$ rpki-client -vvf rpki.apnic.net/member_repository/A91F09FE/3803AA1C9B1211EFA87BB43BC4F9AE02/ZMzBZsWMOP6MwZdvXPB8HdBvaBQ.mft File: ZMzBZsWMOP6MwZdvXPB8HdBvaBQ.mft (raw, json) Hash identifier: OOOzVfom9XcjP9eQt4RFhvj2RlNP5FH6WEa1kUk0uBU= Subject key identifier: 8A:02:97:EC:2F:77:06:2A:C7:23:CA:31:C5:4B:B7:AD:37:25:50:10 Authority key identifier: 64:CC:C1:66:C5:8C:38:FE:8C:C1:97:6F:5C:F0:7C:1D:D0:6F:68:14 Certificate issuer: /CN=A91F09FE/serialNumber=64CCC166C58C38FE8CC1976F5CF07C1DD06F6814 Certificate serial: 99 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZMzBZsWMOP6MwZdvXPB8HdBvaBQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F09FE/3803AA1C9B1211EFA87BB43BC4F9AE02/ZMzBZsWMOP6MwZdvXPB8HdBvaBQ.mft Manifest number: 97 Signing time: Sat 23 Aug 2025 06:37:16 +0000 Manifest this update: Sat 23 Aug 2025 06:37:15 +0000 Manifest next update: Sat 30 Aug 2025 06:37:15 +0000 Files and hashes: 1: ZMzBZsWMOP6MwZdvXPB8HdBvaBQ.crl (hash: 9pMgur7wwRlr1TrEkAB9lPPzys/pQ9ViJZaUwBDpnV8=) 2: 841585749B1211EFBFBF913CC4F9AE02.roa (hash: 0M5YhxGhV5QHRGKOQlvw9XsWvMIjTk3A7Z1MV3xW494=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F09FE/3803AA1C9B1211EFA87BB43BC4F9AE02/ZMzBZsWMOP6MwZdvXPB8HdBvaBQ.crl rsync://rpki.apnic.net/member_repository/A91F09FE/3803AA1C9B1211EFA87BB43BC4F9AE02/ZMzBZsWMOP6MwZdvXPB8HdBvaBQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZMzBZsWMOP6MwZdvXPB8HdBvaBQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 06:37:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 153 (0x99) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F09FE, serialNumber=64CCC166C58C38FE8CC1976F5CF07C1DD06F6814 Validity Not Before: Aug 23 06:37:15 2025 GMT Not After : Aug 30 06:37:15 2025 GMT Subject: CN=68a9619b-41c3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:2e:f7:cb:d9:f7:3d:49:d5:0b:34:8e:54:04: 8f:81:b9:43:fc:37:d0:a2:56:72:b0:c0:c5:76:ab: 56:08:6e:3e:3c:56:16:19:06:2f:b4:f1:aa:44:de: ca:7b:5a:df:78:f1:be:e5:a7:b6:41:66:57:31:73: 63:a5:f9:24:8e:00:5b:7d:bb:24:b1:20:29:60:01: cb:89:98:a6:d8:d7:15:46:80:5f:7e:ed:c9:e1:93: bc:12:67:79:53:ef:20:3b:33:43:e0:51:37:7d:63: d2:b9:50:80:fc:0c:d6:eb:c4:ee:5a:14:6f:b8:61: 4f:ca:ce:71:ca:90:ba:de:37:77:e7:c7:c3:9c:29: ab:f0:95:00:ec:91:91:b0:7b:1e:83:31:9c:ad:71: ee:dd:78:a2:a7:93:7c:eb:ad:f3:ab:f3:09:10:aa: 16:55:1a:3b:ea:66:a8:4e:58:38:96:f2:1e:54:7b: 14:bf:ef:63:3c:cb:31:5c:3c:6c:f9:19:fc:43:92: 4a:d0:6a:df:b3:68:3b:57:c3:cd:c1:a5:73:1c:95: 6d:74:9a:9c:20:45:f1:58:57:e8:18:81:1d:c5:47: 98:d8:f9:ab:fa:5d:c2:2b:d5:d7:23:f9:4d:60:84: a4:be:cd:fa:ef:4a:72:a6:2b:dc:71:92:73:ce:83: d4:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:02:97:EC:2F:77:06:2A:C7:23:CA:31:C5:4B:B7:AD:37:25:50:10 X509v3 Authority Key Identifier: keyid:64:CC:C1:66:C5:8C:38:FE:8C:C1:97:6F:5C:F0:7C:1D:D0:6F:68:14 