Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DDD23/EA750BEC910C11EFA540FC0FC4F9AE02/ZoRT_1aRgf4a6qBjfkgndCARLGQ.mft
File: ZoRT_1aRgf4a6qBjfkgndCARLGQ.mft (raw, json)
Hash identifier: XVL8sesAD8Ith7YSBmYo1SQKuk+aciCBRBA5rBZzGEU=
Subject key identifier: 67:25:58:87:39:4E:EA:67:C2:6A:C3:36:4E:04:DF:8D:52:C0:CA:6D
Authority key identifier: 66:84:53:FF:56:91:81:FE:1A:EA:A0:63:7E:48:27:74:20:11:2C:64
Certificate issuer: /CN=A91DDD23/serialNumber=668453FF569181FE1AEAA0637E48277420112C64
Certificate serial: 59
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZoRT_1aRgf4a6qBjfkgndCARLGQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DDD23/EA750BEC910C11EFA540FC0FC4F9AE02/ZoRT_1aRgf4a6qBjfkgndCARLGQ.mft
Manifest number: 58
Signing time: Wed 09 Apr 2025 05:59:26 +0000
Manifest this update: Wed 09 Apr 2025 05:59:25 +0000
Manifest next update: Wed 16 Apr 2025 05:59:25 +0000
Files and hashes: 1: ZoRT_1aRgf4a6qBjfkgndCARLGQ.crl (hash: uouPqy+wlGgY0+Ei/lgwvc3lj7E3Mv2ox2YVW7GBLxo=)
2: 65F3496E910D11EF95FE5C28C4F9AE02.roa (hash: MwIpMdrSL2OUPZhkEFCHw46/9hdWF6RJ27rUbg8XQI8=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91DDD23/EA750BEC910C11EFA540FC0FC4F9AE02/ZoRT_1aRgf4a6qBjfkgndCARLGQ.crl
rsync://rpki.apnic.net/member_repository/A91DDD23/EA750BEC910C11EFA540FC0FC4F9AE02/ZoRT_1aRgf4a6qBjfkgndCARLGQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZoRT_1aRgf4a6qBjfkgndCARLGQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 16 Apr 2025 05:59:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89 (0x59)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DDD23
Validity
Not Before: Apr 9 05:59:25 2025 GMT
Not After : Apr 16 05:59:25 2025 GMT
Subject: CN=67f60cbd-2818
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:47:14:5b:03:58:11:3a:a6:6e:c9:92:4c:f9:
c7:5e:6f:ac:e7:f3:6b:0d:03:7c:a3:ba:7c:70:92:
b7:b8:92:96:e9:1f:fb:9b:44:d9:51:8a:53:eb:e8:
42:7a:34:d4:06:fa:34:78:25:a0:fb:87:a6:92:9c:
7f:c9:45:e6:0a:74:ef:09:b6:c7:d1:1a:95:10:80:
f3:19:17:1d:40:b6:5b:08:9f:1a:83:61:72:e7:54:
45:84:a6:c7:de:e5:44:4e:42:8a:90:59:8a:92:de:
2d:25:0f:2d:fe:29:46:a7:f7:e6:17:14:49:8d:3d:
fd:1b:b2:15:05:6c:22:47:18:90:85:fa:a9:6d:ca:
f7:d5:1e:3e:13:94:ff:74:94:f0:2c:be:56:99:5b:
04:dc:94:bd:69:39:6f:37:15:2f:76:a9:57:58:8d:
13:0b:24:3e:59:14:3e:4a:e2:86:72:99:2c:4c:f6:
be:43:2a:74:37:a6:2e:98:c0:ab:03:2b:46:35:02:
2b:c6:f4:a2:b2:71:e4:63:13:45:ad:a9:c1:28:9e:
74:d6:1e:2b:e8:dd:d1:14:92:ce:f3:69:d3:67:a5:
8b:df:8b:1e:f3:b9:12:dc:86:63:1b:16:61:be:da:
25:ec:b1:53:ee:30:8a:46:85:0f:56:33:34:93:da:
23:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:25:58:87:39:4E:EA:67:C2:6A:C3:36:4E:04:DF:8D:52:C0:CA:6D
X509v3 Authority Key Identifier:
keyid:66:84:53:FF:56:91:81:FE:1A:EA:A0:63:7E:48:27:74:20:11:2C:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DDD23/EA750BEC910C11EFA540FC0FC4F9AE02/ZoRT_1aRgf4a6qBjfkgndCARLGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZoRT_1aRgf4a6qBjfkgndCARLGQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DDD23/EA750BEC910C11EFA540FC0FC4F9AE02/ZoRT_1aRgf4a6qBjfkgndCARLGQ.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
3b:14:73:7c:6f:3a:96:9d:87:07:f5:77:a4:e1:9a:a5:43:6d:
ca:11:c5:05:ba:a2:6b:68:34:db:2d:9f:e9:a4:90:4e:de:6e:
b7:1c:4b:ea:91:b9:7a:8e:56:bd:d1:fd:b5:88:6a:12:a7:93:
6f:85:b7:93:fb:e7:fa:5a:9f:e7:ac:36:11:30:62:59:21:b9:
c5:ed:40:56:e7:e6:81:75:ca:8d:f8:63:c2:3c:f1:90:eb:40:
59:a6:4f:18:86:8a:4f:9b:26:3b:a2:7b:02:93:ba:e3:ba:56:
48:e0:4d:61:9f:78:2e:c9:d8:3a:72:7c:2d:83:9f:9e:54:81:
b6:25:5c:04:2f:f9:f1:28:39:b7:67:2e:6c:fe:b8:f8:2a:d2:
4b:d0:3a:ad:c2:13:df:96:1e:94:3f:c5:5b:9d:44:ba:6e:46:
a3:98:62:2a:f7:2f:0f:a9:21:fc:31:eb:c9:24:77:fe:6d:e1:
86:91:6a:97:f4:81:a1:b4:09:bb:4e:6d:05:ee:16:b5:31:bd:
ee:4e:01:4f:75:fd:94:be:34:4f:10:5f:7c:43:f0:fb:d2:95:
0a:7c:b9:1e:93:5e:0e:5e:22:0d:c3:16:39:46:29:49:c4:09:
a6:c7:de:d4:13:31:29:04:6d:4f:15:54:96:d6:6c:39:c7:8c:
73:33:42:53
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBWTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
REQyMzExMC8GA1UEBRMoNjY4NDUzRkY1NjkxODFGRTFBRUFBMDYzN0U0ODI3NzQy
MDExMkM2NDAeFw0yNTA0MDkwNTU5MjVaFw0yNTA0MTYwNTU5MjVaMBgxFjAUBgNV
BAMTDTY3ZjYwY2JkLTI4MTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDDRxRbA1gROqZuyZJM+cdeb6zn82sNA3yjunxwkre4kpbpH/ubRNlRilPr6EJ6
NNQG+jR4JaD7h6aSnH/JReYKdO8JtsfRGpUQgPMZFx1AtlsInxqDYXLnVEWEpsfe
5UROQoqQWYqS3i0lDy3+KUan9+YXFEmNPf0bshUFbCJHGJCF+qltyvfVHj4TlP90
lPAsvlaZWwTclL1pOW83FS92qVdYjRMLJD5ZFD5K4oZymSxM9r5DKnQ3pi6YwKsD
K0Y1AivG9KKyceRjE0WtqcEonnTWHivo3dEUks7zadNnpYvfix7zuRLchmMbFmG+
2iXssVPuMIpGhQ9WMzST2iNvAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUZyVYhzlO
6mfCasM2TgTfjVLAym0wHwYDVR0jBBgwFoAUZoRT/1aRgf4a6qBjfkgndCARLGQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURERDIzL0VBNzUwQkVDOTEw
QzExRUZBNTQwRkMwRkM0RjlBRTAyL1pvUlRfMWFSZ2Y0YTZxQmpma2duZENBUkxH
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWm9SVF8xYVJnZjRhNnFCamZrZ25kQ0FSTEdRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL
hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURE
RDIzL0VBNzUwQkVDOTEwQzExRUZBNTQwRkMwRkM0RjlBRTAyL1pvUlRfMWFSZ2Y0
YTZxQmpma2duZENBUkxHUS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h
cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA
MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL
BQADggEBADsUc3xvOpadhwf1d6ThmqVDbcoRxQW6omtoNNstn+mkkE7ebrccS+qR
uXqOVr3R/bWIahKnk2+Ft5P75/pan+esNhEwYlkhucXtQFbn5oF1yo34Y8I88ZDr
QFmmTxiGik+bJjuiewKTuuO6VkjgTWGfeC7J2DpyfC2Dn55UgbYlXAQv+fEoObdn
Lmz+uPgq0kvQOq3CE9+WHpQ/xVudRLpuRqOYYir3Lw+pIfwx68kkd/5t4YaRapf0
gaG0CbtObQXuFrUxve5OAU91/ZS+NE8QX3xD8PvSlQp8uR6TXg5eIg3DFjlGKUnE
CabH3tQTMSkEbU8VVJbWbDnHjHMzQlM=
-----END CERTIFICATE-----
Generated at Fri Apr 11 10:37:36 2025 by rpki-client