$ rpki-client -vvf rpki.apnic.net/member_repository/A91BBD7E/1AED09C40A8A11EE93E1A770C4F9AE02/ZT8sa3lWu2FFCbjxXB8dwzmCGL0.mft File: ZT8sa3lWu2FFCbjxXB8dwzmCGL0.mft (raw, json) Hash identifier: bhhIO3ImIn5Tp1UONzX3jm58bHZjFdAXknqijwdwoLY= Subject key identifier: E5:D7:5E:9A:44:1C:9C:6D:7E:FF:45:38:36:89:91:C3:5C:D8:F1:74 Authority key identifier: 65:3F:2C:6B:79:56:BB:61:45:09:B8:F1:5C:1F:1D:C3:39:82:18:BD Certificate issuer: /CN=A91BBD7E/serialNumber=653F2C6B7956BB614509B8F15C1F1DC3398218BD Certificate serial: 0161 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZT8sa3lWu2FFCbjxXB8dwzmCGL0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BBD7E/1AED09C40A8A11EE93E1A770C4F9AE02/ZT8sa3lWu2FFCbjxXB8dwzmCGL0.mft Manifest number: 015B Signing time: Fri 11 Apr 2025 03:23:28 +0000 Manifest this update: Fri 11 Apr 2025 03:23:27 +0000 Manifest next update: Fri 18 Apr 2025 03:23:27 +0000 Files and hashes: 1: ZT8sa3lWu2FFCbjxXB8dwzmCGL0.crl (hash: OumsyJ1MbfJw/zagcw+UOFqQG6wFw8yFn2ib+IZjsWY=) 2: B356B436102911EE834FA76EC4F9AE02.roa (hash: Qe0/BiT1tYA4h/l62j0BMeHxIJuUAO9bXjTbXA245ns=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BBD7E/1AED09C40A8A11EE93E1A770C4F9AE02/ZT8sa3lWu2FFCbjxXB8dwzmCGL0.crl rsync://rpki.apnic.net/member_repository/A91BBD7E/1AED09C40A8A11EE93E1A770C4F9AE02/ZT8sa3lWu2FFCbjxXB8dwzmCGL0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZT8sa3lWu2FFCbjxXB8dwzmCGL0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 18 Apr 2025 03:23:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 353 (0x161) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BBD7E, serialNumber=653F2C6B7956BB614509B8F15C1F1DC3398218BD Validity Not Before: Apr 11 03:23:27 2025 GMT Not After : Apr 18 03:23:27 2025 GMT Subject: CN=67f88b30-9340 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:35:46:2f:df:ee:f1:4d:e1:38:e4:87:41:f5: a9:9b:72:62:dd:2d:f0:30:f0:13:8f:92:c5:92:9d: bd:d1:92:6e:0b:20:26:4d:a6:22:1d:8c:56:6b:95: 9d:ca:4f:04:6e:b9:b9:74:ca:68:53:63:c2:6f:16: 60:73:85:af:3a:72:92:e8:e0:4f:c8:6b:10:3b:6f: 18:f1:88:31:51:44:00:2f:53:10:8e:d5:76:fb:aa: 5f:13:0a:05:6a:c1:dc:e3:c4:cd:66:95:1b:89:a3: b1:fd:10:3c:63:ff:f8:7b:8d:96:41:de:84:1e:d1: 41:c2:49:9e:40:30:39:28:2e:c3:49:d1:ef:14:ec: b1:38:6d:ba:37:60:08:75:3c:96:12:01:e3:7f:bb: e9:c6:d9:29:c1:27:21:47:7a:7f:54:28:88:8f:01: 24:78:57:16:46:17:71:5e:a9:69:51:10:32:76:fa: 6a:f4:ea:ef:b3:3c:7e:13:c5:76:e5:f4:f7:81:9f: 0a:80:f3:b6:27:ed:75:b5:07:72:99:bc:7c:46:b2: 62:54:f5:b8:d5:f5:38:d5:eb:d9:12:09:b2:4b:7d: 2b:94:a1:72:23:3a:e0:48:68:40:af:dd:9e:a4:24: 78:67:55:37:a0:d8:22:e2:5f:99:09:62:83:2a:63: 8c:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:D7:5E:9A:44:1C:9C:6D:7E:FF:45:38:36:89:91:C3:5C:D8:F1:74 X509v3 Authority Key Identifier: keyid:65:3F:2C:6B:79:56:BB:61:45:09:B8:F1:5C:1F:1D:C3:39:82:18:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BBD7E/1AED09C40A8A11EE93E1A770C4F9AE02/ZT8sa3lWu2FFCbjxXB8dwzmCGL0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZT8sa3lWu2FFCbjxXB8dwzmCGL0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BBD7E/1AED09C40A8A11EE93E1A770C4F9AE02/ZT8sa3lWu2FFCbjxXB8dwzmCGL0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 38:04:a1:c2:18:b5:0f:fe:84:4b:84:12:50:91:d1:af:2a:aa: 2c:8e:7a:17:a9:46:73:82:4f:7a:91:38:a1:00:f5:75:c2:d7: 24:fa:7f:c3:e8:d0:e1:83:63:37:5d:35:06:eb:8a:e7:c3:fb: f5:aa:2f:fc:52:c8:81:44:b9:a2:cb:28:0d:f3:0e:4c:00:69: f5:4b:a0:ce:a0:b5:e1:9a:a6:1c:22:62:db:c9:02:9a:a1:f4: 6d:37:49:55:bd:2d:0e:62:4f:57:73:91:91:a4:e5:cc:06:e4: 1c:0f:10:fa:13:29:95:03:d8:af:21:1a:52:b2:a0:df:07:e0: 99:1c:4a:72:98:6c:7e:f8:c2:6c:0e:a9:4c:63:8c:50:db:17: 2a:15:21:65:07:d4:dc:fb:55:2a:72:16:e3:43:ca:0f:ca:1f: 8e:3d:32:f2:b3:85:1a:23:62:68:75:f6:53:1f:cd:c7:cf:e8: b2:f7:60:7f:55:78:57:96:d3:81:b0:9d:e8:09:bb:a0:9c:fc: 2d:c0:af:68:20:32:db:69:59:27:86:9b:99:f2:b0:c2:39:f3: 6e:87:12:42:42:87:93:d2:07:a7:b8:38:2b:e0:69:5a:df:80: d1:2f:c2:c7:e2:46:a3:45:04:66:75:ab:2a:37:19:31:ae:67: ea:ee:36:43 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAWEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkJEN0UxMTAvBgNVBAUTKDY1M0YyQzZCNzk1NkJCNjE0NTA5QjhGMTVDMUYxREMz Mzk4MjE4QkQwHhcNMjUwNDExMDMyMzI3WhcNMjUwNDE4MDMyMzI3WjAYMRYwFAYD VQQDEw02N2Y4OGIzMC05MzQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1jVGL9/u8U3hOOSHQfWpm3Ji3S3wMPATj5LFkp290ZJuCyAmTaYiHYxWa5Wd yk8Ebrm5dMpoU2PCbxZgc4WvOnKS6OBPyGsQO28Y8YgxUUQAL1MQjtV2+6pfEwoF asHc48TNZpUbiaOx/RA8Y//4e42WQd6EHtFBwkmeQDA5KC7DSdHvFOyxOG26N2AI dTyWEgHjf7vpxtkpwSchR3p/VCiIjwEkeFcWRhdxXqlpURAydvpq9Orvszx+E8V2 5fT3gZ8KgPO2J+11tQdymbx8RrJiVPW41fU41evZEgmyS30rlKFyIzrgSGhAr92e pCR4Z1U3oNgi4l+ZCWKDKmOM0wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOXXXppE HJxtfv9FODaJkcNc2PF0MB8GA1UdIwQYMBaAFGU/LGt5VrthRQm48VwfHcM5ghi9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQkQ3RS8xQUVEMDlDNDBB OEExMUVFOTNFMUE3NzBDNEY5QUUwMi9aVDhzYTNsV3UyRkZDYmp4WEI4ZHd6bUNH TDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1pUOHNhM2xXdTJGRkNianhYQjhkd3ptQ0dMMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QkQ3RS8xQUVEMDlDNDBBOEExMUVFOTNFMUE3NzBDNEY5QUUwMi9aVDhzYTNsV3Uy RkZDYmp4WEI4ZHd6bUNHTDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA4BKHCGLUP/oRLhBJQkdGvKqosjnoXqUZzgk96kTihAPV1wtck+n/D 6NDhg2M3XTUG64rnw/v1qi/8UsiBRLmiyygN8w5MAGn1S6DOoLXhmqYcImLbyQKa ofRtN0lVvS0OYk9Xc5GRpOXMBuQcDxD6EymVA9ivIRpSsqDfB+CZHEpymGx++MJs DqlMY4xQ2xcqFSFlB9Tc+1UqchbjQ8oPyh+OPTLys4UaI2JodfZTH83Hz+iy92B/ VXhXltOBsJ3oCbugnPwtwK9oIDLbaVknhpuZ8rDCOfNuhxJCQoeT0genuDgr4Gla 34DRL8LH4kajRQRmdasqNxkxrmfq7jZD -----END CERTIFICATE-----Generated at Sat Apr 12 17:26:53 2025 by rpki-client