$ rpki-client -vvf rpki.apnic.net/member_repository/A91180E8/3A9FAC54E9D611EF8D04B677C4F9AE02/Z_KbNaiUKqa39Brvs0oGdv1pUJc.mft File: Z_KbNaiUKqa39Brvs0oGdv1pUJc.mft (raw, json) Hash identifier: Q/xra7Hkt+aUFkSf1/4GT9XtiNNW+bMrBPpJF+hmpio= Subject key identifier: 38:92:DF:FF:92:D6:10:A3:0F:12:B7:85:79:C3:9D:A8:D7:16:3A:C4 Authority key identifier: 67:F2:9B:35:A8:94:2A:A6:B7:F4:1A:EF:B3:4A:06:76:FD:69:50:97 Certificate issuer: /CN=A91180E8/serialNumber=67F29B35A8942AA6B7F41AEFB34A0676FD695097 Certificate serial: 19 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z_KbNaiUKqa39Brvs0oGdv1pUJc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91180E8/3A9FAC54E9D611EF8D04B677C4F9AE02/Z_KbNaiUKqa39Brvs0oGdv1pUJc.mft Manifest number: 18 Signing time: Sat 29 Mar 2025 07:15:50 +0000 Manifest this update: Sat 29 Mar 2025 07:15:49 +0000 Manifest next update: Sat 05 Apr 2025 07:15:49 +0000 Files and hashes: 1: Z_KbNaiUKqa39Brvs0oGdv1pUJc.crl (hash: LJWeRZqJHL277Zjo1scYEfFXmxcpNfQalGRLCL/fdbA=) 2: E368BEF2E9D611EFAC604979C4F9AE02.roa (hash: HfXLWtads28iS5LrLz0AFXei2F6BGIFKfg02w7QPxkY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91180E8/3A9FAC54E9D611EF8D04B677C4F9AE02/Z_KbNaiUKqa39Brvs0oGdv1pUJc.crl rsync://rpki.apnic.net/member_repository/A91180E8/3A9FAC54E9D611EF8D04B677C4F9AE02/Z_KbNaiUKqa39Brvs0oGdv1pUJc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z_KbNaiUKqa39Brvs0oGdv1pUJc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 05:08:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25 (0x19) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91180E8 Validity Not Before: Mar 29 07:15:49 2025 GMT Not After : Apr 5 07:15:49 2025 GMT Subject: CN=67e79e25-c82e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:68:4e:67:a0:ca:e9:ae:34:bc:d6:57:36:68: 04:39:e2:61:50:00:a7:da:6a:d4:d2:59:b4:08:b4: 32:2b:5a:c3:f8:ab:21:ea:98:5d:62:05:5d:65:ec: 87:b9:be:61:71:39:b5:4b:6c:c9:60:fb:4c:21:7d: f7:27:10:18:a0:a0:67:3c:68:e5:13:df:47:4a:0a: bb:d2:30:f3:5a:26:31:4d:6e:6a:10:3b:53:83:1f: 61:e1:e3:ec:cf:b9:9d:f8:22:f2:48:fd:58:4a:ce: d8:ac:82:43:09:a6:3d:50:5b:11:e7:bc:49:0b:c7: 7b:79:86:3a:fb:f6:24:19:5e:01:b0:28:7c:e0:8a: 61:b2:db:ee:43:5c:c1:7c:08:7d:b6:d5:e2:34:9f: 40:a0:66:d5:ca:be:64:0e:ed:72:57:fa:1f:46:96: 4a:89:1e:4a:19:98:36:cb:41:c2:98:ef:7d:f7:c4: 84:9f:53:f0:1d:0f:28:a2:7c:ef:2d:29:d5:ea:07: e8:62:0f:2d:98:f7:c1:43:d3:0f:33:9a:85:15:0c: 1b:1e:49:0e:ab:89:b7:7b:06:3e:c8:5d:2d:e7:36: 03:c0:89:b8:b7:8c:58:4e:da:f6:f7:08:bd:f6:0e: 1f:69:db:f5:76:38:b3:93:df:cc:d6:a6:63:4b:24: b8:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:92:DF:FF:92:D6:10:A3:0F:12:B7:85:79:C3:9D:A8:D7:16:3A:C4 X509v3 Authority Key Identifier: keyid:67:F2:9B:35:A8:94:2A:A6:B7:F4:1A:EF:B3:4A:06:76:FD:69:50:97 