$ rpki-client -vvf rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.mft File: AO-zr_90_WIfS42RFpt6HEOzlBc.mft (raw, json) Hash identifier: yjU0sX0OWKpmaZU4Jhd1bBMmmeUjjom3CrdBrzsJVRI= Subject key identifier: 18:F4:20:0E:E1:52:3E:B0:48:F1:BC:8A:38:F3:3B:1B:A3:EB:72:1E Authority key identifier: 00:EF:B3:AF:FF:74:FD:62:1F:4B:8D:91:16:9B:7A:1C:43:B3:94:17 Certificate issuer: /CN=A912C8FA/serialNumber=00EFB3AFFF74FD621F4B8D91169B7A1C43B39417 Certificate serial: 016B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AO-zr_90_WIfS42RFpt6HEOzlBc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.mft Manifest number: 0163 Signing time: Wed 23 Jul 2025 04:16:31 +0000 Manifest this update: Wed 23 Jul 2025 04:16:31 +0000 Manifest next update: Wed 30 Jul 2025 04:16:31 +0000 Files and hashes: 1: AO-zr_90_WIfS42RFpt6HEOzlBc.crl (hash: 2kTw+v9Mu1gR/n+fiLGUgu1jRmhw11VOXxPHPhVtau0=) 2: A80498FABAAB11EEBA024655C4F9AE02.roa (hash: g6wCJDrtHyuCox1Dak/0D/0mdLei/24CwRHwHNh/Oi8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.crl rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AO-zr_90_WIfS42RFpt6HEOzlBc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Jul 2025 04:16:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 363 (0x16b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912C8FA, serialNumber=00EFB3AFFF74FD621F4B8D91169B7A1C43B39417 Validity Not Before: Jul 23 04:16:31 2025 GMT Not After : Jul 30 04:16:31 2025 GMT Subject: CN=6880621f-4c52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:3c:98:02:68:9e:ef:53:e0:0c:55:c2:b5:a3: 12:4d:70:4f:e8:34:63:f9:d1:84:9a:76:d7:4c:65: 54:bb:10:7b:3b:6a:08:2f:48:d3:87:53:9a:5e:9f: 03:f5:e3:51:ae:1b:46:d0:33:9b:55:5c:7b:82:22: b6:6a:10:da:84:c8:05:cb:1f:44:d1:0e:98:3e:50: 38:12:aa:53:70:35:01:f3:4f:da:a9:0b:4f:5d:44: 8b:2e:dd:dd:6c:d4:66:24:ca:bf:a9:8e:8f:5c:7e: a0:f0:21:9f:d2:e9:1e:ab:33:f9:aa:8a:a5:24:20: 8d:8a:44:67:7b:ff:71:62:46:8c:34:be:2d:fa:4f: 82:f2:52:e0:53:22:0b:76:27:79:13:03:ae:f5:6a: a4:39:6b:46:70:39:0c:2c:2c:12:d1:87:67:5c:5a: bd:ec:51:1a:a2:97:6e:75:7c:73:56:dd:8f:01:81: ef:ae:39:02:7b:fc:b1:a7:18:42:da:b3:61:30:1f: 9d:f3:9c:a3:54:8f:f6:c4:19:ed:66:ee:f7:89:42: eb:e9:0e:f3:20:4f:ab:56:18:64:87:7e:40:11:f6: 64:58:01:8e:3a:b8:2f:40:8d:5b:67:60:42:fa:c6: 4b:78:f2:7f:31:d7:44:04:40:70:ca:dc:1c:e9:c9: 80:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:F4:20:0E:E1:52:3E:B0:48:F1:BC:8A:38:F3:3B:1B:A3:EB:72:1E X509v3 Authority Key Identifier: keyid:00:EF:B3:AF:FF:74:FD:62:1F:4B:8D:91:16:9B:7A:1C:43:B3:94:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AO-zr_90_WIfS42RFpt6HEOzlBc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2f:8a:71:a5:09:cc:d0:77:c7:ce:0f:d3:c7:05:9d:a5:cb:cb: 47:10:93:7b:69:7e:7f:83:d4:84:5e:5c:67:e9:4d:64:59:da: d3:ea:19:4b:b4:96:05:c2:6c:83:96:35:6a:7b:6d:c2:62:9f: fd:dc:d1:a6:c1:f2:1b:1f:9c:c4:35:58:74:b7:c5:76:53:5d: 93:e2:73:ec:d8:e8:de:d4:fb:0f:e5:7e:cf:37:1a:46:39:0d: 93:4f:65:b0:01:06:5b:58:ab:5d:2a:2d:21:ce:d0:af:bd:43: f2:25:b2:1c:96:0c:ea:27:6b:3b:c9:f6:4f:79:aa:00:7a:95: c5:53:b2:e2:f9:d1:a0:25:a8:ef:b7:dd:c3:7a:82:f8:c3:70: 93:58:59:7b:b2:33:22:d1:e1:fc:6c:1e:48:a5:ba:19:c0:4c: e4:b0:7b:37:62:00:53:a2:a1:65:af:0b:1c:6f:2e:ad:9e:42: 02:f5:d2:4b:0e:65:c2:8b:63:6e:4e:32:6e:de:d4:b6:56:57: dc:1d:6b:3e:0c:55:8c:c3:22:ff:76:08:df:b2:4f:20:34:6c: e4:44:0c:23:e4:a1:f5:d1:b3:f8:f1:65:df:37:3a:96:1c:9e: 69:cd:e4:d2:f3:48:64:c8:2a:e2:bd:d8:50:74:4e:5e:12:f2: f6:ab:aa:61 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAWswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkM4RkExMTAvBgNVBAUTKDAwRUZCM0FGRkY3NEZENjIxRjRCOEQ5MTE2OUI3QTFD NDNCMzk0MTcwHhcNMjUwNzIzMDQxNjMxWhcNMjUwNzMwMDQxNjMxWjAYMRYwFAYD VQQDEw02ODgwNjIxZi00YzUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7TyYAmie71PgDFXCtaMSTXBP6DRj+dGEmnbXTGVUuxB7O2oIL0jTh1OaXp8D 9eNRrhtG0DObVVx7giK2ahDahMgFyx9E0Q6YPlA4EqpTcDUB80/aqQtPXUSLLt3d bNRmJMq/qY6PXH6g8CGf0ukeqzP5qoqlJCCNikRne/9xYkaMNL4t+k+C8lLgUyIL did5EwOu9WqkOWtGcDkMLCwS0YdnXFq97FEaopdudXxzVt2PAYHvrjkCe/yxpxhC 2rNhMB+d85yjVI/2xBntZu73iULr6Q7zIE+rVhhkh35AEfZkWAGOOrgvQI1bZ2BC +sZLePJ/MddEBEBwytwc6cmALwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBj0IA7h Uj6wSPG8ijjzOxuj63IeMB8GA1UdIwQYMBaAFADvs6//dP1iH0uNkRabehxDs5QX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQzhGQS80MDAzRjkzMDU0 QTMxMUVFQjc1RjQ2ODZDNEY5QUUwMi9BTy16cl85MF9XSWZTNDJSRnB0NkhFT3ps QmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FPLXpyXzkwX1dJZlM0MlJGcHQ2SEVPemxCYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy QzhGQS80MDAzRjkzMDU0QTMxMUVFQjc1RjQ2ODZDNEY5QUUwMi9BTy16cl85MF9X SWZTNDJSRnB0NkhFT3psQmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAvinGlCczQd8fOD9PHBZ2ly8tHEJN7aX5/g9SEXlxn6U1kWdrT6hlL tJYFwmyDljVqe23CYp/93NGmwfIbH5zENVh0t8V2U12T4nPs2Oje1PsP5X7PNxpG OQ2TT2WwAQZbWKtdKi0hztCvvUPyJbIclgzqJ2s7yfZPeaoAepXFU7Li+dGgJajv t93DeoL4w3CTWFl7sjMi0eH8bB5IpboZwEzksHs3YgBToqFlrwscby6tnkIC9dJL DmXCi2NuTjJu3tS2VlfcHWs+DFWMwyL/dgjfsk8gNGzkRAwj5KH10bP48WXfNzqW HJ5pzeTS80hkyCrivdhQdE5eEvL2q6ph -----END CERTIFICATE-----Generated at Thu Jul 24 05:04:44 2025 by rpki-client