$ rpki-client -vvf rpki.apnic.net/member_repository/A911F7D0/66A29982131411E9834F773BC4F9AE02/ZfzR8nTT59WOTQyihVjTS2sVLWc.mft File: ZfzR8nTT59WOTQyihVjTS2sVLWc.mft (raw, json) Hash identifier: 5mvL1biNhZ3dE/dLzPLjNNU1Nuv6FNa7iXrxATGWs0Q= Subject key identifier: BE:F2:40:0A:08:5B:83:07:45:46:77:40:15:99:44:17:5B:A4:FF:EB Authority key identifier: 65:FC:D1:F2:74:D3:E7:D5:8E:4D:0C:A2:85:58:D3:4B:6B:15:2D:67 Certificate issuer: /CN=A911F7D0/serialNumber=65FCD1F274D3E7D58E4D0CA28558D34B6B152D67 Certificate serial: 112A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZfzR8nTT59WOTQyihVjTS2sVLWc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911F7D0/66A29982131411E9834F773BC4F9AE02/ZfzR8nTT59WOTQyihVjTS2sVLWc.mft Manifest number: 1122 Signing time: Mon 30 Jun 2025 17:28:51 +0000 Manifest this update: Mon 30 Jun 2025 17:28:50 +0000 Manifest next update: Mon 07 Jul 2025 17:28:50 +0000 Files and hashes: 1: ZfzR8nTT59WOTQyihVjTS2sVLWc.crl (hash: vXKDgDwN+AcvesgxveMqLhcD1zZRafmeek3qV+VT4q4=) 2: 1BFF84B0131611E991379440C4F9AE02.roa (hash: 9v5xAom6t8Cg5dPY2+UVNWnLY+IwQ2L6vmEfACxJwlI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911F7D0/66A29982131411E9834F773BC4F9AE02/ZfzR8nTT59WOTQyihVjTS2sVLWc.crl rsync://rpki.apnic.net/member_repository/A911F7D0/66A29982131411E9834F773BC4F9AE02/ZfzR8nTT59WOTQyihVjTS2sVLWc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZfzR8nTT59WOTQyihVjTS2sVLWc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 17:28:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4394 (0x112a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911F7D0, serialNumber=65FCD1F274D3E7D58E4D0CA28558D34B6B152D67 Validity Not Before: Jun 30 17:28:50 2025 GMT Not After : Jul 7 17:28:50 2025 GMT Subject: CN=6862c952-5fef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:26:33:7b:ce:fe:9b:8f:98:8c:6d:c5:f1:c9: 7f:10:9b:cf:b0:ab:81:9d:a1:26:34:e9:8b:ba:e1: b5:6f:20:0c:e1:f7:b4:53:ea:c9:b6:e4:a1:23:44: df:de:ad:83:34:8d:4d:a6:39:7e:1b:c7:b3:86:bd: 93:44:7e:b6:22:04:14:88:94:a4:ab:83:94:14:20: 3b:b2:f7:51:ad:46:a9:7a:65:8e:0f:98:93:ad:9e: d6:1f:c4:26:8f:e3:aa:76:ba:e0:d0:07:59:e9:3e: 27:fb:da:02:81:eb:12:65:f1:5d:db:b0:b7:32:68: 9d:2a:a8:ac:23:39:03:7e:4b:13:80:f5:0e:12:71: 94:97:ba:ff:c8:d5:b7:89:9e:11:a5:f6:51:cf:e9: 3b:db:60:80:4c:80:b1:b7:41:84:f5:1c:c7:a1:ef: cd:90:bb:09:fa:f0:17:63:56:3e:34:bb:8e:c8:bc: ae:38:93:3c:1b:6a:ac:98:ca:52:76:b9:31:a8:b2: 4f:c1:62:53:60:c0:50:69:1a:34:45:f5:4e:3a:cf: fe:fd:6f:d1:88:62:20:d5:ea:dd:bd:6e:b4:bb:5f: a0:ce:0f:ce:14:88:c8:d1:81:9e:3a:20:f5:1a:25: c5:f0:f8:04:ce:77:05:6c:5c:15:2b:3c:a2:41:d1: a7:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:F2:40:0A:08:5B:83:07:45:46:77:40:15:99:44:17:5B:A4:FF:EB X509v3 Authority Key Identifier: keyid:65:FC:D1:F2:74:D3:E7:D5:8E:4D:0C:A2:85:58:D3:4B:6B:15:2D:67 