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91180E8/3A9FAC54E9D611EF8D04B677C4F9AE02/Z_KbNaiUKqa39Brvs0oGdv1pUJc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z_KbNaiUKqa39Brvs0oGdv1pUJc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91180E8/3A9FAC54E9D611EF8D04B677C4F9AE02/Z_KbNaiUKqa39Brvs0oGdv1pUJc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 88:ce:6c:c3:dc:0a:0c:41:68:60:5d:e3:74:6c:7f:81:86:e8: 86:8a:d8:87:53:f2:a3:a3:f1:ef:89:b3:eb:31:95:9f:6d:ca: f5:a9:01:dc:3d:b5:85:ac:48:c8:3d:bd:71:4b:35:35:3e:3d: 73:f0:04:17:f6:fe:45:fd:b3:3e:93:f4:2b:6e:45:c5:45:22: a8:99:a4:5b:c7:40:b8:80:be:e9:31:5d:16:c2:7f:3b:0c:fe: 83:ce:40:65:8d:7c:de:d9:ea:ec:8a:11:8e:01:56:c5:ce:8c: 3e:f1:ee:36:c1:c4:45:d9:d6:92:86:d1:b7:7e:56:71:ed:c9: 16:ef:c0:4c:74:a1:cf:7e:6f:5c:cd:89:f5:26:a6:cc:f7:91: 00:11:82:19:0f:68:ba:24:cb:33:91:0e:71:8c:2c:9a:bf:75: a4:94:26:c2:65:63:7a:af:0a:26:06:ee:e5:47:bd:ca:11:9f: c0:2e:de:fb:68:71:09:4e:60:f3:87:ef:75:e2:0b:3e:c4:3c: b7:f4:95:1c:e0:af:3a:e6:e8:c2:9b:52:96:57:11:8b:98:3f: 8a:f6:a2:11:8e:6f:c5:0f:2a:08:5a:0d:2c:b5:c8:64:1a:a4: 9c:0e:3a:4e:ef:7e:06:ce:30:02:e1:1b:14:5d:b9:f1:c4:ba: 16:e8:fd:c3 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBGTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx ODBFODExMC8GA1UEBRMoNjdGMjlCMzVBODk0MkFBNkI3RjQxQUVGQjM0QTA2NzZG RDY5NTA5NzAeFw0yNTAzMjkwNzE1NDlaFw0yNTA0MDUwNzE1NDlaMBgxFjAUBgNV BAMTDTY3ZTc5ZTI1LWM4MmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDHaE5noMrprjS81lc2aAQ54mFQAKfaatTSWbQItDIrWsP4qyHqmF1iBV1l7Ie5 vmFxObVLbMlg+0whffcnEBigoGc8aOUT30dKCrvSMPNaJjFNbmoQO1ODH2Hh4+zP uZ34IvJI/VhKztisgkMJpj1QWxHnvEkLx3t5hjr79iQZXgGwKHzgimGy2+5DXMF8 CH221eI0n0CgZtXKvmQO7XJX+h9GlkqJHkoZmDbLQcKY7333xISfU/AdDyiifO8t KdXqB+hiDy2Y98FD0w8zmoUVDBseSQ6ribd7Bj7IXS3nNgPAibi3jFhO2vb3CL32 Dh9p2/V2OLOT38zWpmNLJLjPAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUOJLf/5LW EKMPEreFecOdqNcWOsQwHwYDVR0jBBgwFoAUZ/KbNaiUKqa39Brvs0oGdv1pUJcw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTE4MEU4LzNBOUZBQzU0RTlE NjExRUY4RDA0QjY3N0M0RjlBRTAyL1pfS2JOYWlVS3FhMzlCcnZzMG9HZHYxcFVK Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvWl9LYk5haVVLcWEzOUJydnMwb0dkdjFwVUpjLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTE4 MEU4LzNBOUZBQzU0RTlENjExRUY4RDA0QjY3N0M0RjlBRTAyL1pfS2JOYWlVS3Fh MzlCcnZzMG9HZHYxcFVKYy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAIjObMPcCgxBaGBd43Rsf4GG6IaK2IdT8qOj8e+Js+sxlZ9tyvWpAdw9 tYWsSMg9vXFLNTU+PXPwBBf2/kX9sz6T9CtuRcVFIqiZpFvHQLiAvukxXRbCfzsM /oPOQGWNfN7Z6uyKEY4BVsXOjD7x7jbBxEXZ1pKG0bd+VnHtyRbvwEx0oc9+b1zN ifUmpsz3kQARghkPaLokyzORDnGMLJq/daSUJsJlY3qvCiYG7uVHvcoRn8Au3vto cQlOYPOH73XiCz7EPLf0lRzgrzrm6MKbUpZXEYuYP4r2ohGOb8UPKghaDSy1yGQa pJwOOk7vfgbOMALhGxRdufHEuhbo/cM= -----END CERTIFICATE-----Generated at Fri Apr 4 22:24:52 2025 by rpki-client