$ rpki-client -vvf rpki.apnic.net/member_repository/A91D493B/DBAD37A0CAAE11EC8241280DC4F9AE02/zIO7bQqhd53qFp7bpKQCKN4hvXs.mft File: zIO7bQqhd53qFp7bpKQCKN4hvXs.mft (raw, json) Hash identifier: ICyz7SvkCOpWK4h3ZT3XpEYSlgnYG5roXDq7cmFZbYM= Subject key identifier: D4:71:6C:27:3B:12:AF:7B:B5:BA:96:78:82:4D:7A:25:E3:6B:BF:F9 Authority key identifier: CC:83:BB:6D:0A:A1:77:9D:EA:16:9E:DB:A4:A4:02:28:DE:21:BD:7B Certificate issuer: /CN=A91D493B/serialNumber=CC83BB6D0AA1779DEA169EDBA4A40228DE21BD7B Certificate serial: 0329 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zIO7bQqhd53qFp7bpKQCKN4hvXs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D493B/DBAD37A0CAAE11EC8241280DC4F9AE02/zIO7bQqhd53qFp7bpKQCKN4hvXs.mft Manifest number: 0324 Signing time: Sat 31 May 2025 01:20:15 +0000 Manifest this update: Sat 31 May 2025 01:20:14 +0000 Manifest next update: Sat 07 Jun 2025 01:20:14 +0000 Files and hashes: 1: zIO7bQqhd53qFp7bpKQCKN4hvXs.crl (hash: LsgZXgOcIOZdp/vX2qRCCxyEg5ifLFN+JqOj/wI012E=) 2: 684DDD32CAB311ECBBCE9843C4F9AE02.roa (hash: qH/kmALWQxd9w+o7ml/PHWheO95UYxgo26aceJX0/p4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D493B/DBAD37A0CAAE11EC8241280DC4F9AE02/zIO7bQqhd53qFp7bpKQCKN4hvXs.crl rsync://rpki.apnic.net/member_repository/A91D493B/DBAD37A0CAAE11EC8241280DC4F9AE02/zIO7bQqhd53qFp7bpKQCKN4hvXs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zIO7bQqhd53qFp7bpKQCKN4hvXs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 01:20:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 809 (0x329) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D493B, serialNumber=CC83BB6D0AA1779DEA169EDBA4A40228DE21BD7B Validity Not Before: May 31 01:20:14 2025 GMT Not After : Jun 7 01:20:14 2025 GMT Subject: CN=683a594e-69ee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:b0:21:f8:c3:a8:2f:b3:90:98:58:87:93:38: cf:44:97:08:ba:58:b2:3f:99:e4:21:21:3b:b1:6b: 1c:75:93:3e:2a:80:1d:3f:44:5a:23:37:2e:7e:c0: d9:92:a1:fb:a2:23:c3:e8:40:04:f2:1d:2a:2b:b8: 61:68:96:0b:bf:cd:94:66:b5:c8:01:05:c8:54:b9: f9:9d:ec:9f:e0:37:b1:29:02:76:b9:64:99:dc:ee: 7b:22:c4:4f:cb:9d:93:d2:9c:b0:79:a8:b2:ba:c9: f2:f4:d4:3b:31:3e:3e:69:bd:e9:e0:c7:06:6c:02: 6d:f9:c3:26:ee:9e:17:25:ad:04:2c:53:6e:5c:36: c9:c2:3b:ce:76:3c:59:81:4c:10:f9:4c:eb:b4:82: 85:2b:22:b2:04:83:56:c5:46:1b:1b:1c:73:f2:91: f3:c8:a6:96:fb:cb:81:f5:66:1b:2e:16:a2:f8:d6: 74:60:39:ee:d9:73:c8:38:84:bd:4e:1e:eb:3c:77: 56:43:91:49:5c:58:90:cd:0b:16:b1:21:2b:d0:1a: 12:95:80:6a:e7:8d:d7:3b:24:4f:b1:2f:91:77:32: e3:0d:d3:2b:84:84:94:e0:54:17:0b:3c:8d:df:b2: 99:53:58:b9:c6:7b:01:6e:60:e2:65:a5:d9:1d:9a: cc:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:71:6C:27:3B:12:AF:7B:B5:BA:96:78:82:4D:7A:25:E3:6B:BF:F9 X509v3 Authority Key Identifier: keyid:CC:83:BB:6D:0A:A1:77:9D:EA:16:9E:DB:A4:A4:02:28:DE:21:BD:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D493B/DBAD37A0CAAE11EC8241280DC4F9AE02/zIO7bQqhd53qFp7bpKQCKN4hvXs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zIO7bQqhd53qFp7bpKQCKN4hvXs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D493B/DBAD37A0CAAE11EC8241280DC4F9AE02/zIO7bQqhd53qFp7bpKQCKN4hvXs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 79:d1:39:2e:a6:2e:dd:b2:23:b6:7f:df:3a:9d:49:31:ba:80: c9:f8:b7:81:04:26:87:07:14:3c:d8:b7:69:21:fe:e4:92:c8: 14:aa:55:c0:0c:3c:22:a3:8b:a5:17:31:17:ca:78:72:1d:2b: 3b:4f:f5:60:43:e6:d2:f6:bb:60:e1:4f:a6:cb:2e:2b:c2:38: bb:78:6b:b2:db:4a:b3:73:2a:19:3f:d6:5c:eb:4b:d4:eb:7a: b4:24:f3:35:ac:91:fb:88:5e:3a:e8:f4:8f:51:4b:c4:00:28: 75:6a:7a:ed:30:0e:5c:32:10:f0:50:45:71:10:12:97:f8:29: 72:ea:59:11:95:37:28:90:9e:a9:c1:f7:28:56:cc:c2:51:00: 1b:05:91:a5:d8:7f:3d:32:d4:35:24:08:b1:3d:f1:3d:82:94: e9:07:26:bb:de:d6:0a:59:4f:4f:c9:ee:a6:63:31:b8:98:5d: 15:1e:91:55:02:87:46:76:b6:20:0f:b4:a6:50:fd:a3:0e:96: ce:7f:d6:ac:db:f0:81:d2:9b:89:d1:c8:cd:3e:4b:82:10:e3: 68:8c:e8:68:7b:a8:86:4e:23:b8:77:a8:f3:7d:a5:c3:1b:fe: c5:66:6f:05:82:8d:e3:b6:01:dd:72:b2:96:c7:49:55:90:50: 4c:7c:2a:8b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAykwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDQ5M0IxMTAvBgNVBAUTKENDODNCQjZEMEFBMTc3OURFQTE2OUVEQkE0QTQwMjI4 REUyMUJEN0IwHhcNMjUwNTMxMDEyMDE0WhcNMjUwNjA3MDEyMDE0WjAYMRYwFAYD VQQDEw02ODNhNTk0ZS02OWVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvLAh+MOoL7OQmFiHkzjPRJcIuliyP5nkISE7sWscdZM+KoAdP0RaIzcufsDZ kqH7oiPD6EAE8h0qK7hhaJYLv82UZrXIAQXIVLn5neyf4DexKQJ2uWSZ3O57IsRP y52T0pyweaiyusny9NQ7MT4+ab3p4McGbAJt+cMm7p4XJa0ELFNuXDbJwjvOdjxZ gUwQ+UzrtIKFKyKyBINWxUYbGxxz8pHzyKaW+8uB9WYbLhai+NZ0YDnu2XPIOIS9 Th7rPHdWQ5FJXFiQzQsWsSEr0BoSlYBq543XOyRPsS+RdzLjDdMrhISU4FQXCzyN 37KZU1i5xnsBbmDiZaXZHZrMdwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNRxbCc7 Eq97tbqWeIJNeiXja7/5MB8GA1UdIwQYMBaAFMyDu20KoXed6hae26SkAijeIb17 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDkzQi9EQkFEMzdBMENB QUUxMUVDODI0MTI4MERDNEY5QUUwMi96SU83YlFxaGQ1M3FGcDdicEtRQ0tONGh2 WHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3pJTzdiUXFoZDUzcUZwN2JwS1FDS040aHZYcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NDkzQi9EQkFEMzdBMENBQUUxMUVDODI0MTI4MERDNEY5QUUwMi96SU83YlFxaGQ1 M3FGcDdicEtRQ0tONGh2WHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB50Tkupi7dsiO2f986nUkxuoDJ+LeBBCaHBxQ82LdpIf7kksgUqlXA DDwio4ulFzEXynhyHSs7T/VgQ+bS9rtg4U+myy4rwji7eGuy20qzcyoZP9Zc60vU 63q0JPM1rJH7iF466PSPUUvEACh1anrtMA5cMhDwUEVxEBKX+Cly6lkRlTcokJ6p wfcoVszCUQAbBZGl2H89MtQ1JAixPfE9gpTpBya73tYKWU9Pye6mYzG4mF0VHpFV AodGdrYgD7SmUP2jDpbOf9as2/CB0puJ0cjNPkuCEONojOhoe6iGTiO4d6jzfaXD G/7FZm8Fgo3jtgHdcrKWx0lVkFBMfCqL -----END CERTIFICATE-----Generated at Sat May 31 17:36:00 2025 by rpki-client