$ rpki-client -vvf rpki.apnic.net/member_repository/A91408BE/A2C827EE410B11EAB6954A2CC4F9AE02/ZI5HI0RBcbar4W19wDDonAbwUNw.mft File: ZI5HI0RBcbar4W19wDDonAbwUNw.mft (raw, json) Hash identifier: nN7090qgmQF8Rs4cVP/hcQhGH3ElT8szyUtCHSBvKsM= Subject key identifier: 8A:DB:86:B7:51:68:75:E1:9A:F7:6C:41:EC:57:4A:F2:9E:AD:41:43 Authority key identifier: 64:8E:47:23:44:41:71:B6:AB:E1:6D:7D:C0:30:E8:9C:06:F0:50:DC Certificate issuer: /CN=A91408BE/serialNumber=648E4723444171B6ABE16D7DC030E89C06F050DC Certificate serial: 0B2B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZI5HI0RBcbar4W19wDDonAbwUNw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91408BE/A2C827EE410B11EAB6954A2CC4F9AE02/ZI5HI0RBcbar4W19wDDonAbwUNw.mft Manifest number: 0B25 Signing time: Fri 18 Jul 2025 19:25:29 +0000 Manifest this update: Fri 18 Jul 2025 19:25:29 +0000 Manifest next update: Fri 25 Jul 2025 19:25:29 +0000 Files and hashes: 1: ZI5HI0RBcbar4W19wDDonAbwUNw.crl (hash: k1cnSrgwuDhYxiqsp5ESYVLk+QbLNVD51qiULGDKXl8=) 2: 5DCB0A0C410C11EA8A6C412DC4F9AE02.roa (hash: J/8oDeRELdGOcwKCSIyZI2ucZRyx8ILa8bbFd/o79oQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91408BE/A2C827EE410B11EAB6954A2CC4F9AE02/ZI5HI0RBcbar4W19wDDonAbwUNw.crl rsync://rpki.apnic.net/member_repository/A91408BE/A2C827EE410B11EAB6954A2CC4F9AE02/ZI5HI0RBcbar4W19wDDonAbwUNw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZI5HI0RBcbar4W19wDDonAbwUNw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 19:25:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2859 (0xb2b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91408BE, serialNumber=648E4723444171B6ABE16D7DC030E89C06F050DC Validity Not Before: Jul 18 19:25:29 2025 GMT Not After : Jul 25 19:25:29 2025 GMT Subject: CN=687a9fa9-9571 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:c8:f7:ad:ed:63:9b:23:24:51:63:a5:29:64: 1b:73:14:34:6c:28:3d:0d:1a:bc:fb:59:71:0e:f8: ea:6d:96:a5:94:27:3d:9d:24:28:0e:cd:a2:ea:0a: 6b:fe:78:09:1a:b6:ad:9e:f7:55:18:0c:88:7a:74: e9:07:06:54:35:93:d6:1c:d4:5b:66:f2:29:92:60: 78:4a:64:88:dd:ef:d2:ad:cf:54:ec:e8:64:77:19: 52:cb:93:a6:80:95:d0:e1:41:3c:6f:f6:c4:c5:f6: ca:93:2b:5f:3b:76:03:62:e9:80:4f:de:79:69:78: e4:29:80:0a:41:84:d8:10:45:f6:5d:9f:8b:e3:64: 00:ac:18:42:e2:4c:45:e7:6e:8c:9f:46:fc:21:90: e9:d0:8b:15:33:a6:09:97:be:b3:a6:1f:32:d4:fe: 66:9d:84:23:36:47:d7:87:88:00:a9:e6:2e:63:05: a9:1e:af:af:b3:16:8e:83:76:00:db:7f:33:fa:d3: f9:96:3a:a2:c6:0b:d0:8a:a4:0d:65:d9:1d:bf:1e: 87:56:c2:f2:ff:93:62:8b:92:4a:67:ab:fb:0d:e7: d0:fd:1a:fa:d7:46:e3:2a:7a:ac:c7:1f:08:3a:33: 93:61:1b:35:29:c5:61:00:a0:52:ef:57:b4:d0:1a: 3b:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:DB:86:B7:51:68:75:E1:9A:F7:6C:41:EC:57:4A:F2:9E:AD:41:43 X509v3 Authority Key Identifier: keyid:64:8E:47:23:44:41:71:B6:AB:E1:6D:7D:C0:30:E8:9C:06:F0:50:DC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91408BE/A2C827EE410B11EAB6954A2CC4F9AE02/ZI5HI0RBcbar4W19wDDonAbwUNw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZI5HI0RBcbar4W19wDDonAbwUNw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91408BE/A2C827EE410B11EAB6954A2CC4F9AE02/ZI5HI0RBcbar4W19wDDonAbwUNw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 96:b6:f3:a8:c2:3a:d1:43:01:79:bf:ee:bb:e1:34:b0:4b:e0: e0:b2:9c:94:ff:01:d7:91:e8:03:f1:1e:50:bd:10:1a:5c:30: c1:7a:dd:44:7f:8d:02:8d:e3:77:81:bf:ba:58:bf:a2:b7:85: 79:c1:cd:ce:2e:3e:1c:bc:f3:48:e0:89:30:c7:ab:3e:d7:fd: cc:80:41:80:3e:ba:37:67:19:7c:4c:ac:00:aa:e6:c4:e9:2b: d8:26:d5:eb:d8:f0:f2:dc:8a:f3:39:40:54:92:1a:99:c8:0a: 5a:ea:62:c0:5a:6e:68:88:87:be:0e:cb:06:9c:a9:65:f5:4e: ae:ae:cd:ab:ed:ef:d8:96:b4:af:1b:65:b7:30:be:99:c6:4f: 16:06:83:0b:07:72:17:65:73:e0:d5:2a:e5:e9:cc:5a:e5:1f: 90:d1:1c:56:86:c8:78:cd:5f:d0:05:22:a9:89:ae:4c:e0:45: ba:f4:5d:de:fd:a5:69:41:44:d1:35:b4:3d:3e:dc:17:ea:49: b7:0e:f6:11:5c:45:f7:65:51:5f:e7:90:7b:f2:bf:0d:9d:35: f4:0e:1c:01:ad:75:cd:42:ea:0b:53:8d:c3:3e:d7:20:fa:d8: 7d:1d:81:fb:5f:58:d9:c8:4d:a8:b9:54:d7:cf:24:e3:bd:e8: d0:b6:b1:9e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCyswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDA4QkUxMTAvBgNVBAUTKDY0OEU0NzIzNDQ0MTcxQjZBQkUxNkQ3REMwMzBFODlD MDZGMDUwREMwHhcNMjUwNzE4MTkyNTI5WhcNMjUwNzI1MTkyNTI5WjAYMRYwFAYD VQQDEw02ODdhOWZhOS05NTcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxMj3re1jmyMkUWOlKWQbcxQ0bCg9DRq8+1lxDvjqbZallCc9nSQoDs2i6gpr /ngJGratnvdVGAyIenTpBwZUNZPWHNRbZvIpkmB4SmSI3e/Src9U7OhkdxlSy5Om gJXQ4UE8b/bExfbKkytfO3YDYumAT955aXjkKYAKQYTYEEX2XZ+L42QArBhC4kxF 526Mn0b8IZDp0IsVM6YJl76zph8y1P5mnYQjNkfXh4gAqeYuYwWpHq+vsxaOg3YA 238z+tP5ljqixgvQiqQNZdkdvx6HVsLy/5Nii5JKZ6v7DefQ/Rr610bjKnqsxx8I OjOTYRs1KcVhAKBS71e00Bo7jwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIrbhrdR aHXhmvdsQexXSvKerUFDMB8GA1UdIwQYMBaAFGSORyNEQXG2q+FtfcAw6JwG8FDc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDhCRS9BMkM4MjdFRTQx MEIxMUVBQjY5NTRBMkNDNEY5QUUwMi9aSTVISTBSQmNiYXI0VzE5d0REb25BYndV TncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1pJNUhJMFJCY2JhcjRXMTl3RERvbkFid1VOdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 MDhCRS9BMkM4MjdFRTQxMEIxMUVBQjY5NTRBMkNDNEY5QUUwMi9aSTVISTBSQmNi YXI0VzE5d0REb25BYndVTncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCWtvOowjrRQwF5v+674TSwS+DgspyU/wHXkegD8R5QvRAaXDDBet1E f40CjeN3gb+6WL+it4V5wc3OLj4cvPNI4Ikwx6s+1/3MgEGAPro3Zxl8TKwAqubE 6SvYJtXr2PDy3IrzOUBUkhqZyApa6mLAWm5oiIe+DssGnKll9U6urs2r7e/YlrSv G2W3ML6Zxk8WBoMLB3IXZXPg1Srl6cxa5R+Q0RxWhsh4zV/QBSKpia5M4EW69F3e /aVpQUTRNbQ9PtwX6km3DvYRXEX3ZVFf55B78r8NnTX0DhwBrXXNQuoLU43DPtcg +th9HYH7X1jZyE2ouVTXzyTjvejQtrGe -----END CERTIFICATE-----Generated at Sun Jul 20 07:49:43 2025 by rpki-client