$ rpki-client -vvf rpki.apnic.net/member_repository/A9118309/1A48DC866FFC11EA88F3D22BC4F9AE02/tg1afDY_D02TL-MXuQzmz4DSg8k.mft File: tg1afDY_D02TL-MXuQzmz4DSg8k.mft (raw, json) Hash identifier: Qoq/Uvk78lXgqGinBnDn17FlDYrR1Y33toDAC8D3AnA= Subject key identifier: 19:F2:38:FE:09:BD:4C:CE:60:CB:33:C5:05:5E:AA:C1:F6:C7:77:2F Authority key identifier: B6:0D:5A:7C:36:3F:0F:4D:93:2F:E3:17:B9:0C:E6:CF:80:D2:83:C9 Certificate issuer: /CN=A9118309/serialNumber=B60D5A7C363F0F4D932FE317B90CE6CF80D283C9 Certificate serial: 0A44 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tg1afDY_D02TL-MXuQzmz4DSg8k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9118309/1A48DC866FFC11EA88F3D22BC4F9AE02/tg1afDY_D02TL-MXuQzmz4DSg8k.mft Manifest number: 0A3C Signing time: Fri 18 Jul 2025 19:58:32 +0000 Manifest this update: Fri 18 Jul 2025 19:58:32 +0000 Manifest next update: Fri 25 Jul 2025 19:58:32 +0000 Files and hashes: 1: tg1afDY_D02TL-MXuQzmz4DSg8k.crl (hash: PEerCf2P8cYQWRHP6IXZ2x7k5lD51Dzz6K1lKKCwA9c=) 2: 59AA22D06FFD11EA9160902DC4F9AE02.roa (hash: 3RxABu3KC/9hSKHYQMzVVe4gdoAQgiDaudG41V9QJ3s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9118309/1A48DC866FFC11EA88F3D22BC4F9AE02/tg1afDY_D02TL-MXuQzmz4DSg8k.crl rsync://rpki.apnic.net/member_repository/A9118309/1A48DC866FFC11EA88F3D22BC4F9AE02/tg1afDY_D02TL-MXuQzmz4DSg8k.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tg1afDY_D02TL-MXuQzmz4DSg8k.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 19:58:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2628 (0xa44) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9118309, serialNumber=B60D5A7C363F0F4D932FE317B90CE6CF80D283C9 Validity Not Before: Jul 18 19:58:32 2025 GMT Not After : Jul 25 19:58:32 2025 GMT Subject: CN=687aa768-5e3e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:1e:7e:e4:44:5b:80:5a:61:13:ec:2c:80:78: 2c:42:a0:08:e1:df:2e:cc:04:82:8d:e0:43:b6:67: 28:ea:d5:56:50:93:f9:14:0c:fc:85:3d:90:7f:fd: 6f:6c:a9:66:54:7b:df:59:c4:2a:0b:67:98:5f:cf: 08:ea:f2:69:00:60:29:e4:a5:8a:d1:fc:dd:d6:22: 93:ec:e6:54:d9:8c:f9:bb:ba:72:93:95:18:2d:38: c2:f5:13:a5:78:47:51:60:1a:e8:3d:a8:93:0e:1e: c0:2f:e3:67:1f:95:61:6f:c9:06:6e:b0:8f:a6:73: 8b:85:72:87:2c:3f:ef:45:39:02:7c:1b:13:19:70: af:2c:27:c7:0a:7b:ed:c8:a7:3b:0c:3f:01:92:bb: 5c:5f:a9:6f:e4:b9:19:29:35:ad:aa:17:11:08:ab: 86:74:05:81:d7:08:16:2f:ee:c4:54:ea:65:d6:8f: 93:4b:22:e7:a5:a8:b9:21:36:fe:bc:e3:16:16:e9: 8a:c2:ab:f4:73:be:d5:cd:52:b9:67:2d:a6:1e:46: 63:b4:66:75:30:98:76:4c:ae:fe:17:4d:4b:1c:cc: 00:eb:dd:1d:0c:00:9f:e1:b0:6a:73:b9:e4:89:66: cc:a9:9c:bd:22:c2:ee:d7:50:fb:c1:78:31:ee:6f: 3d:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:F2:38:FE:09:BD:4C:CE:60:CB:33:C5:05:5E:AA:C1:F6:C7:77:2F X509v3 Authority Key Identifier: keyid:B6:0D:5A:7C:36:3F:0F:4D:93:2F:E3:17:B9:0C:E6:CF:80:D2:83:C9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9118309/1A48DC866FFC11EA88F3D22BC4F9AE02/tg1afDY_D02TL-MXuQzmz4DSg8k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tg1afDY_D02TL-MXuQzmz4DSg8k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9118309/1A48DC866FFC11EA88F3D22BC4F9AE02/tg1afDY_D02TL-MXuQzmz4DSg8k.