$ rpki-client -vvf rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.mft File: z-PzHk8zetOBIBvzOgGmhfsBal4.mft (raw, json) Hash identifier: IKTALhokdihfHgU5tIf5mh0tXLszKeLEzF5BIlwnwfw= Subject key identifier: D7:92:4F:F0:6C:1E:97:D6:2C:60:40:B9:22:E3:FB:05:5B:AD:D7:65 Authority key identifier: CF:E3:F3:1E:4F:33:7A:D3:81:20:1B:F3:3A:01:A6:85:FB:01:6A:5E Certificate issuer: /CN=A9128E00/serialNumber=CFE3F31E4F337AD381201BF33A01A685FB016A5E Certificate serial: 0D02 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z-PzHk8zetOBIBvzOgGmhfsBal4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.mft Manifest number: 0CFA Signing time: Wed 14 May 2025 18:12:13 +0000 Manifest this update: Wed 14 May 2025 18:12:13 +0000 Manifest next update: Wed 21 May 2025 18:12:13 +0000 Files and hashes: 1: z-PzHk8zetOBIBvzOgGmhfsBal4.crl (hash: uSrYyF1NGrq8BWix1ReGyerrnBAW8vaxjV8iZ3na9B8=) 2: D23C5270E02111E9B4A3923FC4F9AE02.roa (hash: zkAhSZ57x5i2z1ecY4hViVs+riusX3XK2gSVsFUEBsM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.crl rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z-PzHk8zetOBIBvzOgGmhfsBal4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 21 May 2025 18:12:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3330 (0xd02) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9128E00, serialNumber=CFE3F31E4F337AD381201BF33A01A685FB016A5E Validity Not Before: May 14 18:12:13 2025 GMT Not After : May 21 18:12:13 2025 GMT Subject: CN=6824dcfd-fab4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:6a:80:61:bc:dc:21:37:3f:0b:f3:3e:84:ec: dd:97:2b:97:28:64:fc:9f:18:a5:5e:9f:a1:ab:5f: 4c:b3:6f:fa:59:1a:88:f8:55:cc:30:0f:62:7d:fa: 67:04:b9:e4:12:52:19:83:8b:6d:09:e3:55:34:29: f8:1a:bf:fa:92:dd:27:25:1f:9b:db:5b:6e:ee:a5: 4a:95:c9:84:25:2c:f9:1d:41:56:c7:20:0b:25:62: 32:e4:12:29:6d:3c:30:32:04:94:14:09:0b:c0:41: 52:1d:96:b6:f9:d0:bc:0c:c8:df:f9:b0:70:4a:15: 02:14:bf:8b:29:b0:89:a1:7d:75:ca:13:50:17:87: 30:a8:36:e1:76:0b:e2:9e:a5:46:c7:e7:e6:36:a5: 12:ae:59:51:08:30:47:09:50:da:2e:40:81:a2:d6: ca:34:2d:d3:c5:07:4b:a5:00:50:38:9f:6f:25:97: 49:ed:2b:d7:e5:34:12:dd:3a:89:b0:8c:54:91:10: 4e:4c:d0:40:22:ef:d1:8b:73:77:dc:8e:15:01:73: 71:73:23:33:44:fb:72:69:6a:b3:dd:94:1c:b8:13: a1:a4:2f:78:33:23:43:47:38:a5:b7:e6:62:c6:d3: 4b:c1:22:3d:fc:fb:90:eb:a6:dd:46:f6:85:2a:d3: 8c:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:92:4F:F0:6C:1E:97:D6:2C:60:40:B9:22:E3:FB:05:5B:AD:D7:65 X509v3 Authority Key Identifier: keyid:CF:E3:F3:1E:4F:33:7A:D3:81:20:1B:F3:3A:01:A6:85:FB:01:6A:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z-PzHk8zetOBIBvzOgGmhfsBal4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 83:69:7a:c5:47:cd:3a:2e:15:3a:1a:ae:29:ff:7a:a2:35:17: c4:b0:f9:48:a7:03:61:e0:b7:a6:c6:60:6c:d0:34:ad:5f:0d: 89:d7:04:d2:77:30:59:67:78:67:75:aa:43:6a:ad:18:7c:1d: 14:67:a8:29:5c:08:42:75:6b:88:f3:76:79:4e:b7:a9:d3:fe: 03:1a:b4:e0:0c:5e:50:05:ea:85:87:9e:73:e3:70:31:23:08: 58:84:75:af:9b:ad:c5:69:92:22:29:50:81:4a:b2:84:68:c0: 43:ea:61:6f:f8:4a:ae:b3:62:dc:a7:91:98:e0:4c:82:eb:82: c9:9d:99:54:8d:8f:d7:2c:82:df:47:07:5c:7e:06:8e:5e:f6: 8a:00:16:e6:bc:4c:3d:c7:88:56:bc:8a:f6:be:5c:67:2b:9b: b4:77:8c:a1:32:1c:b8:4e:05:7f:10:77:19:d8:ca:b7:aa:06: e6:a6:ad:41:a1:d2:8b:c8:19:4a:a6:d0:9f:a5:f0:30:5f:a2: ed:c6:97:dd:82:2a:d1:9f:82:6d:96:e4:c2:c0:94:53:5f:d6: f7:ea:d6:0f:23:7d:04:5b:26:57:d1:38:63:99:05:ef:27:ea: 14:3f:07:1c:9e:53:93:36:f4:12:01:30:49:12:c1:4c:33:81: c5:f8:ec:85 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDQIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjhFMDAxMTAvBgNVBAUTKENGRTNGMzFFNEYzMzdBRDM4MTIwMUJGMzNBMDFBNjg1 RkIwMTZBNUUwHhcNMjUwNTE0MTgxMjEzWhcNMjUwNTIxMTgxMjEzWjAYMRYwFAYD VQQDEw02ODI0ZGNmZC1mYWI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvGqAYbzcITc/C/M+hOzdlyuXKGT8nxilXp+hq19Ms2/6WRqI+FXMMA9iffpn BLnkElIZg4ttCeNVNCn4Gr/6kt0nJR+b21tu7qVKlcmEJSz5HUFWxyALJWIy5BIp bTwwMgSUFAkLwEFSHZa2+dC8DMjf+bBwShUCFL+LKbCJoX11yhNQF4cwqDbhdgvi nqVGx+fmNqUSrllRCDBHCVDaLkCBotbKNC3TxQdLpQBQOJ9vJZdJ7SvX5TQS3TqJ sIxUkRBOTNBAIu/Ri3N33I4VAXNxcyMzRPtyaWqz3ZQcuBOhpC94MyNDRzilt+Zi xtNLwSI9/PuQ66bdRvaFKtOMPQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNeST/Bs HpfWLGBAuSLj+wVbrddlMB8GA1UdIwQYMBaAFM/j8x5PM3rTgSAb8zoBpoX7AWpe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOEUwMC84OTkxRUI5RUUw MjAxMUU5ODJCMzdBM0FDNEY5QUUwMi96LVB6SGs4emV0T0JJQnZ6T2dHbWhmc0Jh bDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3otUHpIazh6ZXRPQklCdnpPZ0dtaGZzQmFsNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OEUwMC84OTkxRUI5RUUwMjAxMUU5ODJCMzdBM0FDNEY5QUUwMi96LVB6SGs4emV0 T0JJQnZ6T2dHbWhmc0JhbDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCDaXrFR806LhU6Gq4p/3qiNRfEsPlIpwNh4LemxmBs0DStXw2J1wTS dzBZZ3hndapDaq0YfB0UZ6gpXAhCdWuI83Z5Trep0/4DGrTgDF5QBeqFh55z43Ax IwhYhHWvm63FaZIiKVCBSrKEaMBD6mFv+Equs2Lcp5GY4EyC64LJnZlUjY/XLILf RwdcfgaOXvaKABbmvEw9x4hWvIr2vlxnK5u0d4yhMhy4TgV/EHcZ2Mq3qgbmpq1B odKLyBlKptCfpfAwX6LtxpfdgirRn4JtluTCwJRTX9b36tYPI30EWyZX0ThjmQXv J+oUPwccnlOTNvQSATBJEsFMM4HF+OyF -----END CERTIFICATE-----Generated at Fri May 16 09:50:43 2025 by rpki-client