$ rpki-client -vvf rpki.apnic.net/member_repository/A917BBF1/245DC5CA0AF711EAA85A5D1AC4F9AE02/ZUCRhgKOxUzUW1g0_77K9LePGcI.mft File: ZUCRhgKOxUzUW1g0_77K9LePGcI.mft (raw, json) Hash identifier: OMSj2kxLtRSpWrZBN2i0ZHZfoPunOhZkgpK5jY0iyvw= Subject key identifier: 15:53:A8:85:4C:E0:19:38:76:10:91:EB:CC:9A:40:7E:54:A0:5F:C7 Authority key identifier: 65:40:91:86:02:8E:C5:4C:D4:5B:58:34:FF:BE:CA:F4:B7:8F:19:C2 Certificate issuer: /CN=A917BBF1/serialNumber=65409186028EC54CD45B5834FFBECAF4B78F19C2 Certificate serial: 0CA1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZUCRhgKOxUzUW1g0_77K9LePGcI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917BBF1/245DC5CA0AF711EAA85A5D1AC4F9AE02/ZUCRhgKOxUzUW1g0_77K9LePGcI.mft Manifest number: 0C84 Signing time: Sun 26 Oct 2025 18:54:15 +0000 Manifest this update: Sun 26 Oct 2025 18:54:14 +0000 Manifest next update: Sun 02 Nov 2025 18:54:14 +0000 Files and hashes: 1: ZUCRhgKOxUzUW1g0_77K9LePGcI.crl (hash: mm+C09ykhExcXgcmctsZU3plpu83HwFr112jg3CCHlw=) 2: 7136F65A37A811EE94E32169C4F9AE02.roa (hash: MIgp6SPzmtBLaTAJ8Ko+cWBy6IjOqEZ3q2z4VBixHmI=) 3: 1B54858065B711EE93D6ED6DC4F9AE02.roa (hash: GsJaSUcatISwdkkhFSUQBWiCBZOPMZtERdw74sbshGA=) 4: FF4F13D4448711ECA80CFC34C4F9AE02.roa (hash: pvvlftNep3JGBrkiJAisunxpzryLA3gGytWzHa5BKMk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917BBF1/245DC5CA0AF711EAA85A5D1AC4F9AE02/ZUCRhgKOxUzUW1g0_77K9LePGcI.crl rsync://rpki.apnic.net/member_repository/A917BBF1/245DC5CA0AF711EAA85A5D1AC4F9AE02/ZUCRhgKOxUzUW1g0_77K9LePGcI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZUCRhgKOxUzUW1g0_77K9LePGcI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 02 Nov 2025 18:54:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3233 (0xca1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917BBF1, serialNumber=65409186028EC54CD45B5834FFBECAF4B78F19C2 Validity Not Before: Oct 26 18:54:14 2025 GMT Not After : Nov 2 18:54:14 2025 GMT Subject: CN=68fe6e57-ebfc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:2c:45:7c:81:3c:2b:88:65:4d:ed:c3:4f:d6: 4e:ae:ff:18:c3:e7:af:46:66:b1:6b:f1:cc:0c:17: 36:a1:c4:20:e6:85:9c:85:88:88:12:5e:b7:2d:c5: de:0f:bd:3b:fe:ed:28:8b:56:38:29:fa:a9:c1:5b: 4f:5e:a1:d2:cc:67:45:12:f2:01:8e:b8:40:21:47: 32:38:60:05:e1:e1:48:0f:f2:b0:d6:74:04:e4:db: 7b:57:12:ac:d9:d0:ce:67:1f:08:2d:d2:a3:e3:ff: 14:5b:0e:e0:fd:e3:4c:44:a0:ab:9c:e3:85:dd:6e: 95:ce:75:1d:52:67:9b:8e:39:22:94:1b:ef:78:76: 39:32:b3:74:a4:92:4c:21:f8:b6:2c:f1:29:f8:f4: 63:a2:9c:c5:93:84:63:30:1c:ef:1d:c7:1b:36:da: 16:2a:8f:1c:9a:c8:08:5e:b5:3f:db:e0:16:2d:79: df:95:b0:5c:d6:69:66:af:1a:f0:d9:a7:2e:2b:51: 34:bf:a7:dc:98:9b:b3:4a:5d:91:5e:59:2f:6f:31: 15:27:a8:10:6e:68:c7:0c:f9:da:80:02:76:7e:97: 5f:17:43:1f:f3:fe:b7:7a:50:07:0d:12:73:fb:a4: 91:e4:60:db:95:53:c5:6b:64:33:f5:11:84:75:98: 1d:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:53:A8:85:4C:E0:19:38:76:10:91:EB:CC:9A:40:7E:54:A0:5F:C7 