$ rpki-client -vvf rpki.apnic.net/member_repository/A911A557/92683E3AE86C11EFB232056EC4F9AE02/Z849nCahS83_mzOU0zVXZoIYoVY.mft File: Z849nCahS83_mzOU0zVXZoIYoVY.mft (raw, json) Hash identifier: FqZJFU3PzBAezbWB560Re8Ar+Q+TQi2gvObtxAtJP+I= Subject key identifier: 3A:24:41:43:E0:16:BF:83:47:EC:A6:E3:8C:9C:A5:E4:34:B4:F9:88 Authority key identifier: 67:CE:3D:9C:26:A1:4B:CD:FF:9B:33:94:D3:35:57:66:82:18:A1:56 Certificate issuer: /CN=A911A557/serialNumber=67CE3D9C26A14BCDFF9B3394D33557668218A156 Certificate serial: 1C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z849nCahS83_mzOU0zVXZoIYoVY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911A557/92683E3AE86C11EFB232056EC4F9AE02/Z849nCahS83_mzOU0zVXZoIYoVY.mft Manifest number: 1A Signing time: Sat 29 Mar 2025 07:14:58 +0000 Manifest this update: Sat 29 Mar 2025 07:14:57 +0000 Manifest next update: Sat 05 Apr 2025 07:14:57 +0000 Files and hashes: 1: Z849nCahS83_mzOU0zVXZoIYoVY.crl (hash: fylCr4l787Fy/eQ9YM7JDjo7bJC8ZPe+URB9l7DIOSM=) 2: C1D2BAAAE87711EFBE7C537EC4F9AE02.roa (hash: 2LLb2r4TKV4C4xm7YgWWNmxZBFTpcVu/mQPHS2qVAXs=) 3: 4550C0B2E86D11EF9AF14D6FC4F9AE02.roa (hash: 4BAJS9jEp9Ynl4OHeHezZt4j8Xs2i+3cxugcfAGWWgI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911A557/92683E3AE86C11EFB232056EC4F9AE02/Z849nCahS83_mzOU0zVXZoIYoVY.crl rsync://rpki.apnic.net/member_repository/A911A557/92683E3AE86C11EFB232056EC4F9AE02/Z849nCahS83_mzOU0zVXZoIYoVY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z849nCahS83_mzOU0zVXZoIYoVY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 05:08:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28 (0x1c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911A557 Validity Not Before: Mar 29 07:14:57 2025 GMT Not After : Apr 5 07:14:57 2025 GMT Subject: CN=67e79df1-5cf8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:60:93:bd:1f:ca:73:bf:69:f5:85:8d:cc:1d: e6:a8:03:38:f1:2b:49:ab:a0:54:02:1f:68:4d:49: f9:82:46:83:a8:ba:28:e8:9c:e9:ed:33:22:8a:4f: f1:d8:a6:5a:66:18:21:54:63:01:d7:ae:f6:42:f7: b8:86:42:0d:1e:62:d1:62:08:9e:ea:9c:fc:61:90: b5:8b:ff:4b:ab:0a:3c:9f:14:26:43:6b:e2:f9:94: 50:84:19:9b:2d:70:cf:5d:a7:5f:0b:70:64:6e:56: 49:b8:8e:1b:18:b7:7c:2e:a0:57:a7:bc:dd:9f:04: 9e:26:32:d9:52:9a:77:a0:03:f3:88:a9:e7:fa:71: 80:ea:04:fe:4c:0f:85:73:1d:9d:84:43:f3:fc:2a: c7:70:2b:63:7b:28:08:09:4d:f5:fc:2e:be:12:8d: 9f:4f:d5:e0:4d:6a:60:66:f6:e8:aa:8d:af:86:78: 53:35:7d:91:eb:b0:1a:30:d0:ff:4b:de:f2:d5:6c: 4f:fd:dc:db:c4:59:47:5c:1a:85:b1:61:4f:c8:28: 76:8a:bb:9d:5b:bf:42:20:af:68:31:98:2d:fa:04: 42:97:07:de:55:0b:27:9f:e1:b2:1c:62:bd:7b:f6: 75:38:6d:27:dc:33:da:4f:6d:31:f1:32:58:b7:20: ce:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:24:41:43:E0:16:BF:83:47:EC:A6:E3:8C:9C:A5:E4:34:B4:F9:88 X509v3 Authority Key Identifier: keyid:67:CE:3D:9C:26:A1:4B:CD:FF:9B:33:94:D3:35:57:66:82:18:A1:56 