$ rpki-client -vvf rpki.apnic.net/member_repository/A912E87E/8428B9E6A1CF11EF878E6061C4F9AE02/z3nGX0tVAQ-yXObEW4yRnbCToy0.mft File: z3nGX0tVAQ-yXObEW4yRnbCToy0.mft (raw, json) Hash identifier: thWPBTG8U1GH4g4I4c2VXLRqPW6+cMq3B0/OrZl5UXk= Subject key identifier: 2E:8A:48:66:43:D4:47:0D:52:8C:18:10:24:70:78:5B:47:4C:62:B0 Authority key identifier: CF:79:C6:5F:4B:55:01:0F:B2:5C:E6:C4:5B:8C:91:9D:B0:93:A3:2D Certificate issuer: /CN=A912E87E/serialNumber=CF79C65F4B55010FB25CE6C45B8C919DB093A32D Certificate serial: 4B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3nGX0tVAQ-yXObEW4yRnbCToy0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912E87E/8428B9E6A1CF11EF878E6061C4F9AE02/z3nGX0tVAQ-yXObEW4yRnbCToy0.mft Manifest number: 49 Signing time: Sat 29 Mar 2025 06:41:16 +0000 Manifest this update: Sat 29 Mar 2025 06:41:16 +0000 Manifest next update: Sat 05 Apr 2025 06:41:16 +0000 Files and hashes: 1: z3nGX0tVAQ-yXObEW4yRnbCToy0.crl (hash: idhHJ96pCeHq705eCBWYiNYZBluLPXB+Tlr+nxxYJkU=) 2: A48892E4DE4A11EFACE66748C4F9AE02.roa (hash: pAKMszCIjt6MmJA/GOLnpRTl7JGqEZooCz2JSaSabrA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912E87E/8428B9E6A1CF11EF878E6061C4F9AE02/z3nGX0tVAQ-yXObEW4yRnbCToy0.crl rsync://rpki.apnic.net/member_repository/A912E87E/8428B9E6A1CF11EF878E6061C4F9AE02/z3nGX0tVAQ-yXObEW4yRnbCToy0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3nGX0tVAQ-yXObEW4yRnbCToy0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 05:08:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75 (0x4b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912E87E Validity Not Before: Mar 29 06:41:16 2025 GMT Not After : Apr 5 06:41:16 2025 GMT Subject: CN=67e7960c-e1cb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:fa:5d:ff:f7:1a:38:81:87:02:28:98:30:77: 7e:4f:8f:e8:ce:e5:19:4d:2e:29:6b:49:20:b9:bd: ae:50:8b:90:0c:e0:9b:01:d8:db:98:3e:fb:6a:29: 8d:43:64:68:99:1d:db:c3:39:dc:8e:8c:dd:f2:9c: 1d:46:49:18:3d:22:c7:08:01:c9:3c:48:f7:2b:2e: 26:8d:25:80:a9:6c:d6:86:4c:f0:92:26:c7:67:67: f8:db:16:e2:40:4b:80:b5:2c:a8:8b:eb:fa:55:ef: e9:df:d0:50:cc:05:20:24:95:d2:e7:c5:b1:99:a6: d0:fa:46:5e:f6:3f:03:80:27:5d:cf:7c:9e:cf:cd: ea:c2:5f:86:8d:99:02:2b:66:d2:af:e5:19:bf:db: b1:02:0a:0d:05:c5:ff:d9:96:55:4e:b7:30:28:50: f5:dc:df:dc:6e:90:aa:68:e0:b0:78:27:f9:ff:06: c5:fa:b4:6a:52:1a:f7:35:fd:d4:da:b2:f6:67:b0: 1c:ff:06:91:ba:78:6b:91:03:24:c9:ce:88:92:e4: 4d:6a:d1:3f:46:eb:b7:ca:fe:3f:a8:92:f8:4e:a2: 4a:5d:e4:e4:e0:56:ea:b7:0c:16:25:64:65:92:90: 40:45:1d:27:1d:22:91:aa:fb:0b:83:bb:b8:98:10: f4:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:8A:48:66:43:D4:47:0D:52:8C:18:10:24:70:78:5B:47:4C:62:B0 X509v3 Authority Key Identifier: keyid:CF:79:C6:5F:4B:55:01:0F:B2:5C:E6:C4:5B:8C:91:9D:B0:93:A3:2D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912E87E/8428B9E6A1CF11EF878E6061C4F9AE02/z3nGX0tVAQ-yXObEW4yRnbCToy0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3nGX0tVAQ-yXObEW4yRnbCToy0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912E87E/8428B9E6A1CF11EF878E6061C4F9AE02/z3nGX0tVAQ-yXObEW4yRnbCToy0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b6:d0:17:cf:fb:cf:8b:26:e7:eb:a0:6d:4d:4d:26:50:38:61: c1:cc:7e:7f:d4:b6:cb:b5:ff:72:03:4f:b1:90:86:0a:71:98: 83:a4:aa:61:76:2f:b4:70:32:3e:bf:47:d4:b6:77:2a:c6:e6: e3:a2:35:d8:ad:f8:f4:b4:ae:8a:94:7c:cf:c7:b1:5b:b7:f4: bd:cb:c0:e6:52:95:88:77:3f:be:89:6d:03:68:f5:2a:49:a2: 11:1b:0c:fe:a7:77:98:8b:28:dc:7e:ac:55:15:f9:ea:c2:3d: 43:56:20:2f:95:d8:12:8e:2a:9d:90:75:67:07:63:65:37:90: 56:82:f4:fb:b3:f1:6b:db:4d:ff:fa:8a:0a:90:2d:d7:1f:e9: 61:a9:bf:df:82:5e:67:b2:29:7e:9e:7e:9b:8b:20:14:e8:8d: 51:d3:4d:1d:55:b5:d5:89:9f:d5:b4:c5:8d:8c:e3:ab:95:f6: 96:4c:63:20:0e:f7:61:b2:df:94:fc:94:9a:df:d8:e7:13:96: 88:f0:d5:d7:43:f8:8e:ea:fc:48:53:4f:80:c1:3b:0f:32:88: ca:78:7b:3d:19:0f:1e:88:f4:16:7c:36:e0:65:58:8c:d2:a3: e2:00:40:79:3e:49:bc:6f:5f:49:11:10:7e:8a:66:0d:27:8e: 6f:d2:13:5e -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBSzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy RTg3RTExMC8GA1UEBRMoQ0Y3OUM2NUY0QjU1MDEwRkIyNUNFNkM0NUI4QzkxOURC MDkzQTMyRDAeFw0yNTAzMjkwNjQxMTZaFw0yNTA0MDUwNjQxMTZaMBgxFjAUBgNV BAMTDTY3ZTc5NjBjLWUxY2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCz+l3/9xo4gYcCKJgwd35Pj+jO5RlNLilrSSC5va5Qi5AM4JsB2NuYPvtqKY1D ZGiZHdvDOdyOjN3ynB1GSRg9IscIAck8SPcrLiaNJYCpbNaGTPCSJsdnZ/jbFuJA S4C1LKiL6/pV7+nf0FDMBSAkldLnxbGZptD6Rl72PwOAJ13PfJ7PzerCX4aNmQIr ZtKv5Rm/27ECCg0Fxf/ZllVOtzAoUPXc39xukKpo4LB4J/n/BsX6tGpSGvc1/dTa svZnsBz/BpG6eGuRAyTJzoiS5E1q0T9G67fK/j+okvhOokpd5OTgVuq3DBYlZGWS kEBFHScdIpGq+wuDu7iYEPQnAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQULopIZkPU Rw1SjBgQJHB4W0dMYrAwHwYDVR0jBBgwFoAUz3nGX0tVAQ+yXObEW4yRnbCToy0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJFODdFLzg0MjhCOUU2QTFD RjExRUY4NzhFNjA2MUM0RjlBRTAyL3ozbkdYMHRWQVEteVhPYkVXNHlSbmJDVG95 MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvejNuR1gwdFZBUS15WE9iRVc0eVJuYkNUb3kwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJF ODdFLzg0MjhCOUU2QTFDRjExRUY4NzhFNjA2MUM0RjlBRTAyL3ozbkdYMHRWQVEt eVhPYkVXNHlSbmJDVG95MC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBALbQF8/7z4sm5+ugbU1NJlA4YcHMfn/Utsu1/3IDT7GQhgpxmIOkqmF2 L7RwMj6/R9S2dyrG5uOiNdit+PS0roqUfM/HsVu39L3LwOZSlYh3P76JbQNo9SpJ ohEbDP6nd5iLKNx+rFUV+erCPUNWIC+V2BKOKp2QdWcHY2U3kFaC9Puz8WvbTf/6 igqQLdcf6WGpv9+CXmeyKX6efpuLIBTojVHTTR1VtdWJn9W0xY2M46uV9pZMYyAO 92Gy35T8lJrf2OcTlojw1ddD+I7q/EhTT4DBOw8yiMp4ez0ZDx6I9BZ8NuBlWIzS o+IAQHk+SbxvX0kREH6KZg0njm/SE14= -----END CERTIFICATE-----Generated at Fri Apr 4 22:20:00 2025 by rpki-client