$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1A37/6868E028E7F011E28C2805845911EA32/zIQ-FAouPvvguUneDtgDg5BgVB0.mft File: zIQ-FAouPvvguUneDtgDg5BgVB0.mft (raw, json) Hash identifier: MY6lZfFNo7+3FUiPijPx7M+f6CZJnQahh1leIjDwKXA= Subject key identifier: 90:FF:83:2B:7F:B4:51:6E:EA:FA:24:46:51:86:FE:29:AD:87:CA:22 Authority key identifier: CC:84:3E:14:0A:2E:3E:FB:E0:B9:49:DE:0E:D8:03:83:90:60:54:1D Certificate issuer: /CN=A91C1A37/serialNumber=CC843E140A2E3EFBE0B949DE0ED803839060541D Certificate serial: 30D7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zIQ-FAouPvvguUneDtgDg5BgVB0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C1A37/6868E028E7F011E28C2805845911EA32/zIQ-FAouPvvguUneDtgDg5BgVB0.mft Manifest number: 30BE Signing time: Wed 20 Aug 2025 15:27:54 +0000 Manifest this update: Wed 20 Aug 2025 15:27:53 +0000 Manifest next update: Wed 27 Aug 2025 15:27:53 +0000 Files and hashes: 1: zIQ-FAouPvvguUneDtgDg5BgVB0.crl (hash: G3vl/7uyBSpKQ9xk9GVmnywWZSnkd/2ckyRJL5SovdY=) 2: C3F53A0654F011E7BE4A6431C4F9AE02.roa (hash: 54WI7bxOwof+H1Cz8+uPiLZ+tzpprbk2GuCnR0w5MUY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C1A37/6868E028E7F011E28C2805845911EA32/zIQ-FAouPvvguUneDtgDg5BgVB0.crl rsync://rpki.apnic.net/member_repository/A91C1A37/6868E028E7F011E28C2805845911EA32/zIQ-FAouPvvguUneDtgDg5BgVB0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zIQ-FAouPvvguUneDtgDg5BgVB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 15:27:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12503 (0x30d7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C1A37, serialNumber=CC843E140A2E3EFBE0B949DE0ED803839060541D Validity Not Before: Aug 20 15:27:53 2025 GMT Not After : Aug 27 15:27:53 2025 GMT Subject: CN=68a5e97a-3daa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:cc:dc:9a:6f:7d:fc:38:99:99:36:32:ed:31: f1:19:a7:c5:c0:a6:4f:84:ea:f0:26:08:8c:a1:53: 56:fd:b2:1c:63:7f:37:b1:b3:a3:3b:6a:2e:de:2c: 3d:fb:81:25:2c:ee:d5:bc:50:2e:38:f7:29:2b:b4: 0a:70:c1:88:11:8e:76:9d:d2:6b:fd:95:62:09:d2: 24:27:89:fe:9a:5a:ee:dd:5a:13:0e:9a:2f:f5:46: 20:3e:b2:43:0a:c2:77:ae:dd:15:a9:0b:d9:01:c6: 24:55:31:46:99:55:cf:99:3e:01:26:40:72:13:d0: 77:4a:b0:df:bd:55:45:ab:68:b4:01:f3:19:43:32: ec:69:b3:a2:f9:79:d2:9f:4a:7b:47:d9:92:c2:29: 86:c3:7f:3a:54:cb:0f:e5:99:02:85:98:ca:57:75: 9d:de:da:4e:57:bc:22:da:4a:19:91:23:c0:9f:e7: 4b:1b:46:41:da:a3:8d:47:a6:3e:34:bf:d7:7f:63: b2:29:01:c0:99:34:84:6b:e0:81:00:c5:33:62:e1: 23:b4:1e:0e:03:33:b3:84:07:92:36:a9:c8:8a:2b: 7b:71:97:c3:8e:42:16:88:86:c8:58:95:05:c8:69: c7:a4:53:f1:87:78:eb:db:c0:e0:2d:df:2a:88:18: 20:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:FF:83:2B:7F:B4:51:6E:EA:FA:24:46:51:86:FE:29:AD:87:CA:22 X509v3 Authority Key Identifier: keyid:CC:84:3E:14:0A:2E:3E:FB:E0:B9:49:DE:0E:D8:03:83:90:60:54:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C1A37/6868E028E7F011E28C2805845911EA32/zIQ-FAouPvvguUneDtgDg5BgVB0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zIQ-FAouPvvguUneDtgDg5BgVB0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1A37/6868E028E7F011E28C2805845911EA32/zIQ-FAouPvvguUneDtgDg5BgVB0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ad:aa:d9:61:ca:ff:b9:cf:22:4b:b5:28:0d:06:3c:fc:27:bb: a1:ba:bd:0c:dc:02:1d:a4:07:0c:fc:3a:46:80:df:84:c6:71: f0:9f:83:e5:98:ec:74:41:56:e1:ba:ab:13:13:a6:63:b1:e1: 4f:75:f7:b3:26:8a:c6:4c:7e:77:0e:2a:a7:43:d0:ed:2d:bd: 7c:af:ec:96:02:5f:4a:2c:16:49:80:fe:d1:30:c1:27:09:d9: c9:5c:12:0c:9a:68:34:cc:13:08:f6:44:9b:1e:15:f8:3c:a1: 4a:a2:fe:99:fb:9d:8e:78:76:1c:80:33:c8:ec:e3:71:5d:21: 37:fb:c6:c2:dc:d3:64:a7:63:04:3b:90:7b:2b:5c:f6:f9:dc: 1d:2f:c5:84:4b:f9:d2:13:c1:f3:8f:9f:cb:14:cc:7f:08:41: 19:e4:bc:52:9f:24:1e:64:ad:3d:c4:a4:9a:2c:6b:ac:52:97: 0b:70:51:75:a7:26:cf:06:48:78:0c:7e:9f:6c:74:f8:5d:3b: 6e:61:2c:a6:58:0b:4d:95:6f:fc:3c:90:01:05:e8:35:d3:3d: 52:0e:8a:2b:4f:68:a8:c8:ea:6c:f3:1f:9f:7b:3f:04:a2:98: ca:bf:e6:be:16:74:c9:b4:85:f9:bc:18:f5:aa:b6:c4:ac:c0: 27:94:42:7a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICMNcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzFBMzcxMTAvBgNVBAUTKENDODQzRTE0MEEyRTNFRkJFMEI5NDlERTBFRDgwMzgz OTA2MDU0MUQwHhcNMjUwODIwMTUyNzUzWhcNMjUwODI3MTUyNzUzWjAYMRYwFAYD VQQDEw02OGE1ZTk3YS0zZGFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt8zcmm99/DiZmTYy7THxGafFwKZPhOrwJgiMoVNW/bIcY383sbOjO2ou3iw9 +4ElLO7VvFAuOPcpK7QKcMGIEY52ndJr/ZViCdIkJ4n+mlru3VoTDpov9UYgPrJD CsJ3rt0VqQvZAcYkVTFGmVXPmT4BJkByE9B3SrDfvVVFq2i0AfMZQzLsabOi+XnS n0p7R9mSwimGw386VMsP5ZkChZjKV3Wd3tpOV7wi2koZkSPAn+dLG0ZB2qONR6Y+ NL/Xf2OyKQHAmTSEa+CBAMUzYuEjtB4OAzOzhAeSNqnIiit7cZfDjkIWiIbIWJUF yGnHpFPxh3jr28DgLd8qiBggiwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJD/gyt/ tFFu6vokRlGG/imth8oiMB8GA1UdIwQYMBaAFMyEPhQKLj774LlJ3g7YA4OQYFQd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMUEzNy82ODY4RTAyOEU3 RjAxMUUyOEMyODA1ODQ1OTExRUEzMi96SVEtRkFvdVB2dmd1VW5lRHRnRGc1QmdW QjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3pJUS1GQW91UHZ2Z3VVbmVEdGdEZzVCZ1ZCMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD MUEzNy82ODY4RTAyOEU3RjAxMUUyOEMyODA1ODQ1OTExRUEzMi96SVEtRkFvdVB2 dmd1VW5lRHRnRGc1QmdWQjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCtqtlhyv+5zyJLtSgNBjz8J7uhur0M3AIdpAcM/DpGgN+ExnHwn4Pl mOx0QVbhuqsTE6ZjseFPdfezJorGTH53DiqnQ9DtLb18r+yWAl9KLBZJgP7RMMEn CdnJXBIMmmg0zBMI9kSbHhX4PKFKov6Z+52OeHYcgDPI7ONxXSE3+8bC3NNkp2ME O5B7K1z2+dwdL8WES/nSE8Hzj5/LFMx/CEEZ5LxSnyQeZK09xKSaLGusUpcLcFF1 pybPBkh4DH6fbHT4XTtuYSymWAtNlW/8PJABBeg10z1SDoorT2ioyOps8x+fez8E opjKv+a+FnTJtIX5vBj1qrbErMAnlEJ6 -----END CERTIFICATE-----Generated at Thu Aug 21 10:33:40 2025 by rpki-client