$ rpki-client -vvf rpki.apnic.net/member_repository/A9118309/1A48DC866FFC11EA88F3D22BC4F9AE02/tg1afDY_D02TL-MXuQzmz4DSg8k.mft File: tg1afDY_D02TL-MXuQzmz4DSg8k.mft (raw, json) Hash identifier: 0dBrc8enUlZoVzd37esB+4z3YJ7Z9n8eQFi3GxmY2uw= Subject key identifier: 1C:28:EE:D3:A3:44:B7:4F:0A:3C:21:85:6E:84:65:0F:B7:07:F9:B5 Authority key identifier: B6:0D:5A:7C:36:3F:0F:4D:93:2F:E3:17:B9:0C:E6:CF:80:D2:83:C9 Certificate issuer: /CN=A9118309/serialNumber=B60D5A7C363F0F4D932FE317B90CE6CF80D283C9 Certificate serial: 0A2B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tg1afDY_D02TL-MXuQzmz4DSg8k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9118309/1A48DC866FFC11EA88F3D22BC4F9AE02/tg1afDY_D02TL-MXuQzmz4DSg8k.mft Manifest number: 0A23 Signing time: Fri 30 May 2025 19:59:13 +0000 Manifest this update: Fri 30 May 2025 19:59:12 +0000 Manifest next update: Fri 06 Jun 2025 19:59:12 +0000 Files and hashes: 1: tg1afDY_D02TL-MXuQzmz4DSg8k.crl (hash: XuZMlWIS2/G1WpcmiW/e5y9zfFDYMwTOq6pMUdeegws=) 2: 59AA22D06FFD11EA9160902DC4F9AE02.roa (hash: 3RxABu3KC/9hSKHYQMzVVe4gdoAQgiDaudG41V9QJ3s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9118309/1A48DC866FFC11EA88F3D22BC4F9AE02/tg1afDY_D02TL-MXuQzmz4DSg8k.crl rsync://rpki.apnic.net/member_repository/A9118309/1A48DC866FFC11EA88F3D22BC4F9AE02/tg1afDY_D02TL-MXuQzmz4DSg8k.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tg1afDY_D02TL-MXuQzmz4DSg8k.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 19:59:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2603 (0xa2b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9118309, serialNumber=B60D5A7C363F0F4D932FE317B90CE6CF80D283C9 Validity Not Before: May 30 19:59:12 2025 GMT Not After : Jun 6 19:59:12 2025 GMT Subject: CN=683a0e10-a362 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:da:aa:42:35:78:91:14:97:f0:1d:0c:82:2b: 7d:30:18:47:b9:ee:4c:f3:92:b2:4d:99:87:ee:8e: e9:1d:76:d3:f0:0f:35:fc:59:ca:e5:e1:f8:af:b1: 25:8b:b8:13:fb:1b:88:9c:b0:5e:83:ea:4c:cc:8c: 96:d7:3d:27:5e:96:9c:c3:68:e1:c8:b7:0f:a8:d9: 30:33:c7:c8:af:e4:5d:73:d5:6d:fd:33:5e:5b:b9: 4a:ba:87:81:d6:02:b1:16:8f:ee:e7:c6:7a:85:b5: 5e:fd:10:1f:b3:72:e3:bb:a3:28:4c:61:ce:de:20: 5d:21:79:3c:3a:7c:d2:1f:87:5f:a1:24:22:a4:e6: 79:2f:fa:7b:5d:26:12:ce:1b:4b:ce:db:1d:77:f8: 9a:9c:e0:81:da:fa:b7:c0:79:cc:10:5b:c8:ba:7e: 9c:c6:f9:0a:67:e4:bc:c8:9c:85:2b:66:10:94:7f: 89:cc:23:33:39:a8:e7:ef:09:fc:af:c0:7e:65:f0: db:62:a2:5f:4a:4f:32:04:36:de:20:93:ad:7d:b9: 15:97:a6:b6:41:94:ec:20:d1:0f:68:95:1a:95:74: 2a:a1:1a:70:f7:92:da:4b:11:86:5f:9d:7f:81:b4: c7:52:62:9a:52:ea:db:06:8f:fd:2e:b5:0c:e1:86: 68:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:28:EE:D3:A3:44:B7:4F:0A:3C:21:85:6E:84:65:0F:B7:07:F9:B5 X509v3 Authority Key Identifier: keyid:B6:0D:5A:7C:36:3F:0F:4D:93:2F:E3:17:B9:0C:E6:CF:80:D2:83:C9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9118309/1A48DC866FFC11EA88F3D22BC4F9AE02/tg1afDY_D02TL-MXuQzmz4DSg8k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tg1afDY_D02TL-MXuQzmz4DSg8k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9118309/1A48DC866FFC11EA88F3D22BC4F9AE02/tg1afDY_D02TL-MXuQzmz4DSg8k.