$ rpki-client -vvf rpki.apnic.net/member_repository/A917DCDA/192E71F61D9011E2B295ABEF08B02CD2/ZwbZhOcxaBICGI0pntNfAFsBdYA.mft File: ZwbZhOcxaBICGI0pntNfAFsBdYA.mft (raw, json) Hash identifier: Q/qKFpMf1/Tbk3h79O+PZBIn0b1cG5H2hTWt4JbscXk= Subject key identifier: 2E:8A:EE:75:8C:6C:95:35:24:81:12:C9:E6:10:70:BA:51:2D:9D:C7 Authority key identifier: 67:06:D9:84:E7:31:68:12:02:18:8D:29:9E:D3:5F:00:5B:01:75:80 Certificate issuer: /CN=A917DCDA/serialNumber=6706D984E731681202188D299ED35F005B017580 Certificate serial: 3470 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZwbZhOcxaBICGI0pntNfAFsBdYA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917DCDA/192E71F61D9011E2B295ABEF08B02CD2/ZwbZhOcxaBICGI0pntNfAFsBdYA.mft Manifest number: 3470 Signing time: Sun 20 Apr 2025 14:40:40 +0000 Manifest this update: Sun 20 Apr 2025 14:40:40 +0000 Manifest next update: Sun 27 Apr 2025 14:40:40 +0000 Files and hashes: 1: ZwbZhOcxaBICGI0pntNfAFsBdYA.crl (hash: JEznwoKQOYijNtRgpgwMGH7ClIoU1mV2BaG8WmICP2o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917DCDA/192E71F61D9011E2B295ABEF08B02CD2/ZwbZhOcxaBICGI0pntNfAFsBdYA.crl rsync://rpki.apnic.net/member_repository/A917DCDA/192E71F61D9011E2B295ABEF08B02CD2/ZwbZhOcxaBICGI0pntNfAFsBdYA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZwbZhOcxaBICGI0pntNfAFsBdYA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 14:40:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13424 (0x3470) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917DCDA, serialNumber=6706D984E731681202188D299ED35F005B017580 Validity Not Before: Apr 20 14:40:40 2025 GMT Not After : Apr 27 14:40:40 2025 GMT Subject: CN=68050768-c7f7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:f0:38:34:10:70:9c:fa:2c:de:c0:07:00:56: f0:cb:3f:04:59:1e:7a:53:3d:b2:d2:f0:df:4b:7e: 46:45:a9:c5:53:02:75:c0:10:eb:08:2d:a6:5c:32: 9c:7e:83:f6:8a:80:98:c6:b9:fe:48:d2:99:26:ff: 36:be:76:46:50:d8:52:c6:b9:5a:ab:fa:4f:8a:0c: 7b:bf:9f:28:6c:b6:64:04:8b:70:45:7d:0e:58:b0: c1:13:b2:f7:22:22:34:78:5c:a0:87:d0:77:52:3c: 7d:03:69:53:b9:b4:59:08:dc:23:cc:4c:b9:3b:2d: d3:0c:cd:61:03:a5:19:1b:95:2e:67:13:d1:93:fc: 53:c8:00:07:f7:46:b9:3d:29:68:99:53:1a:e5:b3: 62:5e:eb:53:40:8e:7a:35:38:a9:0a:2b:0b:fe:ff: 81:83:22:7d:00:fe:58:1c:6e:55:30:b6:16:19:bd: 2f:97:be:b2:03:2b:cd:5c:7e:85:fb:f0:1d:64:10: ee:93:3b:82:d7:f6:a6:7d:2c:dc:b7:30:c8:5e:74: 76:9c:b7:ac:6d:95:7c:6b:e0:a5:be:1e:d0:f3:f6: 8b:94:fd:63:d7:54:4f:e1:3d:0e:20:4b:24:85:51: 60:3d:e6:94:60:58:3b:dc:7f:34:b0:34:3f:be:1b: 99:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:8A:EE:75:8C:6C:95:35:24:81:12:C9:E6:10:70:BA:51:2D:9D:C7 X509v3 Authority Key Identifier: keyid:67:06:D9:84:E7:31:68:12:02:18:8D:29:9E:D3:5F:00:5B:01:75:80 