$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.mft File: z4nWqxHn1Hqhe0MJxypytxy6R64.mft (raw, json) Hash identifier: mSBMB6Ixe3K8qJYriDMkqIQy8WLHgjvdFZXMwyoJlXI= Subject key identifier: 16:54:50:53:66:0B:7E:E1:DA:6E:BD:DF:EE:F8:67:90:B8:80:72:1C Authority key identifier: CF:89:D6:AB:11:E7:D4:7A:A1:7B:43:09:C7:2A:72:B7:1C:BA:47:AE Certificate issuer: /CN=A91E4D9B/serialNumber=CF89D6AB11E7D47AA17B4309C72A72B71CBA47AE Certificate serial: 086A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z4nWqxHn1Hqhe0MJxypytxy6R64.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.mft Manifest number: 0860 Signing time: Fri 30 May 2025 20:56:26 +0000 Manifest this update: Fri 30 May 2025 20:56:26 +0000 Manifest next update: Fri 06 Jun 2025 20:56:26 +0000 Files and hashes: 1: z4nWqxHn1Hqhe0MJxypytxy6R64.crl (hash: y/nJaMwNqChv1/HLyYiYW9DbTUWS2hUHTUvqsaQBy5E=) 2: CCF7B8AA22B811ECAD21FB20C4F9AE02.roa (hash: jP9WQeUuHByQOgvhcc4yViwwc1IsiLi4j4kFeZuXSLA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.crl rsync://rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z4nWqxHn1Hqhe0MJxypytxy6R64.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 20:56:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2154 (0x86a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E4D9B, serialNumber=CF89D6AB11E7D47AA17B4309C72A72B71CBA47AE Validity Not Before: May 30 20:56:26 2025 GMT Not After : Jun 6 20:56:26 2025 GMT Subject: CN=683a1b7a-cc8f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:26:08:f0:18:b1:0b:88:e1:db:2c:ff:5a:f2: 2f:bd:c3:2e:a1:5a:ed:64:98:e2:c5:03:37:8c:9b: 2f:84:cf:c8:81:38:c5:36:d8:01:6e:80:a0:45:c3: 3f:c8:64:79:09:34:35:b8:5d:6e:40:51:a7:fe:75: 5e:d5:cb:ad:e6:58:24:d5:0a:46:77:df:f9:75:92: db:2c:4b:8e:60:f1:e1:1b:c3:5e:57:0c:93:8c:3a: 09:6a:6b:68:46:92:85:5e:d7:fe:bf:3c:ef:79:ad: f2:a6:9c:5b:a6:6d:33:94:67:eb:25:73:06:09:eb: 78:3b:32:50:40:ef:56:b5:83:81:fc:43:17:fe:d7: 72:6a:13:55:16:02:f8:c5:ae:61:63:17:3c:c1:a7: 02:c9:ff:20:d3:85:34:bf:9f:ab:b5:89:75:d3:0a: 96:76:94:50:6e:7b:79:32:1b:f3:4b:3c:85:6b:5e: 49:17:c1:36:93:c4:af:0f:d1:4e:36:c0:0e:a2:4c: e5:08:4d:5c:f0:34:6a:ed:54:8e:14:ae:c2:42:fd: fe:ef:01:4e:cf:13:b5:6c:1d:22:9b:db:50:4a:a8: d3:02:e0:ff:bf:18:86:d7:17:93:86:be:b7:25:0e: 8f:75:65:97:f1:9a:50:d5:1b:39:1b:d0:ac:ed:14: 90:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:54:50:53:66:0B:7E:E1:DA:6E:BD:DF:EE:F8:67:90:B8:80:72:1C X509v3 Authority Key Identifier: keyid:CF:89:D6:AB:11:E7:D4:7A:A1:7B:43:09:C7:2A:72:B7:1C:BA:47:AE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z4nWqxHn1Hqhe0MJxypytxy6R64.