X509v3 Authority Key Identifier: keyid:65:40:91:86:02:8E:C5:4C:D4:5B:58:34:FF:BE:CA:F4:B7:8F:19:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917BBF1/245DC5CA0AF711EAA85A5D1AC4F9AE02/ZUCRhgKOxUzUW1g0_77K9LePGcI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZUCRhgKOxUzUW1g0_77K9LePGcI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917BBF1/245DC5CA0AF711EAA85A5D1AC4F9AE02/ZUCRhgKOxUzUW1g0_77K9LePGcI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 01:87:3d:cc:33:6f:df:79:c9:dc:10:4a:b1:91:fe:96:0c:20: bb:ba:43:21:03:38:29:14:9a:1c:0b:0a:4c:e5:f4:b1:5b:95: d3:3b:27:98:b8:85:fa:53:90:d8:b2:37:de:90:e2:99:3f:1c: 21:a7:48:81:88:30:c2:d1:4f:c6:ba:9a:4c:bb:0e:d0:d0:cc: 2c:fb:89:03:a1:77:14:a2:ff:6b:2b:70:73:86:a2:e0:5a:c1: 97:fd:13:74:fe:ad:eb:1a:a3:cd:1a:56:38:53:cc:f0:1f:21: 50:9a:ce:18:28:03:8d:28:74:9c:b6:ab:e6:02:3f:07:84:90: 9a:bf:8d:2e:cf:40:eb:78:34:1c:69:57:49:97:af:7d:ea:68: d7:95:46:2d:ee:1b:77:ca:48:c0:fb:eb:2f:60:a8:b0:be:5b: 40:63:f0:08:96:da:d6:14:c7:bc:38:ab:18:3c:32:26:83:4a: 64:63:36:6a:b5:a6:19:7a:52:cb:7a:bf:5d:17:cd:12:6c:19: 6f:52:e5:ad:66:78:7c:19:c3:8d:a9:32:1d:7e:30:a7:ce:6b: b4:b0:56:27:8d:d4:a8:ea:39:c6:f5:cc:37:7e:18:b1:8a:1f: 7d:35:4b:dc:b1:b3:34:10:68:1b:9b:78:c8:9d:51:db:03:5a: ac:38:6d:29 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDKEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0JCRjExMTAvBgNVBAUTKDY1NDA5MTg2MDI4RUM1NENENDVCNTgzNEZGQkVDQUY0 Qjc4RjE5QzIwHhcNMjUxMDI2MTg1NDE0WhcNMjUxMTAyMTg1NDE0WjAYMRYwFAYD VQQDEw02OGZlNmU1Ny1lYmZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwCxFfIE8K4hlTe3DT9ZOrv8Yw+evRmaxa/HMDBc2ocQg5oWchYiIEl63LcXe D707/u0oi1Y4KfqpwVtPXqHSzGdFEvIBjrhAIUcyOGAF4eFID/Kw1nQE5Nt7VxKs 2dDOZx8ILdKj4/8UWw7g/eNMRKCrnOOF3W6VznUdUmebjjkilBvveHY5MrN0pJJM Ifi2LPEp+PRjopzFk4RjMBzvHccbNtoWKo8cmsgIXrU/2+AWLXnflbBc1mlmrxrw 2acuK1E0v6fcmJuzSl2RXlkvbzEVJ6gQbmjHDPnagAJ2fpdfF0Mf8/63elAHDRJz +6SR5GDblVPFa2Qz9RGEdZgdFwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBVTqIVM 4Bk4dhCR68yaQH5UoF/HMB8GA1UdIwQYMBaAFGVAkYYCjsVM1FtYNP++yvS3jxnC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QkJGMS8yNDVEQzVDQTBB RjcxMUVBQTg1QTVEMUFDNEY5QUUwMi9aVUNSaGdLT3hVelVXMWcwXzc3SzlMZVBH Y0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1pVQ1JoZ0tPeFV6VVcxZzBfNzdLOUxlUEdjSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QkJGMS8yNDVEQzVDQTBBRjcxMUVBQTg1QTVEMUFDNEY5QUUwMi9aVUNSaGdLT3hV elVXMWcwXzc3SzlMZVBHY0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQABhz3MM2/fecncEEqxkf6WDCC7ukMhAzgpFJocCwpM5fSxW5XTOyeY uIX6U5DYsjfekOKZPxwhp0iBiDDC0U/GuppMuw7Q0Mws+4kDoXcUov9rK3BzhqLg WsGX/RN0/q3rGqPNGlY4U8zwHyFQms4YKAONKHSctqvmAj8HhJCav40uz0DreDQc aVdJl6996mjXlUYt7ht3ykjA++svYKiwvltAY/AIltrWFMe8OKsYPDImg0pkYzZq taYZelLLer9dF80SbBlvUuWtZnh8GcONqTIdfjCnzmu0sFYnjdSo6jnG9cw3fhix ih99NUvcsbM0EGgbm3jInVHbA1qsOG0p -----END CERTIFICATE-----Generated at Mon Oct 27 14:59:27 2025 by rpki-client