$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3B25/7E892CC2F61511E7B830096DC4F9AE02/tlTdX1sVILMlvAnEv0yt88r7NCk.mft File: tlTdX1sVILMlvAnEv0yt88r7NCk.mft (raw, json) Hash identifier: MpBxd8sMel6ADfNjTRSRzxt9zfTnQ0c4STfcgwsIL74= Subject key identifier: 1F:CF:00:A0:CB:B3:9E:21:31:C1:B5:3C:9F:55:FE:10:52:DC:6B:31 Authority key identifier: B6:54:DD:5F:5B:15:20:B3:25:BC:09:C4:BF:4C:AD:F3:CA:FB:34:29 Certificate issuer: /CN=A91E3B25/serialNumber=B654DD5F5B1520B325BC09C4BF4CADF3CAFB3429 Certificate serial: 090A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tlTdX1sVILMlvAnEv0yt88r7NCk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3B25/7E892CC2F61511E7B830096DC4F9AE02/tlTdX1sVILMlvAnEv0yt88r7NCk.mft Manifest number: 1FC1 Signing time: Fri 30 May 2025 16:51:08 +0000 Manifest this update: Fri 30 May 2025 16:51:07 +0000 Manifest next update: Fri 06 Jun 2025 16:51:07 +0000 Files and hashes: 1: tlTdX1sVILMlvAnEv0yt88r7NCk.crl (hash: MsioDySPhKmxjEFDSzc9/UXhjxnDNE+T9dPxiA5cTkY=) 2: 3D13A01EA9AB11EAA4DBEA5EC4F9AE02.roa (hash: Lmn08n30AiKaOdta7GpDKIWNdyU/iej42lU+unei0xc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3B25/7E892CC2F61511E7B830096DC4F9AE02/tlTdX1sVILMlvAnEv0yt88r7NCk.crl rsync://rpki.apnic.net/member_repository/A91E3B25/7E892CC2F61511E7B830096DC4F9AE02/tlTdX1sVILMlvAnEv0yt88r7NCk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tlTdX1sVILMlvAnEv0yt88r7NCk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 16:51:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2314 (0x90a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3B25, serialNumber=B654DD5F5B1520B325BC09C4BF4CADF3CAFB3429 Validity Not Before: May 30 16:51:07 2025 GMT Not After : Jun 6 16:51:07 2025 GMT Subject: CN=6839e1fb-2c92 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:ef:28:ef:c2:46:74:19:6c:81:b6:e0:bc:b7: f7:86:54:4d:ae:be:b7:96:e2:25:66:55:e2:a7:13: 7a:be:22:89:c9:ac:53:a0:16:bc:cf:c7:49:e0:20: 4b:65:c1:e3:8f:b0:b7:99:76:d2:b1:4b:d9:07:d7: 72:4d:ea:35:50:be:f7:67:0e:8d:ce:e3:34:e7:14: 8d:02:de:93:5a:7b:08:d7:72:de:19:46:87:65:e8: 4a:c2:cc:d8:6e:e9:8a:ff:3d:75:86:28:33:47:07: ad:92:6e:cb:fe:dc:ee:c5:df:61:b4:e6:e6:8b:d7: 91:b5:07:54:d0:43:e0:c9:95:0f:e7:63:18:11:69: c4:cf:1f:77:ce:05:54:7e:8a:19:d2:6a:ff:45:71: eb:81:90:69:54:14:a0:cd:e6:25:c1:ab:75:be:70: 25:4f:2a:47:08:6d:08:79:77:4d:ee:98:90:e8:e0: fc:f1:36:dc:8d:40:85:0c:1f:89:01:d1:7f:16:47: 6c:c5:b9:72:53:e3:45:e2:7e:dd:f3:36:3f:f3:25: 65:2a:92:36:03:b7:07:fd:40:e2:78:1c:75:c7:19: 2a:1f:57:cf:b0:e7:20:05:26:aa:6f:4e:75:c7:f4: 6c:ca:8d:fe:c0:db:93:40:5a:fd:88:31:cf:2d:58: 2f:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:CF:00:A0:CB:B3:9E:21:31:C1:B5:3C:9F:55:FE:10:52:DC:6B:31 X509v3 Authority Key Identifier: keyid:B6:54:DD:5F:5B:15:20:B3:25:BC:09:C4:BF:4C:AD:F3:CA:FB:34:29 