$ rpki-client -vvf rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/ZH5crcsfv367iZpyGcOg8D0_ew0.mft File: ZH5crcsfv367iZpyGcOg8D0_ew0.mft (raw, json) Hash identifier: YkVEtK7Fcv81AWzoYBg351fNI+JoaS3Q9v7Zf2pWkMQ= Subject key identifier: 5C:39:05:89:19:36:12:3F:E8:C5:71:BC:56:D6:19:9B:4E:C0:93:FE Authority key identifier: 64:7E:5C:AD:CB:1F:BF:7E:BB:89:9A:72:19:C3:A0:F0:3D:3F:7B:0D Certificate issuer: /CN=A91951DE/serialNumber=647E5CADCB1FBF7EBB899A7219C3A0F03D3F7B0D Certificate serial: 21 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZH5crcsfv367iZpyGcOg8D0_ew0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/ZH5crcsfv367iZpyGcOg8D0_ew0.mft Manifest number: 20 Signing time: Tue 09 Sep 2025 08:01:02 +0000 Manifest this update: Tue 09 Sep 2025 08:01:01 +0000 Manifest next update: Tue 16 Sep 2025 08:01:01 +0000 Files and hashes: 1: ZH5crcsfv367iZpyGcOg8D0_ew0.crl (hash: SoboKXVCQ87CU951/Tit/weUJLqSXVgxCD45SkBkCqE=) 2: 533DC25E60B511F0AB567568C4F9AE02.roa (hash: 9UZrURL/5cYm+3q79UbhWbJw8l3P1ZGycupb15ORpsw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/ZH5crcsfv367iZpyGcOg8D0_ew0.crl rsync://rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/ZH5crcsfv367iZpyGcOg8D0_ew0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZH5crcsfv367iZpyGcOg8D0_ew0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 16 Sep 2025 07:46:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33 (0x21) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91951DE, serialNumber=647E5CADCB1FBF7EBB899A7219C3A0F03D3F7B0D Validity Not Before: Sep 9 08:01:01 2025 GMT Not After : Sep 16 08:01:01 2025 GMT Subject: CN=68bfdebd-653b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:cb:d1:b4:5c:26:5f:98:95:58:a6:24:07:1d: 72:d4:ff:24:4b:a5:f9:c2:8c:e9:ad:bd:d7:34:36: 10:86:48:15:e1:3f:6a:79:7e:e9:24:e4:c4:96:e3: 7e:b9:75:83:58:e6:65:40:6c:04:64:ef:ae:3a:5d: ac:e8:a8:6b:42:91:4f:25:d4:95:57:c8:2b:27:2a: 42:8d:08:b3:9a:c6:08:c8:8b:da:56:cc:eb:ba:2f: 7c:b5:b1:a8:75:be:2b:93:84:97:55:93:b3:04:73: 51:5a:9d:70:0c:74:d7:6e:f6:b6:00:f8:bf:df:bb: 1c:a5:93:d7:69:dd:76:ab:bf:02:0b:21:54:91:6f: c7:8b:98:4a:ba:93:4d:60:6c:9d:49:ab:15:a6:7a: ad:69:eb:9b:9a:d3:2a:a3:c4:39:a6:be:be:3a:5b: 48:8a:13:56:0e:e4:9b:3a:d7:2f:8f:04:0e:3e:9b: 79:ba:7e:85:78:f4:76:4e:c1:3e:c1:97:00:38:ac: 89:b9:8d:b0:43:ac:c9:17:36:bf:dc:a4:dc:0e:ce: 7c:fa:52:71:a4:a5:5b:c7:80:31:70:a8:23:12:c9: d8:c4:96:b5:9c:9a:19:cc:e4:6b:1c:57:7d:3e:79: 87:b8:1f:8f:d2:72:20:bb:11:a2:f2:02:42:5e:8e: 72:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:39:05:89:19:36:12:3F:E8:C5:71:BC:56:D6:19:9B:4E:C0:93:FE X509v3 Authority Key Identifier: keyid:64:7E:5C:AD:CB:1F:BF:7E:BB:89:9A:72:19:C3:A0:F0:3D:3F:7B:0D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/ZH5crcsfv367iZpyGcOg8D0_ew0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZH5crcsfv367iZpyGcOg8D0_ew0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/ZH5crcsfv367iZpyGcOg8D0_ew0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 12:c8:bc:df:2b:15:cd:bf:a3:a0:b7:1d:79:c7:af:54:e9:9b: 9f:95:c5:8a:4c:c9:a1:48:72:3b:9b:f7:1a:9d:92:e7:0e:ad: 77:99:fb:46:09:e8:fc:b7:6c:c3:20:cc:1d:93:ae:67:c2:4b: e2:7b:c3:d7:88:34:8a:bc:23:cc:91:57:95:62:6f:2a:01:6b: 80:54:9d:2b:08:58:f7:f0:f4:c5:e6:83:f1:f2:4a:b6:4f:b6: 54:b3:eb:d7:6e:db:f1:d9:3b:e8:0f:50:7f:ee:dd:c5:05:8b: 9e:da:69:ed:c1:5b:ce:b1:20:8c:80:3d:e4:d0:69:d6:96:06: c6:1e:56:bc:6d:ee:b7:8c:92:a2:a9:ca:9e:0a:ce:01:ce:97: 33:df:9e:51:7f:3b:74:4d:45:ca:67:46:9f:af:cd:86:ea:84: 94:fe:ce:a8:09:3d:7e:05:d6:4b:65:9d:17:5b:07:28:50:88: 08:cb:24:1d:1d:4e:1a:4d:f6:66:78:d8:3c:5d:69:ce:bb:49: f5:91:be:2c:10:e1:98:27:2f:92:f4:f4:f1:47:05:1d:41:7d: b6:94:61:db:46:02:ea:20:d4:af:98:ce:3c:6b:20:05:0c:8f: 91:dd:98:b6:a6:43:bb:e7:9c:96:04:4d:25:a1:50:88:b8:31: 39:ec:f7:ed -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBITANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5 NTFERTExMC8GA1UEBRMoNjQ3RTVDQURDQjFGQkY3RUJCODk5QTcyMTlDM0EwRjAz RDNGN0IwRDAeFw0yNTA5MDkwODAxMDFaFw0yNTA5MTYwODAxMDFaMBgxFjAUBgNV BAMTDTY4YmZkZWJkLTY1M2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDny9G0XCZfmJVYpiQHHXLU/yRLpfnCjOmtvdc0NhCGSBXhP2p5fukk5MSW4365 dYNY5mVAbARk7646XazoqGtCkU8l1JVXyCsnKkKNCLOaxgjIi9pWzOu6L3y1sah1 viuThJdVk7MEc1FanXAMdNdu9rYA+L/fuxylk9dp3XarvwILIVSRb8eLmEq6k01g bJ1JqxWmeq1p65ua0yqjxDmmvr46W0iKE1YO5Js61y+PBA4+m3m6foV49HZOwT7B lwA4rIm5jbBDrMkXNr/cpNwOznz6UnGkpVvHgDFwqCMSydjElrWcmhnM5GscV30+ eYe4H4/SciC7EaLyAkJejnIrAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUXDkFiRk2 Ej/oxXG8VtYZm07Ak/4wHwYDVR0jBBgwFoAUZH5crcsfv367iZpyGcOg8D0/ew0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk1MURFLzkwNEY4NzBBNjBC NDExRjA4RUQ3QUU2M0M0RjlBRTAyL1pINWNyY3NmdjM2N2lacHlHY09nOEQwX2V3 MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvWkg1Y3Jjc2Z2MzY3aVpweUdjT2c4RDBfZXcwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk1 MURFLzkwNEY4NzBBNjBCNDExRjA4RUQ3QUU2M0M0RjlBRTAyL1pINWNyY3NmdjM2 N2lacHlHY09nOEQwX2V3MC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABLIvN8rFc2/o6C3HXnHr1Tpm5+VxYpMyaFIcjub9xqdkucOrXeZ+0YJ 6Py3bMMgzB2TrmfCS+J7w9eINIq8I8yRV5VibyoBa4BUnSsIWPfw9MXmg/HySrZP tlSz69du2/HZO+gPUH/u3cUFi57aae3BW86xIIyAPeTQadaWBsYeVrxt7reMkqKp yp4KzgHOlzPfnlF/O3RNRcpnRp+vzYbqhJT+zqgJPX4F1ktlnRdbByhQiAjLJB0d ThpN9mZ42Dxdac67SfWRviwQ4ZgnL5L09PFHBR1BfbaUYdtGAuog1K+YzjxrIAUM j5HdmLamQ7vnnJYETSWhUIi4MTns9+0= -----END CERTIFICATE-----Generated at Tue Sep 9 13:21:23 2025 by rpki-client