$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1A37/6868E028E7F011E28C2805845911EA32/zIQ-FAouPvvguUneDtgDg5BgVB0.mft File: zIQ-FAouPvvguUneDtgDg5BgVB0.mft (raw, json) Hash identifier: uBnNbOH6Qb+jDbfkZJJEjZ8b00VysVLiVUkSO6NGn4w= Subject key identifier: 53:80:53:E0:C0:50:29:71:CE:FC:FE:35:B2:9A:93:AA:86:06:60:27 Authority key identifier: CC:84:3E:14:0A:2E:3E:FB:E0:B9:49:DE:0E:D8:03:83:90:60:54:1D Certificate issuer: /CN=A91C1A37/serialNumber=CC843E140A2E3EFBE0B949DE0ED803839060541D Certificate serial: 30AE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zIQ-FAouPvvguUneDtgDg5BgVB0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C1A37/6868E028E7F011E28C2805845911EA32/zIQ-FAouPvvguUneDtgDg5BgVB0.mft Manifest number: 3095 Signing time: Sat 31 May 2025 15:25:21 +0000 Manifest this update: Sat 31 May 2025 15:25:21 +0000 Manifest next update: Sat 07 Jun 2025 15:25:21 +0000 Files and hashes: 1: zIQ-FAouPvvguUneDtgDg5BgVB0.crl (hash: ZyeUWHmb2KJ5Y7EVgDDRubhRfDTvyU0XyZgvjLeI59c=) 2: C3F53A0654F011E7BE4A6431C4F9AE02.roa (hash: 54WI7bxOwof+H1Cz8+uPiLZ+tzpprbk2GuCnR0w5MUY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C1A37/6868E028E7F011E28C2805845911EA32/zIQ-FAouPvvguUneDtgDg5BgVB0.crl rsync://rpki.apnic.net/member_repository/A91C1A37/6868E028E7F011E28C2805845911EA32/zIQ-FAouPvvguUneDtgDg5BgVB0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zIQ-FAouPvvguUneDtgDg5BgVB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 15:25:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12462 (0x30ae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C1A37, serialNumber=CC843E140A2E3EFBE0B949DE0ED803839060541D Validity Not Before: May 31 15:25:21 2025 GMT Not After : Jun 7 15:25:21 2025 GMT Subject: CN=683b1f61-9944 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:1b:27:48:71:bc:64:3c:c3:dd:d0:9d:ee:46: f3:f2:1e:b0:44:ce:02:a6:53:3a:04:f2:38:38:ea: 48:51:a7:3f:73:83:38:ee:23:44:58:c3:f0:97:e4: ea:8e:18:d5:f7:d7:ee:7f:bf:3f:10:65:96:bc:15: 1d:9a:1b:17:a6:03:69:c2:20:7c:cb:67:7e:e7:f5: c5:1d:ce:cf:1f:98:84:2e:32:74:a8:00:11:ce:45: 86:af:c2:22:be:b9:ba:6f:a1:77:cc:d3:b6:09:99: 12:74:8b:ee:69:e6:4b:9b:72:a1:36:a2:99:03:a0: 3e:05:9f:82:b0:82:34:df:43:3c:e3:9c:e3:b7:b3: bd:f6:a3:ec:51:8e:b3:e9:07:6f:5a:c7:98:39:92: 40:79:d1:73:b0:e7:d4:f1:c6:e9:89:76:a8:b6:f1: 0b:f4:ad:73:be:73:8d:f9:11:65:9b:0c:2d:86:88: 66:cc:b1:66:21:55:08:63:89:a1:55:d6:65:11:87: 69:fe:09:10:78:1e:9c:54:72:70:b3:5f:08:91:e5: d8:c6:a6:e3:f9:47:2f:a9:d4:4a:79:ac:f0:00:22: 26:a5:80:0e:06:f7:de:5e:51:e0:3d:d7:60:0c:24: 74:fe:de:ca:14:28:59:9e:34:67:60:bc:45:db:f3: 87:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:80:53:E0:C0:50:29:71:CE:FC:FE:35:B2:9A:93:AA:86:06:60:27 X509v3 Authority Key Identifier: keyid:CC:84:3E:14:0A:2E:3E:FB:E0:B9:49:DE:0E:D8:03:83:90:60:54:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C1A37/6868E028E7F011E28C2805845911EA32/zIQ-FAouPvvguUneDtgDg5BgVB0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zIQ-FAouPvvguUneDtgDg5BgVB0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1A37/6868E028E7F011E28C2805845911EA32/zIQ-FAouPvvguUneDtgDg5BgVB0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b5:6f:fa:38:f1:fb:9c:c4:f0:95:e4:f5:f1:cf:a7:07:d5:e7: dc:5d:d5:80:cc:40:ba:98:3e:16:07:c5:f4:3c:4c:8d:45:da: ea:26:01:37:7f:3f:f2:39:ad:8c:01:fd:ad:15:2c:a9:69:83: bb:b6:d8:62:1a:a8:82:bd:00:5d:06:02:0b:5d:d6:b5:5e:e0: 2e:19:05:d2:3e:8d:31:f2:c6:1d:0d:a4:23:cc:a8:de:83:75: df:8b:6d:49:0b:ef:b3:00:db:bb:50:da:26:fb:c0:d3:fc:c8: 66:d3:27:02:4e:f4:a0:1e:1b:7f:b0:67:0c:db:d5:84:11:69: 03:64:bc:47:68:60:10:98:9f:5d:cf:ee:52:5f:c3:fd:ca:41: 73:a2:3c:3c:68:d4:7d:79:84:b9:15:4a:7c:44:37:75:1b:d5: 6e:ee:ee:13:40:bc:e9:77:9e:69:03:c2:27:8d:a0:6a:cb:86: 48:6c:b8:16:c9:ba:47:55:ba:61:8c:00:74:83:35:07:eb:83: c0:7c:4f:2a:6e:3d:5e:ea:81:65:5f:53:70:85:3f:5c:fb:58: 2e:98:af:5c:2a:52:a1:68:f9:99:03:ea:3a:67:f2:c0:7c:18: ca:6c:0f:f4:77:24:a9:82:bd:b5:f2:e2:6b:43:ec:90:28:81: 71:2e:b7:6c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICMK4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzFBMzcxMTAvBgNVBAUTKENDODQzRTE0MEEyRTNFRkJFMEI5NDlERTBFRDgwMzgz OTA2MDU0MUQwHhcNMjUwNTMxMTUyNTIxWhcNMjUwNjA3MTUyNTIxWjAYMRYwFAYD VQQDEw02ODNiMWY2MS05OTQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyxsnSHG8ZDzD3dCd7kbz8h6wRM4CplM6BPI4OOpIUac/c4M47iNEWMPwl+Tq jhjV99fuf78/EGWWvBUdmhsXpgNpwiB8y2d+5/XFHc7PH5iELjJ0qAARzkWGr8Ii vrm6b6F3zNO2CZkSdIvuaeZLm3KhNqKZA6A+BZ+CsII030M845zjt7O99qPsUY6z 6QdvWseYOZJAedFzsOfU8cbpiXaotvEL9K1zvnON+RFlmwwthohmzLFmIVUIY4mh VdZlEYdp/gkQeB6cVHJws18IkeXYxqbj+UcvqdRKeazwACImpYAOBvfeXlHgPddg DCR0/t7KFChZnjRnYLxF2/OHvwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFOAU+DA UClxzvz+NbKak6qGBmAnMB8GA1UdIwQYMBaAFMyEPhQKLj774LlJ3g7YA4OQYFQd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMUEzNy82ODY4RTAyOEU3 RjAxMUUyOEMyODA1ODQ1OTExRUEzMi96SVEtRkFvdVB2dmd1VW5lRHRnRGc1QmdW QjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3pJUS1GQW91UHZ2Z3VVbmVEdGdEZzVCZ1ZCMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD MUEzNy82ODY4RTAyOEU3RjAxMUUyOEMyODA1ODQ1OTExRUEzMi96SVEtRkFvdVB2 dmd1VW5lRHRnRGc1QmdWQjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC1b/o48fucxPCV5PXxz6cH1efcXdWAzEC6mD4WB8X0PEyNRdrqJgE3 fz/yOa2MAf2tFSypaYO7tthiGqiCvQBdBgILXda1XuAuGQXSPo0x8sYdDaQjzKje g3Xfi21JC++zANu7UNom+8DT/Mhm0ycCTvSgHht/sGcM29WEEWkDZLxHaGAQmJ9d z+5SX8P9ykFzojw8aNR9eYS5FUp8RDd1G9Vu7u4TQLzpd55pA8InjaBqy4ZIbLgW ybpHVbphjAB0gzUH64PAfE8qbj1e6oFlX1NwhT9c+1gumK9cKlKhaPmZA+o6Z/LA fBjKbA/0dySpgr218uJrQ+yQKIFxLrds -----END CERTIFICATE-----Generated at Sat May 31 17:50:40 2025 by rpki-client