$ rpki-client -vvf rpki.apnic.net/member_repository/A91C31B7/F2A5732E1E6B11EFAC0E914EC4F9AE02/TDOcq_yApfQZ3zPfsGiFwcNIiy0.mft File: TDOcq_yApfQZ3zPfsGiFwcNIiy0.mft (raw, json) Hash identifier: N7wscj2D59gTKAo59TeCibecXaWwgNZBFQff+6ELhCQ= Subject key identifier: E8:02:F9:FA:87:12:FA:49:89:7C:30:8E:36:40:75:DA:54:29:04:F6 Authority key identifier: 4C:33:9C:AB:FC:80:A5:F4:19:DF:33:DF:B0:68:85:C1:C3:48:8B:2D Certificate issuer: /CN=A91C31B7/serialNumber=4C339CABFC80A5F419DF33DFB06885C1C3488B2D Certificate serial: A6 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/TDOcq_yApfQZ3zPfsGiFwcNIiy0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C31B7/F2A5732E1E6B11EFAC0E914EC4F9AE02/TDOcq_yApfQZ3zPfsGiFwcNIiy0.mft Manifest number: A4 Signing time: Wed 09 Apr 2025 05:02:20 +0000 Manifest this update: Wed 09 Apr 2025 05:02:19 +0000 Manifest next update: Wed 16 Apr 2025 05:02:19 +0000 Files and hashes: 1: TDOcq_yApfQZ3zPfsGiFwcNIiy0.crl (hash: XdB020+e//R8Fd+lzx6zRzNGHzLXJAk+5E0dMaE4tpU=) 2: 1FC3B0DE1E6F11EFB392D937C4F9AE02.roa (hash: ymGuQNubHZmih1/MlsNM4UjPPYjnvk5QIBxrno55/zE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C31B7/F2A5732E1E6B11EFAC0E914EC4F9AE02/TDOcq_yApfQZ3zPfsGiFwcNIiy0.crl rsync://rpki.apnic.net/member_repository/A91C31B7/F2A5732E1E6B11EFAC0E914EC4F9AE02/TDOcq_yApfQZ3zPfsGiFwcNIiy0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/TDOcq_yApfQZ3zPfsGiFwcNIiy0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 16 Apr 2025 05:02:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 166 (0xa6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C31B7 Validity Not Before: Apr 9 05:02:19 2025 GMT Not After : Apr 16 05:02:19 2025 GMT Subject: CN=67f5ff5b-b075 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:d9:bc:8c:1f:a7:76:f0:11:11:c1:6f:c4:53: d7:25:09:1a:d1:48:22:9e:25:a2:4a:cc:94:a9:bd: f0:af:7c:56:52:46:56:a4:33:b1:23:93:37:74:fd: 82:ff:9b:14:4f:f7:01:6d:0a:6a:05:1c:cc:41:40: 50:fe:04:97:01:ea:5b:e5:7e:b4:bb:ed:37:32:31: 2e:30:d5:45:4a:5e:0a:22:a4:ca:63:d6:03:25:d2: 42:e2:9b:fd:cc:5c:d7:d2:9f:78:57:98:73:fd:c9: 4f:cc:b2:e4:0d:df:67:d8:c0:d1:2d:82:b7:ef:4e: fc:2e:15:53:50:e0:7e:42:32:91:7c:8f:07:29:e3: 63:fc:fc:2c:36:03:b0:49:2b:9b:ce:4b:d7:de:3d: 67:d9:aa:aa:15:17:09:bd:0e:2e:ac:eb:47:00:53: bf:55:49:f4:71:03:97:92:c0:15:77:50:70:31:51: 4a:74:fe:31:fa:ee:f6:78:56:98:23:ba:20:5c:3c: d2:14:41:21:49:64:e0:8f:79:4d:2f:81:df:88:4e: bf:8c:26:72:b9:c3:e6:ad:dc:c8:db:48:a5:0f:dd: ae:f2:98:d4:b2:5a:41:45:79:22:bd:d2:91:05:f7: 85:0d:c5:d7:78:bc:cb:1b:4e:04:10:4e:76:33:95: f5:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:02:F9:FA:87:12:FA:49:89:7C:30:8E:36:40:75:DA:54:29:04:F6 X509v3 Authority Key Identifier: keyid:4C:33:9C:AB:FC:80:A5:F4:19:DF:33:DF:B0:68:85:C1:C3:48:8B:2D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C31B7/F2A5732E1E6B11EFAC0E914EC4F9AE02/TDOcq_yApfQZ3zPfsGiFwcNIiy0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/TDOcq_yApfQZ3zPfsGiFwcNIiy0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C31B7/F2A5732E1E6B11EFAC0E914EC4F9AE02/TDOcq_yApfQZ3zPfsGiFwcNIiy0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3b:e9:8f:1f:1a:2e:59:0b:fc:97:fe:f6:86:19:56:03:9f:34: 31:60:46:62:9e:8b:b2:3c:ea:be:ad:4a:86:af:4b:ab:61:3f: 4b:f5:c8:a9:cc:ee:4d:5b:c1:74:eb:cf:8e:73:7c:2f:7e:d4: ff:63:ee:80:63:1c:f0:c9:2d:43:7c:33:97:58:48:f7:30:26: 62:4c:50:3c:b8:dd:34:18:dd:29:3b:14:df:97:ab:93:aa:d0: c1:78:53:23:78:63:e8:d7:84:1a:89:65:47:95:a3:c9:ce:47: 27:f5:c6:20:71:e1:f5:bf:b0:85:76:69:ca:de:f7:5a:4e:2e: 7e:50:67:a3:02:53:0e:48:5b:b6:ce:b4:70:e1:11:ff:c2:7a: cf:d8:70:d3:9a:1d:54:7f:e9:d2:07:39:25:e1:a4:65:60:4b: 39:cc:58:48:99:17:db:49:e0:2d:72:38:4e:69:75:81:37:85: 5d:6a:25:c3:8c:b7:c3:ff:8b:a5:a8:71:22:64:ab:7c:a5:81: 27:9c:b6:0b:95:a5:76:2e:bf:d1:a4:78:9d:92:be:e7:2d:07: b2:e7:61:33:cc:f7:f7:fb:13:9a:e7:8e:6c:1b:95:ba:58:af: d1:37:63:be:f8:db:4f:fd:2e:97:e1:d7:6d:e9:4d:39:84:9b: b5:ff:12:6b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzMxQjcxMTAvBgNVBAUTKDRDMzM5Q0FCRkM4MEE1RjQxOURGMzNERkIwNjg4NUMx QzM0ODhCMkQwHhcNMjUwNDA5MDUwMjE5WhcNMjUwNDE2MDUwMjE5WjAYMRYwFAYD VQQDEw02N2Y1ZmY1Yi1iMDc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAotm8jB+ndvAREcFvxFPXJQka0UginiWiSsyUqb3wr3xWUkZWpDOxI5M3dP2C /5sUT/cBbQpqBRzMQUBQ/gSXAepb5X60u+03MjEuMNVFSl4KIqTKY9YDJdJC4pv9 zFzX0p94V5hz/clPzLLkDd9n2MDRLYK37078LhVTUOB+QjKRfI8HKeNj/PwsNgOw SSubzkvX3j1n2aqqFRcJvQ4urOtHAFO/VUn0cQOXksAVd1BwMVFKdP4x+u72eFaY I7ogXDzSFEEhSWTgj3lNL4HfiE6/jCZyucPmrdzI20ilD92u8pjUslpBRXkivdKR BfeFDcXXeLzLG04EEE52M5X10wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOgC+fqH EvpJiXwwjjZAddpUKQT2MB8GA1UdIwQYMBaAFEwznKv8gKX0Gd8z37BohcHDSIst MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMzFCNy9GMkE1NzMyRTFF NkIxMUVGQUMwRTkxNEVDNEY5QUUwMi9URE9jcV95QXBmUVozelBmc0dpRndjTklp eTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1RET2NxX3lBcGZRWjN6UGZzR2lGd2NOSWl5MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD MzFCNy9GMkE1NzMyRTFFNkIxMUVGQUMwRTkxNEVDNEY5QUUwMi9URE9jcV95QXBm UVozelBmc0dpRndjTklpeTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA76Y8fGi5ZC/yX/vaGGVYDnzQxYEZinouyPOq+rUqGr0urYT9L9cip zO5NW8F068+Oc3wvftT/Y+6AYxzwyS1DfDOXWEj3MCZiTFA8uN00GN0pOxTfl6uT qtDBeFMjeGPo14QaiWVHlaPJzkcn9cYgceH1v7CFdmnK3vdaTi5+UGejAlMOSFu2 zrRw4RH/wnrP2HDTmh1Uf+nSBzkl4aRlYEs5zFhImRfbSeAtcjhOaXWBN4VdaiXD jLfD/4ulqHEiZKt8pYEnnLYLlaV2Lr/RpHidkr7nLQey52EzzPf3+xOa545sG5W6 WK/RN2O++NtP/S6X4ddt6U05hJu1/xJr -----END CERTIFICATE-----Generated at Thu Apr 10 22:05:01 2025 by rpki-client