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9f:a0:3c:52:ee:ce:3d:5b:e6:5f:9d:38:69:9c:f9:9c:dd:b5: d7:3e:4e:15:0c:ed:15:4e:53:eb:6e:75:f6:1e:79:e8:1c:0f: 97:3a:3c:40:33:57:6f:2c:83:ec:fe:bc:b2:84:5d:0c:fa:65: 44:76:b7:5f:dc:82:e7:c1:39:65:ce:1b:46:e2:7c:b3:c5:79: ec:0c:22:b4:88:47:9b:7f:c7:aa:e2:e7:65:74:ad:6d:12:bc: 33:56:b8:1d:12:51:f3:5b:2a:f5:27:49:cd:e1:6e:04:47:36: 0f:68:b7:92:f8:30:3c:ef:10:6f:84:43:19:b0:25:4d:ec:73: 9d:a6:02:9a:e1:f2:b2:c9:4d:5c:ec:3e:37:36:5a:f0:aa:aa: 05:49:80:c0:fb:a2:70:82:ca:c1:f8:b5:86:39:d3:cc:bf:f9: 29:0f:63:a0:68:dd:7b:8b:5a:e2:47:6a:ed:ab:3b:dd:9c:b9: 89:96:ff:ea:56:73:18:f4:ad:4a:f6:e4:36:a0:6a:75:dc:8a: 60:47:46:cd:71:3a:c8:f4:e3:dc:cd:89:8f:cf:cd:42:0d:0b: df:4a:af:2d:c6:dc:16:ea:e8:b5:11:f2:cd:77:b9:15:5b:11: 08:01:8f:25:2c:10:75:bb:d3:42:b6:83:a0:a5:83:a0:f8:d9: 33:f9:43:62 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCiswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTgzMDkxMTAvBgNVBAUTKEI2MEQ1QTdDMzYzRjBGNEQ5MzJGRTMxN0I5MENFNkNG ODBEMjgzQzkwHhcNMjUwNTMwMTk1OTEyWhcNMjUwNjA2MTk1OTEyWjAYMRYwFAYD VQQDEw02ODNhMGUxMC1hMzYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAztqqQjV4kRSX8B0Mgit9MBhHue5M85KyTZmH7o7pHXbT8A81/FnK5eH4r7El i7gT+xuInLBeg+pMzIyW1z0nXpacw2jhyLcPqNkwM8fIr+Rdc9Vt/TNeW7lKuoeB 1gKxFo/u58Z6hbVe/RAfs3Lju6MoTGHO3iBdIXk8OnzSH4dfoSQipOZ5L/p7XSYS zhtLztsdd/ianOCB2vq3wHnMEFvIun6cxvkKZ+S8yJyFK2YQlH+JzCMzOajn7wn8 r8B+ZfDbYqJfSk8yBDbeIJOtfbkVl6a2QZTsINEPaJUalXQqoRpw95LaSxGGX51/ gbTHUmKaUurbBo/9LrUM4YZo7wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBwo7tOj RLdPCjwhhW6EZQ+3B/m1MB8GA1UdIwQYMBaAFLYNWnw2Pw9Nky/jF7kM5s+A0oPJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExODMwOS8xQTQ4REM4NjZG RkMxMUVBODhGM0QyMkJDNEY5QUUwMi90ZzFhZkRZX0QwMlRMLU1YdVF6bXo0RFNn OGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RnMWFmRFlfRDAyVEwtTVh1UXptejREU2c4ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx ODMwOS8xQTQ4REM4NjZGRkMxMUVBODhGM0QyMkJDNEY5QUUwMi90ZzFhZkRZX0Qw MlRMLU1YdVF6bXo0RFNnOGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCfoDxS7s49W+ZfnThpnPmc3bXXPk4VDO0VTlPrbnX2HnnoHA+XOjxA M1dvLIPs/ryyhF0M+mVEdrdf3ILnwTllzhtG4nyzxXnsDCK0iEebf8eq4udldK1t ErwzVrgdElHzWyr1J0nN4W4ERzYPaLeS+DA87xBvhEMZsCVN7HOdpgKa4fKyyU1c 7D43NlrwqqoFSYDA+6JwgsrB+LWGOdPMv/kpD2OgaN17i1riR2rtqzvdnLmJlv/q VnMY9K1K9uQ2oGp13IpgR0bNcTrI9OPczYmPz81CDQvfSq8txtwW6ui1EfLNd7kV WxEIAY8lLBB1u9NCtoOgpYOg+Nkz+UNi -----END CERTIFICATE-----Generated at Sat May 31 17:32:56 2025 by rpki-client