$ rpki-client -vvf rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.mft File: AO-zr_90_WIfS42RFpt6HEOzlBc.mft (raw, json) Hash identifier: BdjsvICSeF+0X8zrpJm+deqMUamX24KLccmXX64W12g= Subject key identifier: 6B:F9:B5:C7:46:27:8D:FE:ED:2A:2F:9F:12:97:97:03:A5:EB:16:7C Authority key identifier: 00:EF:B3:AF:FF:74:FD:62:1F:4B:8D:91:16:9B:7A:1C:43:B3:94:17 Certificate issuer: /CN=A912C8FA/serialNumber=00EFB3AFFF74FD621F4B8D91169B7A1C43B39417 Certificate serial: 0161 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AO-zr_90_WIfS42RFpt6HEOzlBc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.mft Manifest number: 0159 Signing time: Thu 03 Jul 2025 04:15:48 +0000 Manifest this update: Thu 03 Jul 2025 04:15:47 +0000 Manifest next update: Thu 10 Jul 2025 04:15:47 +0000 Files and hashes: 1: AO-zr_90_WIfS42RFpt6HEOzlBc.crl (hash: 8wDiVHPcnbO8ljQxOnXUOO2rxOglhCE4pgzuTfmVfDQ=) 2: A80498FABAAB11EEBA024655C4F9AE02.roa (hash: g6wCJDrtHyuCox1Dak/0D/0mdLei/24CwRHwHNh/Oi8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.crl rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AO-zr_90_WIfS42RFpt6HEOzlBc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 353 (0x161) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912C8FA, serialNumber=00EFB3AFFF74FD621F4B8D91169B7A1C43B39417 Validity Not Before: Jul 3 04:15:47 2025 GMT Not After : Jul 10 04:15:47 2025 GMT Subject: CN=686603f4-5ed7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:99:91:4b:2f:fc:81:f7:76:09:03:17:1f:1e: 78:b8:87:f5:18:61:c9:81:8d:af:c3:84:fd:79:21: 11:58:98:ac:b0:37:27:df:b3:c2:22:47:9d:b0:dd: 4b:5a:b3:25:15:7f:32:97:06:d6:b1:05:7a:08:84: c0:9a:1e:bd:09:fe:d1:87:55:1e:08:b9:58:cb:7c: 51:6e:ce:e9:1b:de:86:b6:f9:ea:02:0a:56:9a:05: 3b:25:b4:ed:af:85:81:8d:b7:5b:1c:51:12:16:90: e4:d0:41:cd:3b:d3:6c:f8:e2:8c:40:8f:ec:8e:f6: 9d:2d:dc:56:42:5b:23:32:a2:fe:ad:ee:bb:25:31: 97:9d:73:37:74:d1:38:7e:67:aa:97:bc:d1:b2:1a: 00:11:4d:c3:a0:be:97:e3:a6:4c:8a:81:21:44:48: 98:d7:f7:91:fe:c1:af:d4:8e:3b:64:a2:fb:a5:d7: d8:5f:d6:60:48:ce:c9:62:eb:ba:46:72:32:2f:e8: 78:56:d0:67:a4:c2:d3:19:92:9f:a1:c3:81:07:11: 87:e7:d5:0c:cf:ba:94:70:51:73:00:53:3f:c6:70: d8:f5:b2:d4:e4:4f:b5:16:53:66:57:0a:29:8f:c7: 6e:65:08:11:27:da:5c:91:7e:12:88:6d:bc:14:1d: 2b:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:F9:B5:C7:46:27:8D:FE:ED:2A:2F:9F:12:97:97:03:A5:EB:16:7C X509v3 Authority Key Identifier: keyid:00:EF:B3:AF:FF:74:FD:62:1F:4B:8D:91:16:9B:7A:1C:43:B3:94:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AO-zr_90_WIfS42RFpt6HEOzlBc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6f:41:7c:93:28:82:78:bc:5b:d0:db:b2:84:aa:a8:c4:86:42: 45:8d:fa:2f:33:26:52:50:da:7f:96:ce:85:e0:87:42:82:30: cc:17:5d:55:b7:68:77:13:5f:3b:4d:55:83:73:98:70:03:49: b8:55:50:a5:d2:cd:6e:69:ae:96:0e:4e:3b:d3:bf:e3:d0:95: 61:69:c2:d5:42:b8:55:5d:45:56:67:a1:61:ff:2b:72:18:da: 0b:79:de:32:7d:70:82:02:4a:a8:30:53:16:49:42:40:65:f0: 6a:d4:58:69:23:da:9a:87:5e:78:c9:2e:67:d5:2c:4c:2a:be: 2a:90:f6:20:fa:48:99:e4:62:c5:34:62:16:ea:75:11:01:e4: 8c:0e:22:61:4a:7d:ce:e5:d6:2f:c0:0c:84:bc:9e:0a:4a:e3: 2e:2d:3f:e2:84:f1:02:47:71:32:d0:93:cf:83:d0:28:f2:80: 38:20:cc:3b:2f:2b:45:67:7c:f6:42:31:d3:3e:ec:20:33:82: f5:b7:a8:8f:28:01:04:1a:ba:34:f1:ef:76:c6:16:00:0b:b9: f2:35:75:ae:46:46:2a:c3:a5:50:4b:e7:9d:7d:14:69:f2:60: ea:c7:5d:13:70:22:38:15:38:a2:0a:e9:9d:c2:d7:1f:a3:4c: 40:cc:ed:ca -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAWEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkM4RkExMTAvBgNVBAUTKDAwRUZCM0FGRkY3NEZENjIxRjRCOEQ5MTE2OUI3QTFD NDNCMzk0MTcwHhcNMjUwNzAzMDQxNTQ3WhcNMjUwNzEwMDQxNTQ3WjAYMRYwFAYD VQQDEw02ODY2MDNmNC01ZWQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuZmRSy/8gfd2CQMXHx54uIf1GGHJgY2vw4T9eSERWJissDcn37PCIkedsN1L WrMlFX8ylwbWsQV6CITAmh69Cf7Rh1UeCLlYy3xRbs7pG96GtvnqAgpWmgU7JbTt r4WBjbdbHFESFpDk0EHNO9Ns+OKMQI/sjvadLdxWQlsjMqL+re67JTGXnXM3dNE4 fmeql7zRshoAEU3DoL6X46ZMioEhREiY1/eR/sGv1I47ZKL7pdfYX9ZgSM7JYuu6 RnIyL+h4VtBnpMLTGZKfocOBBxGH59UMz7qUcFFzAFM/xnDY9bLU5E+1FlNmVwop j8duZQgRJ9pckX4SiG28FB0rjwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGv5tcdG J43+7SovnxKXlwOl6xZ8MB8GA1UdIwQYMBaAFADvs6//dP1iH0uNkRabehxDs5QX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQzhGQS80MDAzRjkzMDU0 QTMxMUVFQjc1RjQ2ODZDNEY5QUUwMi9BTy16cl85MF9XSWZTNDJSRnB0NkhFT3ps QmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FPLXpyXzkwX1dJZlM0MlJGcHQ2SEVPemxCYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy QzhGQS80MDAzRjkzMDU0QTMxMUVFQjc1RjQ2ODZDNEY5QUUwMi9BTy16cl85MF9X SWZTNDJSRnB0NkhFT3psQmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBvQXyTKIJ4vFvQ27KEqqjEhkJFjfovMyZSUNp/ls6F4IdCgjDMF11V t2h3E187TVWDc5hwA0m4VVCl0s1uaa6WDk4707/j0JVhacLVQrhVXUVWZ6Fh/yty GNoLed4yfXCCAkqoMFMWSUJAZfBq1FhpI9qah154yS5n1SxMKr4qkPYg+kiZ5GLF NGIW6nURAeSMDiJhSn3O5dYvwAyEvJ4KSuMuLT/ihPECR3Ey0JPPg9Ao8oA4IMw7 LytFZ3z2QjHTPuwgM4L1t6iPKAEEGro08e92xhYAC7nyNXWuRkYqw6VQS+edfRRp 8mDqx10TcCI4FTiiCumdwtcfo0xAzO3K -----END CERTIFICATE-----Generated at Fri Jul 4 22:46:52 2025 by rpki-client