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3B25/7E892CC2F61511E7B830096DC4F9AE02/tlTdX1sVILMlvAnEv0yt88r7NCk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tlTdX1sVILMlvAnEv0yt88r7NCk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3B25/7E892CC2F61511E7B830096DC4F9AE02/tlTdX1sVILMlvAnEv0yt88r7NCk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3e:32:35:30:27:e6:4c:ad:06:3c:50:a8:66:f7:f0:a2:d4:1f: 17:64:85:fb:89:ff:d0:07:58:fa:5a:3e:ec:ef:fc:10:e2:4d: ec:ef:ea:e5:85:13:f8:f8:38:40:8b:4a:b0:62:b7:da:7b:7a: 68:f4:0f:93:fd:54:06:1a:5e:6e:7a:8e:da:03:e6:16:97:7d: 8f:7f:f9:92:1e:da:7e:ae:e2:ae:a0:ec:ba:a8:2a:9d:17:37: ad:2b:ec:b6:b6:ee:14:73:5e:91:94:58:d4:88:ed:8a:ab:90: ca:b0:51:b0:19:f4:26:1f:c6:e9:24:a6:12:bc:51:f8:87:9a: 3b:5c:e9:27:38:d2:de:72:c2:10:91:99:78:a8:0a:f2:52:76: d0:00:dd:3f:4a:36:ff:0f:ef:fe:7a:b9:2f:fe:2a:82:45:f4: 24:3b:2e:46:b7:00:c6:1c:54:92:71:4a:08:69:c3:58:d1:00: 5b:d0:f5:f4:1c:d7:c4:58:79:06:6d:e1:ab:35:2f:f3:45:56: 0d:0e:e9:1e:8f:4a:f1:71:33:79:d5:7c:5e:76:a4:7c:38:58: 18:a8:3e:aa:9e:44:ea:87:4a:30:cc:48:fb:ee:c5:ae:88:1b: 22:09:e0:3a:04:3f:05:4e:aa:c9:e2:ab:dd:6e:22:42:51:f1: 80:67:8a:79 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCQowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNCMjUxMTAvBgNVBAUTKEI2NTRERDVGNUIxNTIwQjMyNUJDMDlDNEJGNENBREYz Q0FGQjM0MjkwHhcNMjUwNTMwMTY1MTA3WhcNMjUwNjA2MTY1MTA3WjAYMRYwFAYD VQQDEw02ODM5ZTFmYi0yYzkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3+8o78JGdBlsgbbgvLf3hlRNrr63luIlZlXipxN6viKJyaxToBa8z8dJ4CBL ZcHjj7C3mXbSsUvZB9dyTeo1UL73Zw6NzuM05xSNAt6TWnsI13LeGUaHZehKwszY bumK/z11higzRwetkm7L/tzuxd9htObmi9eRtQdU0EPgyZUP52MYEWnEzx93zgVU fooZ0mr/RXHrgZBpVBSgzeYlwat1vnAlTypHCG0IeXdN7piQ6OD88TbcjUCFDB+J AdF/FkdsxblyU+NF4n7d8zY/8yVlKpI2A7cH/UDieBx1xxkqH1fPsOcgBSaqb051 x/Rsyo3+wNuTQFr9iDHPLVgvdwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB/PAKDL s54hMcG1PJ9V/hBS3GsxMB8GA1UdIwQYMBaAFLZU3V9bFSCzJbwJxL9MrfPK+zQp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0IyNS83RTg5MkNDMkY2 MTUxMUU3QjgzMDA5NkRDNEY5QUUwMi90bFRkWDFzVklMTWx2QW5FdjB5dDg4cjdO Q2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RsVGRYMXNWSUxNbHZBbkV2MHl0ODhyN05Day5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF M0IyNS83RTg5MkNDMkY2MTUxMUU3QjgzMDA5NkRDNEY5QUUwMi90bFRkWDFzVklM TWx2QW5FdjB5dDg4cjdOQ2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA+MjUwJ+ZMrQY8UKhm9/Ci1B8XZIX7if/QB1j6Wj7s7/wQ4k3s7+rl hRP4+DhAi0qwYrfae3po9A+T/VQGGl5ueo7aA+YWl32Pf/mSHtp+ruKuoOy6qCqd FzetK+y2tu4Uc16RlFjUiO2Kq5DKsFGwGfQmH8bpJKYSvFH4h5o7XOknONLecsIQ kZl4qAryUnbQAN0/Sjb/D+/+erkv/iqCRfQkOy5GtwDGHFSScUoIacNY0QBb0PX0 HNfEWHkGbeGrNS/zRVYNDukej0rxcTN51XxedqR8OFgYqD6qnkTqh0owzEj77sWu iBsiCeA6BD8FTqrJ4qvdbiJCUfGAZ4p5 -----END CERTIFICATE-----Generated at Sat May 31 16:42:02 2025 by rpki-client