$ rpki-client -vvf rpki.apnic.net/member_repository/A9154D26/C00D9726413B11ECB06AE030C4F9AE02/zaA_ZfTTOjOZaZc_apvQfa-eNyQ.mft File: zaA_ZfTTOjOZaZc_apvQfa-eNyQ.mft (raw, json) Hash identifier: JU1Bm727J7VUeXfeMBc09XW/Rryo7b43MwZ1VoQgFeI= Subject key identifier: 8F:83:5E:A8:E7:8F:52:5D:9F:2B:CE:7C:60:05:F9:33:29:B6:C6:A2 Authority key identifier: CD:A0:3F:65:F4:D3:3A:33:99:69:97:3F:6A:9B:D0:7D:AF:9E:37:24 Certificate issuer: /CN=A9154D26/serialNumber=CDA03F65F4D33A339969973F6A9BD07DAF9E3724 Certificate serial: 0476 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zaA_ZfTTOjOZaZc_apvQfa-eNyQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9154D26/C00D9726413B11ECB06AE030C4F9AE02/zaA_ZfTTOjOZaZc_apvQfa-eNyQ.mft Manifest number: 0469 Signing time: Sat 29 Mar 2025 00:24:44 +0000 Manifest this update: Sat 29 Mar 2025 00:24:44 +0000 Manifest next update: Sat 05 Apr 2025 00:24:44 +0000 Files and hashes: 1: zaA_ZfTTOjOZaZc_apvQfa-eNyQ.crl (hash: gJvm2lK3LhYSHF4zJBQXhXxolE4kY4DLFDSlxKRsawg=) 2: AA5485827F3611ECBED94963C4F9AE02.roa (hash: L7q5MhSYBL7XAFYcbCU7483l92C9DWVyV5PtuFnvCCo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9154D26/C00D9726413B11ECB06AE030C4F9AE02/zaA_ZfTTOjOZaZc_apvQfa-eNyQ.crl rsync://rpki.apnic.net/member_repository/A9154D26/C00D9726413B11ECB06AE030C4F9AE02/zaA_ZfTTOjOZaZc_apvQfa-eNyQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zaA_ZfTTOjOZaZc_apvQfa-eNyQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 00:24:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1142 (0x476) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9154D26 Validity Not Before: Mar 29 00:24:44 2025 GMT Not After : Apr 5 00:24:44 2025 GMT Subject: CN=67e73dcc-6e56 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:0b:a7:c9:3b:b9:a6:71:b0:d3:80:9f:10:39: 96:94:69:d2:1c:f1:d3:e7:02:a9:54:38:c5:d9:ca: fe:64:8a:e1:ef:ba:00:9c:9a:41:98:f2:ba:62:c1: c9:78:37:e9:e3:ff:12:16:b3:00:40:f4:02:f4:54: 1d:60:bf:3f:50:65:55:07:de:dd:fd:f4:da:07:15: 89:d2:5f:c3:74:d1:f4:f2:e9:f9:f1:a7:0d:85:af: 84:fb:f1:73:42:c5:df:29:3c:31:b0:d0:64:26:fa: 28:b7:cb:dd:2e:2b:9f:55:4b:47:77:e9:80:8d:6b: 92:7d:a9:a1:42:4e:40:df:96:12:ed:3f:79:4d:0d: 4c:c7:89:0f:04:f6:16:f6:86:fb:be:6a:7b:c5:3b: 58:a1:fa:aa:1f:d3:2d:db:6d:89:61:7a:73:04:f4: 9f:2a:1a:3e:ca:ee:de:a4:dd:45:0c:77:b8:61:95: 35:16:8a:ef:ae:81:d6:61:4c:ea:86:64:69:46:22: d9:49:e9:f5:45:10:15:16:62:7f:5d:40:de:b2:af: 71:75:2c:26:71:8c:75:21:cd:17:ba:62:ba:fe:26: a7:6f:d3:73:77:d1:c4:af:8a:e6:73:2d:59:08:e5: da:01:24:70:ec:7d:1d:df:92:78:a0:b4:2a:92:56: 28:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:83:5E:A8:E7:8F:52:5D:9F:2B:CE:7C:60:05:F9:33:29:B6:C6:A2 X509v3 Authority Key Identifier: keyid:CD:A0:3F:65:F4:D3:3A:33:99:69:97:3F:6A:9B:D0:7D:AF:9E:37:24 