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911A557/92683E3AE86C11EFB232056EC4F9AE02/Z849nCahS83_mzOU0zVXZoIYoVY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z849nCahS83_mzOU0zVXZoIYoVY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911A557/92683E3AE86C11EFB232056EC4F9AE02/Z849nCahS83_mzOU0zVXZoIYoVY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 74:b1:3a:e2:9a:c0:75:a5:46:ad:48:8e:d7:bd:be:7a:54:47: a6:4a:18:a9:5d:d4:a8:cb:01:fd:97:98:7d:1c:35:fd:6d:8d: 58:52:12:de:99:97:e6:06:d8:59:4e:4e:76:a8:d5:fd:4f:c8: f5:d5:5d:1d:a8:82:48:03:8a:8d:98:46:b2:6a:69:24:79:1e: 5f:de:ad:f8:ab:1b:6c:cf:fa:50:d1:79:ea:53:ed:23:57:60: 3c:e1:be:f6:20:87:2d:14:91:d0:c9:c2:ec:5d:38:7e:2e:2f: 54:02:cd:45:b8:59:6c:aa:8f:38:d7:e4:92:b6:d6:c4:e6:db: ab:a7:63:40:01:00:5f:00:5c:b1:cd:0f:fe:23:11:f3:05:df: 75:19:18:7d:5c:28:c3:5d:79:af:65:38:e3:ac:00:c8:fb:e7: 3e:5c:5c:ac:45:ef:98:ab:3c:a6:6a:6e:03:fa:42:3e:1f:8c: 68:e6:43:f5:fe:a0:05:91:e7:28:ff:4a:20:2a:a3:2a:3b:af: e2:ef:01:a6:d1:7d:db:4d:f3:57:37:5f:8d:79:f4:ed:03:bd: 3f:ac:6e:13:ba:19:78:82:9e:f6:9f:3a:a4:9b:18:12:69:56: c2:d6:91:d9:6e:1a:43:2f:ad:0f:fd:45:52:6a:ec:e0:4d:95: 17:14:39:b4 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBHDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx QTU1NzExMC8GA1UEBRMoNjdDRTNEOUMyNkExNEJDREZGOUIzMzk0RDMzNTU3NjY4 MjE4QTE1NjAeFw0yNTAzMjkwNzE0NTdaFw0yNTA0MDUwNzE0NTdaMBgxFjAUBgNV BAMTDTY3ZTc5ZGYxLTVjZjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDFYJO9H8pzv2n1hY3MHeaoAzjxK0mroFQCH2hNSfmCRoOouijonOntMyKKT/HY plpmGCFUYwHXrvZC97iGQg0eYtFiCJ7qnPxhkLWL/0urCjyfFCZDa+L5lFCEGZst cM9dp18LcGRuVkm4jhsYt3wuoFenvN2fBJ4mMtlSmnegA/OIqef6cYDqBP5MD4Vz HZ2EQ/P8KsdwK2N7KAgJTfX8Lr4SjZ9P1eBNamBm9uiqja+GeFM1fZHrsBow0P9L 3vLVbE/93NvEWUdcGoWxYU/IKHaKu51bv0Igr2gxmC36BEKXB95VCyef4bIcYr17 9nU4bSfcM9pPbTHxMli3IM7FAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUOiRBQ+AW v4NH7KbjjJyl5DS0+YgwHwYDVR0jBBgwFoAUZ849nCahS83/mzOU0zVXZoIYoVYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFBNTU3LzkyNjgzRTNBRTg2 QzExRUZCMjMyMDU2RUM0RjlBRTAyL1o4NDluQ2FoUzgzX216T1UwelZYWm9JWW9W WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvWjg0OW5DYWhTODNfbXpPVTB6Vlhab0lZb1ZZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFB NTU3LzkyNjgzRTNBRTg2QzExRUZCMjMyMDU2RUM0RjlBRTAyL1o4NDluQ2FoUzgz X216T1UwelZYWm9JWW9WWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHSxOuKawHWlRq1Ijte9vnpUR6ZKGKld1KjLAf2XmH0cNf1tjVhSEt6Z l+YG2FlOTnao1f1PyPXVXR2ogkgDio2YRrJqaSR5Hl/erfirG2zP+lDReepT7SNX YDzhvvYghy0UkdDJwuxdOH4uL1QCzUW4WWyqjzjX5JK21sTm26unY0ABAF8AXLHN D/4jEfMF33UZGH1cKMNdea9lOOOsAMj75z5cXKxF75irPKZqbgP6Qj4fjGjmQ/X+ oAWR5yj/SiAqoyo7r+LvAabRfdtN81c3X4159O0DvT+sbhO6GXiCnvafOqSbGBJp VsLWkdluGkMvrQ/9RVJq7OBNlRcUObQ= -----END CERTIFICATE-----Generated at Fri Apr 4 22:26:56 2025 by rpki-client