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911F7D0/66A29982131411E9834F773BC4F9AE02/ZfzR8nTT59WOTQyihVjTS2sVLWc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZfzR8nTT59WOTQyihVjTS2sVLWc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911F7D0/66A29982131411E9834F773BC4F9AE02/ZfzR8nTT59WOTQyihVjTS2sVLWc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2d:c1:f2:dc:3c:06:94:80:1f:81:24:17:34:51:bc:77:78:69: d5:54:d3:1b:54:a4:f5:d9:09:67:2e:13:69:cc:21:ff:fc:8e: 54:d2:84:59:7f:61:2a:8c:66:77:0d:2e:5e:17:e3:b1:40:04: c8:72:3d:5c:f0:26:e5:42:37:ec:49:1c:68:dc:75:0e:19:3e: a7:ae:42:55:77:dc:e2:53:30:59:e3:85:9f:e7:df:5b:3c:77: 57:be:4c:ef:f0:b6:d1:f9:0f:51:59:49:ba:46:22:aa:5d:19: 6f:46:6a:36:57:01:e7:f7:70:a9:0f:05:41:2a:04:41:1f:bb: 2e:ca:ad:e0:05:8d:36:f5:53:0c:fc:e8:5b:79:1c:c4:5a:2d: a9:b3:e0:9a:94:dc:a0:40:eb:31:48:5a:7a:ca:89:22:44:a7: b5:55:07:9b:9c:3f:da:f4:4c:13:c8:2c:f3:7f:5c:ea:f6:bc: 54:c3:f8:32:37:5e:59:d6:39:2b:0a:77:6b:01:da:35:de:06: e1:ad:80:a4:9f:21:4c:3e:7a:f4:b6:a6:7f:e3:d3:ba:b6:8a: da:b8:2e:fa:c0:d5:ca:11:ab:31:6e:9d:b1:6c:56:05:92:21: 90:f7:7e:f7:43:24:3a:92:11:f7:7e:51:c6:b2:5b:f9:c5:1c: 07:cc:68:10 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICESowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUY3RDAxMTAvBgNVBAUTKDY1RkNEMUYyNzREM0U3RDU4RTREMENBMjg1NThEMzRC NkIxNTJENjcwHhcNMjUwNjMwMTcyODUwWhcNMjUwNzA3MTcyODUwWjAYMRYwFAYD VQQDEw02ODYyYzk1Mi01ZmVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0CYze87+m4+YjG3F8cl/EJvPsKuBnaEmNOmLuuG1byAM4fe0U+rJtuShI0Tf 3q2DNI1Npjl+G8ezhr2TRH62IgQUiJSkq4OUFCA7svdRrUapemWOD5iTrZ7WH8Qm j+Oqdrrg0AdZ6T4n+9oCgesSZfFd27C3MmidKqisIzkDfksTgPUOEnGUl7r/yNW3 iZ4RpfZRz+k722CATICxt0GE9RzHoe/NkLsJ+vAXY1Y+NLuOyLyuOJM8G2qsmMpS drkxqLJPwWJTYMBQaRo0RfVOOs/+/W/RiGIg1erdvW60u1+gzg/OFIjI0YGeOiD1 GiXF8PgEzncFbFwVKzyiQdGnfwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL7yQAoI W4MHRUZ3QBWZRBdbpP/rMB8GA1UdIwQYMBaAFGX80fJ00+fVjk0MooVY00trFS1n MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRjdEMC82NkEyOTk4MjEz MTQxMUU5ODM0Rjc3M0JDNEY5QUUwMi9aZnpSOG5UVDU5V09UUXlpaFZqVFMyc1ZM V2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1pmelI4blRUNTlXT1RReWloVmpUUzJzVkxXYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx RjdEMC82NkEyOTk4MjEzMTQxMUU5ODM0Rjc3M0JDNEY5QUUwMi9aZnpSOG5UVDU5 V09UUXlpaFZqVFMyc1ZMV2MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAtwfLcPAaUgB+BJBc0Ubx3eGnVVNMbVKT12QlnLhNpzCH//I5U0oRZ f2EqjGZ3DS5eF+OxQATIcj1c8CblQjfsSRxo3HUOGT6nrkJVd9ziUzBZ44Wf599b PHdXvkzv8LbR+Q9RWUm6RiKqXRlvRmo2VwHn93CpDwVBKgRBH7suyq3gBY029VMM /OhbeRzEWi2ps+CalNygQOsxSFp6yokiRKe1VQebnD/a9EwTyCzzf1zq9rxUw/gy N15Z1jkrCndrAdo13gbhrYCknyFMPnr0tqZ/49O6torauC76wNXKEasxbp2xbFYF kiGQ9373QyQ6khH3flHGslv5xRwHzGgQ -----END CERTIFICATE-----Generated at Tue Jul 1 05:59:21 2025 by rpki-client