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F09FE/3803AA1C9B1211EFA87BB43BC4F9AE02/ZMzBZsWMOP6MwZdvXPB8HdBvaBQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZMzBZsWMOP6MwZdvXPB8HdBvaBQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F09FE/3803AA1C9B1211EFA87BB43BC4F9AE02/ZMzBZsWMOP6MwZdvXPB8HdBvaBQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 61:b6:ca:75:a6:8a:8f:a7:36:f5:18:ba:f4:62:b4:8e:61:c4: b7:b5:09:47:cf:6d:00:08:bb:e9:64:38:f9:47:db:ef:55:09: b6:26:e5:de:f5:de:88:fb:42:85:8c:f5:e2:9b:12:9b:66:26: 1b:43:8b:02:38:19:8b:65:89:0e:1c:5d:e3:6c:86:04:98:ec: 41:bd:28:bb:fb:a7:ac:df:45:fe:47:41:28:12:eb:65:4e:a0: 2d:ca:3d:b2:87:14:12:61:d9:5b:8a:b0:dd:6b:db:33:2c:99: 95:64:00:79:90:f0:af:fd:fd:fa:20:be:53:be:98:8b:f9:30: bb:1c:44:66:51:14:bf:77:c7:68:b2:ba:6f:b2:0a:33:c7:85: 11:25:4c:ed:57:cd:47:d1:c1:e9:06:71:f0:ab:47:82:c1:ed: 3a:5f:29:6d:9b:ea:10:f1:60:79:a2:8a:08:79:6d:94:7f:0f: 77:bb:5d:67:cd:67:38:d5:3a:f2:57:2b:53:8b:5d:9d:0c:94: 55:b6:e1:f5:d2:ee:ef:26:10:14:92:9e:e1:54:a2:bd:e5:fa: 47:0f:e7:70:87:70:9e:1d:fa:89:a2:e6:62:f4:c9:70:2f:40: e0:9f:b0:f3:62:fa:32:7b:9e:6e:c0:39:cd:32:4c:7d:65:99: b9:e8:d5:73 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjA5RkUxMTAvBgNVBAUTKDY0Q0NDMTY2QzU4QzM4RkU4Q0MxOTc2RjVDRjA3QzFE RDA2RjY4MTQwHhcNMjUwODIzMDYzNzE1WhcNMjUwODMwMDYzNzE1WjAYMRYwFAYD VQQDEw02OGE5NjE5Yi00MWMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3S73y9n3PUnVCzSOVASPgblD/DfQolZysMDFdqtWCG4+PFYWGQYvtPGqRN7K e1rfePG+5ae2QWZXMXNjpfkkjgBbfbsksSApYAHLiZim2NcVRoBffu3J4ZO8Emd5 U+8gOzND4FE3fWPSuVCA/AzW68TuWhRvuGFPys5xypC63jd358fDnCmr8JUA7JGR sHsegzGcrXHu3Xiip5N8663zq/MJEKoWVRo76maoTlg4lvIeVHsUv+9jPMsxXDxs +Rn8Q5JK0Grfs2g7V8PNwaVzHJVtdJqcIEXxWFfoGIEdxUeY2Pmr+l3CK9XXI/lN YISkvs3670pypivccZJzzoPUkwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIoCl+wv dwYqxyPKMcVLt603JVAQMB8GA1UdIwQYMBaAFGTMwWbFjDj+jMGXb1zwfB3Qb2gU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMDlGRS8zODAzQUExQzlC MTIxMUVGQTg3QkI0M0JDNEY5QUUwMi9aTXpCWnNXTU9QNk13WmR2WFBCOEhkQnZh QlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1pNekJac1dNT1A2TXdaZHZYUEI4SGRCdmFCUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MDlGRS8zODAzQUExQzlCMTIxMUVGQTg3QkI0M0JDNEY5QUUwMi9aTXpCWnNXTU9Q Nk13WmR2WFBCOEhkQnZhQlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBhtsp1poqPpzb1GLr0YrSOYcS3tQlHz20ACLvpZDj5R9vvVQm2JuXe 9d6I+0KFjPXimxKbZiYbQ4sCOBmLZYkOHF3jbIYEmOxBvSi7+6es30X+R0EoEutl TqAtyj2yhxQSYdlbirDda9szLJmVZAB5kPCv/f36IL5TvpiL+TC7HERmURS/d8do srpvsgozx4URJUztV81H0cHpBnHwq0eCwe06Xyltm+oQ8WB5oooIeW2Ufw93u11n zWc41TryVytTi12dDJRVtuH10u7vJhAUkp7hVKK95fpHD+dwh3CeHfqJouZi9Mlw L0Dgn7DzYvoye55uwDnNMkx9ZZm56NVz -----END CERTIFICATE-----Generated at Sun Aug 24 21:50:07 2025 by rpki-client