EDBB0/serialNumber=FED84E9FE0159A9937A2193A0B7DBA23B6C265B8 Certificate serial: 15 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_thOn-AVmpk3ohk6C326I7bCZbg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EDBB0/E653E51207ED11F0B0A68764C4F9AE02/_thOn-AVmpk3ohk6C326I7bCZbg.mft Manifest number: 14 Signing time: Fri 25 Apr 2025 07:01:31 +0000 Manifest this update: Fri 25 Apr 2025 07:01:30 +0000 Manifest next update: Fri 02 May 2025 07:01:30 +0000 Files and hashes: 1: _thOn-AVmpk3ohk6C326I7bCZbg.crl (hash: dlKVx0cXyzGC6dVSH8zF2BtNPo9PU8XUl9pGZLQLtvA=) 2: 18317928083911F0A2909A72C4F9AE02.roa (hash: fPnd9TCItmXimGuCENGl/4MsqPzHHL+sjFkQjjF93Kg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EDBB0/E653E51207ED11F0B0A68764C4F9AE02/_thOn-AVmpk3ohk6C326I7bCZbg.crl rsync://rpki.apnic.net/member_repository/A91EDBB0/E653E51207ED11F0B0A68764C4F9AE02/_thOn-AVmpk3ohk6C326I7bCZbg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_thOn-AVmpk3ohk6C326I7bCZbg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 07:01:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21 (0x15) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EDBB0, serialNumber=FED84E9FE0159A9937A2193A0B7DBA23B6C265B8 Validity Not Before: Apr 25 07:01:30 2025 GMT Not After : May 2 07:01:30 2025 GMT Subject: CN=680b334a-bc62 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:61:6d:01:7a:60:bc:96:41:8a:fb:7a:cf:ba: e9:88:f4:9a:9e:ca:ac:ef:79:5d:3d:e3:dd:06:ab: eb:13:8f:1b:34:a4:ec:ba:34:3b:70:71:3b:c2:79: 6f:23:5b:ed:e2:b4:94:ee:d0:85:2a:45:5c:1f:de: 6e:75:64:08:d8:b2:18:86:16:20:0e:0b:2d:ad:fd: 51:39:38:6c:28:5d:37:c2:51:fd:c4:8f:06:ca:f5: 9d:bd:b1:c7:cc:77:56:ae:83:3c:1c:70:30:2c:2d: e8:d9:6d:96:15:86:1b:56:4e:45:e2:27:cc:a4:57: 16:bd:ef:02:93:80:57:53:5b:84:57:d8:63:ac:93: 6e:18:94:39:1d:a6:c0:e3:29:c1:fa:22:31:86:1e: 9e:c1:05:2e:22:55:28:b1:fe:b8:93:2e:07:04:77: cf:81:70:16:b6:6d:7c:dc:32:b8:29:a3:65:86:65: 2a:b4:d8:f3:0a:d7:89:83:7f:49:0f:97:f2:6d:80: c8:e6:4f:29:ac:7e:2f:23:d6:93:d9:8f:db:5c:1f: 5b:5d:15:88:1e:11:52:c3:4c:e5:a0:df:47:87:2a: b5:e8:09:49:9b:24:e6:19:40:80:21:c8:35:a3:cf: 55:e0:c4:c9:ed:45:5e:69:fe:a7:4a:5b:7e:ff:07: 87:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:EF:8B:74:37:C0:C1:3A:8B:38:63:86:A2:5D:55:D9:5C:96:FF:ED X509v3 Authority Key Identifier: keyid:FE:D8:4E:9F:E0:15:9A:99:37:A2:19:3A:0B:7D:BA:23:B6:C2:65:B8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EDBB0/E653E51207ED11F0B0A68764C4F9AE02/_thOn-AVmpk3ohk6C326I7bCZbg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_thOn-AVmpk3ohk6C326I7bCZbg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EDBB0/E653E51207ED11F0B0A68764C4F9AE02/_thOn-AVmpk3ohk6C326I7bCZbg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a9:78:18:8d:1c:c8:83:62:da:26:70:52:13:17:e4:97:22:34: 