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c1:b3:d6:70:8c:dd:c9:30:1d:f3:dd:d4:7b:b8:31:d5:57:b9: d3:d1:a2:0b:5d:93:4a:d5:be:dd:b6:cb:30:5e:58:a7:65:6f: d3:1a:30:be:15:00:b6:d3:2c:3d:ac:97:d5:53:2b:00:02:35: 5b:8d:a5:1e:25:7b:eb:07:45:a5:03:f8:45:0c:46:c1:29:1c: c1:91:2c:bf:e5:b7:0e:b5:8f:e3:7a:20:d3:39:c4:94:57:b2: a8:76:93:6f:58:e1:17:57:42:40:c9:d7:19:66:76:cc:62:45: 7f:17:e7:27:92:9f:10:83:fe:2e:6c:e8:a5:2e:ba:17:90:a3: 7a:7d:86:06:ea:f2:4f:c2:32:e1:af:28:a4:8a:31:f1:d2:b0: 8c:55:75:29:c9:e8:3a:a6:0f:9e:38:9e:d5:24:ad:42:bc:01: c7:04:fe:d0:38:18:e4:41:d3:52:fd:48:68:ff:ec:e4:51:39: a1:3e:f4:59:04:8b:80:35:b3:e9:84:00:3c:23:36:3e:c6:c4: 5a:83:ca:da:46:67:0b:6d:fc:65:61:34:62:a4:d0:11:35:27: e0:22:2c:ef:4e:c3:75:eb:3f:bc:df:db:14:f9:94:19:bd:e4: 8f:b7:02:81:d9:cc:54:10:b3:30:3d:ad:86:7e:4d:66:4c:77: c2:f7:e6:7b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCkQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTgzMDkxMTAvBgNVBAUTKEI2MEQ1QTdDMzYzRjBGNEQ5MzJGRTMxN0I5MENFNkNG ODBEMjgzQzkwHhcNMjUwNzE4MTk1ODMyWhcNMjUwNzI1MTk1ODMyWjAYMRYwFAYD VQQDEw02ODdhYTc2OC01ZTNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvB5+5ERbgFphE+wsgHgsQqAI4d8uzASCjeBDtmco6tVWUJP5FAz8hT2Qf/1v bKlmVHvfWcQqC2eYX88I6vJpAGAp5KWK0fzd1iKT7OZU2Yz5u7pyk5UYLTjC9ROl eEdRYBroPaiTDh7AL+NnH5Vhb8kGbrCPpnOLhXKHLD/vRTkCfBsTGXCvLCfHCnvt yKc7DD8BkrtcX6lv5LkZKTWtqhcRCKuGdAWB1wgWL+7EVOpl1o+TSyLnpai5ITb+ vOMWFumKwqv0c77VzVK5Zy2mHkZjtGZ1MJh2TK7+F01LHMwA690dDACf4bBqc7nk iWbMqZy9IsLu11D7wXgx7m89VQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBnyOP4J vUzOYMszxQVeqsH2x3cvMB8GA1UdIwQYMBaAFLYNWnw2Pw9Nky/jF7kM5s+A0oPJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExODMwOS8xQTQ4REM4NjZG RkMxMUVBODhGM0QyMkJDNEY5QUUwMi90ZzFhZkRZX0QwMlRMLU1YdVF6bXo0RFNn OGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RnMWFmRFlfRDAyVEwtTVh1UXptejREU2c4ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx ODMwOS8xQTQ4REM4NjZGRkMxMUVBODhGM0QyMkJDNEY5QUUwMi90ZzFhZkRZX0Qw MlRMLU1YdVF6bXo0RFNnOGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDBs9ZwjN3JMB3z3dR7uDHVV7nT0aILXZNK1b7dtsswXlinZW/TGjC+ FQC20yw9rJfVUysAAjVbjaUeJXvrB0WlA/hFDEbBKRzBkSy/5bcOtY/jeiDTOcSU V7KodpNvWOEXV0JAydcZZnbMYkV/F+cnkp8Qg/4ubOilLroXkKN6fYYG6vJPwjLh ryikijHx0rCMVXUpyeg6pg+eOJ7VJK1CvAHHBP7QOBjkQdNS/Uho/+zkUTmhPvRZ BIuANbPphAA8IzY+xsRag8raRmcLbfxlYTRipNARNSfgIizvTsN16z+839sU+ZQZ veSPtwKB2cxUELMwPa2Gfk1mTHfC9+Z7 -----END CERTIFICATE-----Generated at Sun Jul 20 12:28:09 2025 by rpki-client