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9154D26/C00D9726413B11ECB06AE030C4F9AE02/zaA_ZfTTOjOZaZc_apvQfa-eNyQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zaA_ZfTTOjOZaZc_apvQfa-eNyQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9154D26/C00D9726413B11ECB06AE030C4F9AE02/zaA_ZfTTOjOZaZc_apvQfa-eNyQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 92:1b:11:77:66:40:d8:98:63:5d:e1:fc:a4:ed:1b:06:bc:05: d2:f5:ff:ad:d6:63:63:5c:12:04:b2:76:06:8d:ce:5c:da:13: 7a:af:f1:32:d1:76:ff:51:79:50:de:3d:3d:2b:6f:b4:26:0e: 60:d7:72:c6:dc:3f:d5:93:4a:9c:a2:70:4c:34:3a:cb:dc:ce: 2a:40:8f:24:7b:8d:a9:8d:dd:fa:ef:2a:ce:d6:b4:98:f0:b1: 10:b7:9e:fa:41:87:23:58:ef:54:30:e0:49:87:f8:b1:ba:48: f7:7a:01:16:38:40:a9:46:a7:1a:9e:70:40:05:67:af:b9:5f: a7:43:51:e0:8d:d0:24:ca:7b:b8:68:41:6c:1b:20:da:4b:e4: 9c:6c:31:cc:f4:7e:3c:a8:3d:0e:51:e2:31:93:8a:0f:f5:31: 06:a6:fa:fd:91:2e:56:1c:c5:fc:b5:01:e3:1e:19:be:29:b1: eb:2a:9f:f1:4d:d4:fb:2c:15:89:ea:29:99:24:50:bb:c7:cd: d0:8b:8d:5c:1a:c2:41:dc:aa:e8:43:aa:72:0d:f1:18:46:85: 72:7b:ec:ec:2c:a2:75:cc:a3:9b:d1:6e:d4:d3:ad:1a:52:7d: 6a:a9:1b:59:64:ad:b2:f4:79:5d:ce:b8:cc:44:5c:dc:68:60: ef:4a:06:02 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBHYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTREMjYxMTAvBgNVBAUTKENEQTAzRjY1RjREMzNBMzM5OTY5OTczRjZBOUJEMDdE QUY5RTM3MjQwHhcNMjUwMzI5MDAyNDQ0WhcNMjUwNDA1MDAyNDQ0WjAYMRYwFAYD VQQDEw02N2U3M2RjYy02ZTU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3AunyTu5pnGw04CfEDmWlGnSHPHT5wKpVDjF2cr+ZIrh77oAnJpBmPK6YsHJ eDfp4/8SFrMAQPQC9FQdYL8/UGVVB97d/fTaBxWJ0l/DdNH08un58acNha+E+/Fz QsXfKTwxsNBkJvoot8vdLiufVUtHd+mAjWuSfamhQk5A35YS7T95TQ1Mx4kPBPYW 9ob7vmp7xTtYofqqH9Mt222JYXpzBPSfKho+yu7epN1FDHe4YZU1ForvroHWYUzq hmRpRiLZSen1RRAVFmJ/XUDesq9xdSwmcYx1Ic0XumK6/ianb9Nzd9HEr4rmcy1Z COXaASRw7H0d35J4oLQqklYoXwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFI+DXqjn j1JdnyvOfGAF+TMptsaiMB8GA1UdIwQYMBaAFM2gP2X00zozmWmXP2qb0H2vnjck MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NEQyNi9DMDBEOTcyNjQx M0IxMUVDQjA2QUUwMzBDNEY5QUUwMi96YUFfWmZUVE9qT1phWmNfYXB2UWZhLWVO eVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3phQV9aZlRUT2pPWmFaY19hcHZRZmEtZU55US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 NEQyNi9DMDBEOTcyNjQxM0IxMUVDQjA2QUUwMzBDNEY5QUUwMi96YUFfWmZUVE9q T1phWmNfYXB2UWZhLWVOeVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCSGxF3ZkDYmGNd4fyk7RsGvAXS9f+t1mNjXBIEsnYGjc5c2hN6r/Ey 0Xb/UXlQ3j09K2+0Jg5g13LG3D/Vk0qconBMNDrL3M4qQI8ke42pjd367yrO1rSY 8LEQt576QYcjWO9UMOBJh/ixukj3egEWOECpRqcannBABWevuV+nQ1HgjdAkynu4 aEFsGyDaS+ScbDHM9H48qD0OUeIxk4oP9TEGpvr9kS5WHMX8tQHjHhm+KbHrKp/x TdT7LBWJ6imZJFC7x83Qi41cGsJB3KroQ6pyDfEYRoVye+zsLKJ1zKOb0W7U060a Un1qqRtZZK2y9HldzrjMRFzcaGDvSgYC -----END CERTIFICATE-----Generated at Fri Apr 4 22:00:38 2025 by rpki-client