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917DCDA/192E71F61D9011E2B295ABEF08B02CD2/ZwbZhOcxaBICGI0pntNfAFsBdYA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZwbZhOcxaBICGI0pntNfAFsBdYA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DCDA/192E71F61D9011E2B295ABEF08B02CD2/ZwbZhOcxaBICGI0pntNfAFsBdYA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8e:f9:cc:69:19:35:2d:30:c1:32:41:ea:3f:ad:56:03:d2:5b: 48:fe:12:67:aa:e9:27:92:6f:fd:c1:be:f4:ee:27:91:7e:5b: c3:dc:6a:ef:d9:fc:b6:a9:25:00:fe:2f:19:9e:a5:1d:99:54: 82:26:53:d3:93:30:9f:e7:ad:05:06:c2:02:fd:17:83:90:7a: 53:c4:e4:8b:5e:8e:49:da:ff:18:c3:9a:51:7f:c8:e7:2b:98: e8:63:30:e3:86:9c:68:09:8f:0f:5b:53:02:2d:f8:76:f2:a3: 03:7f:c3:85:c4:8d:a0:85:4c:ae:43:03:36:ee:ec:e5:7f:85: d1:b5:c8:c1:26:e2:0a:f6:6a:29:be:06:30:75:35:7b:b1:7d: 41:de:34:70:d9:6e:ce:7e:6f:b1:7c:65:d4:c4:ed:aa:40:a6: 7d:dc:b7:95:9b:dc:9a:5c:68:96:71:99:8d:c1:2d:b9:84:ec: 16:b0:10:f6:c2:60:dc:98:be:cd:0a:d4:bc:3d:c9:e1:87:d5: be:3c:25:ed:90:f2:98:d8:f9:c9:58:47:4a:f3:f9:f3:89:b0: fc:96:0b:b4:2a:ad:b5:75:99:d9:97:ce:8a:40:9c:af:c3:ec: ac:64:7a:91:be:05:8b:5a:cc:02:4b:39:9a:08:f8:b9:5f:b9: ef:52:79:09 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNHAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0RDREExMTAvBgNVBAUTKDY3MDZEOTg0RTczMTY4MTIwMjE4OEQyOTlFRDM1RjAw NUIwMTc1ODAwHhcNMjUwNDIwMTQ0MDQwWhcNMjUwNDI3MTQ0MDQwWjAYMRYwFAYD VQQDEw02ODA1MDc2OC1jN2Y3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApfA4NBBwnPos3sAHAFbwyz8EWR56Uz2y0vDfS35GRanFUwJ1wBDrCC2mXDKc foP2ioCYxrn+SNKZJv82vnZGUNhSxrlaq/pPigx7v58obLZkBItwRX0OWLDBE7L3 IiI0eFygh9B3Ujx9A2lTubRZCNwjzEy5Oy3TDM1hA6UZG5UuZxPRk/xTyAAH90a5 PSlomVMa5bNiXutTQI56NTipCisL/v+BgyJ9AP5YHG5VMLYWGb0vl76yAyvNXH6F +/AdZBDukzuC1/amfSzctzDIXnR2nLesbZV8a+Clvh7Q8/aLlP1j11RP4T0OIEsk hVFgPeaUYFg73H80sDQ/vhuZnwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC6K7nWM bJU1JIESyeYQcLpRLZ3HMB8GA1UdIwQYMBaAFGcG2YTnMWgSAhiNKZ7TXwBbAXWA MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RENEQS8xOTJFNzFGNjFE OTAxMUUyQjI5NUFCRUYwOEIwMkNEMi9ad2JaaE9jeGFCSUNHSTBwbnROZkFGc0Jk WUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1p3YlpoT2N4YUJJQ0dJMHBudE5mQUZzQmRZQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RENEQS8xOTJFNzFGNjFEOTAxMUUyQjI5NUFCRUYwOEIwMkNEMi9ad2JaaE9jeGFC SUNHSTBwbnROZkFGc0JkWUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCO+cxpGTUtMMEyQeo/rVYD0ltI/hJnquknkm/9wb707ieRflvD3Grv 2fy2qSUA/i8ZnqUdmVSCJlPTkzCf560FBsIC/ReDkHpTxOSLXo5J2v8Yw5pRf8jn K5joYzDjhpxoCY8PW1MCLfh28qMDf8OFxI2ghUyuQwM27uzlf4XRtcjBJuIK9mop vgYwdTV7sX1B3jRw2W7Ofm+xfGXUxO2qQKZ93LeVm9yaXGiWcZmNwS25hOwWsBD2 wmDcmL7NCtS8Pcnhh9W+PCXtkPKY2PnJWEdK8/nzibD8lgu0Kq21dZnZl86KQJyv w+ysZHqRvgWLWswCSzmaCPi5X7nvUnkJ -----END CERTIFICATE-----Generated at Mon Apr 21 03:44:02 2025 by rpki-client