6f:e5:d7:a0:d9:f9:40:9f:a7:f4:8d:ac:c6:22:c5:94:e8:8d: 20:ee:08:ad:cc:5c:5f:4c:21:3d:9d:98:ee:9b:50:2b:af:77: 8b:1f:e1:53:1e:e0:86:16:65:ad:a7:93:d9:cb:f6:24:e1:2a: 25:4f:98:fa:7b:d3:c5:ad:c6:f2:da:02:02:e1:a5:9a:68:97: 91:29:60:59:70:d0:ba:17:72:c0:29:37:98:11:fd:f3:9b:bf: c7:60:81:cb:93:86:44:33:31:f1:b2:5f:cc:fc:84:0d:0d:5b: 43:0e:a7:b4:dc:36:6b:c5:8e:44:dd:79:5b:09:b1:a3:9e:af: 3b:86:8b:87:62:5f:21:0b:5d:b0:32:0b:57:1e:c5:d1:dd:2c: 3d:20:64:bb:e8:bf:de:c3:eb:b5:41:d9:fa:d7:55:28:3b:6a: 15:15:13:5a:af:0b:6d:65:eb:eb:3a:bd:27:6c:c8:28:14:39: c9:01:b5:3b:69:0a:a2:af:3a:f4:a4:b8:b6:78:cf:91:10:c7: 25:fd:aa:c5:52:99:b1:87:e5:3f:8e:36:3d:7e:db:87:b1:d7: a3:5a:af:5f:0b:ae:75:73:26:79:f7:e6:c3:6f:18:6a:d2:8c: 55:f2:5b:dd -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBFTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF REJCMDExMC8GA1UEBRMoRkVEODRFOUZFMDE1OUE5OTM3QTIxOTNBMEI3REJBMjNC NkMyNjVCODAeFw0yNTA0MjUwNzAxMzBaFw0yNTA1MDIwNzAxMzBaMBgxFjAUBgNV BAMTDTY4MGIzMzRhLWJjNjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDwYW0BemC8lkGK+3rPuumI9JqeyqzveV09490Gq+sTjxs0pOy6NDtwcTvCeW8j W+3itJTu0IUqRVwf3m51ZAjYshiGFiAOCy2t/VE5OGwoXTfCUf3EjwbK9Z29scfM d1augzwccDAsLejZbZYVhhtWTkXiJ8ykVxa97wKTgFdTW4RX2GOsk24YlDkdpsDj KcH6IjGGHp7BBS4iVSix/riTLgcEd8+BcBa2bXzcMrgpo2WGZSq02PMK14mDf0kP l/JtgMjmTymsfi8j1pPZj9tcH1tdFYgeEVLDTOWg30eHKrXoCUmbJOYZQIAhyDWj z1XgxMntRV5p/qdKW37/B4cFAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUfO+LdDfA wTqLOGOGol1V2VyW/+0wHwYDVR0jBBgwFoAU/thOn+AVmpk3ohk6C326I7bCZbgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVEQkIwL0U2NTNFNTEyMDdF RDExRjBCMEE2ODc2NEM0RjlBRTAyL190aE9uLUFWbXBrM29oazZDMzI2STdiQ1pi Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvX3RoT24tQVZtcGszb2hrNkMzMjZJN2JDWmJnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVE QkIwL0U2NTNFNTEyMDdFRDExRjBCMEE2ODc2NEM0RjlBRTAyL190aE9uLUFWbXBr M29oazZDMzI2STdiQ1piZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKl4GI0cyINi2iZwUhMX5JciNG/l16DZ+UCfp/SNrMYixZTojSDuCK3M XF9MIT2dmO6bUCuvd4sf4VMe4IYWZa2nk9nL9iThKiVPmPp708WtxvLaAgLhpZpo l5EpYFlw0LoXcsApN5gR/fObv8dggcuThkQzMfGyX8z8hA0NW0MOp7TcNmvFjkTd eVsJsaOerzuGi4diXyELXbAyC1cexdHdLD0gZLvov97D67VB2frXVSg7ahUVE1qv C21l6+s6vSdsyCgUOckBtTtpCqKvOvSkuLZ4z5EQxyX9qsVSmbGH5T+ONj1+24ex 16Nar18LrnVzJnn35sNvGGrSjFXyW90= -----END CERTIFICATE-----Generated at Sat Apr 26 04:32:26 2025 by rpki-client