$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE978/5DB555AAB8DA11EEBC4BEC2DC4F9AE02/RZTy7BffVsPQZUDzZtKvEYsxfx4.mft File: RZTy7BffVsPQZUDzZtKvEYsxfx4.mft (raw, json) Hash identifier: bIUYvQHHhV4vDigf/bARbC1opEJwJPky4XSthGWLDE0= Subject key identifier: C2:74:6D:32:6D:27:D8:01:A7:17:F0:14:D6:F8:2D:AA:E6:4F:EC:E5 Authority key identifier: 45:94:F2:EC:17:DF:56:C3:D0:65:40:F3:66:D2:AF:11:8B:31:7F:1E Certificate issuer: /CN=A91CE978/serialNumber=4594F2EC17DF56C3D06540F366D2AF118B317F1E Certificate serial: F1 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RZTy7BffVsPQZUDzZtKvEYsxfx4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE978/5DB555AAB8DA11EEBC4BEC2DC4F9AE02/RZTy7BffVsPQZUDzZtKvEYsxfx4.mft Manifest number: EE Signing time: Wed 16 Apr 2025 14:53:10 +0000 Manifest this update: Wed 16 Apr 2025 14:53:09 +0000 Manifest next update: Wed 23 Apr 2025 14:53:09 +0000 Files and hashes: 1: RZTy7BffVsPQZUDzZtKvEYsxfx4.crl (hash: VxsWIqotGOWRPir1CyGI4RUDHlr6KziLmtUviTVNL68=) 2: 30EAE110B9AD11EE83063243C4F9AE02.roa (hash: /mgu4P2twSDACdGUYPekQQEcvJH+CFlbuOsPxwdYvXg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE978/5DB555AAB8DA11EEBC4BEC2DC4F9AE02/RZTy7BffVsPQZUDzZtKvEYsxfx4.crl rsync://rpki.apnic.net/member_repository/A91CE978/5DB555AAB8DA11EEBC4BEC2DC4F9AE02/RZTy7BffVsPQZUDzZtKvEYsxfx4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RZTy7BffVsPQZUDzZtKvEYsxfx4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 23 Apr 2025 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 241 (0xf1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE978, serialNumber=4594F2EC17DF56C3D06540F366D2AF118B317F1E Validity Not Before: Apr 16 14:53:09 2025 GMT Not After : Apr 23 14:53:09 2025 GMT Subject: CN=67ffc456-53f3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:0b:be:1d:db:12:f1:e9:56:32:f8:8a:f2:84: 14:07:b1:d2:49:dc:64:43:48:e2:fe:0d:4f:4a:19: 28:46:a0:1d:58:f2:18:19:35:70:3b:e9:84:39:4a: e7:3c:61:67:17:20:10:10:b4:3c:3f:8b:b9:a4:db: 7f:44:4c:7c:a7:17:d1:c9:35:15:92:15:3a:26:88: 81:ff:c3:83:62:ac:6b:6c:19:9d:3c:1e:b3:65:2a: 81:33:6c:ba:d0:df:26:57:84:b8:40:8c:64:e6:93: cb:2d:26:2d:09:0c:10:00:5f:57:b5:f4:bd:53:fc: 75:40:46:5c:74:85:d4:c4:04:1d:31:d9:54:1e:95: 3e:2f:4c:fd:aa:9c:ca:fd:52:d7:92:b0:1b:1d:83: 22:88:f1:73:c8:b9:81:be:9a:7a:4d:9f:e1:aa:6b: 71:37:4f:cd:e5:6a:fd:5e:88:60:2b:2c:d1:4d:c5: e9:19:c5:b7:28:a1:f5:f8:84:55:1b:63:04:d5:52: 38:a1:66:c7:6a:35:3a:f2:74:4f:55:9a:8e:6b:35: bc:14:95:ec:90:c0:a8:37:c5:01:46:99:81:f1:9d: 32:10:83:e6:68:22:ca:95:ca:4d:6d:bc:da:be:28: 96:83:fb:fa:65:0b:15:89:1e:26:b8:4a:82:dd:a7: fe:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:74:6D:32:6D:27:D8:01:A7:17:F0:14:D6:F8:2D:AA:E6:4F:EC:E5 X509v3 Authority Key Identifier: keyid:45:94:F2:EC:17:DF:56:C3:D0:65:40:F3:66:D2:AF:11:8B:31:7F:1E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE978/5DB555AAB8DA11EEBC4BEC2DC4F9AE02/RZTy7BffVsPQZUDzZtKvEYsxfx4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RZTy7BffVsPQZUDzZtKvEYsxfx4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE978/5DB555AAB8DA11EEBC4BEC2DC4F9AE02/RZTy7BffVsPQZUDzZtKvEYsxfx4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 71:67:90:55:d9:18:5b:09:18:38:11:77:73:07:f0:81:9d:22: 0e:06:12:92:d9:d8:be:da:d0:4d:9d:02:16:0a:3c:b5:88:6a: 2d:fc:3c:2a:36:f6:7f:1a:82:b6:bc:a3:46:f6:2f:d8:53:b7: 93:b8:38:ef:10:9a:9e:1f:51:53:78:09:36:a7:94:e4:8d:53: 67:f7:8b:6a:34:80:59:4f:fb:de:07:58:85:5f:9d:6a:1d:2d: c7:64:81:b0:96:ee:ed:76:70:11:0b:75:78:9c:7e:6c:a2:35: 8c:fb:9f:53:95:1c:99:85:c2:9c:4b:12:47:14:b1:6a:07:8e: cd:08:57:42:77:ad:fe:b1:a7:f5:fe:7c:b7:09:bc:f9:1c:d2: 54:89:7a:9c:17:3f:99:2a:58:df:50:5c:a4:60:c0:fc:4c:69: da:4d:25:63:29:50:76:55:7e:6a:17:b4:ef:5b:12:e2:e4:87: 28:9c:be:80:81:71:8f:d1:55:77:e3:2b:7a:70:72:92:d1:f6: 20:73:c6:ac:d0:60:7c:8d:db:f9:03:f3:aa:f3:0e:42:35:dc: 34:57:7c:b5:96:5f:21:67:40:cc:14:a8:de:4d:9b:42:a6:7c: 61:22:dd:4a:8b:6d:5c:b0:ec:19:25:f6:6d:e5:90:40:f1:5f: 62:cc:cd:de -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAPEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0U5NzgxMTAvBgNVBAUTKDQ1OTRGMkVDMTdERjU2QzNEMDY1NDBGMzY2RDJBRjEx OEIzMTdGMUUwHhcNMjUwNDE2MTQ1MzA5WhcNMjUwNDIzMTQ1MzA5WjAYMRYwFAYD VQQDEw02N2ZmYzQ1Ni01M2YzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtQu+HdsS8elWMviK8oQUB7HSSdxkQ0ji/g1PShkoRqAdWPIYGTVwO+mEOUrn PGFnFyAQELQ8P4u5pNt/REx8pxfRyTUVkhU6JoiB/8ODYqxrbBmdPB6zZSqBM2y6 0N8mV4S4QIxk5pPLLSYtCQwQAF9XtfS9U/x1QEZcdIXUxAQdMdlUHpU+L0z9qpzK /VLXkrAbHYMiiPFzyLmBvpp6TZ/hqmtxN0/N5Wr9XohgKyzRTcXpGcW3KKH1+IRV G2ME1VI4oWbHajU68nRPVZqOazW8FJXskMCoN8UBRpmB8Z0yEIPmaCLKlcpNbbza viiWg/v6ZQsViR4muEqC3af+ewIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMJ0bTJt J9gBpxfwFNb4LarmT+zlMB8GA1UdIwQYMBaAFEWU8uwX31bD0GVA82bSrxGLMX8e MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTk3OC81REI1NTVBQUI4 REExMUVFQkM0QkVDMkRDNEY5QUUwMi9SWlR5N0JmZlZzUFFaVUR6WnRLdkVZc3hm eDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1JaVHk3QmZmVnNQUVpVRHpadEt2RVlzeGZ4NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RTk3OC81REI1NTVBQUI4REExMUVFQkM0QkVDMkRDNEY5QUUwMi9SWlR5N0JmZlZz UFFaVUR6WnRLdkVZc3hmeDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBxZ5BV2RhbCRg4EXdzB/CBnSIOBhKS2di+2tBNnQIWCjy1iGot/Dwq NvZ/GoK2vKNG9i/YU7eTuDjvEJqeH1FTeAk2p5TkjVNn94tqNIBZT/veB1iFX51q HS3HZIGwlu7tdnARC3V4nH5sojWM+59TlRyZhcKcSxJHFLFqB47NCFdCd63+saf1 /ny3Cbz5HNJUiXqcFz+ZKljfUFykYMD8TGnaTSVjKVB2VX5qF7TvWxLi5IconL6A gXGP0VV34yt6cHKS0fYgc8as0GB8jdv5A/Oq8w5CNdw0V3y1ll8hZ0DMFKjeTZtC pnxhIt1Ki21csOwZJfZt5ZBA8V9izM3e -----END CERTIFICATE-----Generated at Thu Apr 17 22:40:07 2025 by rpki-client