$ rpki-client -vvf rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/Tcfii1RvKgtTjozfgy2aofN8yOQ.mft File: Tcfii1RvKgtTjozfgy2aofN8yOQ.mft (raw, json) Hash identifier: +SbMd6Az9Je0GCTq50Ew8AEJQflsWeuJaAtJMzmBBjA= Subject key identifier: C4:9B:1F:A6:A5:FD:1A:AB:61:12:11:6F:BA:68:BC:81:BD:69:2E:AF Authority key identifier: 4D:C7:E2:8B:54:6F:2A:0B:53:8E:8C:DF:83:2D:9A:A1:F3:7C:C8:E4 Certificate issuer: /CN=A91423C1/serialNumber=4DC7E28B546F2A0B538E8CDF832D9AA1F37CC8E4 Certificate serial: 39 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Tcfii1RvKgtTjozfgy2aofN8yOQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/Tcfii1RvKgtTjozfgy2aofN8yOQ.mft Manifest number: 2E Signing time: Wed 05 Feb 2025 04:08:32 +0000 Manifest this update: Wed 05 Feb 2025 04:08:32 +0000 Manifest next update: Wed 12 Feb 2025 04:08:32 +0000 Files and hashes: 1: Tcfii1RvKgtTjozfgy2aofN8yOQ.crl (hash: ofG7PQDREX8JtpwR1fYtvIDu/8eNL/0EGH3anoL7Ev4=) 2: 3E9ACB6EE29611EFAE82780AC4F9AE02.roa (hash: wyEjofnc8ole0121WyuEbUERePWJfuYpn1FXolEHMnM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/Tcfii1RvKgtTjozfgy2aofN8yOQ.crl rsync://rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/Tcfii1RvKgtTjozfgy2aofN8yOQ.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Tcfii1RvKgtTjozfgy2aofN8yOQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Feb 2025 04:08:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57 (0x39) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91423C1 Validity Not Before: Feb 5 04:08:32 2025 GMT Not After : Feb 12 04:08:32 2025 GMT Subject: CN=67a2e440-1c16 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:d4:b9:31:f4:03:eb:2b:26:9f:8a:ba:d4:54: 29:78:55:88:5a:f5:57:11:20:e5:b4:1c:68:3f:d5: 28:35:6f:70:20:ed:dd:f3:6f:e9:e0:7c:4d:9b:63: f7:3d:87:af:1d:aa:02:0b:07:d5:b1:53:f4:17:ec: db:89:28:a0:fd:e6:d7:89:84:be:5d:88:79:93:75: 4f:02:29:09:98:7b:ec:b6:96:69:fc:74:97:31:ea: 71:75:88:61:a4:1a:c2:42:24:f0:c1:71:f2:21:26: 19:b0:0d:ea:02:e1:3e:2f:0c:c0:8a:b2:13:19:c8: 89:4a:7e:9f:23:48:78:c1:1a:a4:e3:9a:fd:5a:e4: 88:66:39:d8:f2:4b:4b:39:57:93:eb:9f:de:74:da: 9c:47:ea:36:53:29:58:50:ac:e4:6d:e0:dc:c4:87: 70:3d:3b:99:3f:70:35:48:e0:9f:88:d1:c4:2c:19: 54:cc:86:e6:63:1c:d4:27:32:5a:f8:34:95:4c:7c: 27:e3:9a:38:04:b7:4f:9e:c8:25:d5:4d:a0:83:89: ce:d8:14:74:d8:13:30:1c:20:b4:8a:25:28:f2:10: 6e:e9:65:51:e1:a9:57:b3:53:03:aa:22:55:84:22: ba:be:35:90:30:71:12:1f:e7:65:21:62:76:e7:4e: 3c:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:9B:1F:A6:A5:FD:1A:AB:61:12:11:6F:BA:68:BC:81:BD:69:2E:AF X509v3 Authority Key Identifier: keyid:4D:C7:E2:8B:54:6F:2A:0B:53:8E:8C:DF:83:2D:9A:A1:F3:7C:C8:E4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/Tcfii1RvKgtTjozfgy2aofN8yOQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Tcfii1RvKgtTjozfgy2aofN8yOQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/Tcfii1RvKgtTjozfgy2aofN8yOQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1a:12:5c:2b:e8:f0:c5:4e:77:95:a4:ae:1c:47:ec:4f:0b:80: 30:09:84:09:73:fc:f9:0c:8a:09:45:3a:fe:92:78:6b:5a:01: 40:22:58:8f:e8:dc:63:ad:3b:64:7e:ab:e6:4d:bb:7d:e3:0a: 89:9d:74:83:e3:07:84:15:ab:be:4c:31:83:0d:a5:d1:34:22: 87:b3:d8:82:cc:1d:23:c4:6f:74:7d:55:46:2f:5d:eb:da:69: ba:45:b2:45:d3:04:ad:1f:ea:e8:02:3a:91:ec:cc:b8:f5:d1: 56:ff:93:4c:09:0f:4d:3e:d6:96:62:bc:b7:7b:d8:a5:10:3b: 36:ed:a2:1f:38:b7:cc:67:70:b5:d4:b9:e0:71:a6:28:c1:5e: 21:13:dc:6d:20:af:bd:29:f0:fa:fd:85:12:60:10:38:cc:f0: e3:98:9a:af:89:03:c6:ea:11:7b:de:10:a9:60:f8:10:7c:d4: b1:c7:d3:42:b3:a3:80:91:f1:9a:38:0d:3c:4d:8a:b4:45:08: 4d:a4:cb:2e:00:2b:08:74:e4:d9:a4:18:c2:9c:02:c5:1c:60: be:b8:f4:0e:a7:dc:d7:f6:5d:6b:96:fc:dd:2f:0a:7e:ff:9f: 42:53:b5:b8:5a:af:86:af:cb:f6:1b:d1:0e:eb:51:10:dc:66: b8:e0:7e:d5 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBOTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 MjNDMTExMC8GA1UEBRMoNERDN0UyOEI1NDZGMkEwQjUzOEU4Q0RGODMyRDlBQTFG MzdDQzhFNDAeFw0yNTAyMDUwNDA4MzJaFw0yNTAyMTIwNDA4MzJaMBgxFjAUBgNV BAMTDTY3YTJlNDQwLTFjMTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC51Lkx9APrKyafirrUVCl4VYha9VcRIOW0HGg/1Sg1b3Ag7d3zb+ngfE2bY/c9 h68dqgILB9WxU/QX7NuJKKD95teJhL5diHmTdU8CKQmYe+y2lmn8dJcx6nF1iGGk GsJCJPDBcfIhJhmwDeoC4T4vDMCKshMZyIlKfp8jSHjBGqTjmv1a5IhmOdjyS0s5 V5Prn9502pxH6jZTKVhQrORt4NzEh3A9O5k/cDVI4J+I0cQsGVTMhuZjHNQnMlr4 NJVMfCfjmjgEt0+eyCXVTaCDic7YFHTYEzAcILSKJSjyEG7pZVHhqVezUwOqIlWE Irq+NZAwcRIf52UhYnbnTjwJAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUxJsfpqX9 GqthEhFvumi8gb1pLq8wHwYDVR0jBBgwFoAUTcfii1RvKgtTjozfgy2aofN8yOQw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQyM0MxL0QwMzIwRUY4QkY0 RjExRUZCQ0Y2ODk0NEM0RjlBRTAyL1RjZmlpMVJ2S2d0VGpvemZneTJhb2ZOOHlP US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvVGNmaWkxUnZLZ3RUam96Zmd5MmFvZk44eU9RLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQy M0MxL0QwMzIwRUY4QkY0RjExRUZCQ0Y2ODk0NEM0RjlBRTAyL1RjZmlpMVJ2S2d0 VGpvemZneTJhb2ZOOHlPUS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABoSXCvo8MVOd5WkrhxH7E8LgDAJhAlz/PkMiglFOv6SeGtaAUAiWI/o 3GOtO2R+q+ZNu33jComddIPjB4QVq75MMYMNpdE0Ioez2ILMHSPEb3R9VUYvXeva abpFskXTBK0f6ugCOpHszLj10Vb/k0wJD00+1pZivLd72KUQOzbtoh84t8xncLXU ueBxpijBXiET3G0gr70p8Pr9hRJgEDjM8OOYmq+JA8bqEXveEKlg+BB81LHH00Kz o4CR8Zo4DTxNirRFCE2kyy4AKwh05NmkGMKcAsUcYL649A6n3Nf2XWuW/N0vCn7/ n0JTtbhar4avy/Yb0Q7rURDcZrjgftU= -----END CERTIFICATE-----Generated at Wed Feb 5 20:15:57 2025 by rpki-client