$ rpki-client -vvf rpki.apnic.net/member_repository/A913E652/600AB464B2B511EA8ADC4415C4F9AE02/2zfNKCxsfbw6kLEDt6I53NFY_2A.mft File: 2zfNKCxsfbw6kLEDt6I53NFY_2A.mft (raw, json) Hash identifier: mYRvsUhvn94lduf321GnPxQU+r8oEOQMqHxBHA7klEQ= Subject key identifier: 0E:06:F6:B7:65:42:7A:1C:D9:D4:C6:47:4C:FC:3E:A3:31:77:23:69 Authority key identifier: DB:37:CD:28:2C:6C:7D:BC:3A:90:B1:03:B7:A2:39:DC:D1:58:FF:60 Certificate issuer: /CN=A913E652/serialNumber=DB37CD282C6C7DBC3A90B103B7A239DCD158FF60 Certificate serial: 08CD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2zfNKCxsfbw6kLEDt6I53NFY_2A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913E652/600AB464B2B511EA8ADC4415C4F9AE02/2zfNKCxsfbw6kLEDt6I53NFY_2A.mft Manifest number: 08C7 Signing time: Fri 30 May 2025 20:41:37 +0000 Manifest this update: Fri 30 May 2025 20:41:36 +0000 Manifest next update: Fri 06 Jun 2025 20:41:36 +0000 Files and hashes: 1: 2zfNKCxsfbw6kLEDt6I53NFY_2A.crl (hash: Lyer8KL8RiNIwqATgCwhTv5MQX7sAuNlHwZDilvFkHU=) 2: 6154A3B0B2B611EAA5884016C4F9AE02.roa (hash: v6eXZmLrZttsFYphww5DwQSaxSYNhoXZnZd8akGhwqk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913E652/600AB464B2B511EA8ADC4415C4F9AE02/2zfNKCxsfbw6kLEDt6I53NFY_2A.crl rsync://rpki.apnic.net/member_repository/A913E652/600AB464B2B511EA8ADC4415C4F9AE02/2zfNKCxsfbw6kLEDt6I53NFY_2A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2zfNKCxsfbw6kLEDt6I53NFY_2A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 20:41:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2253 (0x8cd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913E652, serialNumber=DB37CD282C6C7DBC3A90B103B7A239DCD158FF60 Validity Not Before: May 30 20:41:36 2025 GMT Not After : Jun 6 20:41:36 2025 GMT Subject: CN=683a1800-53d9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:5c:82:e8:a8:c8:6b:fd:b5:08:86:72:f3:2c: 3d:45:53:e0:32:e7:82:a3:15:90:a4:66:03:7e:15: cd:6a:41:16:f4:a5:f6:13:30:c0:a8:f5:e6:d7:34: af:c0:1c:36:58:64:b9:53:d6:c8:df:53:bc:5e:4e: fa:ea:92:c2:ad:0e:7d:f1:c8:ce:ed:20:13:86:25: cd:6b:f9:23:15:36:d5:9d:60:8c:5b:16:b3:d6:f0: 45:41:53:25:49:cb:1c:37:1b:ca:21:8a:cd:15:d1: 61:e7:f6:af:3c:c7:95:61:ca:8d:12:0e:15:51:53: e1:e2:65:c1:9e:50:1a:c0:19:12:ff:f4:aa:22:38: 39:0c:e6:01:3a:b4:3c:31:11:be:0b:11:4d:58:89: 81:d6:62:6c:6a:b5:8e:20:ba:f4:0f:0b:20:cd:ef: be:67:2f:cd:25:e5:f3:24:c3:c6:66:d1:ee:a1:bc: 9d:b0:39:d7:dd:08:37:19:85:a6:d5:c4:f9:ec:bd: 58:c5:67:f1:73:98:99:31:c6:3d:33:aa:4b:1a:e2: cf:3a:b7:d7:38:d7:27:01:17:ad:ab:7a:8b:76:66: 9f:d1:35:a3:0e:08:f7:27:07:70:89:68:d2:a5:0d: c4:81:eb:28:fa:47:a9:b2:0c:5c:82:22:6b:e8:8d: db:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:06:F6:B7:65:42:7A:1C:D9:D4:C6:47:4C:FC:3E:A3:31:77:23:69 X509v3 Authority Key Identifier: keyid:DB:37:CD:28:2C:6C:7D:BC:3A:90:B1:03:B7:A2:39:DC:D1:58:FF:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913E652/600AB464B2B511EA8ADC4415C4F9AE02/2zfNKCxsfbw6kLEDt6I53NFY_2A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2zfNKCxsfbw6kLEDt6I53NFY_2A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913E652/600AB464B2B511EA8ADC4415C4F9AE02/2zfNKCxsfbw6kLEDt6I53NFY_2A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0c:76:2b:b0:15:9c:14:57:db:b9:00:5b:51:3d:29:49:3b:4b: d6:15:62:b2:1d:82:32:65:68:5c:47:cc:26:2b:11:fb:4a:04: be:bf:10:5a:18:c1:55:e2:ae:95:5e:98:38:f8:e0:de:b7:a6: 7d:57:57:c3:35:6d:62:b3:e6:76:b6:93:81:b0:57:0f:17:41: 0a:c8:10:0a:c8:67:e1:ec:18:00:1d:50:3e:41:47:b9:d0:d5: 4f:80:78:23:28:5a:23:71:db:55:34:d2:43:6f:b4:c8:db:dd: 56:67:fe:d5:b4:3c:6f:5d:b7:4a:71:9f:29:f8:b3:ca:24:fa: 55:2b:fa:72:56:a5:10:8e:a1:6a:1a:f8:4b:4a:9c:74:03:60: f3:48:c8:95:5a:c5:80:31:65:89:c2:e6:0f:60:21:ac:3a:6b: eb:2f:c0:0c:09:32:d5:72:bd:b4:9a:27:e3:69:a7:08:55:28: 8e:72:01:3c:fb:a7:79:0f:e4:6a:5d:b8:e9:3c:03:f1:83:b5: c5:1f:25:01:a4:89:68:6c:db:3e:bb:78:1b:44:55:03:bc:0c: 54:9f:bd:66:81:d1:cd:24:b7:9e:5f:d6:b0:61:28:ca:06:77: c2:02:2b:ec:21:93:f2:0e:33:05:b9:b0:c1:e3:71:62:d1:4c: a6:47:99:b1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCM0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0U2NTIxMTAvBgNVBAUTKERCMzdDRDI4MkM2QzdEQkMzQTkwQjEwM0I3QTIzOURD RDE1OEZGNjAwHhcNMjUwNTMwMjA0MTM2WhcNMjUwNjA2MjA0MTM2WjAYMRYwFAYD VQQDEw02ODNhMTgwMC01M2Q5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5FyC6KjIa/21CIZy8yw9RVPgMueCoxWQpGYDfhXNakEW9KX2EzDAqPXm1zSv wBw2WGS5U9bI31O8Xk766pLCrQ598cjO7SAThiXNa/kjFTbVnWCMWxaz1vBFQVMl ScscNxvKIYrNFdFh5/avPMeVYcqNEg4VUVPh4mXBnlAawBkS//SqIjg5DOYBOrQ8 MRG+CxFNWImB1mJsarWOILr0Dwsgze++Zy/NJeXzJMPGZtHuobydsDnX3Qg3GYWm 1cT57L1YxWfxc5iZMcY9M6pLGuLPOrfXONcnARetq3qLdmaf0TWjDgj3JwdwiWjS pQ3Egeso+kepsgxcgiJr6I3beQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA4G9rdl Qnoc2dTGR0z8PqMxdyNpMB8GA1UdIwQYMBaAFNs3zSgsbH28OpCxA7eiOdzRWP9g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRTY1Mi82MDBBQjQ2NEIy QjUxMUVBOEFEQzQ0MTVDNEY5QUUwMi8yemZOS0N4c2ZidzZrTEVEdDZJNTNORllf MkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJ6Zk5LQ3hzZmJ3NmtMRUR0Nkk1M05GWV8yQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz RTY1Mi82MDBBQjQ2NEIyQjUxMUVBOEFEQzQ0MTVDNEY5QUUwMi8yemZOS0N4c2Zi dzZrTEVEdDZJNTNORllfMkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAMdiuwFZwUV9u5AFtRPSlJO0vWFWKyHYIyZWhcR8wmKxH7SgS+vxBa GMFV4q6VXpg4+ODet6Z9V1fDNW1is+Z2tpOBsFcPF0EKyBAKyGfh7BgAHVA+QUe5 0NVPgHgjKFojcdtVNNJDb7TI291WZ/7VtDxvXbdKcZ8p+LPKJPpVK/pyVqUQjqFq GvhLSpx0A2DzSMiVWsWAMWWJwuYPYCGsOmvrL8AMCTLVcr20mifjaacIVSiOcgE8 +6d5D+RqXbjpPAPxg7XFHyUBpIlobNs+u3gbRFUDvAxUn71mgdHNJLeeX9awYSjK BnfCAivsIZPyDjMFubDB43Fi0UymR5mx -----END CERTIFICATE-----Generated at Sat May 31 17:54:53 2025 by rpki-client