$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1E8B/6B38B81645B611EF8AB30A31C4F9AE02/TKAS9bToBGfvDuxPjAJEoj1WmbU.mft File: TKAS9bToBGfvDuxPjAJEoj1WmbU.mft (raw, json) Hash identifier: iNE5071VU5mCoz/B/bbZyA/ilxUW4nIioHw3eQmr+g4= Subject key identifier: 0C:74:71:51:63:F6:3C:D7:23:97:8D:FD:4F:53:E5:5B:7C:6A:B1:E5 Authority key identifier: 4C:A0:12:F5:B4:E8:04:67:EF:0E:EC:4F:8C:02:44:A2:3D:56:99:B5 Certificate issuer: /CN=A91B1E8B/serialNumber=4CA012F5B4E80467EF0EEC4F8C0244A23D5699B5 Certificate serial: A2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TKAS9bToBGfvDuxPjAJEoj1WmbU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B1E8B/6B38B81645B611EF8AB30A31C4F9AE02/TKAS9bToBGfvDuxPjAJEoj1WmbU.mft Manifest number: A2 Signing time: Sat 31 May 2025 05:47:57 +0000 Manifest this update: Sat 31 May 2025 05:47:57 +0000 Manifest next update: Sat 07 Jun 2025 05:47:57 +0000 Files and hashes: 1: TKAS9bToBGfvDuxPjAJEoj1WmbU.crl (hash: 7Jr/mEjEW24qtF72kGz3HJnnBALfCgn2JQ64Sg6Zv0k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B1E8B/6B38B81645B611EF8AB30A31C4F9AE02/TKAS9bToBGfvDuxPjAJEoj1WmbU.crl rsync://rpki.apnic.net/member_repository/A91B1E8B/6B38B81645B611EF8AB30A31C4F9AE02/TKAS9bToBGfvDuxPjAJEoj1WmbU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TKAS9bToBGfvDuxPjAJEoj1WmbU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 05:47:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 162 (0xa2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B1E8B, serialNumber=4CA012F5B4E80467EF0EEC4F8C0244A23D5699B5 Validity Not Before: May 31 05:47:57 2025 GMT Not After : Jun 7 05:47:57 2025 GMT Subject: CN=683a980d-b105 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:0b:08:5b:4b:17:72:60:4e:54:e6:4a:11:8a: 95:78:ab:72:21:3c:d9:2c:2e:70:c5:7c:ad:a9:1d: 9c:63:c2:44:ff:c6:61:c7:4d:e4:ef:54:48:99:a7: b9:88:9e:15:ef:3e:65:dd:f2:18:45:8a:9e:77:88: c1:69:58:44:c8:84:20:12:bf:ed:51:de:5d:89:b4: 41:b5:ec:c7:e6:64:ba:10:b1:01:2b:26:7a:da:41: 23:d2:fe:b4:1d:c7:62:25:8c:26:b8:c4:12:d7:70: 16:4e:7f:06:6b:da:59:2f:6e:7b:9b:0a:c7:ae:38: d2:b4:68:7c:91:a3:c3:f6:b7:e2:d1:bf:45:0c:65: 38:e3:c8:e6:c3:be:21:a7:ae:53:7f:f3:74:2c:32: b7:2c:38:6d:34:39:12:93:42:0a:3b:4a:7a:f0:f5: 74:c2:41:1d:54:51:64:44:42:a9:ed:e8:c1:5d:e4: b9:97:70:d8:77:aa:b1:44:d4:7c:62:34:02:05:b2: e1:a2:6c:f9:1c:4e:1a:2f:ee:33:ad:e5:97:f2:04: 78:f9:b2:df:5b:d5:81:e8:f3:2e:cc:ba:4d:3d:29: ab:78:33:be:de:e7:2e:6f:cd:d1:67:d7:f7:1e:a3: 0d:64:66:f1:fa:a2:f9:6a:2c:3b:3f:04:8a:d2:b0: 9d:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:74:71:51:63:F6:3C:D7:23:97:8D:FD:4F:53:E5:5B:7C:6A:B1:E5 X509v3 Authority Key Identifier: keyid:4C:A0:12:F5:B4:E8:04:67:EF:0E:EC:4F:8C:02:44:A2:3D:56:99:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B1E8B/6B38B81645B611EF8AB30A31C4F9AE02/TKAS9bToBGfvDuxPjAJEoj1WmbU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TKAS9bToBGfvDuxPjAJEoj1WmbU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1E8B/6B38B81645B611EF8AB30A31C4F9AE02/TKAS9bToBGfvDuxPjAJEoj1WmbU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 34:95:b3:2c:1b:9e:9f:a7:01:85:f6:1d:85:5a:2d:c5:52:8d: 3e:df:c5:e6:a1:d7:63:88:73:2b:84:a5:5d:e6:38:71:23:b4: 1b:e2:b6:49:70:77:4b:cb:2b:9d:c7:e9:8d:14:a4:21:e3:e3: 2f:f4:46:86:dd:2e:7b:73:04:04:a1:d0:36:ba:9b:e6:a6:33: 39:50:88:9d:4b:e6:b9:87:2b:be:57:e3:ff:1c:55:35:08:d3: c2:ff:b6:dc:f7:34:0e:7a:02:04:51:53:5d:a7:04:86:22:e7: e3:50:04:73:38:07:ea:c4:b4:48:89:85:65:81:39:3c:a9:6d: 74:a8:3d:75:80:22:95:79:a7:06:eb:cb:6e:61:03:66:67:40: 24:8b:4d:c6:a1:6f:04:e6:0b:41:71:80:8d:46:3f:8f:1f:e1: 0b:49:fe:b5:6a:9f:05:11:0c:58:fb:2b:61:8a:e8:3a:fd:67: 7c:a4:9c:12:66:4a:ab:42:71:c6:c2:13:52:c1:bf:97:e9:47: 1f:6b:3b:89:ac:61:39:e3:4e:3c:3d:a0:13:ff:6d:9a:72:34: a5:58:e8:d9:a3:7d:11:a8:9b:c7:7b:3b:cf:ed:5c:ac:77:bf: 9d:3c:ca:26:90:93:36:62:37:ce:7a:39:71:6a:dd:96:fa:88: 71:bf:55:81 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjFFOEIxMTAvBgNVBAUTKDRDQTAxMkY1QjRFODA0NjdFRjBFRUM0RjhDMDI0NEEy M0Q1Njk5QjUwHhcNMjUwNTMxMDU0NzU3WhcNMjUwNjA3MDU0NzU3WjAYMRYwFAYD VQQDEw02ODNhOTgwZC1iMTA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7wsIW0sXcmBOVOZKEYqVeKtyITzZLC5wxXytqR2cY8JE/8Zhx03k71RImae5 iJ4V7z5l3fIYRYqed4jBaVhEyIQgEr/tUd5dibRBtezH5mS6ELEBKyZ62kEj0v60 HcdiJYwmuMQS13AWTn8Ga9pZL257mwrHrjjStGh8kaPD9rfi0b9FDGU448jmw74h p65Tf/N0LDK3LDhtNDkSk0IKO0p68PV0wkEdVFFkREKp7ejBXeS5l3DYd6qxRNR8 YjQCBbLhomz5HE4aL+4zreWX8gR4+bLfW9WB6PMuzLpNPSmreDO+3ucub83RZ9f3 HqMNZGbx+qL5aiw7PwSK0rCd2wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAx0cVFj 9jzXI5eN/U9T5Vt8arHlMB8GA1UdIwQYMBaAFEygEvW06ARn7w7sT4wCRKI9Vpm1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMUU4Qi82QjM4QjgxNjQ1 QjYxMUVGOEFCMzBBMzFDNEY5QUUwMi9US0FTOWJUb0JHZnZEdXhQakFKRW9qMVdt YlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1RLQVM5YlRvQkdmdkR1eFBqQUpFb2oxV21iVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MUU4Qi82QjM4QjgxNjQ1QjYxMUVGOEFCMzBBMzFDNEY5QUUwMi9US0FTOWJUb0JH ZnZEdXhQakFKRW9qMVdtYlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA0lbMsG56fpwGF9h2FWi3FUo0+38XmoddjiHMrhKVd5jhxI7Qb4rZJ cHdLyyudx+mNFKQh4+Mv9EaG3S57cwQEodA2upvmpjM5UIidS+a5hyu+V+P/HFU1 CNPC/7bc9zQOegIEUVNdpwSGIufjUARzOAfqxLRIiYVlgTk8qW10qD11gCKVeacG 68tuYQNmZ0Aki03GoW8E5gtBcYCNRj+PH+ELSf61ap8FEQxY+ythiug6/Wd8pJwS ZkqrQnHGwhNSwb+X6UcfazuJrGE54048PaAT/22acjSlWOjZo30RqJvHezvP7Vys d7+dPMomkJM2YjfOejlxat2W+ohxv1WB -----END CERTIFICATE-----Generated at Sat May 31 15:04:30 2025 by rpki-client