$ rpki-client -vvf rpki.apnic.net/member_repository/A91515BC/164D92B2C47111EDA9C5CB60C4F9AE02/TKiQNnsepJ68-UAshiANzXRGtsA.mft File: TKiQNnsepJ68-UAshiANzXRGtsA.mft (raw, json) Hash identifier: a/K0OvzBIGd6h5/03XXxHMai7CIf//cs9zIAaMEfBmo= Subject key identifier: 0A:BC:21:63:73:40:D5:D1:BD:EB:25:29:D6:B1:E2:57:66:4D:00:54 Authority key identifier: 4C:A8:90:36:7B:1E:A4:9E:BC:F9:40:2C:86:20:0D:CD:74:46:B6:C0 Certificate issuer: /CN=A91515BC/serialNumber=4CA890367B1EA49EBCF9402C86200DCD7446B6C0 Certificate serial: 01CA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TKiQNnsepJ68-UAshiANzXRGtsA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91515BC/164D92B2C47111EDA9C5CB60C4F9AE02/TKiQNnsepJ68-UAshiANzXRGtsA.mft Manifest number: 01C7 Signing time: Thu 21 Aug 2025 02:59:59 +0000 Manifest this update: Thu 21 Aug 2025 02:59:58 +0000 Manifest next update: Thu 28 Aug 2025 02:59:58 +0000 Files and hashes: 1: TKiQNnsepJ68-UAshiANzXRGtsA.crl (hash: 2FiMpS9mlwG5H5SSMoSmtI3ZAVI0nDe7VXWX3zZEn6k=) 2: A87AAC50C47711EDA3EF8884C4F9AE02.roa (hash: qChpEQLnwvQfQt0g6Fvv38do/llT7ziZs8Oh2reiHWU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91515BC/164D92B2C47111EDA9C5CB60C4F9AE02/TKiQNnsepJ68-UAshiANzXRGtsA.crl rsync://rpki.apnic.net/member_repository/A91515BC/164D92B2C47111EDA9C5CB60C4F9AE02/TKiQNnsepJ68-UAshiANzXRGtsA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TKiQNnsepJ68-UAshiANzXRGtsA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Aug 2025 02:59:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 458 (0x1ca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91515BC, serialNumber=4CA890367B1EA49EBCF9402C86200DCD7446B6C0 Validity Not Before: Aug 21 02:59:58 2025 GMT Not After : Aug 28 02:59:58 2025 GMT Subject: CN=68a68baf-95ba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:67:80:3a:23:02:85:68:2f:d9:81:fe:ff:e0: a3:7d:5a:cc:0f:c3:e0:66:54:0c:36:68:8f:0a:7f: 58:1f:55:db:75:8f:50:4c:45:c2:4f:18:ef:52:e5: b9:b4:c6:05:f7:a1:e9:e6:79:75:c0:12:c1:07:9f: 5e:4a:05:c7:5a:32:de:89:45:91:59:74:2c:e4:29: f0:2e:d9:40:8e:43:dd:53:1d:09:aa:4e:4b:bf:5b: 55:d5:13:93:bd:10:41:2b:cf:bf:9c:80:36:ad:33: 50:84:cb:2a:0f:6f:0c:de:23:6b:47:48:12:64:30: 9a:5c:e4:5b:89:3d:f4:dc:3c:a6:bc:4f:f0:78:f4: de:2e:5e:e4:b3:da:5b:24:13:5c:2e:69:fe:94:25: c6:4d:25:b7:16:14:0a:6e:bf:83:7e:5f:76:d2:85: b1:f2:ba:eb:f5:12:22:4e:3b:cf:ae:10:b9:e7:93: ef:f7:fb:70:f5:55:1b:72:45:d9:21:78:92:fb:0f: 26:9c:49:71:ac:f8:3b:e1:22:2c:1e:a9:9c:8e:4f: f0:48:c1:8f:a1:ef:3b:36:34:6e:10:41:e4:2d:89: ae:1d:9f:e0:d5:a7:93:ff:3d:09:8b:54:3d:2c:7f: 0c:43:06:fa:48:97:5f:34:4c:88:c9:e1:13:0d:3e: 89:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:BC:21:63:73:40:D5:D1:BD:EB:25:29:D6:B1:E2:57:66:4D:00:54 X509v3 Authority Key Identifier: keyid:4C:A8:90:36:7B:1E:A4:9E:BC:F9:40:2C:86:20:0D:CD:74:46:B6:C0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91515BC/164D92B2C47111EDA9C5CB60C4F9AE02/TKiQNnsepJ68-UAshiANzXRGtsA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TKiQNnsepJ68-UAshiANzXRGtsA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91515BC/164D92B2C47111EDA9C5CB60C4F9AE02/TKiQNnsepJ68-UAshiANzXRGtsA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 91:af:ba:bb:14:e9:a5:1b:d6:b9:62:19:39:12:19:e2:b3:52: 9b:34:f4:f8:81:db:1b:4d:98:4e:55:7e:4b:bf:09:21:c1:4a: 9c:dd:75:1b:83:80:e0:29:7c:3a:90:89:46:82:1f:6a:15:b3: 3c:84:c7:34:a8:29:32:4f:de:02:8e:ae:25:c6:b8:be:c1:ac: 53:dd:7a:fb:53:c1:dc:93:c5:bf:41:b9:d7:31:1b:49:94:22: 20:d8:4f:12:0f:57:13:12:fb:5c:2a:ff:1d:ee:a0:9f:3e:cb: 4a:04:96:d8:a5:c0:5c:6d:de:e8:ed:e4:6a:65:8e:43:2a:ef: 2d:b6:d0:78:b2:1d:bd:17:58:ad:fa:fa:b4:b3:9b:51:ce:97: 78:d5:ed:b2:27:92:72:70:76:99:58:a7:6a:4e:f0:72:a6:e6: f3:81:16:d0:b9:d5:58:d3:b6:0a:4e:08:69:26:c5:01:4f:8d: af:0d:d2:5d:e7:84:42:ad:85:5d:0e:46:cd:0c:65:d8:14:43: a9:9c:a3:df:f2:7d:56:cd:cc:8d:55:b0:18:bc:e8:ec:d0:e8: 94:c5:5e:49:3b:ff:58:17:3e:a9:5d:d1:d8:a2:66:d9:96:f6: ce:f6:db:28:91:a7:8b:70:55:d9:49:c8:be:65:de:2a:e6:1e: 41:9a:4c:33 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAcowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTE1QkMxMTAvBgNVBAUTKDRDQTg5MDM2N0IxRUE0OUVCQ0Y5NDAyQzg2MjAwRENE NzQ0NkI2QzAwHhcNMjUwODIxMDI1OTU4WhcNMjUwODI4MDI1OTU4WjAYMRYwFAYD VQQDEw02OGE2OGJhZi05NWJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1WeAOiMChWgv2YH+/+CjfVrMD8PgZlQMNmiPCn9YH1XbdY9QTEXCTxjvUuW5 tMYF96Hp5nl1wBLBB59eSgXHWjLeiUWRWXQs5CnwLtlAjkPdUx0Jqk5Lv1tV1ROT vRBBK8+/nIA2rTNQhMsqD28M3iNrR0gSZDCaXORbiT303DymvE/wePTeLl7ks9pb JBNcLmn+lCXGTSW3FhQKbr+Dfl920oWx8rrr9RIiTjvPrhC555Pv9/tw9VUbckXZ IXiS+w8mnElxrPg74SIsHqmcjk/wSMGPoe87NjRuEEHkLYmuHZ/g1aeT/z0Ji1Q9 LH8MQwb6SJdfNEyIyeETDT6J5QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAq8IWNz QNXRveslKdax4ldmTQBUMB8GA1UdIwQYMBaAFEyokDZ7HqSevPlALIYgDc10RrbA MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTVCQy8xNjREOTJCMkM0 NzExMUVEQTlDNUNCNjBDNEY5QUUwMi9US2lRTm5zZXBKNjgtVUFzaGlBTnpYUkd0 c0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1RLaVFObnNlcEo2OC1VQXNoaUFOelhSR3RzQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 MTVCQy8xNjREOTJCMkM0NzExMUVEQTlDNUNCNjBDNEY5QUUwMi9US2lRTm5zZXBK NjgtVUFzaGlBTnpYUkd0c0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCRr7q7FOmlG9a5Yhk5Ehnis1KbNPT4gdsbTZhOVX5LvwkhwUqc3XUb g4DgKXw6kIlGgh9qFbM8hMc0qCkyT94Cjq4lxri+waxT3Xr7U8Hck8W/QbnXMRtJ lCIg2E8SD1cTEvtcKv8d7qCfPstKBJbYpcBcbd7o7eRqZY5DKu8tttB4sh29F1it +vq0s5tRzpd41e2yJ5JycHaZWKdqTvBypubzgRbQudVY07YKTghpJsUBT42vDdJd 54RCrYVdDkbNDGXYFEOpnKPf8n1WzcyNVbAYvOjs0OiUxV5JO/9YFz6pXdHYombZ lvbO9tsokaeLcFXZSci+Zd4q5h5Bmkwz -----END CERTIFICATE-----Generated at Fri Aug 22 16:38:23 2025 by rpki-client