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 89:58:f7:18:9c:ae:09:15:4c:aa:93:f8:e6:a9:dc:63:48:f4: d6:eb:bb:ed:2a:a0:32:20:20:37:60:5b:44:36:7b:0d:c0:13: fe:24:1a:c0:5a:66:22:a3:65:c9:cd:b0:4e:30:2d:44:ce:d2: b7:f7:90:1b:32:aa:be:40:a0:92:ac:c7:64:a0:08:dd:df:9d: cd:4f:b2:68:c1:1f:17:9d:34:13:be:81:7f:46:bf:b7:b8:32: d5:eb:49:77:cd:b8:c3:7d:b4:94:0d:f2:d0:f6:37:63:4a:7e: 17:9c:4b:47:af:31:bd:f8:04:64:0a:72:f2:d2:0d:df:de:7a: 28:a9:37:b1:0f:87:84:f8:68:99:9d:ce:1e:53:00:10:d4:87: 7d:ee:0d:09:b0:fe:74:0d:52:7a:9c:ab:9d:63:63:b8:a1:eb: 76:7f:df:d9:4c:8f:f3:e8:47:98:84:db:ed:c7:ee:4d:1a:96: 73:60:a4:d8:e4:3f:b6:7e:26:9d:10:27:47:7c:c3:d1:ac:75: 1f:34:07:7f:d2:4e:09:5e:ca:aa:80:18:b6:5e:4f:a3:22:9c: 8b:cc:e8:cd:be:f2:66:c3:86:0b:3d:e6:83:92:8d:f3:0e:d7: 61:8a:be:16:61:7b:77:78:71:dd:90:d8:d0:29:d6:da:6d:56: a8:af:df:ec -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCGowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTREOUIxMTAvBgNVBAUTKENGODlENkFCMTFFN0Q0N0FBMTdCNDMwOUM3MkE3MkI3 MUNCQTQ3QUUwHhcNMjUwNTMwMjA1NjI2WhcNMjUwNjA2MjA1NjI2WjAYMRYwFAYD VQQDEw02ODNhMWI3YS1jYzhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApCYI8BixC4jh2yz/WvIvvcMuoVrtZJjixQM3jJsvhM/IgTjFNtgBboCgRcM/ yGR5CTQ1uF1uQFGn/nVe1cut5lgk1QpGd9/5dZLbLEuOYPHhG8NeVwyTjDoJamto RpKFXtf+vzzvea3yppxbpm0zlGfrJXMGCet4OzJQQO9WtYOB/EMX/tdyahNVFgL4 xa5hYxc8wacCyf8g04U0v5+rtYl10wqWdpRQbnt5MhvzSzyFa15JF8E2k8SvD9FO NsAOokzlCE1c8DRq7VSOFK7CQv3+7wFOzxO1bB0im9tQSqjTAuD/vxiG1xeThr63 JQ6PdWWX8ZpQ1Rs5G9Cs7RSQbQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBZUUFNm C37h2m693+74Z5C4gHIcMB8GA1UdIwQYMBaAFM+J1qsR59R6oXtDCccqcrccukeu MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEQ5Qi9GNUJBQTNEOEM4 MDAxMUVBODdENDRBNzhDNEY5QUUwMi96NG5XcXhIbjFIcWhlME1KeHlweXR4eTZS NjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3o0bldxeEhuMUhxaGUwTUp4eXB5dHh5NlI2NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NEQ5Qi9GNUJBQTNEOEM4MDAxMUVBODdENDRBNzhDNEY5QUUwMi96NG5XcXhIbjFI cWhlME1KeHlweXR4eTZSNjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCJWPcYnK4JFUyqk/jmqdxjSPTW67vtKqAyICA3YFtENnsNwBP+JBrA WmYio2XJzbBOMC1EztK395AbMqq+QKCSrMdkoAjd353NT7JowR8XnTQTvoF/Rr+3 uDLV60l3zbjDfbSUDfLQ9jdjSn4XnEtHrzG9+ARkCnLy0g3f3nooqTexD4eE+GiZ nc4eUwAQ1Id97g0JsP50DVJ6nKudY2O4oet2f9/ZTI/z6EeYhNvtx+5NGpZzYKTY 5D+2fiadECdHfMPRrHUfNAd/0k4JXsqqgBi2Xk+jIpyLzOjNvvJmw4YLPeaDko3z Dtdhir4WYXt3eHHdkNjQKdbabVaor9/s -----END CERTIFICATE-----Generated at Sat May 31 17:42:34 2025 by rpki-client