$ rpki-client -vvf rpki.apnic.net/member_repository/A91C146D/ECB00B42003711F0BBD72475C4F9AE02/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.mft File: Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.mft (raw, json) Hash identifier: +1oy63usDAOCkcTC9dGnEXqnNbEoJyqw4/uZLvLphoY= Subject key identifier: 1F:34:6E:AE:9D:B0:CF:23:24:87:7F:C3:14:F1:AF:3D:7E:0E:C8:0A Authority key identifier: 66:4E:59:A0:00:B9:1E:72:F8:03:E6:D8:68:41:15:4C:80:56:B8:8A Certificate issuer: /CN=A91C146D/serialNumber=664E59A000B91E72F803E6D86841154C8056B88A Certificate serial: 35 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C146D/ECB00B42003711F0BBD72475C4F9AE02/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.mft Manifest number: 2F Signing time: Sun 01 Jun 2025 07:28:41 +0000 Manifest this update: Sun 01 Jun 2025 07:28:40 +0000 Manifest next update: Sun 08 Jun 2025 07:28:40 +0000 Files and hashes: 1: Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.crl (hash: yd6T/6bU182aQiNKwJC0F56UKHXdSBIZsN2J/V7o95k=) 2: 992A7358004211F0AC90656CC4F9AE02.roa (hash: 6uK19EDHQqPyaVVXXtHQJXfGGnOJLngyIEFvwQHYfKo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C146D/ECB00B42003711F0BBD72475C4F9AE02/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.crl rsync://rpki.apnic.net/member_repository/A91C146D/ECB00B42003711F0BBD72475C4F9AE02/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Jun 2025 07:28:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53 (0x35) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C146D, serialNumber=664E59A000B91E72F803E6D86841154C8056B88A Validity Not Before: Jun 1 07:28:40 2025 GMT Not After : Jun 8 07:28:40 2025 GMT Subject: CN=683c0129-6de1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:88:34:7d:df:a3:4f:58:22:19:9d:d6:6d:26: 73:54:fb:8b:84:79:e3:4c:ea:56:44:d0:56:8b:54: b2:f7:40:9e:b4:ad:a5:ab:60:0e:58:40:b2:15:5f: 16:e7:8d:58:27:1f:43:69:a3:71:c0:79:b5:69:dc: 3f:6e:8d:66:6a:82:65:4b:9c:f1:9f:39:35:df:74: 4d:f9:e1:f9:9e:c9:39:84:76:e9:b6:95:ce:24:7a: 03:75:b8:7f:42:85:43:49:c6:97:11:0d:01:c9:03: e6:52:d9:39:36:7f:83:25:45:43:0f:db:6e:b5:79: 01:70:03:17:9d:ad:fb:f0:10:90:da:c3:de:03:19: 05:0a:6c:46:7f:59:24:a2:da:99:ad:b1:ea:52:0e: 7f:bb:cc:79:e4:ad:c7:3a:0a:b9:87:f7:c8:05:05: b7:e6:08:a8:ec:26:1c:a5:9a:fa:8f:4d:0e:d2:0f: 58:38:dc:c9:2a:b8:fa:f9:14:f9:11:78:d0:5f:71: c2:c7:c4:a7:ec:77:af:82:cf:7e:e6:69:e4:e0:b9: 59:bf:7c:ad:65:7f:27:88:40:09:6f:87:b8:23:b5: 9e:13:b6:54:3c:e3:2a:f4:15:de:0b:33:36:17:b1: c5:91:f1:c4:b6:52:57:df:bc:fe:a8:8f:f3:59:10: 8c:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:34:6E:AE:9D:B0:CF:23:24:87:7F:C3:14:F1:AF:3D:7E:0E:C8:0A X509v3 Authority Key Identifier: keyid:66:4E:59:A0:00:B9:1E:72:F8:03:E6:D8:68:41:15:4C:80:56:B8:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C146D/ECB00B42003711F0BBD72475C4F9AE02/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C146D/ECB00B42003711F0BBD72475C4F9AE02/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3b:f2:93:06:d5:82:7c:2f:f8:28:51:7a:e0:9d:9b:f5:95:a5: 63:88:c1:58:c9:57:8f:c6:69:e7:ed:ba:45:1e:c2:3d:21:50: 6b:bd:2d:57:77:51:8a:5d:e6:2c:30:42:dd:1a:ec:ae:70:06: 45:a2:41:34:f3:ad:71:40:24:4a:44:7b:25:cb:24:e8:83:95: e9:3a:3f:92:d8:bb:cc:08:c2:4e:fa:60:05:3c:ad:8c:9c:ec: ef:52:16:d5:d5:d4:c0:84:34:3a:85:3b:7b:6b:8f:c0:4a:ef: 07:3d:7c:8f:2b:0e:c5:a2:d4:07:13:c1:a6:36:42:63:d9:4b: f0:fc:a0:63:47:62:f7:2c:31:a4:0a:49:bb:73:cb:4c:3b:91: a3:0f:89:17:1a:89:d9:ad:85:99:2d:e0:84:30:02:70:e7:49: bf:f9:cf:b4:a1:d6:c8:ae:4a:bf:7a:a7:ce:73:e9:6f:33:c2: dc:c1:cf:e7:50:ce:87:da:f5:6b:ac:12:5e:b4:e5:65:10:1b: af:10:80:72:69:c5:6e:ef:31:f9:2f:f3:65:b5:2d:fe:3e:41: b3:3c:a8:1f:3c:2e:8c:56:c9:7e:04:8b:8c:55:79:64:10:e1: 0f:93:3a:54:49:b2:c3:42:73:e0:60:c6:79:fd:a6:79:80:f3: 03:1a:57:b2 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBNTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD MTQ2RDExMC8GA1UEBRMoNjY0RTU5QTAwMEI5MUU3MkY4MDNFNkQ4Njg0MTE1NEM4 MDU2Qjg4QTAeFw0yNTA2MDEwNzI4NDBaFw0yNTA2MDgwNzI4NDBaMBgxFjAUBgNV BAMTDTY4M2MwMTI5LTZkZTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC5iDR936NPWCIZndZtJnNU+4uEeeNM6lZE0FaLVLL3QJ60raWrYA5YQLIVXxbn jVgnH0Npo3HAebVp3D9ujWZqgmVLnPGfOTXfdE354fmeyTmEdum2lc4kegN1uH9C hUNJxpcRDQHJA+ZS2Tk2f4MlRUMP2261eQFwAxedrfvwEJDaw94DGQUKbEZ/WSSi 2pmtsepSDn+7zHnkrcc6CrmH98gFBbfmCKjsJhylmvqPTQ7SD1g43MkquPr5FPkR eNBfccLHxKfsd6+Cz37maeTguVm/fK1lfyeIQAlvh7gjtZ4TtlQ84yr0Fd4LMzYX scWR8cS2UlffvP6oj/NZEIzlAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUHzRurp2w zyMkh3/DFPGvPX4OyAowHwYDVR0jBBgwFoAUZk5ZoAC5HnL4A+bYaEEVTIBWuIow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMxNDZEL0VDQjAwQjQyMDAz NzExRjBCQkQ3MjQ3NUM0RjlBRTAyL1prNVpvQUM1SG5MNEEtYllhRUVWVElCV3VJ by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvWms1Wm9BQzVIbkw0QS1iWWFFRVZUSUJXdUlvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMx NDZEL0VDQjAwQjQyMDAzNzExRjBCQkQ3MjQ3NUM0RjlBRTAyL1prNVpvQUM1SG5M NEEtYllhRUVWVElCV3VJby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBADvykwbVgnwv+ChReuCdm/WVpWOIwVjJV4/GaeftukUewj0hUGu9LVd3 UYpd5iwwQt0a7K5wBkWiQTTzrXFAJEpEeyXLJOiDlek6P5LYu8wIwk76YAU8rYyc 7O9SFtXV1MCENDqFO3trj8BK7wc9fI8rDsWi1AcTwaY2QmPZS/D8oGNHYvcsMaQK Sbtzy0w7kaMPiRcaidmthZkt4IQwAnDnSb/5z7Sh1siuSr96p85z6W8zwtzBz+dQ zofa9WusEl605WUQG68QgHJpxW7vMfkv82W1Lf4+QbM8qB88LoxWyX4Ei4xVeWQQ 4Q+TOlRJssNCc+Bgxnn9pnmA8wMaV7I= -----END CERTIFICATE-----Generated at Mon Jun 2 19:42:36 2025 by rpki-client